Specifies the name that the metadata attribute must match and the value to which to compare the value of the metadata attribute. For more information, see Query configurations.
This data type is used in the following API operations:
", "refs": { - "RetrievalFilter$equals": "Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value matches the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value is greater than the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value is greater than or equal to the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value is in the list specified in the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value is less than the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value is less than or equal to the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value doesn't match the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value isn't in the list specified in the value in this object are returned.
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value starts with the value in this object are returned. This filter is currently only supported for Amazon OpenSearch Serverless vector stores.
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value matches the value in this object.
The following example would return data sources with an animal attribute whose value is cat:
\"equals\": { \"key\": \"animal\", \"value\": \"cat\" }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is greater than the value in this object.
The following example would return data sources with an year attribute whose value is greater than 1989:
\"greaterThan\": { \"key\": \"year\", \"value\": 1989 }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is greater than or equal to the value in this object.
The following example would return data sources with an year attribute whose value is greater than or equal to 1989:
\"greaterThanOrEquals\": { \"key\": \"year\", \"value\": 1989 }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is in the list specified in the value in this object.
The following example would return data sources with an animal attribute that is either cat or dog:
\"in\": { \"key\": \"animal\", \"value\": [\"cat\", \"dog\"] }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is less than the value in this object.
The following example would return data sources with an year attribute whose value is less than to 1989.
\"lessThan\": { \"key\": \"year\", \"value\": 1989 }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is less than or equal to the value in this object.
The following example would return data sources with an year attribute whose value is less than or equal to 1989.
\"lessThanOrEquals\": { \"key\": \"year\", \"value\": 1989 }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is a list that contains the value as one of its members.
The following example would return data sources with an animals attribute that is a list containing a cat member (for example [\"dog\", \"cat\"]).
\"listContains\": { \"key\": \"animals\", \"value\": \"cat\" }
Knowledge base data sources that contain a metadata attribute whose name matches the key and whose value doesn't match the value in this object are returned.
The following example would return data sources that don't contain an animal attribute whose value is cat.
\"notEquals\": { \"key\": \"animal\", \"value\": \"cat\" }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value isn't in the list specified in the value in this object.
The following example would return data sources whose animal attribute is neither cat nor dog.
\"notIn\": { \"key\": \"animal\", \"value\": [\"cat\", \"dog\"] }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value starts with the value in this object. This filter is currently only supported for Amazon OpenSearch Serverless vector stores.
The following example would return data sources with an animal attribute starts with ca (for example, cat or camel).
\"startsWith\": { \"key\": \"animal\", \"value\": \"ca\" }
Knowledge base data sources are returned if they contain a metadata attribute whose name matches the key and whose value is one of the following:
A string that contains the value as a substring. The following example would return data sources with an animal attribute that contains the substring at (for example cat).
\"stringContains\": { \"key\": \"animal\", \"value\": \"at\" }
A list with a member that contains the value as a substring. The following example would return data sources with an animals attribute that is a list containing a member that contains the substring at (for example [\"dog\", \"cat\"]).
\"stringContains\": { \"key\": \"animals\", \"value\": \"at\" }
Specifies the filters to use on the metadata attributes in the knowledge base data sources before returning results. For more information, see Query configurations.
This data type is used in the following API operations:
Retrieve request – in the filter field
RetrieveAndGenerate request – in the filter field
Specifies the filters to use on the metadata attributes in the knowledge base data sources before returning results. For more information, see Query configurations. See the examples below to see how to use these filters.
This data type is used in the following API operations:
Retrieve request – in the filter field
RetrieveAndGenerate request – in the filter field
Specifies the filters to use on the metadata in the knowledge base data sources before returning results. For more information, see Query configurations.
", "RetrievalFilterList$member": null @@ -764,8 +766,8 @@ "RetrievalFilterList": { "base": null, "refs": { - "RetrievalFilter$andAll": "Knowledge base data sources whose metadata attributes fulfill all the filter conditions inside this list are returned.
", - "RetrievalFilter$orAll": "Knowledge base data sources whose metadata attributes fulfill at least one of the filter conditions inside this list are returned.
" + "RetrievalFilter$andAll": "Knowledge base data sources are returned if their metadata attributes fulfill all the filter conditions inside this list.
", + "RetrievalFilter$orAll": "Knowledge base data sources are returned if their metadata attributes fulfill at least one of the filter conditions inside this list.
" } }, "RetrievalResultContent": { diff --git a/models/apis/codebuild/2016-10-06/api-2.json b/models/apis/codebuild/2016-10-06/api-2.json index 4caf08a67a7..2bc6d14dc56 100644 --- a/models/apis/codebuild/2016-10-06/api-2.json +++ b/models/apis/codebuild/2016-10-06/api-2.json @@ -5,6 +5,7 @@ "endpointPrefix":"codebuild", "jsonVersion":"1.1", "protocol":"json", + "protocols":["json"], "serviceFullName":"AWS CodeBuild", "serviceId":"CodeBuild", "signatureVersion":"v4", @@ -1121,6 +1122,8 @@ "computeType":{"shape":"ComputeType"}, "scalingConfiguration":{"shape":"ScalingConfigurationInput"}, "overflowBehavior":{"shape":"FleetOverflowBehavior"}, + "vpcConfig":{"shape":"VpcConfig"}, + "fleetServiceRole":{"shape":"NonEmptyString"}, "tags":{"shape":"TagList"} } }, @@ -1461,6 +1464,8 @@ "computeType":{"shape":"ComputeType"}, "scalingConfiguration":{"shape":"ScalingConfigurationOutput"}, "overflowBehavior":{"shape":"FleetOverflowBehavior"}, + "vpcConfig":{"shape":"VpcConfig"}, + "fleetServiceRole":{"shape":"NonEmptyString"}, "tags":{"shape":"TagList"} } }, @@ -1478,7 +1483,8 @@ "type":"string", "enum":[ "CREATE_FAILED", - "UPDATE_FAILED" + "UPDATE_FAILED", + "ACTION_REQUIRED" ] }, "FleetName":{ @@ -2074,9 +2080,9 @@ }, "ProjectName":{ "type":"string", - "max":255, + "max":150, "min":2, - "pattern":"[A-Za-z0-9][A-Za-z0-9\\-_]{1,254}" + "pattern":"[A-Za-z0-9][A-Za-z0-9\\-_]{1,149}" }, "ProjectNames":{ "type":"list", @@ -2716,6 +2722,8 @@ "computeType":{"shape":"ComputeType"}, "scalingConfiguration":{"shape":"ScalingConfigurationInput"}, "overflowBehavior":{"shape":"FleetOverflowBehavior"}, + "vpcConfig":{"shape":"VpcConfig"}, + "fleetServiceRole":{"shape":"NonEmptyString"}, "tags":{"shape":"TagList"} } }, diff --git a/models/apis/codebuild/2016-10-06/docs-2.json b/models/apis/codebuild/2016-10-06/docs-2.json index 7933f2ab1fa..41315d87f63 100644 --- a/models/apis/codebuild/2016-10-06/docs-2.json +++ b/models/apis/codebuild/2016-10-06/docs-2.json @@ -81,7 +81,7 @@ "AuthType": { "base": null, "refs": { - "ImportSourceCredentialsInput$authType": "The type of authentication used to connect to a GitHub, GitHub Enterprise, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the CodeBuild console.
", + "ImportSourceCredentialsInput$authType": "The type of authentication used to connect to a GitHub, GitHub Enterprise, GitLab, GitLab Self Managed, or Bitbucket repository. An OAUTH connection is not supported by the API and must be created using the CodeBuild console. Note that CODECONNECTIONS is only valid for GitLab and GitLab Self Managed.
", "SourceCredentialsInfo$authType": "The type of authentication used by the credentials. Valid options are OAUTH, BASIC_AUTH, PERSONAL_ACCESS_TOKEN, or CODECONNECTIONS.
" } }, @@ -699,9 +699,9 @@ "FleetOverflowBehavior": { "base": null, "refs": { - "CreateFleetInput$overflowBehavior": "The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
The compute fleet overflow behavior.
For overflow behavior QUEUE, your overflow builds need to wait on the existing fleet instance to become available.
For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild on-demand.
If you choose to set your overflow behavior to on-demand while creating a VPC-connected fleet, make sure that you add the required VPC permissions to your project service role. For more information, see Example policy statement to allow CodeBuild access to Amazon Web Services services required to create a VPC network interface.
The ARN of the report.
", "CodeCoverage$filePath": "The path of the test report file.
", "ComputeTypesAllowed$member": null, + "CreateFleetInput$fleetServiceRole": "The service role associated with the compute fleet.
", "CreateProjectInput$serviceRole": "The ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
", "CreateProjectInput$encryptionKey": "The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).
Contains the identifier of the Session Manager session used for the build. To work with the paused build, you open this session to examine, control, and resume the build.
", @@ -1034,6 +1035,7 @@ "ExportedEnvironmentVariable$name": "The name of the exported environment variable.
", "Fleet$arn": "The ARN of the compute fleet.
", "Fleet$id": "The ID of the compute fleet.
", + "Fleet$fleetServiceRole": "The service role associated with the compute fleet.
", "FleetArns$member": null, "FleetNames$member": null, "GetReportGroupTrendInput$reportGroupArn": "The ARN of the report group that contains the reports to analyze.
", @@ -1086,6 +1088,7 @@ "Subnets$member": null, "TestCase$reportArn": "The ARN of the report to which the test case belongs.
", "UpdateFleetInput$arn": "The ARN of the compute fleet.
", + "UpdateFleetInput$fleetServiceRole": "The service role associated with the compute fleet.
", "UpdateProjectInput$name": "The name of the build project.
You cannot change a build project's name.
The replacement ARN of the IAM role that enables CodeBuild to interact with dependent Amazon Web Services services on behalf of the Amazon Web Services account.
", "UpdateProjectInput$encryptionKey": "The Key Management Service customer master key (CMK) to be used for encrypting the build output artifacts.
You can use a cross-account KMS key to encrypt the build output artifacts if your service role has permission to that key.
You can specify either the Amazon Resource Name (ARN) of the CMK or, if available, the CMK's alias (using the format alias/<alias-name>).
For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password.
" + "ImportSourceCredentialsInput$token": " For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, this is either the access token or the app password. For the authType CODECONNECTIONS, this is the connectionArn.
Information about the authorization settings for CodeBuild to access the source code to be built.
This information is for the CodeBuild console's use only. Your code should not get or set this information directly.
", "StartBuildBatchInput$sourceAuthOverride": "A SourceAuth object that overrides the one defined in the batch build project. This override applies only if the build project's source is BitBucket or GitHub.
An authorization type for this build that overrides the one defined in the build project. This override applies only if the build project's source is BitBucket or GitHub.
" + "StartBuildInput$sourceAuthOverride": "An authorization type for this build that overrides the one defined in the build project. This override applies only if the build project's source is BitBucket, GitHub, GitLab, or GitLab Self Managed.
" } }, "SourceAuthType": { @@ -1742,7 +1745,7 @@ "BuildSummary$arn": "The batch build ARN.
", "CloudWatchLogsConfig$groupName": "The group name of the logs in CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
", "CloudWatchLogsConfig$streamName": "The prefix of the stream name of the CloudWatch Logs. For more information, see Working with Log Groups and Log Streams.
", - "CreateProjectInput$sourceVersion": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", + "CreateProjectInput$sourceVersion": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For GitLab: the commit ID, branch, or Git tag to use.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", "CreateWebhookInput$branchFilter": "A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.
It is recommended that you use filterGroups instead of branchFilter.
The status code.
", "DescribeCodeCoveragesInput$nextToken": "The nextToken value returned from a previous call to DescribeCodeCoverages. This specifies the next item to return. To return the beginning of the list, exclude this parameter.
The status code for the context of the build phase.
", "PhaseContext$message": "An explanation of the build phase's context. This might include a command ID and an exit code.
", "Project$arn": "The Amazon Resource Name (ARN) of the build project.
", - "Project$sourceVersion": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", + "Project$sourceVersion": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For GitLab: the commit ID, branch, or Git tag to use.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", "ProjectArtifacts$location": "Information about the build output artifact location:
If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output locations instead of CodeBuild.
If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.
If type is set to S3, this is the name of the output bucket.
Along with namespaceType and name, the pattern that CodeBuild uses to name and store the output artifact:
If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.
If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.
If type is set to S3, this is the path to the output artifact. If path is not specified, path is not used.
For example, if path is set to MyArtifacts, namespaceType is set to NONE, and name is set to MyArtifact.zip, the output artifact is stored in the output bucket at MyArtifacts/MyArtifact.zip.
Along with path and namespaceType, the pattern that CodeBuild uses to name and store the output artifact:
If type is set to CODEPIPELINE, CodePipeline ignores this value if specified. This is because CodePipeline manages its build output names instead of CodeBuild.
If type is set to NO_ARTIFACTS, this value is ignored if specified, because no build output is produced.
If type is set to S3, this is the name of the output artifact object. If you set the name to be a forward slash (\"/\"), the artifact is stored in the root of the output bucket.
For example:
If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to MyArtifact.zip, then the output artifact is stored in MyArtifacts/<build-ID>/MyArtifact.zip.
If path is empty, namespaceType is set to NONE, and name is set to \"/\", the output artifact is stored in the root of the output bucket.
If path is set to MyArtifacts, namespaceType is set to BUILD_ID, and name is set to \"/\", the output artifact is stored in MyArtifacts/<build-ID>.
The buildspec file declaration to use for the builds in this build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
An identifier for this project source. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
", "ProjectSourceVersion$sourceIdentifier": "An identifier for a source in the build project. The identifier can only contain alphanumeric characters and underscores, and must be less than 128 characters in length.
", - "ProjectSourceVersion$sourceVersion": "The source version for the corresponding source identifier. If specified, must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub or GitLab: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", + "ProjectSourceVersion$sourceVersion": "The source version for the corresponding source identifier. If specified, must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example, pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For GitLab: the commit ID, branch, or Git tag to use.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", "Report$name": "The name of the report that was run.
", "Report$executionId": "The ARN of the build run that generated this report.
", "ReportGroupTrendStats$average": "Contains the average of all values analyzed.
", @@ -1824,7 +1827,7 @@ "StartBuildBatchInput$buildspecOverride": "A buildspec file declaration that overrides, for this build only, the latest one already defined in the build project.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
The name of a certificate for this batch build that overrides the one specified in the batch build project.
", "StartBuildBatchInput$idempotencyToken": "A unique, case sensitive identifier you provide to ensure the idempotency of the StartBuildBatch request. The token is included in the StartBuildBatch request and is valid for five minutes. If you repeat the StartBuildBatch request with the same token, but change a parameter, CodeBuild returns a parameter mismatch error.
The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", + "StartBuildInput$sourceVersion": "The version of the build input to be built, for this build only. If not specified, the latest version is used. If specified, the contents depends on the source provider:
The commit ID, branch, or Git tag to use.
The commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The commit ID, branch, or Git tag to use.
The commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
The version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the project level, then this sourceVersion (at the build level) takes precedence.
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", "StartBuildInput$sourceLocationOverride": "A location that overrides, for this build, the source location for the one defined in the build project.
", "StartBuildInput$buildspecOverride": "A buildspec file declaration that overrides the latest one defined in the build project, for this build only. The buildspec defined on the project is not changed.
If this value is set, it can be either an inline buildspec definition, the path to an alternate buildspec file relative to the value of the built-in CODEBUILD_SRC_DIR environment variable, or the path to an S3 bucket. The bucket must be in the same Amazon Web Services Region as the build project. Specify the buildspec file using its ARN (for example, arn:aws:s3:::my-codebuild-sample2/buildspec.yml). If this value is not provided or is set to an empty string, the source code must contain a buildspec file in its root directory. For more information, see Buildspec File Name and Storage Location.
Since this property allows you to change the build commands that will run in the container, you should note that an IAM principal with the ability to call this API and set this parameter can override the default settings. Moreover, we encourage that you use a trustworthy buildspec location like a file in your source repository or a Amazon S3 bucket.
The name of a certificate for this build that overrides the one specified in the build project.
", @@ -1836,7 +1839,7 @@ "TestCase$message": "A message associated with a test case. For example, an error message or stack trace.
", "TestCaseFilter$status": "The status used to filter test cases. A TestCaseFilter can have one status. Valid values are:
SUCCEEDED
FAILED
ERROR
SKIPPED
UNKNOWN
A keyword that is used to filter on the name or the prefix of the test cases. Only test cases where the keyword is a substring of the name or the prefix will be returned.
A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", + "UpdateProjectInput$sourceVersion": "A version of the build input to be built for this project. If not specified, the latest version is used. If specified, it must be one of:
For CodeCommit: the commit ID, branch, or Git tag to use.
For GitHub: the commit ID, pull request ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a pull request ID is specified, it must use the format pr/pull-request-ID (for example pr/25). If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For GitLab: the commit ID, branch, or Git tag to use.
For Bitbucket: the commit ID, branch name, or tag name that corresponds to the version of the source code you want to build. If a branch name is specified, the branch's HEAD commit ID is used. If not specified, the default branch's HEAD commit ID is used.
For Amazon S3: the version ID of the object that represents the build input ZIP file to use.
If sourceVersion is specified at the build level, then that version takes precedence over this sourceVersion (at the project level).
For more information, see Source Version Sample with CodeBuild in the CodeBuild User Guide.
", "UpdateWebhookInput$branchFilter": "A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.
It is recommended that you use filterGroups instead of branchFilter.
A regular expression used to determine which repository branches are built when a webhook is triggered. If the name of a branch matches the regular expression, then it is built. If branchFilter is empty, then all branches are built.
It is recommended that you use filterGroups instead of branchFilter.
For a WebHookFilter that uses EVENT type, a comma-separated string that specifies one or more events. For example, the webhook filter PUSH, PULL_REQUEST_CREATED, PULL_REQUEST_UPDATED allows all push, pull request created, and pull request updated events to trigger a build.
For a WebHookFilter that uses any of the other filter types, a regular expression pattern. For example, a WebHookFilter that uses HEAD_REF for its type and the pattern ^refs/heads/ triggers a build when the head reference is a branch with a reference name refs/heads/branch-name.
If your CodeBuild project accesses resources in an Amazon VPC, you provide this parameter that identifies the VPC ID and the list of security group IDs and subnet IDs. The security groups and subnets must belong to the same VPC. You must provide at least one security group and one subnet ID.
", "BuildBatch$vpcConfig": null, - "CreateProjectInput$vpcConfig": "VpcConfig enables CodeBuild to access resources in an Amazon VPC.
", + "CreateFleetInput$vpcConfig": null, + "CreateProjectInput$vpcConfig": "VpcConfig enables CodeBuild to access resources in an Amazon VPC.
If you're using compute fleets during project creation, do not provide vpcConfig.
Information about the VPC configuration that CodeBuild accesses.
", + "UpdateFleetInput$vpcConfig": null, "UpdateProjectInput$vpcConfig": "VpcConfig enables CodeBuild to access resources in an Amazon VPC.
" } }, @@ -2080,7 +2086,7 @@ "base": null, "refs": { "BatchRestrictions$maximumBuildsAllowed": "Specifies the maximum number of builds allowed.
", - "Build$timeoutInMinutes": "How long, in minutes, for CodeBuild to wait before timing out this build if it does not get marked as completed.
", + "Build$timeoutInMinutes": "How long, in minutes, from 5 to 480 (8 hours), for CodeBuild to wait before timing out this build if it does not get marked as completed.
", "Build$queuedTimeoutInMinutes": "The number of minutes a build is allowed to be queued before it times out.
", "BuildBatch$buildTimeoutInMinutes": "Specifies the maximum amount of time, in minutes, that the build in a batch must be completed in.
", "BuildBatch$queuedTimeoutInMinutes": "Specifies the amount of time, in minutes, that the batch build is allowed to be queued before it times out.
", diff --git a/models/apis/datasync/2018-11-09/api-2.json b/models/apis/datasync/2018-11-09/api-2.json index 398a7280e71..286b2d14cc9 100644 --- a/models/apis/datasync/2018-11-09/api-2.json +++ b/models/apis/datasync/2018-11-09/api-2.json @@ -3055,6 +3055,7 @@ "type":"string", "enum":[ "QUEUED", + "CANCELLING", "LAUNCHING", "PREPARING", "TRANSFERRING", diff --git a/models/apis/grafana/2020-08-18/api-2.json b/models/apis/grafana/2020-08-18/api-2.json index debf7507245..f5d8daf724f 100644 --- a/models/apis/grafana/2020-08-18/api-2.json +++ b/models/apis/grafana/2020-08-18/api-2.json @@ -5,6 +5,7 @@ "endpointPrefix":"grafana", "jsonVersion":"1.1", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"Amazon Managed Grafana", "serviceId":"grafana", "signatureVersion":"v4", @@ -67,6 +68,44 @@ {"shape":"ServiceQuotaExceededException"} ] }, + "CreateWorkspaceServiceAccount":{ + "name":"CreateWorkspaceServiceAccount", + "http":{ + "method":"POST", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts", + "responseCode":200 + }, + "input":{"shape":"CreateWorkspaceServiceAccountRequest"}, + "output":{"shape":"CreateWorkspaceServiceAccountResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"}, + {"shape":"ServiceQuotaExceededException"} + ] + }, + "CreateWorkspaceServiceAccountToken":{ + "name":"CreateWorkspaceServiceAccountToken", + "http":{ + "method":"POST", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens", + "responseCode":200 + }, + "input":{"shape":"CreateWorkspaceServiceAccountTokenRequest"}, + "output":{"shape":"CreateWorkspaceServiceAccountTokenResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"}, + {"shape":"ServiceQuotaExceededException"} + ] + }, "DeleteWorkspace":{ "name":"DeleteWorkspace", "http":{ @@ -104,6 +143,42 @@ {"shape":"InternalServerException"} ] }, + "DeleteWorkspaceServiceAccount":{ + "name":"DeleteWorkspaceServiceAccount", + "http":{ + "method":"DELETE", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}", + "responseCode":200 + }, + "input":{"shape":"DeleteWorkspaceServiceAccountRequest"}, + "output":{"shape":"DeleteWorkspaceServiceAccountResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"} + ] + }, + "DeleteWorkspaceServiceAccountToken":{ + "name":"DeleteWorkspaceServiceAccountToken", + "http":{ + "method":"DELETE", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens/{tokenId}", + "responseCode":200 + }, + "input":{"shape":"DeleteWorkspaceServiceAccountTokenRequest"}, + "output":{"shape":"DeleteWorkspaceServiceAccountTokenResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"} + ] + }, "DescribeWorkspace":{ "name":"DescribeWorkspace", "http":{ @@ -133,6 +208,7 @@ "errors":[ {"shape":"ResourceNotFoundException"}, {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, {"shape":"ValidationException"}, {"shape":"AccessDeniedException"}, {"shape":"InternalServerException"} @@ -222,6 +298,42 @@ {"shape":"InternalServerException"} ] }, + "ListWorkspaceServiceAccountTokens":{ + "name":"ListWorkspaceServiceAccountTokens", + "http":{ + "method":"GET", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens", + "responseCode":200 + }, + "input":{"shape":"ListWorkspaceServiceAccountTokensRequest"}, + "output":{"shape":"ListWorkspaceServiceAccountTokensResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"} + ] + }, + "ListWorkspaceServiceAccounts":{ + "name":"ListWorkspaceServiceAccounts", + "http":{ + "method":"GET", + "requestUri":"/workspaces/{workspaceId}/serviceaccounts", + "responseCode":200 + }, + "input":{"shape":"ListWorkspaceServiceAccountsRequest"}, + "output":{"shape":"ListWorkspaceServiceAccountsResponse"}, + "errors":[ + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"ConflictException"}, + {"shape":"ValidationException"}, + {"shape":"AccessDeniedException"}, + {"shape":"InternalServerException"} + ] + }, "ListWorkspaces":{ "name":"ListWorkspaces", "http":{ @@ -567,6 +679,80 @@ "workspace":{"shape":"WorkspaceDescription"} } }, + "CreateWorkspaceServiceAccountRequest":{ + "type":"structure", + "required":[ + "grafanaRole", + "name", + "workspaceId" + ], + "members":{ + "grafanaRole":{"shape":"Role"}, + "name":{"shape":"ServiceAccountName"}, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "CreateWorkspaceServiceAccountResponse":{ + "type":"structure", + "required":[ + "grafanaRole", + "id", + "name", + "workspaceId" + ], + "members":{ + "grafanaRole":{"shape":"Role"}, + "id":{"shape":"String"}, + "name":{"shape":"String"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, + "CreateWorkspaceServiceAccountTokenRequest":{ + "type":"structure", + "required":[ + "name", + "secondsToLive", + "serviceAccountId", + "workspaceId" + ], + "members":{ + "name":{"shape":"ServiceAccountTokenName"}, + "secondsToLive":{"shape":"CreateWorkspaceServiceAccountTokenRequestSecondsToLiveInteger"}, + "serviceAccountId":{ + "shape":"String", + "location":"uri", + "locationName":"serviceAccountId" + }, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "CreateWorkspaceServiceAccountTokenRequestSecondsToLiveInteger":{ + "type":"integer", + "box":true, + "max":2592000, + "min":1 + }, + "CreateWorkspaceServiceAccountTokenResponse":{ + "type":"structure", + "required":[ + "serviceAccountId", + "serviceAccountToken", + "workspaceId" + ], + "members":{ + "serviceAccountId":{"shape":"String"}, + "serviceAccountToken":{"shape":"ServiceAccountTokenSummaryWithKey"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, "DataSourceType":{ "type":"string", "enum":[ @@ -633,6 +819,74 @@ "workspace":{"shape":"WorkspaceDescription"} } }, + "DeleteWorkspaceServiceAccountRequest":{ + "type":"structure", + "required":[ + "serviceAccountId", + "workspaceId" + ], + "members":{ + "serviceAccountId":{ + "shape":"String", + "location":"uri", + "locationName":"serviceAccountId" + }, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "DeleteWorkspaceServiceAccountResponse":{ + "type":"structure", + "required":[ + "serviceAccountId", + "workspaceId" + ], + "members":{ + "serviceAccountId":{"shape":"String"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, + "DeleteWorkspaceServiceAccountTokenRequest":{ + "type":"structure", + "required":[ + "serviceAccountId", + "tokenId", + "workspaceId" + ], + "members":{ + "serviceAccountId":{ + "shape":"String", + "location":"uri", + "locationName":"serviceAccountId" + }, + "tokenId":{ + "shape":"String", + "location":"uri", + "locationName":"tokenId" + }, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "DeleteWorkspaceServiceAccountTokenResponse":{ + "type":"structure", + "required":[ + "serviceAccountId", + "tokenId", + "workspaceId" + ], + "members":{ + "serviceAccountId":{"shape":"String"}, + "tokenId":{"shape":"String"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, "DescribeWorkspaceAuthenticationRequest":{ "type":"structure", "required":["workspaceId"], @@ -888,6 +1142,94 @@ "nextToken":{"shape":"PaginationToken"} } }, + "ListWorkspaceServiceAccountTokensRequest":{ + "type":"structure", + "required":[ + "serviceAccountId", + "workspaceId" + ], + "members":{ + "maxResults":{ + "shape":"ListWorkspaceServiceAccountTokensRequestMaxResultsInteger", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"PaginationToken", + "location":"querystring", + "locationName":"nextToken" + }, + "serviceAccountId":{ + "shape":"String", + "location":"uri", + "locationName":"serviceAccountId" + }, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "ListWorkspaceServiceAccountTokensRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListWorkspaceServiceAccountTokensResponse":{ + "type":"structure", + "required":[ + "serviceAccountId", + "serviceAccountTokens", + "workspaceId" + ], + "members":{ + "nextToken":{"shape":"PaginationToken"}, + "serviceAccountId":{"shape":"String"}, + "serviceAccountTokens":{"shape":"ServiceAccountTokenList"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, + "ListWorkspaceServiceAccountsRequest":{ + "type":"structure", + "required":["workspaceId"], + "members":{ + "maxResults":{ + "shape":"ListWorkspaceServiceAccountsRequestMaxResultsInteger", + "location":"querystring", + "locationName":"maxResults" + }, + "nextToken":{ + "shape":"PaginationToken", + "location":"querystring", + "locationName":"nextToken" + }, + "workspaceId":{ + "shape":"WorkspaceId", + "location":"uri", + "locationName":"workspaceId" + } + } + }, + "ListWorkspaceServiceAccountsRequestMaxResultsInteger":{ + "type":"integer", + "box":true, + "max":100, + "min":1 + }, + "ListWorkspaceServiceAccountsResponse":{ + "type":"structure", + "required":[ + "serviceAccounts", + "workspaceId" + ], + "members":{ + "nextToken":{"shape":"PaginationToken"}, + "serviceAccounts":{"shape":"ServiceAccountList"}, + "workspaceId":{"shape":"WorkspaceId"} + } + }, "ListWorkspacesRequest":{ "type":"structure", "members":{ @@ -1067,6 +1409,72 @@ "max":5, "min":1 }, + "ServiceAccountList":{ + "type":"list", + "member":{"shape":"ServiceAccountSummary"} + }, + "ServiceAccountName":{ + "type":"string", + "max":128, + "min":1 + }, + "ServiceAccountSummary":{ + "type":"structure", + "required":[ + "grafanaRole", + "id", + "isDisabled", + "name" + ], + "members":{ + "grafanaRole":{"shape":"Role"}, + "id":{"shape":"String"}, + "isDisabled":{"shape":"String"}, + "name":{"shape":"String"} + } + }, + "ServiceAccountTokenKey":{ + "type":"string", + "sensitive":true + }, + "ServiceAccountTokenList":{ + "type":"list", + "member":{"shape":"ServiceAccountTokenSummary"} + }, + "ServiceAccountTokenName":{ + "type":"string", + "max":128, + "min":1 + }, + "ServiceAccountTokenSummary":{ + "type":"structure", + "required":[ + "createdAt", + "expiresAt", + "id", + "name" + ], + "members":{ + "createdAt":{"shape":"Timestamp"}, + "expiresAt":{"shape":"Timestamp"}, + "id":{"shape":"String"}, + "lastUsedAt":{"shape":"Timestamp"}, + "name":{"shape":"String"} + } + }, + "ServiceAccountTokenSummaryWithKey":{ + "type":"structure", + "required":[ + "id", + "key", + "name" + ], + "members":{ + "id":{"shape":"String"}, + "key":{"shape":"ServiceAccountTokenKey"}, + "name":{"shape":"String"} + } + }, "ServiceQuotaExceededException":{ "type":"structure", "required":[ diff --git a/models/apis/grafana/2020-08-18/docs-2.json b/models/apis/grafana/2020-08-18/docs-2.json index 45f5edf6bbc..fc9265008f1 100644 --- a/models/apis/grafana/2020-08-18/docs-2.json +++ b/models/apis/grafana/2020-08-18/docs-2.json @@ -2,11 +2,15 @@ "version": "2.0", "service": "Amazon Managed Grafana is a fully managed and secure data visualization service that you can use to instantly query, correlate, and visualize operational metrics, logs, and traces from multiple sources. Amazon Managed Grafana makes it easy to deploy, operate, and scale Grafana, a widely deployed data visualization tool that is popular for its extensible data support.
With Amazon Managed Grafana, you create logically isolated Grafana servers called workspaces. In a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces without having to build, package, or deploy any hardware to run Grafana servers.
", "operations": { - "AssociateLicense": "Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana Enterprise incurs additional fees. For more information, see Upgrade a workspace to Grafana Enterprise.
", + "AssociateLicense": "Assigns a Grafana Enterprise license to a workspace. To upgrade, you must use ENTERPRISE for the licenseType, and pass in a valid Grafana Labs token for the grafanaToken. Upgrading to Grafana Enterprise incurs additional fees. For more information, see Upgrade a workspace to Grafana Enterprise.
Creates a workspace. In a workspace, you can create Grafana dashboards and visualizations to analyze your metrics, logs, and traces. You don't have to build, package, or deploy any hardware to run the Grafana server.
Don't use CreateWorkspace to modify an existing workspace. Instead, use UpdateWorkspace.
Creates a Grafana API key for the workspace. This key can be used to authenticate requests sent to the workspace's HTTP API. See https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html for available APIs and example requests.
", + "CreateWorkspaceApiKey": "Creates a Grafana API key for the workspace. This key can be used to authenticate requests sent to the workspace's HTTP API. See https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html for available APIs and example requests.
In workspaces compatible with Grafana version 9 or above, use workspace service accounts instead of API keys. API keys will be removed in a future release.
Creates a service account for the workspace. A service account can be used to call Grafana HTTP APIs, and run automated workloads. After creating the service account with the correct GrafanaRole for your use case, use CreateWorkspaceServiceAccountToken to create a token that can be used to authenticate and authorize Grafana HTTP API calls.
You can only create service accounts for workspaces that are compatible with Grafana version 9 and above.
For more information about service accounts, see Service accounts in the Amazon Managed Grafana User Guide.
For more information about the Grafana HTTP APIs, see Using Grafana HTTP APIs in the Amazon Managed Grafana User Guide.
Creates a token that can be used to authenticate and authorize Grafana HTTP API operations for the given workspace service account. The service account acts as a user for the API operations, and defines the permissions that are used by the API.
When you create the service account token, you will receive a key that is used when calling Grafana APIs. Do not lose this key, as it will not be retrievable again.
If you do lose the key, you can delete the token and recreate it to receive a new key. This will disable the initial key.
Service accounts are only available for workspaces that are compatible with Grafana version 9 and above.
", "DeleteWorkspace": "Deletes an Amazon Managed Grafana workspace.
", - "DeleteWorkspaceApiKey": "Deletes a Grafana API key for the workspace.
", + "DeleteWorkspaceApiKey": "Deletes a Grafana API key for the workspace.
In workspaces compatible with Grafana version 9 or above, use workspace service accounts instead of API keys. API keys will be removed in a future release.
Deletes a workspace service account from the workspace.
This will delete any tokens created for the service account, as well. If the tokens are currently in use, the will fail to authenticate / authorize after they are deleted.
Service accounts are only available for workspaces that are compatible with Grafana version 9 and above.
", + "DeleteWorkspaceServiceAccountToken": "Deletes a token for the workspace service account.
This will disable the key associated with the token. If any automation is currently using the key, it will no longer be authenticated or authorized to perform actions with the Grafana HTTP APIs.
Service accounts are only available for workspaces that are compatible with Grafana version 9 and above.
", "DescribeWorkspace": "Displays information about one Amazon Managed Grafana workspace.
", "DescribeWorkspaceAuthentication": "Displays information about the authentication methods used in one Amazon Managed Grafana workspace.
", "DescribeWorkspaceConfiguration": "Gets the current configuration string for the given workspace.
", @@ -14,6 +18,8 @@ "ListPermissions": "Lists the users and groups who have the Grafana Admin and Editor roles in this workspace. If you use this operation without specifying userId or groupId, the operation returns the roles of all users and groups. If you specify a userId or a groupId, only the roles for that user or group are returned. If you do this, you can specify only one userId or one groupId.
The ListTagsForResource operation returns the tags that are associated with the Amazon Managed Service for Grafana resource specified by the resourceArn. Currently, the only resource that can be tagged is a workspace.
Lists available versions of Grafana. These are available when calling CreateWorkspace. Optionally, include a workspace to list the versions to which it can be upgraded.
Returns a list of tokens for a workspace service account.
This does not return the key for each token. You cannot access keys after they are created. To create a new key, delete the token and recreate it.
Service accounts are only available for workspaces that are compatible with Grafana version 9 and above.
", + "ListWorkspaceServiceAccounts": "Returns a list of service accounts for a workspace.
Service accounts are only available for workspaces that are compatible with Grafana version 9 and above.
", "ListWorkspaces": "Returns a list of Amazon Managed Grafana workspaces in the account, with some information about each workspace. For more complete information about one workspace, use DescribeWorkspace.
", "TagResource": "The TagResource operation associates tags with an Amazon Managed Grafana resource. Currently, the only resource that can be tagged is workspaces.
If you specify a new tag key for the resource, this tag is appended to the list of tags associated with the resource. If you specify a tag key that is already associated with the resource, the new tag value that you specify replaces the previous value for that tag.
", "UntagResource": "The UntagResource operation removes the association of the tag with the Amazon Managed Grafana resource.
Sets how long the token will be valid, in seconds. You can set the time up to 30 days in the future.
" + } + }, + "CreateWorkspaceServiceAccountTokenResponse": { + "base": null, + "refs": { + } + }, "DataSourceType": { "base": null, "refs": { @@ -204,6 +236,26 @@ "refs": { } }, + "DeleteWorkspaceServiceAccountRequest": { + "base": null, + "refs": { + } + }, + "DeleteWorkspaceServiceAccountResponse": { + "base": null, + "refs": { + } + }, + "DeleteWorkspaceServiceAccountTokenRequest": { + "base": null, + "refs": { + } + }, + "DeleteWorkspaceServiceAccountTokenResponse": { + "base": null, + "refs": { + } + }, "DescribeWorkspaceAuthenticationRequest": { "base": null, "refs": { @@ -263,15 +315,15 @@ "GrafanaToken": { "base": null, "refs": { - "AssociateLicenseRequest$grafanaToken": "A token from Grafana Labs that ties your Amazon Web Services account with a Grafana Labs account. For more information, see Register with Grafana Labs.
", - "WorkspaceDescription$grafanaToken": "The token that ties this workspace to a Grafana Labs account. For more information, see Register with Grafana Labs.
", - "WorkspaceSummary$grafanaToken": "The token that ties this workspace to a Grafana Labs account. For more information, see Register with Grafana Labs.
" + "AssociateLicenseRequest$grafanaToken": "A token from Grafana Labs that ties your Amazon Web Services account with a Grafana Labs account. For more information, see Link your account with Grafana Labs.
", + "WorkspaceDescription$grafanaToken": "The token that ties this workspace to a Grafana Labs account. For more information, see Link your account with Grafana Labs.
", + "WorkspaceSummary$grafanaToken": "The token that ties this workspace to a Grafana Labs account. For more information, see Link your account with Grafana Labs.
" } }, "GrafanaVersion": { "base": null, "refs": { - "CreateWorkspaceRequest$grafanaVersion": "Specifies the version of Grafana to support in the new workspace. If not specified, defaults to the latest version (for example, 9.4).
To get a list of supported versions, use the ListVersions operation.
Specifies the version of Grafana to support in the new workspace. If not specified, defaults to the latest version (for example, 10.4).
To get a list of supported versions, use the ListVersions operation.
The supported Grafana version for the workspace.
", "GrafanaVersionList$member": null, "UpdateWorkspaceConfigurationRequest$grafanaVersion": "Specifies the version of Grafana to support in the workspace. If not specified, keeps the current version of the workspace.
Can only be used to upgrade (for example, from 8.4 to 9.4), not downgrade (for example, from 9.4 to 8.4).
To know what versions are available to upgrade to for a specific workspace, see the ListVersions operation.
", @@ -368,6 +420,38 @@ "refs": { } }, + "ListWorkspaceServiceAccountTokensRequest": { + "base": null, + "refs": { + } + }, + "ListWorkspaceServiceAccountTokensRequestMaxResultsInteger": { + "base": null, + "refs": { + "ListWorkspaceServiceAccountTokensRequest$maxResults": "The maximum number of tokens to include in the results.
" + } + }, + "ListWorkspaceServiceAccountTokensResponse": { + "base": null, + "refs": { + } + }, + "ListWorkspaceServiceAccountsRequest": { + "base": null, + "refs": { + } + }, + "ListWorkspaceServiceAccountsRequestMaxResultsInteger": { + "base": null, + "refs": { + "ListWorkspaceServiceAccountsRequest$maxResults": "The maximum number of service accounts to include in the results.
" + } + }, + "ListWorkspaceServiceAccountsResponse": { + "base": null, + "refs": { + } + }, "ListWorkspacesRequest": { "base": null, "refs": { @@ -450,6 +534,10 @@ "ListPermissionsResponse$nextToken": "The token to use in a subsequent ListPermissions operation to return the next set of results.
The token to use when requesting the next set of results. You receive this token from a previous ListVersions operation.
The token to use in a subsequent ListVersions operation to return the next set of results.
The token for the next set of service accounts to return. (You receive this token from a previous ListWorkspaceServiceAccountTokens operation.)
The token to use when requesting the next set of service accounts.
", + "ListWorkspaceServiceAccountsRequest$nextToken": "The token for the next set of service accounts to return. (You receive this token from a previous ListWorkspaceServiceAccounts operation.)
The token to use when requesting the next set of service accounts.
", "ListWorkspacesRequest$nextToken": "The token for the next set of workspaces to return. (You receive this token from a previous ListWorkspaces operation.)
The token to use when requesting the next set of workspaces.
" } @@ -494,7 +582,10 @@ "Role": { "base": null, "refs": { + "CreateWorkspaceServiceAccountRequest$grafanaRole": "The permission level to use for this service account.
For more information about the roles and the permissions each has, see User roles in the Amazon Managed Grafana User Guide.
The permission level given to the service account.
", "PermissionEntry$role": "Specifies whether the user or group has the Admin, Editor, or Viewer role.
The role of the service account, which sets the permission level used when calling Grafana APIs.
", "UpdateInstruction$role": "The role to add or revoke for the user or the group specified in users.
The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.
" } }, + "ServiceAccountList": { + "base": null, + "refs": { + "ListWorkspaceServiceAccountsResponse$serviceAccounts": "An array of structures containing information about the service accounts.
" + } + }, + "ServiceAccountName": { + "base": null, + "refs": { + "CreateWorkspaceServiceAccountRequest$name": "A name for the service account. The name must be unique within the workspace, as it determines the ID associated with the service account.
" + } + }, + "ServiceAccountSummary": { + "base": "A structure that contains the information about one service account.
", + "refs": { + "ServiceAccountList$member": null + } + }, + "ServiceAccountTokenKey": { + "base": null, + "refs": { + "ServiceAccountTokenSummaryWithKey$key": "The key for the service account token. Used when making calls to the Grafana HTTP APIs to authenticate and authorize the requests.
" + } + }, + "ServiceAccountTokenList": { + "base": null, + "refs": { + "ListWorkspaceServiceAccountTokensResponse$serviceAccountTokens": "An array of structures containing information about the tokens.
" + } + }, + "ServiceAccountTokenName": { + "base": null, + "refs": { + "CreateWorkspaceServiceAccountTokenRequest$name": "A name for the token to create.
" + } + }, + "ServiceAccountTokenSummary": { + "base": "A structure that contains the information about a service account token.
", + "refs": { + "ServiceAccountTokenList$member": null + } + }, + "ServiceAccountTokenSummaryWithKey": { + "base": "A structure that contains the information about a service account token.
This structure is returned when creating the token. It is important to store the key that is returned, as it is not retrievable at a later time.
If you lose the key, you can delete and recreate the token, which will create a new key.
", + "refs": { + "CreateWorkspaceServiceAccountTokenResponse$serviceAccountToken": "Information about the created token, including the key. Be sure to store the key securely.
" + } + }, "ServiceQuotaExceededException": { "base": "The request would cause a service quota to be exceeded.
", "refs": { @@ -583,13 +722,32 @@ "ConflictException$message": "A description of the error.
", "ConflictException$resourceId": "The ID of the resource that is associated with the error.
", "ConflictException$resourceType": "The type of the resource that is associated with the error.
", - "CreateWorkspaceApiKeyRequest$keyRole": "Specifies the permission level of the key.
Valid values: VIEWER|EDITOR|ADMIN
Specifies the permission level of the key.
Valid values: ADMIN|EDITOR|VIEWER
The ID of the service account.
", + "CreateWorkspaceServiceAccountResponse$name": "The name of the service account.
", + "CreateWorkspaceServiceAccountTokenRequest$serviceAccountId": "The ID of the service account for which to create a token.
", + "CreateWorkspaceServiceAccountTokenResponse$serviceAccountId": "The ID of the service account where the token was created.
", + "DeleteWorkspaceServiceAccountRequest$serviceAccountId": "The ID of the service account to delete.
", + "DeleteWorkspaceServiceAccountResponse$serviceAccountId": "The ID of the service account deleted.
", + "DeleteWorkspaceServiceAccountTokenRequest$serviceAccountId": "The ID of the service account from which to delete the token.
", + "DeleteWorkspaceServiceAccountTokenRequest$tokenId": "The ID of the token to delete.
", + "DeleteWorkspaceServiceAccountTokenResponse$serviceAccountId": "The ID of the service account where the token was deleted.
", + "DeleteWorkspaceServiceAccountTokenResponse$tokenId": "The ID of the token that was deleted.
", "IdpMetadata$xml": "The full IdP metadata, in XML format.
", "InternalServerException$message": "A description of the error.
", "ListTagsForResourceRequest$resourceArn": "The ARN of the resource the list of tags are associated with.
", + "ListWorkspaceServiceAccountTokensRequest$serviceAccountId": "The ID of the service account for which to return tokens.
", + "ListWorkspaceServiceAccountTokensResponse$serviceAccountId": "The ID of the service account where the tokens reside.
", "ResourceNotFoundException$message": "The value of a parameter in the request caused an error.
", "ResourceNotFoundException$resourceId": "The ID of the resource that is associated with the error.
", "ResourceNotFoundException$resourceType": "The type of the resource that is associated with the error.
", + "ServiceAccountSummary$id": "The unique ID of the service account.
", + "ServiceAccountSummary$isDisabled": "Returns true if the service account is disabled. Service accounts can be disabled and enabled in the Amazon Managed Grafana console.
", + "ServiceAccountSummary$name": "The name of the service account.
", + "ServiceAccountTokenSummary$id": "The unique ID of the service account token.
", + "ServiceAccountTokenSummary$name": "The name of the service account token.
", + "ServiceAccountTokenSummaryWithKey$id": "The unique ID of the service account token.
", + "ServiceAccountTokenSummaryWithKey$name": "The name of the service account token.
", "ServiceQuotaExceededException$message": "A description of the error.
", "ServiceQuotaExceededException$quotaCode": "The ID of the service quota that was exceeded.
", "ServiceQuotaExceededException$resourceId": "The ID of the resource that is associated with the error.
", @@ -665,6 +823,9 @@ "Timestamp": { "base": null, "refs": { + "ServiceAccountTokenSummary$createdAt": "When the service account token was created.
", + "ServiceAccountTokenSummary$expiresAt": "When the service account token will expire.
", + "ServiceAccountTokenSummary$lastUsedAt": "The last time the token was used to authorize a Grafana HTTP API.
", "WorkspaceDescription$created": "The date that the workspace was created.
", "WorkspaceDescription$freeTrialExpiration": "If this workspace is currently in the free trial period for Grafana Enterprise, this value specifies when that free trial ends.
Amazon Managed Grafana workspaces no longer support Grafana Enterprise free trials.
If this workspace has a full Grafana Enterprise license purchased through Amazon Web Services Marketplace, this specifies when the license ends and will need to be renewed. Purchasing the Enterprise plugins option through Amazon Managed Grafana does not have an expiration. It is valid until the license is removed.
", @@ -840,15 +1001,27 @@ "AssociateLicenseRequest$workspaceId": "The ID of the workspace to associate the license with.
", "CreateWorkspaceApiKeyRequest$workspaceId": "The ID of the workspace to create an API key.
", "CreateWorkspaceApiKeyResponse$workspaceId": "The ID of the workspace that the key is valid for.
", + "CreateWorkspaceServiceAccountRequest$workspaceId": "The ID of the workspace within which to create the service account.
", + "CreateWorkspaceServiceAccountResponse$workspaceId": "The workspace with which the service account is associated.
", + "CreateWorkspaceServiceAccountTokenRequest$workspaceId": "The ID of the workspace the service account resides within.
", + "CreateWorkspaceServiceAccountTokenResponse$workspaceId": "The ID of the workspace where the token was created.
", "DeleteWorkspaceApiKeyRequest$workspaceId": "The ID of the workspace to delete.
", "DeleteWorkspaceApiKeyResponse$workspaceId": "The ID of the workspace where the key was deleted.
", "DeleteWorkspaceRequest$workspaceId": "The ID of the workspace to delete.
", + "DeleteWorkspaceServiceAccountRequest$workspaceId": "The ID of the workspace where the service account resides.
", + "DeleteWorkspaceServiceAccountResponse$workspaceId": "The ID of the workspace where the service account was deleted.
", + "DeleteWorkspaceServiceAccountTokenRequest$workspaceId": "The ID of the workspace from which to delete the token.
", + "DeleteWorkspaceServiceAccountTokenResponse$workspaceId": "The ID of the workspace where the token was deleted.
", "DescribeWorkspaceAuthenticationRequest$workspaceId": "The ID of the workspace to return authentication information about.
", "DescribeWorkspaceConfigurationRequest$workspaceId": "The ID of the workspace to get configuration information for.
", "DescribeWorkspaceRequest$workspaceId": "The ID of the workspace to display information about.
", "DisassociateLicenseRequest$workspaceId": "The ID of the workspace to remove the Grafana Enterprise license from.
", "ListPermissionsRequest$workspaceId": "The ID of the workspace to list permissions for. This parameter is required.
", "ListVersionsRequest$workspaceId": "The ID of the workspace to list the available upgrade versions. If not included, lists all versions of Grafana that are supported for CreateWorkspace.
The ID of the workspace for which to return tokens.
", + "ListWorkspaceServiceAccountTokensResponse$workspaceId": "The ID of the workspace where the tokens reside.
", + "ListWorkspaceServiceAccountsRequest$workspaceId": "The workspace for which to list service accounts.
", + "ListWorkspaceServiceAccountsResponse$workspaceId": "The workspace to which the service accounts are associated.
", "UpdatePermissionsRequest$workspaceId": "The ID of the workspace to update.
", "UpdateWorkspaceAuthenticationRequest$workspaceId": "The ID of the workspace to update the authentication for.
", "UpdateWorkspaceConfigurationRequest$workspaceId": "The ID of the workspace to update.
", diff --git a/models/apis/grafana/2020-08-18/paginators-1.json b/models/apis/grafana/2020-08-18/paginators-1.json index f2e804d5bb8..a63ddc9a780 100644 --- a/models/apis/grafana/2020-08-18/paginators-1.json +++ b/models/apis/grafana/2020-08-18/paginators-1.json @@ -12,6 +12,18 @@ "limit_key": "maxResults", "result_key": "grafanaVersions" }, + "ListWorkspaceServiceAccountTokens": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "serviceAccountTokens" + }, + "ListWorkspaceServiceAccounts": { + "input_token": "nextToken", + "output_token": "nextToken", + "limit_key": "maxResults", + "result_key": "serviceAccounts" + }, "ListWorkspaces": { "input_token": "nextToken", "output_token": "nextToken", diff --git a/models/apis/medical-imaging/2023-07-19/api-2.json b/models/apis/medical-imaging/2023-07-19/api-2.json index 3fec0981ffe..552ee7138fb 100644 --- a/models/apis/medical-imaging/2023-07-19/api-2.json +++ b/models/apis/medical-imaging/2023-07-19/api-2.json @@ -3,8 +3,8 @@ "metadata":{ "apiVersion":"2023-07-19", "endpointPrefix":"medical-imaging", - "jsonVersion":"1.1", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"AWS Health Imaging", "serviceId":"Medical Imaging", "signatureVersion":"v4", @@ -365,6 +365,12 @@ "type":"string", "pattern":"arn:aws((-us-gov)|(-iso)|(-iso-b)|(-cn))?:medical-imaging:[a-z0-9-]+:[0-9]{12}:datastore/[0-9a-z]{32}(/imageset/[0-9a-z]{32})?" }, + "AwsAccountId":{ + "type":"string", + "max":12, + "min":12, + "pattern":"\\d+" + }, "ClientToken":{ "type":"string", "max":64, @@ -1421,7 +1427,8 @@ "locationName":"datastoreId" }, "inputS3Uri":{"shape":"S3Uri"}, - "outputS3Uri":{"shape":"S3Uri"} + "outputS3Uri":{"shape":"S3Uri"}, + "inputOwnerAccountId":{"shape":"AwsAccountId"} } }, "StartDICOMImportJobResponse":{ diff --git a/models/apis/medical-imaging/2023-07-19/docs-2.json b/models/apis/medical-imaging/2023-07-19/docs-2.json index 0025b7d1fa4..29cd9ec70b2 100644 --- a/models/apis/medical-imaging/2023-07-19/docs-2.json +++ b/models/apis/medical-imaging/2023-07-19/docs-2.json @@ -15,7 +15,7 @@ "ListDatastores": "List data stores.
", "ListImageSetVersions": "List image set versions.
", "ListTagsForResource": "Lists all tags associated with a medical imaging resource.
", - "SearchImageSets": "Search image sets based on defined input attributes.
SearchImageSets accepts a single search query parameter and returns a paginated response of all image sets that have the matching criteria. All range queries must be input as (lowerBound, upperBound).
SearchImageSets uses the updatedAt field for sorting in decreasing order from latest to oldest.
Search image sets based on defined input attributes.
SearchImageSets accepts a single search query parameter and returns a paginated response of all image sets that have the matching criteria. All date range queries must be input as (lowerBound, upperBound).
By default, SearchImageSets uses the updatedAt field for sorting in descending order from newest to oldest.
Start importing bulk data into an ACTIVE data store. The import job imports DICOM P10 files found in the S3 prefix specified by the inputS3Uri parameter. The import job stores processing results in the file specified by the outputS3Uri parameter.
Adds a user-specifed key and value tag to a medical imaging resource.
", "UntagResource": "Removes tags from a medical imaging resource.
", @@ -40,6 +40,12 @@ "UntagResourceRequest$resourceArn": "The Amazon Resource Name (ARN) of the medical imaging resource that tags are being removed from.
" } }, + "AwsAccountId": { + "base": null, + "refs": { + "StartDICOMImportJobRequest$inputOwnerAccountId": "The account ID of the source S3 bucket owner.
" + } + }, "ClientToken": { "base": null, "refs": { diff --git a/models/apis/securityhub/2018-10-26/api-2.json b/models/apis/securityhub/2018-10-26/api-2.json index b4e35d1849d..fbb7f9091d0 100644 --- a/models/apis/securityhub/2018-10-26/api-2.json +++ b/models/apis/securityhub/2018-10-26/api-2.json @@ -5,6 +5,7 @@ "endpointPrefix":"securityhub", "jsonVersion":"1.1", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"AWS SecurityHub", "serviceId":"SecurityHub", "signatureVersion":"v4", diff --git a/models/apis/securityhub/2018-10-26/docs-2.json b/models/apis/securityhub/2018-10-26/docs-2.json index f37f62c152b..da0e024db26 100644 --- a/models/apis/securityhub/2018-10-26/docs-2.json +++ b/models/apis/securityhub/2018-10-26/docs-2.json @@ -4757,7 +4757,7 @@ "ComplianceStatus": { "base": null, "refs": { - "Compliance$Status": "The result of a standards check.
The valid values for Status are as follows.
PASSED - Standards check passed for all evaluated resources.
WARNING - Some information is missing or this check is not supported for your configuration.
FAILED - Standards check failed for at least one evaluated resource.
NOT_AVAILABLE - Check could not be performed due to a service outage, API error, or because the result of the Config evaluation was NOT_APPLICABLE. If the Config evaluation result was NOT_APPLICABLE, then after 3 days, Security Hub automatically archives the finding.
The result of a standards check.
The valid values for Status are as follows.
PASSED - Standards check passed for all evaluated resources.
WARNING - Some information is missing or this check is not supported for your configuration.
FAILED - Standards check failed for at least one evaluated resource.
NOT_AVAILABLE - Check could not be performed due to a service outage, API error, or because the result of the Config evaluation was NOT_APPLICABLE. If the Config evaluation result was NOT_APPLICABLE for a Security Hub control, Security Hub automatically archives the finding after 3 days.
Environment variable key-value pairs.
", "AwsOpenSearchServiceDomainDetails$DomainEndpoints": "The domain endpoints. Used if the OpenSearch domain resides in a VPC.
This is a map of key-value pairs. The key is always vpc. The value is the endpoint.
A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format.
Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 2048 characters.
", - "AwsSecurityFinding$UserDefinedFields": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
", + "AwsSecurityFinding$UserDefinedFields": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
Can contain up to 50 key-value pairs. For each key-value pair, the key can contain up to 128 characters, and the value can contain up to 1024 characters.
", "BatchUpdateFindingsRequest$UserDefinedFields": "A list of name/value string pairs associated with the finding. These are custom, user-defined fields added to a finding.
", - "Resource$Tags": "A list of Amazon Web Services tags associated with a resource at the time the finding was processed.
", + "Resource$Tags": "A list of Amazon Web Services tags associated with a resource at the time the finding was processed. Tags must follow Amazon Web Services tag naming limits and requirements.
", "ResourceDetails$Other": "Details about a resource that are not available in a type-specific details object. Use the Other object in the following cases.
The type-specific object does not contain all of the fields that you want to populate. In this case, first use the type-specific object to populate those fields. Use the Other object to populate the fields that are missing from the type-specific object.
The resource type does not have a corresponding object. This includes resources for which the type is Other.
Provides information about the file paths that were affected by the threat.
" + "Threat$FilePaths": "Provides information about the file paths that were affected by the threat.
Array Members: Minimum number of 1 item. Maximum number of 5 items.
" } }, "FilePaths": { @@ -5842,12 +5842,12 @@ "Network$SourcePort": "The source port of network-related information about a finding.
", "Network$DestinationPort": "The destination port of network-related information about a finding.
", "ParameterValue$Integer": "A control parameter that is an integer.
", - "PatchSummary$InstalledCount": "The number of patches from the compliance standard that were installed successfully.
", - "PatchSummary$MissingCount": "The number of patches that are part of the compliance standard but are not installed. The count includes patches that failed to install.
", - "PatchSummary$FailedCount": "The number of patches from the compliance standard that failed to install.
", - "PatchSummary$InstalledOtherCount": "The number of installed patches that are not part of the compliance standard.
", - "PatchSummary$InstalledRejectedCount": "The number of patches that are installed but are also on a list of patches that the customer rejected.
", - "PatchSummary$InstalledPendingReboot": "The number of patches that were applied, but that require the instance to be rebooted in order to be marked as installed.
", + "PatchSummary$InstalledCount": "The number of patches from the compliance standard that were installed successfully.
The value can be an integer from 0 to 100000.
The number of patches that are part of the compliance standard but are not installed. The count includes patches that failed to install.
The value can be an integer from 0 to 100000.
The number of patches from the compliance standard that failed to install.
The value can be an integer from 0 to 100000.
The number of installed patches that are not part of the compliance standard.
The value can be an integer from 0 to 100000.
The number of patches that are installed but are also on a list of patches that the customer rejected.
The value can be an integer from 0 to 100000.
The number of patches that were applied, but that require the instance to be rebooted in order to be marked as installed.
The value can be an integer from 0 to 100000.
The first port in the port range.
", "PortRange$End": "The last port in the port range.
", "PortRangeFromTo$From": "The first port in the port range.
", @@ -5860,7 +5860,7 @@ "RuleGroupSourceStatelessRuleMatchAttributesSourcePorts$FromPort": "The starting port value for the port range.
", "RuleGroupSourceStatelessRuleMatchAttributesSourcePorts$ToPort": "The ending port value for the port range.
", "RuleGroupSourceStatelessRulesDetails$Priority": "Indicates the order in which to run this rule relative to all of the rules in the stateless rule group.
", - "Severity$Normalized": "Deprecated. The normalized severity of a finding. Instead of providing Normalized, provide Label.
If you provide Label and do not provide Normalized, then Normalized is set automatically as follows.
INFORMATIONAL - 0
LOW - 1
MEDIUM - 40
HIGH - 70
CRITICAL - 90
Deprecated. The normalized severity of a finding. Instead of providing Normalized, provide Label.
The value of Normalized can be an integer between 0 and 100.
If you provide Label and do not provide Normalized, then Normalized is set automatically as follows.
INFORMATIONAL - 0
LOW - 1
MEDIUM - 40
HIGH - 70
CRITICAL - 90
The maximum number of list items that a string list control parameter can accept.
", "Threat$ItemCount": "This total number of items in which the threat has been detected.
", "UnprocessedAutomationRule$ErrorCode": "The error code associated with the unprocessed automation rule.
" @@ -6154,7 +6154,7 @@ "MalwareList": { "base": null, "refs": { - "AwsSecurityFinding$Malware": "A list of malware related to a finding.
" + "AwsSecurityFinding$Malware": "A list of malware related to a finding.
Array Members: Maximum number of 5 items.
" } }, "MalwareState": { @@ -6323,9 +6323,9 @@ "AccountIdList$member": null, "Action$ActionType": "The type of action that was detected. The possible action types are:
NETWORK_CONNECTION
AWS_API_CALL
DNS_REQUEST
PORT_PROBE
The IP address.
", - "ActionLocalPortDetails$PortName": "The port name of the local connection.
", + "ActionLocalPortDetails$PortName": "The port name of the local connection.
Length Constraints: 128.
", "ActionRemoteIpDetails$IpAddressV4": "The IP address.
", - "ActionRemotePortDetails$PortName": "The port name of the remote connection.
", + "ActionRemotePortDetails$PortName": "The port name of the remote connection.
Length Constraints: 128.
", "ActionTarget$ActionTargetArn": "The ARN for the target action.
", "ActionTarget$Name": "The name of the action target.
", "ActionTarget$Description": "The description of the target action.
", @@ -6376,12 +6376,12 @@ "AwsAmazonMqBrokerMaintenanceWindowStartTimeDetails$TimeZone": "The time zone in either the Country/City format or the UTC offset format. UTC is the default format.
", "AwsAmazonMqBrokerUsersDetails$PendingChange": "The type of change pending for the broker user.
", "AwsAmazonMqBrokerUsersDetails$Username": "The username of the broker user.
", - "AwsApiCallAction$Api": "The name of the API method that was issued.
", - "AwsApiCallAction$ServiceName": "The name of the Amazon Web Services service that the API method belongs to.
", + "AwsApiCallAction$Api": "The name of the API method that was issued.
Length Constraints: 128.
", + "AwsApiCallAction$ServiceName": "The name of the Amazon Web Services service that the API method belongs to.
Length Constraints: 128.
", "AwsApiCallAction$CallerType": "Indicates whether the API call originated from a remote IP address (remoteip) or from a DNS domain (domain).
A timestamp that indicates when the API call was first observed.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A timestamp that indicates when the API call was most recently observed.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The name of the DNS domain that issued the API call.
", + "AwsApiCallActionDomainDetails$Domain": "The name of the DNS domain that issued the API call.
Length Constraints: 128.
", "AwsApiGatewayAccessLogSettings$Format": "A single-line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId.
The ARN of the CloudWatch Logs log group that receives the access logs.
", "AwsApiGatewayCanarySettings$DeploymentId": "The deployment identifier for the canary deployment.
", @@ -7528,23 +7528,23 @@ "AwsSecretsManagerSecretDetails$RotationLambdaArn": "The ARN of the Lambda function that rotates the secret.
", "AwsSecretsManagerSecretDetails$Name": "The name of the secret.
", "AwsSecretsManagerSecretDetails$Description": "The user-provided description of the secret.
", - "AwsSecurityFinding$SchemaVersion": "The schema version that a finding is formatted for.
", - "AwsSecurityFinding$Id": "The security findings provider-specific identifier for a finding.
", - "AwsSecurityFinding$ProductArn": "The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
", - "AwsSecurityFinding$ProductName": "The name of the product that generated the finding.
Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.
When you use the Security Hub console or API to filter findings by product name, you use this attribute.
", - "AwsSecurityFinding$CompanyName": "The name of the company for the product that generated the finding.
Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.
When you use the Security Hub console or API to filter findings by company name, you use this attribute.
", - "AwsSecurityFinding$Region": "The Region from which the finding was generated.
Security Hub populates this attribute automatically for each finding. You cannot update it using BatchImportFindings or BatchUpdateFindings.
The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, etc.
", - "AwsSecurityFinding$AwsAccountId": "The Amazon Web Services account ID that a finding is generated in.
", + "AwsSecurityFinding$SchemaVersion": "The schema version that a finding is formatted for. The value is 2018-10-08.
The security findings provider-specific identifier for a finding.
Length Constraints: Minimum length of 1. Maximum length of 512.
", + "AwsSecurityFinding$ProductArn": "The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
Length Constraints: Minimum length of 12. Maximum length of 2048.
", + "AwsSecurityFinding$ProductName": "The name of the product that generated the finding.
Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.
When you use the Security Hub console or API to filter findings by product name, you use this attribute.
Length Constraints: Minimum length of 1. Maximum length of 128.
", + "AwsSecurityFinding$CompanyName": "The name of the company for the product that generated the finding.
Security Hub populates this attribute automatically for each finding. You cannot update this attribute with BatchImportFindings or BatchUpdateFindings. The exception to this is a custom integration.
When you use the Security Hub console or API to filter findings by company name, you use this attribute.
Length Constraints: Minimum length of 1. Maximum length of 128.
", + "AwsSecurityFinding$Region": "The Region from which the finding was generated.
Security Hub populates this attribute automatically for each finding. You cannot update it using BatchImportFindings or BatchUpdateFindings.
Length Constraints: Minimum length of 1. Maximum length of 16.
", + "AwsSecurityFinding$GeneratorId": "The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. In various security findings providers' solutions, this generator can be called a rule, a check, a detector, a plugin, or something else.
Length Constraints: Minimum length of 1. Maximum length of 512.
", + "AwsSecurityFinding$AwsAccountId": "The Amazon Web Services account ID that a finding is generated in.
Length Constraints: 12.
", "AwsSecurityFinding$FirstObservedAt": "Indicates when the security findings provider first observed the potential security issue that a finding captured.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider most recently observed the potential security issue that a finding captured.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider created the potential security issue that a finding captured.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the security findings provider last updated the finding record.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
A finding's title.
In this release, Title is a required property.
A finding's description.
In this release, Description is a required property.
A finding's title. Title is a required property.
Length Constraints: Minimum length of 1. Maximum length of 256.
", + "AwsSecurityFinding$Description": "A finding's description. Description is a required property.
Length Constraints: Minimum length of 1. Maximum length of 1024.
", "AwsSecurityFinding$SourceUrl": "A URL that links to a page about the current finding in the security findings provider's solution.
", - "AwsSecurityFinding$ProcessedAt": "A imestamp that indicates when Security Hub received a finding and begins to process it.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The name of the Amazon Web Services account from which a finding was generated.
", + "AwsSecurityFinding$ProcessedAt": "A timestamp that indicates when Security Hub received a finding and begins to process it.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The name of the Amazon Web Services account from which a finding was generated.
Length Constraints: Minimum length of 1. Maximum length of 50.
", "AwsSecurityFindingIdentifier$Id": "The identifier of the finding that was specified by the finding provider.
", "AwsSecurityFindingIdentifier$ProductArn": "The ARN generated by Security Hub that uniquely identifies a product that generates findings. This can be the ARN for a third-party product that is integrated with Security Hub, or the ARN for a custom integration.
", "AwsSnsTopicDetails$KmsMasterKeyId": "The ID of an Amazon Web Services managed key for Amazon SNS or a customer managed key.
", @@ -7715,8 +7715,8 @@ "DisableImportFindingsForProductRequest$ProductSubscriptionArn": "The ARN of the integrated product to disable the integration for.
", "DisableOrganizationAdminAccountRequest$AdminAccountId": "The Amazon Web Services account identifier of the Security Hub administrator account.
", "DisabledSecurityControlIdentifierList$member": null, - "DnsRequestAction$Domain": "The DNS domain that is associated with the DNS request.
", - "DnsRequestAction$Protocol": "The protocol that was used for the DNS request.
", + "DnsRequestAction$Domain": "The DNS domain that is associated with the DNS request.
Length Constraints: 128.
", + "DnsRequestAction$Protocol": "The protocol that was used for the DNS request.
Length Constraints: Minimum length of 1. Maximum length of 64.
", "EnableImportFindingsForProductRequest$ProductArn": "The ARN of the product to enable the integration for.
", "EnableImportFindingsForProductResponse$ProductSubscriptionArn": "The ARN of your subscription to the product to enable integrations for.
", "EnableOrganizationAdminAccountRequest$AdminAccountId": "The Amazon Web Services account identifier of the account to designate as the Security Hub administrator account.
", @@ -7725,16 +7725,16 @@ "EnumConfigurationOptions$DefaultValue": "The Security Hub default value for a control parameter that is an enum.
", "FieldMap$key": null, "FieldMap$value": null, - "FilePaths$FilePath": "Path to the infected or suspicious file on the resource it was detected on.
", - "FilePaths$FileName": "The name of the infected or suspicious file corresponding to the hash.
", - "FilePaths$ResourceId": "The Amazon Resource Name (ARN) of the resource on which the threat was detected.
", - "FilePaths$Hash": "The hash value for the infected or suspicious file.
", + "FilePaths$FilePath": "Path to the infected or suspicious file on the resource it was detected on.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", + "FilePaths$FileName": "The name of the infected or suspicious file corresponding to the hash.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", + "FilePaths$ResourceId": "The Amazon Resource Name (ARN) of the resource on which the threat was detected.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", + "FilePaths$Hash": "The hash value for the infected or suspicious file.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", "FindingAggregator$FindingAggregatorArn": "The ARN of the finding aggregator. You use the finding aggregator ARN to retrieve details for, update, and delete the finding aggregator.
", "FindingHistoryUpdate$UpdatedField": "The ASFF field that changed during the finding change event.
", "FindingHistoryUpdate$OldValue": "The value of the ASFF field before the finding change event.
", "FindingHistoryUpdate$NewValue": " The value of the ASFF field after the finding change event. To preserve storage and readability, Security Hub omits this value if FindingHistoryRecord exceeds database limits.
The identity of the source that initiated the finding change event. For example, the Amazon Resource Name (ARN) of a partner that calls BatchImportFindings or of a customer that calls BatchUpdateFindings.
", - "FindingProviderSeverity$Original": "The finding provider's original value for the severity.
", + "FindingProviderSeverity$Original": "The finding provider's original value for the severity.
Length Constraints: Minimum length of 1. Maximum length of 64.
", "FirewallPolicyStatefulRuleGroupReferencesDetails$ResourceArn": "The ARN of the stateful rule group.
", "FirewallPolicyStatelessCustomActionsDetails$ActionName": "The name of the custom action.
", "FirewallPolicyStatelessRuleGroupReferencesDetails$ResourceArn": "The ARN of the stateless rule group.
", @@ -7787,29 +7787,29 @@ "ListStandardsControlAssociationsRequest$SecurityControlId": " The identifier of the control (identified with SecurityControlId, SecurityControlArn, or a mix of both parameters) that you want to determine the enablement status of in each enabled standard.
The state code. The initial state of the load balancer is provisioning.
After the load balancer is fully set up and ready to route traffic, its state is active.
If the load balancer could not be set up, its state is failed.
", "LoadBalancerState$Reason": "A description of the state.
", - "Malware$Name": "The name of the malware that was observed.
", - "Malware$Path": "The file system path of the malware that was observed.
", + "Malware$Name": "The name of the malware that was observed.
Length Constraints: Minimum of 1. Maximum of 64.
", + "Malware$Path": "The file system path of the malware that was observed.
Length Constraints: Minimum of 1. Maximum of 512.
", "MapFilter$Key": "The key of the map filter. For example, for ResourceTags, Key identifies the name of the tag. For UserDefinedFields, Key is the name of the field.
The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called Department might be Security. If you provide security as the filter value, then there's no match.
The email address of the member account.
", "Member$MasterId": "This is replaced by AdministratorID.
The Amazon Web Services account ID of the Security Hub administrator account associated with this member account.
", "Member$AdministratorId": "The Amazon Web Services account ID of the Security Hub administrator account associated with this member account.
", "Member$MemberStatus": "The status of the relationship between the member account and its administrator account.
The status can have one of the following values:
Created - Indicates that the administrator account added the member account, but has not yet invited the member account.
Invited - Indicates that the administrator account invited the member account. The member account has not yet responded to the invitation.
Enabled - Indicates that the member account is currently active. For manually invited member accounts, indicates that the member account accepted the invitation.
Removed - Indicates that the administrator account disassociated the member account.
Resigned - Indicates that the member account disassociated themselves from the administrator account.
Deleted - Indicates that the administrator account deleted the member account.
AccountSuspended - Indicates that an organization account was suspended from Amazon Web Services at the same time that the administrator account tried to enable the organization account as a member account.
The protocol of network-related information about a finding.
", + "Network$Protocol": "The protocol of network-related information about a finding.
Length Constraints: Minimum of 1. Maximum of 16.
", "Network$SourceIpV4": "The source IPv4 address of network-related information about a finding.
", "Network$SourceIpV6": "The source IPv6 address of network-related information about a finding.
", - "Network$SourceDomain": "The source domain of network-related information about a finding.
", + "Network$SourceDomain": "The source domain of network-related information about a finding.
Length Constraints: Minimum of 1. Maximum of 128.
", "Network$SourceMac": "The source media access control (MAC) address of network-related information about a finding.
", "Network$DestinationIpV4": "The destination IPv4 address of network-related information about a finding.
", "Network$DestinationIpV6": "The destination IPv6 address of network-related information about a finding.
", - "Network$DestinationDomain": "The destination domain of network-related information about a finding.
", + "Network$DestinationDomain": "The destination domain of network-related information about a finding.
Length Constraints: Minimum of 1. Maximum of 128.
", "NetworkConnectionAction$ConnectionDirection": "The direction of the network connection request (IN or OUT).
The protocol used to make the network connection request.
", - "NetworkHeader$Protocol": "The protocol used for the component.
", - "NetworkPathComponent$ComponentId": "The identifier of a component in the network path.
", - "NetworkPathComponent$ComponentType": "The type of component.
", + "NetworkConnectionAction$Protocol": "The protocol used to make the network connection request.
Length Constraints: Minimum length of 1. Maximum length of 64.
", + "NetworkHeader$Protocol": "The protocol used for the component.
Length Constraints: Minimum of 1. Maximum of 16.
", + "NetworkPathComponent$ComponentId": "The identifier of a component in the network path.
Length Constraints: Minimum of 1. Maximum of 32.
", + "NetworkPathComponent$ComponentType": "The type of component.
Length Constraints: Minimum of 1. Maximum of 32.
", "NonEmptyStringList$member": null, - "Note$Text": "The text of a note.
", + "Note$Text": "The text of a note.
Length Constraints: Minimum of 1. Maximum of 512.
", "Note$UpdatedBy": "The principal that created a note.
", "Note$UpdatedAt": "A timestamp that indicates when the note was updated.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The updated note text.
", @@ -7820,13 +7820,13 @@ "ParameterValue$String": "A control parameter that is a string.
", "ParameterValue$Enum": "A control parameter that is an enum.
", "Parameters$key": null, - "PatchSummary$Id": "The identifier of the compliance standard that was used to determine the patch compliance status.
", + "PatchSummary$Id": "The identifier of the compliance standard that was used to determine the patch compliance status.
Length Constraints: Minimum length of 1. Maximum length of 256.
", "PatchSummary$OperationStartTime": "Indicates when the operation started.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the operation completed.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The reboot option specified for the instance.
", - "PatchSummary$Operation": "The type of patch operation performed. For Patch Manager, the values are SCAN and INSTALL.
The name of the process.
", - "ProcessDetails$Path": "The path to the process executable.
", + "PatchSummary$RebootOption": "The reboot option specified for the instance.
Length Constraints: Minimum length of 1. Maximum length of 256.
", + "PatchSummary$Operation": "The type of patch operation performed. For Patch Manager, the values are SCAN and INSTALL.
Length Constraints: Minimum length of 1. Maximum length of 256.
", + "ProcessDetails$Name": "The name of the process.
Length Constraints: Minimum of 1. Maximum of 64.
", + "ProcessDetails$Path": "The path to the process executable.
Length Constraints: Minimum of 1. Maximum of 512.
", "ProcessDetails$LaunchedAt": "Indicates when the process was launched.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
Indicates when the process was terminated.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The ARN assigned to the product.
", @@ -7838,15 +7838,15 @@ "Product$ProductSubscriptionResourcePolicy": "The resource policy associated with the product.
", "ProductSubscriptionArnList$member": null, "PropagatingVgwSetDetails$GatewayId": "The ID of the virtual private gateway.
", - "Recommendation$Text": "Describes the recommended steps to take to remediate an issue identified in a finding.
", + "Recommendation$Text": "Describes the recommended steps to take to remediate an issue identified in a finding.
Length Constraints: Minimum of 1 length. Maximum of 512 length.
", "Recommendation$Url": "A URL to a page or site that contains information about how to remediate a finding.
", "Record$JsonPath": "The path, as a JSONPath expression, to the field in the record that contains the data. If the field name is longer than 20 characters, it is truncated. If the path is longer than 250 characters, it is truncated.
", "RelatedFinding$ProductArn": "The ARN of the product that generated a related finding.
", "RelatedFinding$Id": "The product-generated identifier for a related finding.
", "RelatedRequirementsList$member": null, - "Resource$Type": "The type of the resource that details are provided for. If possible, set Type to one of the supported resource types. For example, if the resource is an EC2 instance, then set Type to AwsEc2Instance.
If the resource does not match any of the provided types, then set Type to Other.
The type of the resource that details are provided for. If possible, set Type to one of the supported resource types. For example, if the resource is an EC2 instance, then set Type to AwsEc2Instance.
If the resource does not match any of the provided types, then set Type to Other.
Length Constraints: Minimum length of 1. Maximum length of 256.
", "Resource$Id": "The canonical identifier for the given resource type.
", - "Resource$Region": "The canonical Amazon Web Services external Region name where this resource is located.
", + "Resource$Region": "The canonical Amazon Web Services external Region name where this resource is located.
Length Constraints: Minimum length of 1. Maximum length of 16.
", "Resource$ResourceRole": "Identifies the role of the resource in the finding. A resource is either the actor or target of the finding activity,
", "Resource$ApplicationName": "The name of the application that is related to a finding.
", "Resource$ApplicationArn": "The Amazon Resource Name (ARN) of the application that is related to a finding.
", @@ -7901,7 +7901,7 @@ "SecurityGroups$member": null, "SensitiveDataDetections$Type": "The type of sensitive data that was detected. For example, the type might indicate that the data is an email address.
", "SensitiveDataResult$Category": "The category of sensitive data that was detected. For example, the category can indicate that the sensitive data involved credentials, financial information, or personal information.
", - "Severity$Original": "The native severity from the finding product that generated the finding.
", + "Severity$Original": "The native severity from the finding product that generated the finding.
Length Constraints: Minimum length of 1. Maximum length of 64.
", "SoftwarePackage$Name": "The name of the software package.
", "SoftwarePackage$Version": "The version of the software package.
", "SoftwarePackage$Epoch": "The epoch of the software package.
", @@ -7967,11 +7967,11 @@ "Target$AccountId": "The Amazon Web Services account ID of the target account.
", "Target$OrganizationalUnitId": "The organizational unit ID of the target organizational unit.
", "Target$RootId": "The ID of the organization root.
", - "Threat$Name": "The name of the threat.
", - "Threat$Severity": "The severity of the threat.
", - "ThreatIntelIndicator$Value": "The value of a threat intelligence indicator.
", + "Threat$Name": "The name of the threat.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", + "Threat$Severity": "The severity of the threat.
Length Constraints: Minimum of 1 length. Maximum of 128 length.
", + "ThreatIntelIndicator$Value": "The value of a threat intelligence indicator.
Length Constraints: Minimum of 1 length. Maximum of 512 length.
", "ThreatIntelIndicator$LastObservedAt": "Indicates when the most recent instance of a threat intelligence indicator was observed.
This field accepts only the specified formats. Timestamps can end with Z or (\"+\" / \"-\") time-hour [\":\" time-minute]. The time-secfrac after seconds is limited to a maximum of 9 digits. The offset is bounded by +/-18:00. Here are valid timestamp formats with examples:
YYYY-MM-DDTHH:MM:SSZ (for example, 2019-01-31T23:00:00Z)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmmZ (for example, 2019-01-31T23:00:00.123456789Z)
YYYY-MM-DDTHH:MM:SS+HH:MM (for example, 2024-01-04T15:25:10+17:59)
YYYY-MM-DDTHH:MM:SS-HHMM (for example, 2024-01-04T15:25:10-1759)
YYYY-MM-DDTHH:MM:SS.mmmmmmmmm+HH:MM (for example, 2024-01-04T15:25:10.123456789+17:59)
The source of the threat intelligence indicator.
", + "ThreatIntelIndicator$Source": "The source of the threat intelligence indicator.
Length Constraints: Minimum of 1 length. Maximum of 64 length.
", "ThreatIntelIndicator$SourceUrl": "The URL to the page or site where you can get more information about the threat intelligence indicator.
", "TypeList$member": null, "UnprocessedAutomationRule$RuleArn": "The Amazon Resource Name (ARN) for the unprocessed automation rule.
", @@ -8386,7 +8386,7 @@ "base": null, "refs": { "AutomationRulesFindingFieldsUpdate$RelatedFindings": " The rule action updates the RelatedFindings field of a finding.
A list of related findings.
", + "AwsSecurityFinding$RelatedFindings": "A list of related findings.
Array Members: Minimum number of 1 item. Maximum number of 10 items.
", "BatchUpdateFindingsRequest$RelatedFindings": "A list of findings that are related to the updated findings.
", "FindingProviderFields$RelatedFindings": "A list of findings that are related to the current finding.
" } @@ -8394,7 +8394,7 @@ "RelatedRequirementsList": { "base": null, "refs": { - "Compliance$RelatedRequirements": "For a control, the industry or regulatory framework requirements that are related to the control. The check for that control is aligned with these requirements.
", + "Compliance$RelatedRequirements": "For a control, the industry or regulatory framework requirements that are related to the control. The check for that control is aligned with these requirements.
Array Members: Maximum number of 32 items.
", "StandardsControl$RelatedRequirements": "The list of requirements that are related to this control.
", "StandardsControlAssociationDetail$RelatedRequirements": "The requirement that underlies a control in the compliance framework related to the standard.
", "StandardsControlAssociationSummary$RelatedRequirements": "The requirement that underlies this control in the compliance framework related to the standard.
" @@ -8439,7 +8439,7 @@ "ResourceList": { "base": null, "refs": { - "AwsSecurityFinding$Resources": "A set of resource data types that describe the resources that the finding refers to.
" + "AwsSecurityFinding$Resources": "A set of resource data types that describe the resources that the finding refers to.
Array Members: Minimum number of 1 item. Maximum number of 32 items.
" } }, "ResourceNotFoundException": { @@ -9295,7 +9295,7 @@ "ThreatIntelIndicatorList": { "base": null, "refs": { - "AwsSecurityFinding$ThreatIntelIndicators": "Threat intelligence details related to a finding.
" + "AwsSecurityFinding$ThreatIntelIndicators": "Threat intelligence details related to a finding.
Array Members: Minimum number of 1 item. Maximum number of 5 items.
" } }, "ThreatIntelIndicatorType": { @@ -9307,7 +9307,7 @@ "ThreatList": { "base": null, "refs": { - "AwsSecurityFinding$Threats": "Details about the threat detected in a security finding and the file paths that were affected by the threat.
" + "AwsSecurityFinding$Threats": "Details about the threat detected in a security finding and the file paths that were affected by the threat.
Array Members: Minimum number of 1 item. Maximum number of 32 items.
" } }, "Timestamp": { @@ -9342,10 +9342,10 @@ "base": null, "refs": { "AutomationRulesFindingFieldsUpdate$Types": " The rule action updates the Types field of a finding.
One or more finding types in the format of namespace/category/classifier that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
", + "AwsSecurityFinding$Types": "One or more finding types in the format of namespace/category/classifier that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
Array Members: Maximum number of 50 items.
", "BatchUpdateFindingsRequest$Types": "One or more finding types in the format of namespace/category/classifier that classify a finding.
Valid namespace values are as follows.
Software and Configuration Checks
TTPs
Effects
Unusual Behaviors
Sensitive Data Identifications
One or more finding types in the format of namespace/category/classifier that classify a finding.
Valid namespace values are: Software and Configuration Checks | TTPs | Effects | Unusual Behaviors | Sensitive Data Identifications
", - "GeneratorDetails$Labels": "An array of tags used to identify the detector associated with the finding.
", + "GeneratorDetails$Labels": "An array of tags used to identify the detector associated with the finding.
Array Members: Minimum number of 0 items. Maximum number of 10 items.
", "SecurityControlParameter$Value": "The current value of a control parameter.
", "VulnerabilityCodeVulnerabilities$Cwes": "The Common Weakness Enumeration (CWE) item associated with the detected code vulnerability.
" } diff --git a/service/bedrockagentruntime/api.go b/service/bedrockagentruntime/api.go index 31dde1437d2..4e271702323 100644 --- a/service/bedrockagentruntime/api.go +++ b/service/bedrockagentruntime/api.go @@ -4525,6 +4525,7 @@ func (e *ResponseStreamUnknownEvent) UnmarshalEvent( // Specifies the filters to use on the metadata attributes in the knowledge // base data sources before returning results. For more information, see Query // configurations (https://docs.aws.amazon.com/bedrock/latest/userguide/kb-test-config.html). +// See the examples below to see how to use these filters. // // This data type is used in the following API operations: // @@ -4536,12 +4537,12 @@ func (e *ResponseStreamUnknownEvent) UnmarshalEvent( type RetrievalFilter struct { _ struct{} `type:"structure" sensitive:"true"` - // Knowledge base data sources whose metadata attributes fulfill all the filter - // conditions inside this list are returned. + // Knowledge base data sources are returned if their metadata attributes fulfill + // all the filter conditions inside this list. AndAll []*RetrievalFilter `locationName:"andAll" min:"2" type:"list"` - // Knowledge base data sources whose metadata attributes fulfill at least one - // of the filter conditions inside this list are returned. + // Knowledge base data sources are returned if their metadata attributes fulfill + // at least one of the filter conditions inside this list. OrAll []*RetrievalFilter `locationName:"orAll" min:"2" type:"list"` } diff --git a/service/codebuild/api.go b/service/codebuild/api.go index c5d48fd9e72..837d954028b 100644 --- a/service/codebuild/api.go +++ b/service/codebuild/api.go @@ -5755,8 +5755,8 @@ type Build struct { // When the build process started, expressed in Unix time format. StartTime *time.Time `locationName:"startTime" type:"timestamp"` - // How long, in minutes, for CodeBuild to wait before timing out this build - // if it does not get marked as completed. + // How long, in minutes, from 5 to 480 (8 hours), for CodeBuild to wait before + // timing out this build if it does not get marked as completed. TimeoutInMinutes *int64 `locationName:"timeoutInMinutes" type:"integer"` // If your CodeBuild project accesses resources in an Amazon VPC, you provide @@ -7399,6 +7399,9 @@ type CreateFleetInput struct { // EnvironmentType is a required field EnvironmentType *string `locationName:"environmentType" type:"string" required:"true" enum:"EnvironmentType"` + // The service role associated with the compute fleet. + FleetServiceRole *string `locationName:"fleetServiceRole" min:"1" type:"string"` + // The name of the compute fleet. // // Name is a required field @@ -7410,7 +7413,11 @@ type CreateFleetInput struct { // existing fleet instance to become available. // // * For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild - // on-demand. + // on-demand. If you choose to set your overflow behavior to on-demand while + // creating a VPC-connected fleet, make sure that you add the required VPC + // permissions to your project service role. For more information, see Example + // policy statement to allow CodeBuild access to Amazon Web Services services + // required to create a VPC network interface (https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface). OverflowBehavior *string `locationName:"overflowBehavior" type:"string" enum:"FleetOverflowBehavior"` // The scaling configuration of the compute fleet. @@ -7421,6 +7428,9 @@ type CreateFleetInput struct { // These tags are available for use by Amazon Web Services services that support // CodeBuild build project tags. Tags []*Tag `locationName:"tags" type:"list"` + + // Information about the VPC configuration that CodeBuild accesses. + VpcConfig *VpcConfig `locationName:"vpcConfig" type:"structure"` } // String returns the string representation. @@ -7456,6 +7466,9 @@ func (s *CreateFleetInput) Validate() error { if s.EnvironmentType == nil { invalidParams.Add(request.NewErrParamRequired("EnvironmentType")) } + if s.FleetServiceRole != nil && len(*s.FleetServiceRole) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FleetServiceRole", 1)) + } if s.Name == nil { invalidParams.Add(request.NewErrParamRequired("Name")) } @@ -7477,6 +7490,11 @@ func (s *CreateFleetInput) Validate() error { } } } + if s.VpcConfig != nil { + if err := s.VpcConfig.Validate(); err != nil { + invalidParams.AddNested("VpcConfig", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -7502,6 +7520,12 @@ func (s *CreateFleetInput) SetEnvironmentType(v string) *CreateFleetInput { return s } +// SetFleetServiceRole sets the FleetServiceRole field's value. +func (s *CreateFleetInput) SetFleetServiceRole(v string) *CreateFleetInput { + s.FleetServiceRole = &v + return s +} + // SetName sets the Name field's value. func (s *CreateFleetInput) SetName(v string) *CreateFleetInput { s.Name = &v @@ -7526,6 +7550,12 @@ func (s *CreateFleetInput) SetTags(v []*Tag) *CreateFleetInput { return s } +// SetVpcConfig sets the VpcConfig field's value. +func (s *CreateFleetInput) SetVpcConfig(v *VpcConfig) *CreateFleetInput { + s.VpcConfig = v + return s +} + type CreateFleetOutput struct { _ struct{} `type:"structure"` @@ -7653,6 +7683,8 @@ type CreateProjectInput struct { // commit ID is used. If not specified, the default branch's HEAD commit // ID is used. // + // * For GitLab: the commit ID, branch, or Git tag to use. + // // * For Bitbucket: the commit ID, branch name, or tag name that corresponds // to the version of the source code you want to build. If a branch name // is specified, the branch's HEAD commit ID is used. If not specified, the @@ -7680,6 +7712,8 @@ type CreateProjectInput struct { TimeoutInMinutes *int64 `locationName:"timeoutInMinutes" min:"5" type:"integer"` // VpcConfig enables CodeBuild to access resources in an Amazon VPC. + // + // If you're using compute fleets during project creation, do not provide vpcConfig. VpcConfig *VpcConfig `locationName:"vpcConfig" type:"structure"` } @@ -9549,6 +9583,9 @@ type Fleet struct { // in the CodeBuild user guide. EnvironmentType *string `locationName:"environmentType" type:"string" enum:"EnvironmentType"` + // The service role associated with the compute fleet. + FleetServiceRole *string `locationName:"fleetServiceRole" min:"1" type:"string"` + // The ID of the compute fleet. Id *string `locationName:"id" min:"1" type:"string"` @@ -9564,7 +9601,11 @@ type Fleet struct { // existing fleet instance to become available. // // * For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild - // on-demand. + // on-demand. If you choose to set your overflow behavior to on-demand while + // creating a VPC-connected fleet, make sure that you add the required VPC + // permissions to your project service role. For more information, see Example + // policy statement to allow CodeBuild access to Amazon Web Services services + // required to create a VPC network interface (https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface). OverflowBehavior *string `locationName:"overflowBehavior" type:"string" enum:"FleetOverflowBehavior"` // The scaling configuration of the compute fleet. @@ -9578,6 +9619,9 @@ type Fleet struct { // These tags are available for use by Amazon Web Services services that support // CodeBuild build project tags. Tags []*Tag `locationName:"tags" type:"list"` + + // Information about the VPC configuration that CodeBuild accesses. + VpcConfig *VpcConfig `locationName:"vpcConfig" type:"structure"` } // String returns the string representation. @@ -9628,6 +9672,12 @@ func (s *Fleet) SetEnvironmentType(v string) *Fleet { return s } +// SetFleetServiceRole sets the FleetServiceRole field's value. +func (s *Fleet) SetFleetServiceRole(v string) *Fleet { + s.FleetServiceRole = &v + return s +} + // SetId sets the Id field's value. func (s *Fleet) SetId(v string) *Fleet { s.Id = &v @@ -9670,6 +9720,12 @@ func (s *Fleet) SetTags(v []*Tag) *Fleet { return s } +// SetVpcConfig sets the VpcConfig field's value. +func (s *Fleet) SetVpcConfig(v *VpcConfig) *Fleet { + s.VpcConfig = v + return s +} + // The status of the compute fleet. type FleetStatus struct { _ struct{} `type:"structure"` @@ -10031,8 +10087,9 @@ type ImportSourceCredentialsInput struct { _ struct{} `type:"structure"` // The type of authentication used to connect to a GitHub, GitHub Enterprise, - // or Bitbucket repository. An OAUTH connection is not supported by the API - // and must be created using the CodeBuild console. + // GitLab, GitLab Self Managed, or Bitbucket repository. An OAUTH connection + // is not supported by the API and must be created using the CodeBuild console. + // Note that CODECONNECTIONS is only valid for GitLab and GitLab Self Managed. // // AuthType is a required field AuthType *string `locationName:"authType" type:"string" required:"true" enum:"AuthType"` @@ -10048,7 +10105,8 @@ type ImportSourceCredentialsInput struct { ShouldOverwrite *bool `locationName:"shouldOverwrite" type:"boolean"` // For GitHub or GitHub Enterprise, this is the personal access token. For Bitbucket, - // this is either the access token or the app password. + // this is either the access token or the app password. For the authType CODECONNECTIONS, + // this is the connectionArn. // // Token is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by ImportSourceCredentialsInput's @@ -12257,6 +12315,8 @@ type Project struct { // commit ID is used. If not specified, the default branch's HEAD commit // ID is used. // + // * For GitLab: the commit ID, branch, or Git tag to use. + // // * For Bitbucket: the commit ID, branch name, or tag name that corresponds // to the version of the source code you want to build. If a branch name // is specified, the branch's HEAD commit ID is used. If not specified, the @@ -13645,13 +13705,15 @@ type ProjectSourceVersion struct { // // * For CodeCommit: the commit ID, branch, or Git tag to use. // - // * For GitHub or GitLab: the commit ID, pull request ID, branch name, or - // tag name that corresponds to the version of the source code you want to - // build. If a pull request ID is specified, it must use the format pr/pull-request-ID + // * For GitHub: the commit ID, pull request ID, branch name, or tag name + // that corresponds to the version of the source code you want to build. + // If a pull request ID is specified, it must use the format pr/pull-request-ID // (for example, pr/25). If a branch name is specified, the branch's HEAD // commit ID is used. If not specified, the default branch's HEAD commit // ID is used. // + // * For GitLab: the commit ID, branch, or Git tag to use. + // // * For Bitbucket: the commit ID, branch name, or tag name that corresponds // to the version of the source code you want to build. If a branch name // is specified, the branch's HEAD commit ID is used. If not specified, the @@ -15868,7 +15930,7 @@ type StartBuildInput struct { // An authorization type for this build that overrides the one defined in the // build project. This override applies only if the build project's source is - // BitBucket or GitHub. + // BitBucket, GitHub, GitLab, or GitLab Self Managed. SourceAuthOverride *SourceAuth `locationName:"sourceAuthOverride" type:"structure"` // A location that overrides, for this build, the source location for the one @@ -15895,6 +15957,10 @@ type StartBuildInput struct { // If a branch name is specified, the branch's HEAD commit ID is used. If not // specified, the default branch's HEAD commit ID is used. // + // GitLab + // + // The commit ID, branch, or Git tag to use. + // // Bitbucket // // The commit ID, branch name, or tag name that corresponds to the version of @@ -16816,13 +16882,20 @@ type UpdateFleetInput struct { // in the CodeBuild user guide. EnvironmentType *string `locationName:"environmentType" type:"string" enum:"EnvironmentType"` + // The service role associated with the compute fleet. + FleetServiceRole *string `locationName:"fleetServiceRole" min:"1" type:"string"` + // The compute fleet overflow behavior. // // * For overflow behavior QUEUE, your overflow builds need to wait on the // existing fleet instance to become available. // // * For overflow behavior ON_DEMAND, your overflow builds run on CodeBuild - // on-demand. + // on-demand. If you choose to set your overflow behavior to on-demand while + // creating a VPC-connected fleet, make sure that you add the required VPC + // permissions to your project service role. For more information, see Example + // policy statement to allow CodeBuild access to Amazon Web Services services + // required to create a VPC network interface (https://docs.aws.amazon.com/codebuild/latest/userguide/auth-and-access-control-iam-identity-based-access-control.html#customer-managed-policies-example-create-vpc-network-interface). OverflowBehavior *string `locationName:"overflowBehavior" type:"string" enum:"FleetOverflowBehavior"` // The scaling configuration of the compute fleet. @@ -16833,6 +16906,9 @@ type UpdateFleetInput struct { // These tags are available for use by Amazon Web Services services that support // CodeBuild build project tags. Tags []*Tag `locationName:"tags" type:"list"` + + // Information about the VPC configuration that CodeBuild accesses. + VpcConfig *VpcConfig `locationName:"vpcConfig" type:"structure"` } // String returns the string representation. @@ -16865,6 +16941,9 @@ func (s *UpdateFleetInput) Validate() error { if s.BaseCapacity != nil && *s.BaseCapacity < 1 { invalidParams.Add(request.NewErrParamMinValue("BaseCapacity", 1)) } + if s.FleetServiceRole != nil && len(*s.FleetServiceRole) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FleetServiceRole", 1)) + } if s.ScalingConfiguration != nil { if err := s.ScalingConfiguration.Validate(); err != nil { invalidParams.AddNested("ScalingConfiguration", err.(request.ErrInvalidParams)) @@ -16880,6 +16959,11 @@ func (s *UpdateFleetInput) Validate() error { } } } + if s.VpcConfig != nil { + if err := s.VpcConfig.Validate(); err != nil { + invalidParams.AddNested("VpcConfig", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -16911,6 +16995,12 @@ func (s *UpdateFleetInput) SetEnvironmentType(v string) *UpdateFleetInput { return s } +// SetFleetServiceRole sets the FleetServiceRole field's value. +func (s *UpdateFleetInput) SetFleetServiceRole(v string) *UpdateFleetInput { + s.FleetServiceRole = &v + return s +} + // SetOverflowBehavior sets the OverflowBehavior field's value. func (s *UpdateFleetInput) SetOverflowBehavior(v string) *UpdateFleetInput { s.OverflowBehavior = &v @@ -16929,6 +17019,12 @@ func (s *UpdateFleetInput) SetTags(v []*Tag) *UpdateFleetInput { return s } +// SetVpcConfig sets the VpcConfig field's value. +func (s *UpdateFleetInput) SetVpcConfig(v *VpcConfig) *UpdateFleetInput { + s.VpcConfig = v + return s +} + type UpdateFleetOutput struct { _ struct{} `type:"structure"` @@ -17054,6 +17150,8 @@ type UpdateProjectInput struct { // commit ID is used. If not specified, the default branch's HEAD commit // ID is used. // + // * For GitLab: the commit ID, branch, or Git tag to use. + // // * For Bitbucket: the commit ID, branch name, or tag name that corresponds // to the version of the source code you want to build. If a branch name // is specified, the branch's HEAD commit ID is used. If not specified, the @@ -18431,6 +18529,9 @@ const ( // FleetContextCodeUpdateFailed is a FleetContextCode enum value FleetContextCodeUpdateFailed = "UPDATE_FAILED" + + // FleetContextCodeActionRequired is a FleetContextCode enum value + FleetContextCodeActionRequired = "ACTION_REQUIRED" ) // FleetContextCode_Values returns all elements of the FleetContextCode enum @@ -18438,6 +18539,7 @@ func FleetContextCode_Values() []string { return []string{ FleetContextCodeCreateFailed, FleetContextCodeUpdateFailed, + FleetContextCodeActionRequired, } } diff --git a/service/datasync/api.go b/service/datasync/api.go index 75dcfc067c9..2381c62d1db 100644 --- a/service/datasync/api.go +++ b/service/datasync/api.go @@ -18808,6 +18808,9 @@ const ( // TaskExecutionStatusQueued is a TaskExecutionStatus enum value TaskExecutionStatusQueued = "QUEUED" + // TaskExecutionStatusCancelling is a TaskExecutionStatus enum value + TaskExecutionStatusCancelling = "CANCELLING" + // TaskExecutionStatusLaunching is a TaskExecutionStatus enum value TaskExecutionStatusLaunching = "LAUNCHING" @@ -18831,6 +18834,7 @@ const ( func TaskExecutionStatus_Values() []string { return []string{ TaskExecutionStatusQueued, + TaskExecutionStatusCancelling, TaskExecutionStatusLaunching, TaskExecutionStatusPreparing, TaskExecutionStatusTransferring, diff --git a/service/managedgrafana/api.go b/service/managedgrafana/api.go index d1c89488a5d..1b7adfa2ffb 100644 --- a/service/managedgrafana/api.go +++ b/service/managedgrafana/api.go @@ -56,9 +56,10 @@ func (c *ManagedGrafana) AssociateLicenseRequest(input *AssociateLicenseInput) ( // AssociateLicense API operation for Amazon Managed Grafana. // -// Assigns a Grafana Enterprise license to a workspace. Upgrading to Grafana -// Enterprise incurs additional fees. For more information, see Upgrade a workspace -// to Grafana Enterprise (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html). +// Assigns a Grafana Enterprise license to a workspace. To upgrade, you must +// use ENTERPRISE for the licenseType, and pass in a valid Grafana Labs token +// for the grafanaToken. Upgrading to Grafana Enterprise incurs additional fees. +// For more information, see Upgrade a workspace to Grafana Enterprise (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -253,6 +254,9 @@ func (c *ManagedGrafana) CreateWorkspaceApiKeyRequest(input *CreateWorkspaceApiK // (https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html) // for available APIs and example requests. // +// In workspaces compatible with Grafana version 9 or above, use workspace service +// accounts instead of API keys. API keys will be removed in a future release. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -305,57 +309,71 @@ func (c *ManagedGrafana) CreateWorkspaceApiKeyWithContext(ctx aws.Context, input return out, req.Send() } -const opDeleteWorkspace = "DeleteWorkspace" +const opCreateWorkspaceServiceAccount = "CreateWorkspaceServiceAccount" -// DeleteWorkspaceRequest generates a "aws/request.Request" representing the -// client's request for the DeleteWorkspace operation. The "output" return +// CreateWorkspaceServiceAccountRequest generates a "aws/request.Request" representing the +// client's request for the CreateWorkspaceServiceAccount operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteWorkspace for more information on using the DeleteWorkspace +// See CreateWorkspaceServiceAccount for more information on using the CreateWorkspaceServiceAccount // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteWorkspaceRequest method. -// req, resp := client.DeleteWorkspaceRequest(params) +// // Example sending a request using the CreateWorkspaceServiceAccountRequest method. +// req, resp := client.CreateWorkspaceServiceAccountRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspace -func (c *ManagedGrafana) DeleteWorkspaceRequest(input *DeleteWorkspaceInput) (req *request.Request, output *DeleteWorkspaceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspaceServiceAccount +func (c *ManagedGrafana) CreateWorkspaceServiceAccountRequest(input *CreateWorkspaceServiceAccountInput) (req *request.Request, output *CreateWorkspaceServiceAccountOutput) { op := &request.Operation{ - Name: opDeleteWorkspace, - HTTPMethod: "DELETE", - HTTPPath: "/workspaces/{workspaceId}", + Name: opCreateWorkspaceServiceAccount, + HTTPMethod: "POST", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts", } if input == nil { - input = &DeleteWorkspaceInput{} + input = &CreateWorkspaceServiceAccountInput{} } - output = &DeleteWorkspaceOutput{} + output = &CreateWorkspaceServiceAccountOutput{} req = c.newRequest(op, input, output) return } -// DeleteWorkspace API operation for Amazon Managed Grafana. +// CreateWorkspaceServiceAccount API operation for Amazon Managed Grafana. // -// Deletes an Amazon Managed Grafana workspace. +// Creates a service account for the workspace. A service account can be used +// to call Grafana HTTP APIs, and run automated workloads. After creating the +// service account with the correct GrafanaRole for your use case, use CreateWorkspaceServiceAccountToken +// to create a token that can be used to authenticate and authorize Grafana +// HTTP API calls. +// +// You can only create service accounts for workspaces that are compatible with +// Grafana version 9 and above. +// +// For more information about service accounts, see Service accounts (https://docs.aws.amazon.com/grafana/latest/userguide/service-accounts.html) +// in the Amazon Managed Grafana User Guide. +// +// For more information about the Grafana HTTP APIs, see Using Grafana HTTP +// APIs (https://docs.aws.amazon.com/grafana/latest/userguide/Using-Grafana-APIs.html) +// in the Amazon Managed Grafana User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DeleteWorkspace for usage and error information. +// API operation CreateWorkspaceServiceAccount for usage and error information. // // Returned Error Types: // @@ -377,79 +395,95 @@ func (c *ManagedGrafana) DeleteWorkspaceRequest(input *DeleteWorkspaceInput) (re // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspace -func (c *ManagedGrafana) DeleteWorkspace(input *DeleteWorkspaceInput) (*DeleteWorkspaceOutput, error) { - req, out := c.DeleteWorkspaceRequest(input) +// - ServiceQuotaExceededException +// The request would cause a service quota to be exceeded. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspaceServiceAccount +func (c *ManagedGrafana) CreateWorkspaceServiceAccount(input *CreateWorkspaceServiceAccountInput) (*CreateWorkspaceServiceAccountOutput, error) { + req, out := c.CreateWorkspaceServiceAccountRequest(input) return out, req.Send() } -// DeleteWorkspaceWithContext is the same as DeleteWorkspace with the addition of +// CreateWorkspaceServiceAccountWithContext is the same as CreateWorkspaceServiceAccount with the addition of // the ability to pass a context and additional request options. // -// See DeleteWorkspace for details on how to use this API operation. +// See CreateWorkspaceServiceAccount for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DeleteWorkspaceWithContext(ctx aws.Context, input *DeleteWorkspaceInput, opts ...request.Option) (*DeleteWorkspaceOutput, error) { - req, out := c.DeleteWorkspaceRequest(input) +func (c *ManagedGrafana) CreateWorkspaceServiceAccountWithContext(ctx aws.Context, input *CreateWorkspaceServiceAccountInput, opts ...request.Option) (*CreateWorkspaceServiceAccountOutput, error) { + req, out := c.CreateWorkspaceServiceAccountRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteWorkspaceApiKey = "DeleteWorkspaceApiKey" +const opCreateWorkspaceServiceAccountToken = "CreateWorkspaceServiceAccountToken" -// DeleteWorkspaceApiKeyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteWorkspaceApiKey operation. The "output" return +// CreateWorkspaceServiceAccountTokenRequest generates a "aws/request.Request" representing the +// client's request for the CreateWorkspaceServiceAccountToken operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteWorkspaceApiKey for more information on using the DeleteWorkspaceApiKey +// See CreateWorkspaceServiceAccountToken for more information on using the CreateWorkspaceServiceAccountToken // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteWorkspaceApiKeyRequest method. -// req, resp := client.DeleteWorkspaceApiKeyRequest(params) +// // Example sending a request using the CreateWorkspaceServiceAccountTokenRequest method. +// req, resp := client.CreateWorkspaceServiceAccountTokenRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceApiKey -func (c *ManagedGrafana) DeleteWorkspaceApiKeyRequest(input *DeleteWorkspaceApiKeyInput) (req *request.Request, output *DeleteWorkspaceApiKeyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspaceServiceAccountToken +func (c *ManagedGrafana) CreateWorkspaceServiceAccountTokenRequest(input *CreateWorkspaceServiceAccountTokenInput) (req *request.Request, output *CreateWorkspaceServiceAccountTokenOutput) { op := &request.Operation{ - Name: opDeleteWorkspaceApiKey, - HTTPMethod: "DELETE", - HTTPPath: "/workspaces/{workspaceId}/apikeys/{keyName}", + Name: opCreateWorkspaceServiceAccountToken, + HTTPMethod: "POST", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens", } if input == nil { - input = &DeleteWorkspaceApiKeyInput{} + input = &CreateWorkspaceServiceAccountTokenInput{} } - output = &DeleteWorkspaceApiKeyOutput{} + output = &CreateWorkspaceServiceAccountTokenOutput{} req = c.newRequest(op, input, output) return } -// DeleteWorkspaceApiKey API operation for Amazon Managed Grafana. +// CreateWorkspaceServiceAccountToken API operation for Amazon Managed Grafana. // -// Deletes a Grafana API key for the workspace. +// Creates a token that can be used to authenticate and authorize Grafana HTTP +// API operations for the given workspace service account (https://docs.aws.amazon.com/grafana/latest/userguide/service-accounts.html). +// The service account acts as a user for the API operations, and defines the +// permissions that are used by the API. +// +// When you create the service account token, you will receive a key that is +// used when calling Grafana APIs. Do not lose this key, as it will not be retrievable +// again. +// +// If you do lose the key, you can delete the token and recreate it to receive +// a new key. This will disable the initial key. +// +// Service accounts are only available for workspaces that are compatible with +// Grafana version 9 and above. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DeleteWorkspaceApiKey for usage and error information. +// API operation CreateWorkspaceServiceAccountToken for usage and error information. // // Returned Error Types: // @@ -471,79 +505,82 @@ func (c *ManagedGrafana) DeleteWorkspaceApiKeyRequest(input *DeleteWorkspaceApiK // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceApiKey -func (c *ManagedGrafana) DeleteWorkspaceApiKey(input *DeleteWorkspaceApiKeyInput) (*DeleteWorkspaceApiKeyOutput, error) { - req, out := c.DeleteWorkspaceApiKeyRequest(input) +// - ServiceQuotaExceededException +// The request would cause a service quota to be exceeded. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/CreateWorkspaceServiceAccountToken +func (c *ManagedGrafana) CreateWorkspaceServiceAccountToken(input *CreateWorkspaceServiceAccountTokenInput) (*CreateWorkspaceServiceAccountTokenOutput, error) { + req, out := c.CreateWorkspaceServiceAccountTokenRequest(input) return out, req.Send() } -// DeleteWorkspaceApiKeyWithContext is the same as DeleteWorkspaceApiKey with the addition of +// CreateWorkspaceServiceAccountTokenWithContext is the same as CreateWorkspaceServiceAccountToken with the addition of // the ability to pass a context and additional request options. // -// See DeleteWorkspaceApiKey for details on how to use this API operation. +// See CreateWorkspaceServiceAccountToken for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DeleteWorkspaceApiKeyWithContext(ctx aws.Context, input *DeleteWorkspaceApiKeyInput, opts ...request.Option) (*DeleteWorkspaceApiKeyOutput, error) { - req, out := c.DeleteWorkspaceApiKeyRequest(input) +func (c *ManagedGrafana) CreateWorkspaceServiceAccountTokenWithContext(ctx aws.Context, input *CreateWorkspaceServiceAccountTokenInput, opts ...request.Option) (*CreateWorkspaceServiceAccountTokenOutput, error) { + req, out := c.CreateWorkspaceServiceAccountTokenRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeWorkspace = "DescribeWorkspace" +const opDeleteWorkspace = "DeleteWorkspace" -// DescribeWorkspaceRequest generates a "aws/request.Request" representing the -// client's request for the DescribeWorkspace operation. The "output" return +// DeleteWorkspaceRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkspace operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeWorkspace for more information on using the DescribeWorkspace +// See DeleteWorkspace for more information on using the DeleteWorkspace // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeWorkspaceRequest method. -// req, resp := client.DescribeWorkspaceRequest(params) +// // Example sending a request using the DeleteWorkspaceRequest method. +// req, resp := client.DeleteWorkspaceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspace -func (c *ManagedGrafana) DescribeWorkspaceRequest(input *DescribeWorkspaceInput) (req *request.Request, output *DescribeWorkspaceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspace +func (c *ManagedGrafana) DeleteWorkspaceRequest(input *DeleteWorkspaceInput) (req *request.Request, output *DeleteWorkspaceOutput) { op := &request.Operation{ - Name: opDescribeWorkspace, - HTTPMethod: "GET", + Name: opDeleteWorkspace, + HTTPMethod: "DELETE", HTTPPath: "/workspaces/{workspaceId}", } if input == nil { - input = &DescribeWorkspaceInput{} + input = &DeleteWorkspaceInput{} } - output = &DescribeWorkspaceOutput{} + output = &DeleteWorkspaceOutput{} req = c.newRequest(op, input, output) return } -// DescribeWorkspace API operation for Amazon Managed Grafana. +// DeleteWorkspace API operation for Amazon Managed Grafana. // -// Displays information about one Amazon Managed Grafana workspace. +// Deletes an Amazon Managed Grafana workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DescribeWorkspace for usage and error information. +// API operation DeleteWorkspace for usage and error information. // // Returned Error Types: // @@ -553,6 +590,9 @@ func (c *ManagedGrafana) DescribeWorkspaceRequest(input *DescribeWorkspaceInput) // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// // - ValidationException // The value of a parameter in the request caused an error. // @@ -562,80 +602,82 @@ func (c *ManagedGrafana) DescribeWorkspaceRequest(input *DescribeWorkspaceInput) // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspace -func (c *ManagedGrafana) DescribeWorkspace(input *DescribeWorkspaceInput) (*DescribeWorkspaceOutput, error) { - req, out := c.DescribeWorkspaceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspace +func (c *ManagedGrafana) DeleteWorkspace(input *DeleteWorkspaceInput) (*DeleteWorkspaceOutput, error) { + req, out := c.DeleteWorkspaceRequest(input) return out, req.Send() } -// DescribeWorkspaceWithContext is the same as DescribeWorkspace with the addition of +// DeleteWorkspaceWithContext is the same as DeleteWorkspace with the addition of // the ability to pass a context and additional request options. // -// See DescribeWorkspace for details on how to use this API operation. +// See DeleteWorkspace for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DescribeWorkspaceWithContext(ctx aws.Context, input *DescribeWorkspaceInput, opts ...request.Option) (*DescribeWorkspaceOutput, error) { - req, out := c.DescribeWorkspaceRequest(input) +func (c *ManagedGrafana) DeleteWorkspaceWithContext(ctx aws.Context, input *DeleteWorkspaceInput, opts ...request.Option) (*DeleteWorkspaceOutput, error) { + req, out := c.DeleteWorkspaceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeWorkspaceAuthentication = "DescribeWorkspaceAuthentication" +const opDeleteWorkspaceApiKey = "DeleteWorkspaceApiKey" -// DescribeWorkspaceAuthenticationRequest generates a "aws/request.Request" representing the -// client's request for the DescribeWorkspaceAuthentication operation. The "output" return +// DeleteWorkspaceApiKeyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkspaceApiKey operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeWorkspaceAuthentication for more information on using the DescribeWorkspaceAuthentication +// See DeleteWorkspaceApiKey for more information on using the DeleteWorkspaceApiKey // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeWorkspaceAuthenticationRequest method. -// req, resp := client.DescribeWorkspaceAuthenticationRequest(params) +// // Example sending a request using the DeleteWorkspaceApiKeyRequest method. +// req, resp := client.DeleteWorkspaceApiKeyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceAuthentication -func (c *ManagedGrafana) DescribeWorkspaceAuthenticationRequest(input *DescribeWorkspaceAuthenticationInput) (req *request.Request, output *DescribeWorkspaceAuthenticationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceApiKey +func (c *ManagedGrafana) DeleteWorkspaceApiKeyRequest(input *DeleteWorkspaceApiKeyInput) (req *request.Request, output *DeleteWorkspaceApiKeyOutput) { op := &request.Operation{ - Name: opDescribeWorkspaceAuthentication, - HTTPMethod: "GET", - HTTPPath: "/workspaces/{workspaceId}/authentication", + Name: opDeleteWorkspaceApiKey, + HTTPMethod: "DELETE", + HTTPPath: "/workspaces/{workspaceId}/apikeys/{keyName}", } if input == nil { - input = &DescribeWorkspaceAuthenticationInput{} + input = &DeleteWorkspaceApiKeyInput{} } - output = &DescribeWorkspaceAuthenticationOutput{} + output = &DeleteWorkspaceApiKeyOutput{} req = c.newRequest(op, input, output) return } -// DescribeWorkspaceAuthentication API operation for Amazon Managed Grafana. +// DeleteWorkspaceApiKey API operation for Amazon Managed Grafana. // -// Displays information about the authentication methods used in one Amazon -// Managed Grafana workspace. +// Deletes a Grafana API key for the workspace. +// +// In workspaces compatible with Grafana version 9 or above, use workspace service +// accounts instead of API keys. API keys will be removed in a future release. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DescribeWorkspaceAuthentication for usage and error information. +// API operation DeleteWorkspaceApiKey for usage and error information. // // Returned Error Types: // @@ -645,6 +687,9 @@ func (c *ManagedGrafana) DescribeWorkspaceAuthenticationRequest(input *DescribeW // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// // - ValidationException // The value of a parameter in the request caused an error. // @@ -654,79 +699,86 @@ func (c *ManagedGrafana) DescribeWorkspaceAuthenticationRequest(input *DescribeW // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceAuthentication -func (c *ManagedGrafana) DescribeWorkspaceAuthentication(input *DescribeWorkspaceAuthenticationInput) (*DescribeWorkspaceAuthenticationOutput, error) { - req, out := c.DescribeWorkspaceAuthenticationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceApiKey +func (c *ManagedGrafana) DeleteWorkspaceApiKey(input *DeleteWorkspaceApiKeyInput) (*DeleteWorkspaceApiKeyOutput, error) { + req, out := c.DeleteWorkspaceApiKeyRequest(input) return out, req.Send() } -// DescribeWorkspaceAuthenticationWithContext is the same as DescribeWorkspaceAuthentication with the addition of +// DeleteWorkspaceApiKeyWithContext is the same as DeleteWorkspaceApiKey with the addition of // the ability to pass a context and additional request options. // -// See DescribeWorkspaceAuthentication for details on how to use this API operation. +// See DeleteWorkspaceApiKey for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DescribeWorkspaceAuthenticationWithContext(ctx aws.Context, input *DescribeWorkspaceAuthenticationInput, opts ...request.Option) (*DescribeWorkspaceAuthenticationOutput, error) { - req, out := c.DescribeWorkspaceAuthenticationRequest(input) +func (c *ManagedGrafana) DeleteWorkspaceApiKeyWithContext(ctx aws.Context, input *DeleteWorkspaceApiKeyInput, opts ...request.Option) (*DeleteWorkspaceApiKeyOutput, error) { + req, out := c.DeleteWorkspaceApiKeyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeWorkspaceConfiguration = "DescribeWorkspaceConfiguration" +const opDeleteWorkspaceServiceAccount = "DeleteWorkspaceServiceAccount" -// DescribeWorkspaceConfigurationRequest generates a "aws/request.Request" representing the -// client's request for the DescribeWorkspaceConfiguration operation. The "output" return +// DeleteWorkspaceServiceAccountRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkspaceServiceAccount operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeWorkspaceConfiguration for more information on using the DescribeWorkspaceConfiguration +// See DeleteWorkspaceServiceAccount for more information on using the DeleteWorkspaceServiceAccount // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeWorkspaceConfigurationRequest method. -// req, resp := client.DescribeWorkspaceConfigurationRequest(params) +// // Example sending a request using the DeleteWorkspaceServiceAccountRequest method. +// req, resp := client.DeleteWorkspaceServiceAccountRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfiguration -func (c *ManagedGrafana) DescribeWorkspaceConfigurationRequest(input *DescribeWorkspaceConfigurationInput) (req *request.Request, output *DescribeWorkspaceConfigurationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceServiceAccount +func (c *ManagedGrafana) DeleteWorkspaceServiceAccountRequest(input *DeleteWorkspaceServiceAccountInput) (req *request.Request, output *DeleteWorkspaceServiceAccountOutput) { op := &request.Operation{ - Name: opDescribeWorkspaceConfiguration, - HTTPMethod: "GET", - HTTPPath: "/workspaces/{workspaceId}/configuration", + Name: opDeleteWorkspaceServiceAccount, + HTTPMethod: "DELETE", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}", } if input == nil { - input = &DescribeWorkspaceConfigurationInput{} + input = &DeleteWorkspaceServiceAccountInput{} } - output = &DescribeWorkspaceConfigurationOutput{} + output = &DeleteWorkspaceServiceAccountOutput{} req = c.newRequest(op, input, output) return } -// DescribeWorkspaceConfiguration API operation for Amazon Managed Grafana. +// DeleteWorkspaceServiceAccount API operation for Amazon Managed Grafana. // -// Gets the current configuration string for the given workspace. +// Deletes a workspace service account from the workspace. +// +// This will delete any tokens created for the service account, as well. If +// the tokens are currently in use, the will fail to authenticate / authorize +// after they are deleted. +// +// Service accounts are only available for workspaces that are compatible with +// Grafana version 9 and above. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DescribeWorkspaceConfiguration for usage and error information. +// API operation DeleteWorkspaceServiceAccount for usage and error information. // // Returned Error Types: // @@ -736,85 +788,98 @@ func (c *ManagedGrafana) DescribeWorkspaceConfigurationRequest(input *DescribeWo // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// // - AccessDeniedException // You do not have sufficient permissions to perform this action. // // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfiguration -func (c *ManagedGrafana) DescribeWorkspaceConfiguration(input *DescribeWorkspaceConfigurationInput) (*DescribeWorkspaceConfigurationOutput, error) { - req, out := c.DescribeWorkspaceConfigurationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceServiceAccount +func (c *ManagedGrafana) DeleteWorkspaceServiceAccount(input *DeleteWorkspaceServiceAccountInput) (*DeleteWorkspaceServiceAccountOutput, error) { + req, out := c.DeleteWorkspaceServiceAccountRequest(input) return out, req.Send() } -// DescribeWorkspaceConfigurationWithContext is the same as DescribeWorkspaceConfiguration with the addition of +// DeleteWorkspaceServiceAccountWithContext is the same as DeleteWorkspaceServiceAccount with the addition of // the ability to pass a context and additional request options. // -// See DescribeWorkspaceConfiguration for details on how to use this API operation. +// See DeleteWorkspaceServiceAccount for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DescribeWorkspaceConfigurationWithContext(ctx aws.Context, input *DescribeWorkspaceConfigurationInput, opts ...request.Option) (*DescribeWorkspaceConfigurationOutput, error) { - req, out := c.DescribeWorkspaceConfigurationRequest(input) +func (c *ManagedGrafana) DeleteWorkspaceServiceAccountWithContext(ctx aws.Context, input *DeleteWorkspaceServiceAccountInput, opts ...request.Option) (*DeleteWorkspaceServiceAccountOutput, error) { + req, out := c.DeleteWorkspaceServiceAccountRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDisassociateLicense = "DisassociateLicense" +const opDeleteWorkspaceServiceAccountToken = "DeleteWorkspaceServiceAccountToken" -// DisassociateLicenseRequest generates a "aws/request.Request" representing the -// client's request for the DisassociateLicense operation. The "output" return +// DeleteWorkspaceServiceAccountTokenRequest generates a "aws/request.Request" representing the +// client's request for the DeleteWorkspaceServiceAccountToken operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DisassociateLicense for more information on using the DisassociateLicense +// See DeleteWorkspaceServiceAccountToken for more information on using the DeleteWorkspaceServiceAccountToken // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DisassociateLicenseRequest method. -// req, resp := client.DisassociateLicenseRequest(params) +// // Example sending a request using the DeleteWorkspaceServiceAccountTokenRequest method. +// req, resp := client.DeleteWorkspaceServiceAccountTokenRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DisassociateLicense -func (c *ManagedGrafana) DisassociateLicenseRequest(input *DisassociateLicenseInput) (req *request.Request, output *DisassociateLicenseOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceServiceAccountToken +func (c *ManagedGrafana) DeleteWorkspaceServiceAccountTokenRequest(input *DeleteWorkspaceServiceAccountTokenInput) (req *request.Request, output *DeleteWorkspaceServiceAccountTokenOutput) { op := &request.Operation{ - Name: opDisassociateLicense, + Name: opDeleteWorkspaceServiceAccountToken, HTTPMethod: "DELETE", - HTTPPath: "/workspaces/{workspaceId}/licenses/{licenseType}", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens/{tokenId}", } if input == nil { - input = &DisassociateLicenseInput{} + input = &DeleteWorkspaceServiceAccountTokenInput{} } - output = &DisassociateLicenseOutput{} + output = &DeleteWorkspaceServiceAccountTokenOutput{} req = c.newRequest(op, input, output) return } -// DisassociateLicense API operation for Amazon Managed Grafana. +// DeleteWorkspaceServiceAccountToken API operation for Amazon Managed Grafana. // -// Removes the Grafana Enterprise license from a workspace. +// Deletes a token for the workspace service account. +// +// This will disable the key associated with the token. If any automation is +// currently using the key, it will no longer be authenticated or authorized +// to perform actions with the Grafana HTTP APIs. +// +// Service accounts are only available for workspaces that are compatible with +// Grafana version 9 and above. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation DisassociateLicense for usage and error information. +// API operation DeleteWorkspaceServiceAccountToken for usage and error information. // // Returned Error Types: // @@ -824,6 +889,9 @@ func (c *ManagedGrafana) DisassociateLicenseRequest(input *DisassociateLicenseIn // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// // - ValidationException // The value of a parameter in the request caused an error. // @@ -833,89 +901,79 @@ func (c *ManagedGrafana) DisassociateLicenseRequest(input *DisassociateLicenseIn // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DisassociateLicense -func (c *ManagedGrafana) DisassociateLicense(input *DisassociateLicenseInput) (*DisassociateLicenseOutput, error) { - req, out := c.DisassociateLicenseRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DeleteWorkspaceServiceAccountToken +func (c *ManagedGrafana) DeleteWorkspaceServiceAccountToken(input *DeleteWorkspaceServiceAccountTokenInput) (*DeleteWorkspaceServiceAccountTokenOutput, error) { + req, out := c.DeleteWorkspaceServiceAccountTokenRequest(input) return out, req.Send() } -// DisassociateLicenseWithContext is the same as DisassociateLicense with the addition of +// DeleteWorkspaceServiceAccountTokenWithContext is the same as DeleteWorkspaceServiceAccountToken with the addition of // the ability to pass a context and additional request options. // -// See DisassociateLicense for details on how to use this API operation. +// See DeleteWorkspaceServiceAccountToken for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) DisassociateLicenseWithContext(ctx aws.Context, input *DisassociateLicenseInput, opts ...request.Option) (*DisassociateLicenseOutput, error) { - req, out := c.DisassociateLicenseRequest(input) +func (c *ManagedGrafana) DeleteWorkspaceServiceAccountTokenWithContext(ctx aws.Context, input *DeleteWorkspaceServiceAccountTokenInput, opts ...request.Option) (*DeleteWorkspaceServiceAccountTokenOutput, error) { + req, out := c.DeleteWorkspaceServiceAccountTokenRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListPermissions = "ListPermissions" +const opDescribeWorkspace = "DescribeWorkspace" -// ListPermissionsRequest generates a "aws/request.Request" representing the -// client's request for the ListPermissions operation. The "output" return +// DescribeWorkspaceRequest generates a "aws/request.Request" representing the +// client's request for the DescribeWorkspace operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListPermissions for more information on using the ListPermissions +// See DescribeWorkspace for more information on using the DescribeWorkspace // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListPermissionsRequest method. -// req, resp := client.ListPermissionsRequest(params) +// // Example sending a request using the DescribeWorkspaceRequest method. +// req, resp := client.DescribeWorkspaceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListPermissions -func (c *ManagedGrafana) ListPermissionsRequest(input *ListPermissionsInput) (req *request.Request, output *ListPermissionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspace +func (c *ManagedGrafana) DescribeWorkspaceRequest(input *DescribeWorkspaceInput) (req *request.Request, output *DescribeWorkspaceOutput) { op := &request.Operation{ - Name: opListPermissions, + Name: opDescribeWorkspace, HTTPMethod: "GET", - HTTPPath: "/workspaces/{workspaceId}/permissions", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "maxResults", - TruncationToken: "", - }, + HTTPPath: "/workspaces/{workspaceId}", } if input == nil { - input = &ListPermissionsInput{} + input = &DescribeWorkspaceInput{} } - output = &ListPermissionsOutput{} + output = &DescribeWorkspaceOutput{} req = c.newRequest(op, input, output) return } -// ListPermissions API operation for Amazon Managed Grafana. +// DescribeWorkspace API operation for Amazon Managed Grafana. // -// Lists the users and groups who have the Grafana Admin and Editor roles in -// this workspace. If you use this operation without specifying userId or groupId, -// the operation returns the roles of all users and groups. If you specify a -// userId or a groupId, only the roles for that user or group are returned. -// If you do this, you can specify only one userId or one groupId. +// Displays information about one Amazon Managed Grafana workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation ListPermissions for usage and error information. +// API operation DescribeWorkspace for usage and error information. // // Returned Error Types: // @@ -934,132 +992,80 @@ func (c *ManagedGrafana) ListPermissionsRequest(input *ListPermissionsInput) (re // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListPermissions -func (c *ManagedGrafana) ListPermissions(input *ListPermissionsInput) (*ListPermissionsOutput, error) { - req, out := c.ListPermissionsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspace +func (c *ManagedGrafana) DescribeWorkspace(input *DescribeWorkspaceInput) (*DescribeWorkspaceOutput, error) { + req, out := c.DescribeWorkspaceRequest(input) return out, req.Send() } -// ListPermissionsWithContext is the same as ListPermissions with the addition of +// DescribeWorkspaceWithContext is the same as DescribeWorkspace with the addition of // the ability to pass a context and additional request options. // -// See ListPermissions for details on how to use this API operation. +// See DescribeWorkspace for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) ListPermissionsWithContext(ctx aws.Context, input *ListPermissionsInput, opts ...request.Option) (*ListPermissionsOutput, error) { - req, out := c.ListPermissionsRequest(input) +func (c *ManagedGrafana) DescribeWorkspaceWithContext(ctx aws.Context, input *DescribeWorkspaceInput, opts ...request.Option) (*DescribeWorkspaceOutput, error) { + req, out := c.DescribeWorkspaceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListPermissionsPages iterates over the pages of a ListPermissions operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListPermissions method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListPermissions operation. -// pageNum := 0 -// err := client.ListPermissionsPages(params, -// func(page *managedgrafana.ListPermissionsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *ManagedGrafana) ListPermissionsPages(input *ListPermissionsInput, fn func(*ListPermissionsOutput, bool) bool) error { - return c.ListPermissionsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListPermissionsPagesWithContext same as ListPermissionsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *ManagedGrafana) ListPermissionsPagesWithContext(ctx aws.Context, input *ListPermissionsInput, fn func(*ListPermissionsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListPermissionsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListPermissionsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListPermissionsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListTagsForResource = "ListTagsForResource" +const opDescribeWorkspaceAuthentication = "DescribeWorkspaceAuthentication" -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return +// DescribeWorkspaceAuthenticationRequest generates a "aws/request.Request" representing the +// client's request for the DescribeWorkspaceAuthentication operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsForResource for more information on using the ListTagsForResource +// See DescribeWorkspaceAuthentication for more information on using the DescribeWorkspaceAuthentication // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) +// // Example sending a request using the DescribeWorkspaceAuthenticationRequest method. +// req, resp := client.DescribeWorkspaceAuthenticationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListTagsForResource -func (c *ManagedGrafana) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceAuthentication +func (c *ManagedGrafana) DescribeWorkspaceAuthenticationRequest(input *DescribeWorkspaceAuthenticationInput) (req *request.Request, output *DescribeWorkspaceAuthenticationOutput) { op := &request.Operation{ - Name: opListTagsForResource, + Name: opDescribeWorkspaceAuthentication, HTTPMethod: "GET", - HTTPPath: "/tags/{resourceArn}", + HTTPPath: "/workspaces/{workspaceId}/authentication", } if input == nil { - input = &ListTagsForResourceInput{} + input = &DescribeWorkspaceAuthenticationInput{} } - output = &ListTagsForResourceOutput{} + output = &DescribeWorkspaceAuthenticationOutput{} req = c.newRequest(op, input, output) return } -// ListTagsForResource API operation for Amazon Managed Grafana. +// DescribeWorkspaceAuthentication API operation for Amazon Managed Grafana. // -// The ListTagsForResource operation returns the tags that are associated with -// the Amazon Managed Service for Grafana resource specified by the resourceArn. -// Currently, the only resource that can be tagged is a workspace. +// Displays information about the authentication methods used in one Amazon +// Managed Grafana workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation ListTagsForResource for usage and error information. +// API operation DescribeWorkspaceAuthentication for usage and error information. // // Returned Error Types: // @@ -1069,6 +1075,9 @@ func (c *ManagedGrafana) ListTagsForResourceRequest(input *ListTagsForResourceIn // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// // - ValidationException // The value of a parameter in the request caused an error. // @@ -1078,86 +1087,79 @@ func (c *ManagedGrafana) ListTagsForResourceRequest(input *ListTagsForResourceIn // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListTagsForResource -func (c *ManagedGrafana) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceAuthentication +func (c *ManagedGrafana) DescribeWorkspaceAuthentication(input *DescribeWorkspaceAuthenticationInput) (*DescribeWorkspaceAuthenticationOutput, error) { + req, out := c.DescribeWorkspaceAuthenticationRequest(input) return out, req.Send() } -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// DescribeWorkspaceAuthenticationWithContext is the same as DescribeWorkspaceAuthentication with the addition of // the ability to pass a context and additional request options. // -// See ListTagsForResource for details on how to use this API operation. +// See DescribeWorkspaceAuthentication for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +func (c *ManagedGrafana) DescribeWorkspaceAuthenticationWithContext(ctx aws.Context, input *DescribeWorkspaceAuthenticationInput, opts ...request.Option) (*DescribeWorkspaceAuthenticationOutput, error) { + req, out := c.DescribeWorkspaceAuthenticationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListVersions = "ListVersions" +const opDescribeWorkspaceConfiguration = "DescribeWorkspaceConfiguration" -// ListVersionsRequest generates a "aws/request.Request" representing the -// client's request for the ListVersions operation. The "output" return +// DescribeWorkspaceConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the DescribeWorkspaceConfiguration operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListVersions for more information on using the ListVersions +// See DescribeWorkspaceConfiguration for more information on using the DescribeWorkspaceConfiguration // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListVersionsRequest method. -// req, resp := client.ListVersionsRequest(params) +// // Example sending a request using the DescribeWorkspaceConfigurationRequest method. +// req, resp := client.DescribeWorkspaceConfigurationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListVersions -func (c *ManagedGrafana) ListVersionsRequest(input *ListVersionsInput) (req *request.Request, output *ListVersionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfiguration +func (c *ManagedGrafana) DescribeWorkspaceConfigurationRequest(input *DescribeWorkspaceConfigurationInput) (req *request.Request, output *DescribeWorkspaceConfigurationOutput) { op := &request.Operation{ - Name: opListVersions, + Name: opDescribeWorkspaceConfiguration, HTTPMethod: "GET", - HTTPPath: "/versions", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "maxResults", - TruncationToken: "", - }, + HTTPPath: "/workspaces/{workspaceId}/configuration", } if input == nil { - input = &ListVersionsInput{} + input = &DescribeWorkspaceConfigurationInput{} } - output = &ListVersionsOutput{} + output = &DescribeWorkspaceConfigurationOutput{} req = c.newRequest(op, input, output) return } -// ListVersions API operation for Amazon Managed Grafana. +// DescribeWorkspaceConfiguration API operation for Amazon Managed Grafana. // -// Lists available versions of Grafana. These are available when calling CreateWorkspace. -// Optionally, include a workspace to list the versions to which it can be upgraded. +// Gets the current configuration string for the given workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation ListVersions for usage and error information. +// API operation DescribeWorkspaceConfiguration for usage and error information. // // Returned Error Types: // @@ -1167,217 +1169,262 @@ func (c *ManagedGrafana) ListVersionsRequest(input *ListVersionsInput) (req *req // - ThrottlingException // The request was denied because of request throttling. Retry the request. // -// - ValidationException -// The value of a parameter in the request caused an error. -// // - AccessDeniedException // You do not have sufficient permissions to perform this action. // // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListVersions -func (c *ManagedGrafana) ListVersions(input *ListVersionsInput) (*ListVersionsOutput, error) { - req, out := c.ListVersionsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DescribeWorkspaceConfiguration +func (c *ManagedGrafana) DescribeWorkspaceConfiguration(input *DescribeWorkspaceConfigurationInput) (*DescribeWorkspaceConfigurationOutput, error) { + req, out := c.DescribeWorkspaceConfigurationRequest(input) return out, req.Send() } -// ListVersionsWithContext is the same as ListVersions with the addition of +// DescribeWorkspaceConfigurationWithContext is the same as DescribeWorkspaceConfiguration with the addition of // the ability to pass a context and additional request options. // -// See ListVersions for details on how to use this API operation. +// See DescribeWorkspaceConfiguration for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) ListVersionsWithContext(ctx aws.Context, input *ListVersionsInput, opts ...request.Option) (*ListVersionsOutput, error) { - req, out := c.ListVersionsRequest(input) +func (c *ManagedGrafana) DescribeWorkspaceConfigurationWithContext(ctx aws.Context, input *DescribeWorkspaceConfigurationInput, opts ...request.Option) (*DescribeWorkspaceConfigurationOutput, error) { + req, out := c.DescribeWorkspaceConfigurationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListVersionsPages iterates over the pages of a ListVersions operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See ListVersions method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a ListVersions operation. -// pageNum := 0 -// err := client.ListVersionsPages(params, -// func(page *managedgrafana.ListVersionsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *ManagedGrafana) ListVersionsPages(input *ListVersionsInput, fn func(*ListVersionsOutput, bool) bool) error { - return c.ListVersionsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// ListVersionsPagesWithContext same as ListVersionsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *ManagedGrafana) ListVersionsPagesWithContext(ctx aws.Context, input *ListVersionsInput, fn func(*ListVersionsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - NewRequest: func() (*request.Request, error) { - var inCpy *ListVersionsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.ListVersionsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*ListVersionsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opListWorkspaces = "ListWorkspaces" +const opDisassociateLicense = "DisassociateLicense" -// ListWorkspacesRequest generates a "aws/request.Request" representing the -// client's request for the ListWorkspaces operation. The "output" return +// DisassociateLicenseRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateLicense operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListWorkspaces for more information on using the ListWorkspaces +// See DisassociateLicense for more information on using the DisassociateLicense // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListWorkspacesRequest method. -// req, resp := client.ListWorkspacesRequest(params) +// // Example sending a request using the DisassociateLicenseRequest method. +// req, resp := client.DisassociateLicenseRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaces -func (c *ManagedGrafana) ListWorkspacesRequest(input *ListWorkspacesInput) (req *request.Request, output *ListWorkspacesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DisassociateLicense +func (c *ManagedGrafana) DisassociateLicenseRequest(input *DisassociateLicenseInput) (req *request.Request, output *DisassociateLicenseOutput) { op := &request.Operation{ - Name: opListWorkspaces, - HTTPMethod: "GET", - HTTPPath: "/workspaces", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "maxResults", - TruncationToken: "", - }, + Name: opDisassociateLicense, + HTTPMethod: "DELETE", + HTTPPath: "/workspaces/{workspaceId}/licenses/{licenseType}", } if input == nil { - input = &ListWorkspacesInput{} + input = &DisassociateLicenseInput{} } - output = &ListWorkspacesOutput{} + output = &DisassociateLicenseOutput{} req = c.newRequest(op, input, output) return } -// ListWorkspaces API operation for Amazon Managed Grafana. +// DisassociateLicense API operation for Amazon Managed Grafana. // -// Returns a list of Amazon Managed Grafana workspaces in the account, with -// some information about each workspace. For more complete information about -// one workspace, use DescribeWorkspace (https://docs.aws.amazon.com/AAMG/latest/APIReference/API_DescribeWorkspace.html). +// Removes the Grafana Enterprise license from a workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation ListWorkspaces for usage and error information. +// API operation DisassociateLicense for usage and error information. // // Returned Error Types: // +// - ResourceNotFoundException +// The request references a resource that does not exist. +// // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ValidationException +// The value of a parameter in the request caused an error. +// // - AccessDeniedException // You do not have sufficient permissions to perform this action. // // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaces -func (c *ManagedGrafana) ListWorkspaces(input *ListWorkspacesInput) (*ListWorkspacesOutput, error) { - req, out := c.ListWorkspacesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/DisassociateLicense +func (c *ManagedGrafana) DisassociateLicense(input *DisassociateLicenseInput) (*DisassociateLicenseOutput, error) { + req, out := c.DisassociateLicenseRequest(input) return out, req.Send() } -// ListWorkspacesWithContext is the same as ListWorkspaces with the addition of +// DisassociateLicenseWithContext is the same as DisassociateLicense with the addition of // the ability to pass a context and additional request options. // -// See ListWorkspaces for details on how to use this API operation. +// See DisassociateLicense for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) ListWorkspacesWithContext(ctx aws.Context, input *ListWorkspacesInput, opts ...request.Option) (*ListWorkspacesOutput, error) { - req, out := c.ListWorkspacesRequest(input) +func (c *ManagedGrafana) DisassociateLicenseWithContext(ctx aws.Context, input *DisassociateLicenseInput, opts ...request.Option) (*DisassociateLicenseOutput, error) { + req, out := c.DisassociateLicenseRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// ListWorkspacesPages iterates over the pages of a ListWorkspaces operation, +const opListPermissions = "ListPermissions" + +// ListPermissionsRequest generates a "aws/request.Request" representing the +// client's request for the ListPermissions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListPermissions for more information on using the ListPermissions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListPermissionsRequest method. +// req, resp := client.ListPermissionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListPermissions +func (c *ManagedGrafana) ListPermissionsRequest(input *ListPermissionsInput) (req *request.Request, output *ListPermissionsOutput) { + op := &request.Operation{ + Name: opListPermissions, + HTTPMethod: "GET", + HTTPPath: "/workspaces/{workspaceId}/permissions", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListPermissionsInput{} + } + + output = &ListPermissionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListPermissions API operation for Amazon Managed Grafana. +// +// Lists the users and groups who have the Grafana Admin and Editor roles in +// this workspace. If you use this operation without specifying userId or groupId, +// the operation returns the roles of all users and groups. If you specify a +// userId or a groupId, only the roles for that user or group are returned. +// If you do this, you can specify only one userId or one groupId. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation ListPermissions for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListPermissions +func (c *ManagedGrafana) ListPermissions(input *ListPermissionsInput) (*ListPermissionsOutput, error) { + req, out := c.ListPermissionsRequest(input) + return out, req.Send() +} + +// ListPermissionsWithContext is the same as ListPermissions with the addition of +// the ability to pass a context and additional request options. +// +// See ListPermissions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) ListPermissionsWithContext(ctx aws.Context, input *ListPermissionsInput, opts ...request.Option) (*ListPermissionsOutput, error) { + req, out := c.ListPermissionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListPermissionsPages iterates over the pages of a ListPermissions operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See ListWorkspaces method for more information on how to use this operation. +// See ListPermissions method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListWorkspaces operation. +// // Example iterating over at most 3 pages of a ListPermissions operation. // pageNum := 0 -// err := client.ListWorkspacesPages(params, -// func(page *managedgrafana.ListWorkspacesOutput, lastPage bool) bool { +// err := client.ListPermissionsPages(params, +// func(page *managedgrafana.ListPermissionsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *ManagedGrafana) ListWorkspacesPages(input *ListWorkspacesInput, fn func(*ListWorkspacesOutput, bool) bool) error { - return c.ListWorkspacesPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *ManagedGrafana) ListPermissionsPages(input *ListPermissionsInput, fn func(*ListPermissionsOutput, bool) bool) error { + return c.ListPermissionsPagesWithContext(aws.BackgroundContext(), input, fn) } -// ListWorkspacesPagesWithContext same as ListWorkspacesPages except +// ListPermissionsPagesWithContext same as ListPermissionsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) ListWorkspacesPagesWithContext(ctx aws.Context, input *ListWorkspacesInput, fn func(*ListWorkspacesOutput, bool) bool, opts ...request.Option) error { +func (c *ManagedGrafana) ListPermissionsPagesWithContext(ctx aws.Context, input *ListPermissionsInput, fn func(*ListPermissionsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ NewRequest: func() (*request.Request, error) { - var inCpy *ListWorkspacesInput + var inCpy *ListPermissionsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.ListWorkspacesRequest(inCpy) + req, _ := c.ListPermissionsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -1385,7 +1432,7 @@ func (c *ManagedGrafana) ListWorkspacesPagesWithContext(ctx aws.Context, input * } for p.Next() { - if !fn(p.Page().(*ListWorkspacesOutput), !p.HasNextPage()) { + if !fn(p.Page().(*ListPermissionsOutput), !p.HasNextPage()) { break } } @@ -1393,64 +1440,59 @@ func (c *ManagedGrafana) ListWorkspacesPagesWithContext(ctx aws.Context, input * return p.Err() } -const opTagResource = "TagResource" +const opListTagsForResource = "ListTagsForResource" -// TagResourceRequest generates a "aws/request.Request" representing the -// client's request for the TagResource operation. The "output" return +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TagResource for more information on using the TagResource +// See ListTagsForResource for more information on using the ListTagsForResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the TagResourceRequest method. -// req, resp := client.TagResourceRequest(params) +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/TagResource -func (c *ManagedGrafana) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListTagsForResource +func (c *ManagedGrafana) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { op := &request.Operation{ - Name: opTagResource, - HTTPMethod: "POST", + Name: opListTagsForResource, + HTTPMethod: "GET", HTTPPath: "/tags/{resourceArn}", } if input == nil { - input = &TagResourceInput{} + input = &ListTagsForResourceInput{} } - output = &TagResourceOutput{} + output = &ListTagsForResourceOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// TagResource API operation for Amazon Managed Grafana. -// -// The TagResource operation associates tags with an Amazon Managed Grafana -// resource. Currently, the only resource that can be tagged is workspaces. +// ListTagsForResource API operation for Amazon Managed Grafana. // -// If you specify a new tag key for the resource, this tag is appended to the -// list of tags associated with the resource. If you specify a tag key that -// is already associated with the resource, the new tag value that you specify -// replaces the previous value for that tag. +// The ListTagsForResource operation returns the tags that are associated with +// the Amazon Managed Service for Grafana resource specified by the resourceArn. +// Currently, the only resource that can be tagged is a workspace. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation TagResource for usage and error information. +// API operation ListTagsForResource for usage and error information. // // Returned Error Types: // @@ -1469,81 +1511,86 @@ func (c *ManagedGrafana) TagResourceRequest(input *TagResourceInput) (req *reque // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/TagResource -func (c *ManagedGrafana) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListTagsForResource +func (c *ManagedGrafana) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) return out, req.Send() } -// TagResourceWithContext is the same as TagResource with the addition of +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of // the ability to pass a context and additional request options. // -// See TagResource for details on how to use this API operation. +// See ListTagsForResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +func (c *ManagedGrafana) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUntagResource = "UntagResource" +const opListVersions = "ListVersions" -// UntagResourceRequest generates a "aws/request.Request" representing the -// client's request for the UntagResource operation. The "output" return +// ListVersionsRequest generates a "aws/request.Request" representing the +// client's request for the ListVersions operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UntagResource for more information on using the UntagResource +// See ListVersions for more information on using the ListVersions // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UntagResourceRequest method. -// req, resp := client.UntagResourceRequest(params) +// // Example sending a request using the ListVersionsRequest method. +// req, resp := client.ListVersionsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UntagResource -func (c *ManagedGrafana) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListVersions +func (c *ManagedGrafana) ListVersionsRequest(input *ListVersionsInput) (req *request.Request, output *ListVersionsOutput) { op := &request.Operation{ - Name: opUntagResource, - HTTPMethod: "DELETE", - HTTPPath: "/tags/{resourceArn}", + Name: opListVersions, + HTTPMethod: "GET", + HTTPPath: "/versions", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { - input = &UntagResourceInput{} + input = &ListVersionsInput{} } - output = &UntagResourceOutput{} + output = &ListVersionsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UntagResource API operation for Amazon Managed Grafana. +// ListVersions API operation for Amazon Managed Grafana. // -// The UntagResource operation removes the association of the tag with the Amazon -// Managed Grafana resource. +// Lists available versions of Grafana. These are available when calling CreateWorkspace. +// Optionally, include a workspace to list the versions to which it can be upgraded. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation UntagResource for usage and error information. +// API operation ListVersions for usage and error information. // // Returned Error Types: // @@ -1562,79 +1609,142 @@ func (c *ManagedGrafana) UntagResourceRequest(input *UntagResourceInput) (req *r // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UntagResource -func (c *ManagedGrafana) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListVersions +func (c *ManagedGrafana) ListVersions(input *ListVersionsInput) (*ListVersionsOutput, error) { + req, out := c.ListVersionsRequest(input) return out, req.Send() } -// UntagResourceWithContext is the same as UntagResource with the addition of +// ListVersionsWithContext is the same as ListVersions with the addition of // the ability to pass a context and additional request options. // -// See UntagResource for details on how to use this API operation. +// See ListVersions for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +func (c *ManagedGrafana) ListVersionsWithContext(ctx aws.Context, input *ListVersionsInput, opts ...request.Option) (*ListVersionsOutput, error) { + req, out := c.ListVersionsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdatePermissions = "UpdatePermissions" +// ListVersionsPages iterates over the pages of a ListVersions operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListVersions method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListVersions operation. +// pageNum := 0 +// err := client.ListVersionsPages(params, +// func(page *managedgrafana.ListVersionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *ManagedGrafana) ListVersionsPages(input *ListVersionsInput, fn func(*ListVersionsOutput, bool) bool) error { + return c.ListVersionsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdatePermissionsRequest generates a "aws/request.Request" representing the -// client's request for the UpdatePermissions operation. The "output" return +// ListVersionsPagesWithContext same as ListVersionsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) ListVersionsPagesWithContext(ctx aws.Context, input *ListVersionsInput, fn func(*ListVersionsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListVersionsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListVersionsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListVersionsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListWorkspaceServiceAccountTokens = "ListWorkspaceServiceAccountTokens" + +// ListWorkspaceServiceAccountTokensRequest generates a "aws/request.Request" representing the +// client's request for the ListWorkspaceServiceAccountTokens operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdatePermissions for more information on using the UpdatePermissions +// See ListWorkspaceServiceAccountTokens for more information on using the ListWorkspaceServiceAccountTokens // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdatePermissionsRequest method. -// req, resp := client.UpdatePermissionsRequest(params) +// // Example sending a request using the ListWorkspaceServiceAccountTokensRequest method. +// req, resp := client.ListWorkspaceServiceAccountTokensRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdatePermissions -func (c *ManagedGrafana) UpdatePermissionsRequest(input *UpdatePermissionsInput) (req *request.Request, output *UpdatePermissionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaceServiceAccountTokens +func (c *ManagedGrafana) ListWorkspaceServiceAccountTokensRequest(input *ListWorkspaceServiceAccountTokensInput) (req *request.Request, output *ListWorkspaceServiceAccountTokensOutput) { op := &request.Operation{ - Name: opUpdatePermissions, - HTTPMethod: "PATCH", - HTTPPath: "/workspaces/{workspaceId}/permissions", + Name: opListWorkspaceServiceAccountTokens, + HTTPMethod: "GET", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts/{serviceAccountId}/tokens", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdatePermissionsInput{} + input = &ListWorkspaceServiceAccountTokensInput{} } - output = &UpdatePermissionsOutput{} + output = &ListWorkspaceServiceAccountTokensOutput{} req = c.newRequest(op, input, output) return } -// UpdatePermissions API operation for Amazon Managed Grafana. +// ListWorkspaceServiceAccountTokens API operation for Amazon Managed Grafana. // -// Updates which users in a workspace have the Grafana Admin or Editor roles. +// Returns a list of tokens for a workspace service account. +// +// This does not return the key for each token. You cannot access keys after +// they are created. To create a new key, delete the token and recreate it. +// +// Service accounts are only available for workspaces that are compatible with +// Grafana version 9 and above. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation UpdatePermissions for usage and error information. +// API operation ListWorkspaceServiceAccountTokens for usage and error information. // // Returned Error Types: // @@ -1644,6 +1754,9 @@ func (c *ManagedGrafana) UpdatePermissionsRequest(input *UpdatePermissionsInput) // - ThrottlingException // The request was denied because of request throttling. Retry the request. // +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// // - ValidationException // The value of a parameter in the request caused an error. // @@ -1653,87 +1766,139 @@ func (c *ManagedGrafana) UpdatePermissionsRequest(input *UpdatePermissionsInput) // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdatePermissions -func (c *ManagedGrafana) UpdatePermissions(input *UpdatePermissionsInput) (*UpdatePermissionsOutput, error) { - req, out := c.UpdatePermissionsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaceServiceAccountTokens +func (c *ManagedGrafana) ListWorkspaceServiceAccountTokens(input *ListWorkspaceServiceAccountTokensInput) (*ListWorkspaceServiceAccountTokensOutput, error) { + req, out := c.ListWorkspaceServiceAccountTokensRequest(input) return out, req.Send() } -// UpdatePermissionsWithContext is the same as UpdatePermissions with the addition of +// ListWorkspaceServiceAccountTokensWithContext is the same as ListWorkspaceServiceAccountTokens with the addition of // the ability to pass a context and additional request options. // -// See UpdatePermissions for details on how to use this API operation. +// See ListWorkspaceServiceAccountTokens for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) UpdatePermissionsWithContext(ctx aws.Context, input *UpdatePermissionsInput, opts ...request.Option) (*UpdatePermissionsOutput, error) { - req, out := c.UpdatePermissionsRequest(input) +func (c *ManagedGrafana) ListWorkspaceServiceAccountTokensWithContext(ctx aws.Context, input *ListWorkspaceServiceAccountTokensInput, opts ...request.Option) (*ListWorkspaceServiceAccountTokensOutput, error) { + req, out := c.ListWorkspaceServiceAccountTokensRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateWorkspace = "UpdateWorkspace" +// ListWorkspaceServiceAccountTokensPages iterates over the pages of a ListWorkspaceServiceAccountTokens operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListWorkspaceServiceAccountTokens method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListWorkspaceServiceAccountTokens operation. +// pageNum := 0 +// err := client.ListWorkspaceServiceAccountTokensPages(params, +// func(page *managedgrafana.ListWorkspaceServiceAccountTokensOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *ManagedGrafana) ListWorkspaceServiceAccountTokensPages(input *ListWorkspaceServiceAccountTokensInput, fn func(*ListWorkspaceServiceAccountTokensOutput, bool) bool) error { + return c.ListWorkspaceServiceAccountTokensPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdateWorkspaceRequest generates a "aws/request.Request" representing the -// client's request for the UpdateWorkspace operation. The "output" return +// ListWorkspaceServiceAccountTokensPagesWithContext same as ListWorkspaceServiceAccountTokensPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) ListWorkspaceServiceAccountTokensPagesWithContext(ctx aws.Context, input *ListWorkspaceServiceAccountTokensInput, fn func(*ListWorkspaceServiceAccountTokensOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListWorkspaceServiceAccountTokensInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListWorkspaceServiceAccountTokensRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListWorkspaceServiceAccountTokensOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListWorkspaceServiceAccounts = "ListWorkspaceServiceAccounts" + +// ListWorkspaceServiceAccountsRequest generates a "aws/request.Request" representing the +// client's request for the ListWorkspaceServiceAccounts operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateWorkspace for more information on using the UpdateWorkspace +// See ListWorkspaceServiceAccounts for more information on using the ListWorkspaceServiceAccounts // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateWorkspaceRequest method. -// req, resp := client.UpdateWorkspaceRequest(params) +// // Example sending a request using the ListWorkspaceServiceAccountsRequest method. +// req, resp := client.ListWorkspaceServiceAccountsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspace -func (c *ManagedGrafana) UpdateWorkspaceRequest(input *UpdateWorkspaceInput) (req *request.Request, output *UpdateWorkspaceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaceServiceAccounts +func (c *ManagedGrafana) ListWorkspaceServiceAccountsRequest(input *ListWorkspaceServiceAccountsInput) (req *request.Request, output *ListWorkspaceServiceAccountsOutput) { op := &request.Operation{ - Name: opUpdateWorkspace, - HTTPMethod: "PUT", - HTTPPath: "/workspaces/{workspaceId}", + Name: opListWorkspaceServiceAccounts, + HTTPMethod: "GET", + HTTPPath: "/workspaces/{workspaceId}/serviceaccounts", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdateWorkspaceInput{} + input = &ListWorkspaceServiceAccountsInput{} } - output = &UpdateWorkspaceOutput{} + output = &ListWorkspaceServiceAccountsOutput{} req = c.newRequest(op, input, output) return } -// UpdateWorkspace API operation for Amazon Managed Grafana. -// -// Modifies an existing Amazon Managed Grafana workspace. If you use this operation -// and omit any optional parameters, the existing values of those parameters -// are not changed. +// ListWorkspaceServiceAccounts API operation for Amazon Managed Grafana. // -// To modify the user authentication methods that the workspace uses, such as -// SAML or IAM Identity Center, use UpdateWorkspaceAuthentication (https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspaceAuthentication.html). +// Returns a list of service accounts for a workspace. // -// To modify which users in the workspace have the Admin and Editor Grafana -// roles, use UpdatePermissions (https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdatePermissions.html). +// Service accounts are only available for workspaces that are compatible with +// Grafana version 9 and above. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation UpdateWorkspace for usage and error information. +// API operation ListWorkspaceServiceAccounts for usage and error information. // // Returned Error Types: // @@ -1755,180 +1920,281 @@ func (c *ManagedGrafana) UpdateWorkspaceRequest(input *UpdateWorkspaceInput) (re // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspace -func (c *ManagedGrafana) UpdateWorkspace(input *UpdateWorkspaceInput) (*UpdateWorkspaceOutput, error) { - req, out := c.UpdateWorkspaceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaceServiceAccounts +func (c *ManagedGrafana) ListWorkspaceServiceAccounts(input *ListWorkspaceServiceAccountsInput) (*ListWorkspaceServiceAccountsOutput, error) { + req, out := c.ListWorkspaceServiceAccountsRequest(input) return out, req.Send() } -// UpdateWorkspaceWithContext is the same as UpdateWorkspace with the addition of +// ListWorkspaceServiceAccountsWithContext is the same as ListWorkspaceServiceAccounts with the addition of // the ability to pass a context and additional request options. // -// See UpdateWorkspace for details on how to use this API operation. +// See ListWorkspaceServiceAccounts for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) UpdateWorkspaceWithContext(ctx aws.Context, input *UpdateWorkspaceInput, opts ...request.Option) (*UpdateWorkspaceOutput, error) { - req, out := c.UpdateWorkspaceRequest(input) +func (c *ManagedGrafana) ListWorkspaceServiceAccountsWithContext(ctx aws.Context, input *ListWorkspaceServiceAccountsInput, opts ...request.Option) (*ListWorkspaceServiceAccountsOutput, error) { + req, out := c.ListWorkspaceServiceAccountsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateWorkspaceAuthentication = "UpdateWorkspaceAuthentication" +// ListWorkspaceServiceAccountsPages iterates over the pages of a ListWorkspaceServiceAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListWorkspaceServiceAccounts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListWorkspaceServiceAccounts operation. +// pageNum := 0 +// err := client.ListWorkspaceServiceAccountsPages(params, +// func(page *managedgrafana.ListWorkspaceServiceAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *ManagedGrafana) ListWorkspaceServiceAccountsPages(input *ListWorkspaceServiceAccountsInput, fn func(*ListWorkspaceServiceAccountsOutput, bool) bool) error { + return c.ListWorkspaceServiceAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdateWorkspaceAuthenticationRequest generates a "aws/request.Request" representing the -// client's request for the UpdateWorkspaceAuthentication operation. The "output" return +// ListWorkspaceServiceAccountsPagesWithContext same as ListWorkspaceServiceAccountsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) ListWorkspaceServiceAccountsPagesWithContext(ctx aws.Context, input *ListWorkspaceServiceAccountsInput, fn func(*ListWorkspaceServiceAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListWorkspaceServiceAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListWorkspaceServiceAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListWorkspaceServiceAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListWorkspaces = "ListWorkspaces" + +// ListWorkspacesRequest generates a "aws/request.Request" representing the +// client's request for the ListWorkspaces operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateWorkspaceAuthentication for more information on using the UpdateWorkspaceAuthentication +// See ListWorkspaces for more information on using the ListWorkspaces // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateWorkspaceAuthenticationRequest method. -// req, resp := client.UpdateWorkspaceAuthenticationRequest(params) +// // Example sending a request using the ListWorkspacesRequest method. +// req, resp := client.ListWorkspacesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceAuthentication -func (c *ManagedGrafana) UpdateWorkspaceAuthenticationRequest(input *UpdateWorkspaceAuthenticationInput) (req *request.Request, output *UpdateWorkspaceAuthenticationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaces +func (c *ManagedGrafana) ListWorkspacesRequest(input *ListWorkspacesInput) (req *request.Request, output *ListWorkspacesOutput) { op := &request.Operation{ - Name: opUpdateWorkspaceAuthentication, - HTTPMethod: "POST", - HTTPPath: "/workspaces/{workspaceId}/authentication", + Name: opListWorkspaces, + HTTPMethod: "GET", + HTTPPath: "/workspaces", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, } if input == nil { - input = &UpdateWorkspaceAuthenticationInput{} + input = &ListWorkspacesInput{} } - output = &UpdateWorkspaceAuthenticationOutput{} + output = &ListWorkspacesOutput{} req = c.newRequest(op, input, output) return } -// UpdateWorkspaceAuthentication API operation for Amazon Managed Grafana. -// -// Use this operation to define the identity provider (IdP) that this workspace -// authenticates users from, using SAML. You can also map SAML assertion attributes -// to workspace user information and define which groups in the assertion attribute -// are to have the Admin and Editor roles in the workspace. +// ListWorkspaces API operation for Amazon Managed Grafana. // -// Changes to the authentication method for a workspace may take a few minutes -// to take effect. +// Returns a list of Amazon Managed Grafana workspaces in the account, with +// some information about each workspace. For more complete information about +// one workspace, use DescribeWorkspace (https://docs.aws.amazon.com/AAMG/latest/APIReference/API_DescribeWorkspace.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation UpdateWorkspaceAuthentication for usage and error information. +// API operation ListWorkspaces for usage and error information. // // Returned Error Types: // -// - ResourceNotFoundException -// The request references a resource that does not exist. -// // - ThrottlingException // The request was denied because of request throttling. Retry the request. // -// - ConflictException -// A resource was in an inconsistent state during an update or a deletion. -// -// - ValidationException -// The value of a parameter in the request caused an error. -// // - AccessDeniedException // You do not have sufficient permissions to perform this action. // // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceAuthentication -func (c *ManagedGrafana) UpdateWorkspaceAuthentication(input *UpdateWorkspaceAuthenticationInput) (*UpdateWorkspaceAuthenticationOutput, error) { - req, out := c.UpdateWorkspaceAuthenticationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/ListWorkspaces +func (c *ManagedGrafana) ListWorkspaces(input *ListWorkspacesInput) (*ListWorkspacesOutput, error) { + req, out := c.ListWorkspacesRequest(input) return out, req.Send() } -// UpdateWorkspaceAuthenticationWithContext is the same as UpdateWorkspaceAuthentication with the addition of +// ListWorkspacesWithContext is the same as ListWorkspaces with the addition of // the ability to pass a context and additional request options. // -// See UpdateWorkspaceAuthentication for details on how to use this API operation. +// See ListWorkspaces for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) UpdateWorkspaceAuthenticationWithContext(ctx aws.Context, input *UpdateWorkspaceAuthenticationInput, opts ...request.Option) (*UpdateWorkspaceAuthenticationOutput, error) { - req, out := c.UpdateWorkspaceAuthenticationRequest(input) +func (c *ManagedGrafana) ListWorkspacesWithContext(ctx aws.Context, input *ListWorkspacesInput, opts ...request.Option) (*ListWorkspacesOutput, error) { + req, out := c.ListWorkspacesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateWorkspaceConfiguration = "UpdateWorkspaceConfiguration" +// ListWorkspacesPages iterates over the pages of a ListWorkspaces operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListWorkspaces method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListWorkspaces operation. +// pageNum := 0 +// err := client.ListWorkspacesPages(params, +// func(page *managedgrafana.ListWorkspacesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *ManagedGrafana) ListWorkspacesPages(input *ListWorkspacesInput, fn func(*ListWorkspacesOutput, bool) bool) error { + return c.ListWorkspacesPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UpdateWorkspaceConfigurationRequest generates a "aws/request.Request" representing the -// client's request for the UpdateWorkspaceConfiguration operation. The "output" return +// ListWorkspacesPagesWithContext same as ListWorkspacesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) ListWorkspacesPagesWithContext(ctx aws.Context, input *ListWorkspacesInput, fn func(*ListWorkspacesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListWorkspacesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListWorkspacesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListWorkspacesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateWorkspaceConfiguration for more information on using the UpdateWorkspaceConfiguration +// See TagResource for more information on using the TagResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateWorkspaceConfigurationRequest method. -// req, resp := client.UpdateWorkspaceConfigurationRequest(params) +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfiguration -func (c *ManagedGrafana) UpdateWorkspaceConfigurationRequest(input *UpdateWorkspaceConfigurationInput) (req *request.Request, output *UpdateWorkspaceConfigurationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/TagResource +func (c *ManagedGrafana) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { op := &request.Operation{ - Name: opUpdateWorkspaceConfiguration, - HTTPMethod: "PUT", - HTTPPath: "/workspaces/{workspaceId}/configuration", + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/tags/{resourceArn}", } if input == nil { - input = &UpdateWorkspaceConfigurationInput{} + input = &TagResourceInput{} } - output = &UpdateWorkspaceConfigurationOutput{} + output = &TagResourceOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UpdateWorkspaceConfiguration API operation for Amazon Managed Grafana. +// TagResource API operation for Amazon Managed Grafana. // -// # Updates the configuration string for the given workspace +// The TagResource operation associates tags with an Amazon Managed Grafana +// resource. Currently, the only resource that can be tagged is workspaces. +// +// If you specify a new tag key for the resource, this tag is appended to the +// list of tags associated with the resource. If you specify a tag key that +// is already associated with the resource, the new tag value that you specify +// replaces the previous value for that tag. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon Managed Grafana's -// API operation UpdateWorkspaceConfiguration for usage and error information. +// API operation TagResource for usage and error information. // // Returned Error Types: // @@ -1938,9 +2204,6 @@ func (c *ManagedGrafana) UpdateWorkspaceConfigurationRequest(input *UpdateWorksp // - ThrottlingException // The request was denied because of request throttling. Retry the request. // -// - ConflictException -// A resource was in an inconsistent state during an update or a deletion. -// // - ValidationException // The value of a parameter in the request caused an error. // @@ -1950,120 +2213,1039 @@ func (c *ManagedGrafana) UpdateWorkspaceConfigurationRequest(input *UpdateWorksp // - InternalServerException // Unexpected error while processing the request. Retry the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfiguration -func (c *ManagedGrafana) UpdateWorkspaceConfiguration(input *UpdateWorkspaceConfigurationInput) (*UpdateWorkspaceConfigurationOutput, error) { - req, out := c.UpdateWorkspaceConfigurationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/TagResource +func (c *ManagedGrafana) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) return out, req.Send() } -// UpdateWorkspaceConfigurationWithContext is the same as UpdateWorkspaceConfiguration with the addition of +// TagResourceWithContext is the same as TagResource with the addition of // the ability to pass a context and additional request options. // -// See UpdateWorkspaceConfiguration for details on how to use this API operation. +// See TagResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *ManagedGrafana) UpdateWorkspaceConfigurationWithContext(ctx aws.Context, input *UpdateWorkspaceConfigurationInput, opts ...request.Option) (*UpdateWorkspaceConfigurationOutput, error) { - req, out := c.UpdateWorkspaceConfigurationRequest(input) +func (c *ManagedGrafana) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// You do not have sufficient permissions to perform this action. -type AccessDeniedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` -} +const opUntagResource = "UntagResource" -// String returns the string representation. +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AccessDeniedException) GoString() string { - return s.String() -} - -func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { - return &AccessDeniedException{ - RespMetadata: v, +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UntagResource +func (c *ManagedGrafana) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "DELETE", + HTTPPath: "/tags/{resourceArn}", } -} - -// Code returns the exception type name. -func (s *AccessDeniedException) Code() string { - return "AccessDeniedException" -} -// Message returns the exception's message. -func (s *AccessDeniedException) Message() string { - if s.Message_ != nil { - return *s.Message_ + if input == nil { + input = &UntagResourceInput{} } - return "" -} -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *AccessDeniedException) OrigErr() error { - return nil + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return } -func (s *AccessDeniedException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// UntagResource API operation for Amazon Managed Grafana. +// +// The UntagResource operation removes the association of the tag with the Amazon +// Managed Grafana resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation UntagResource for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UntagResource +func (c *ManagedGrafana) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() } -// Status code returns the HTTP status code for the request's response error. -func (s *AccessDeniedException) StatusCode() int { - return s.RespMetadata.StatusCode +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() } -// RequestID returns the service's response RequestID for request. -func (s *AccessDeniedException) RequestID() string { - return s.RespMetadata.RequestID -} +const opUpdatePermissions = "UpdatePermissions" -// A structure that defines which attributes in the IdP assertion are to be -// used to define information about the users authenticated by the IdP to use +// UpdatePermissionsRequest generates a "aws/request.Request" representing the +// client's request for the UpdatePermissions operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdatePermissions for more information on using the UpdatePermissions +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdatePermissionsRequest method. +// req, resp := client.UpdatePermissionsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdatePermissions +func (c *ManagedGrafana) UpdatePermissionsRequest(input *UpdatePermissionsInput) (req *request.Request, output *UpdatePermissionsOutput) { + op := &request.Operation{ + Name: opUpdatePermissions, + HTTPMethod: "PATCH", + HTTPPath: "/workspaces/{workspaceId}/permissions", + } + + if input == nil { + input = &UpdatePermissionsInput{} + } + + output = &UpdatePermissionsOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdatePermissions API operation for Amazon Managed Grafana. +// +// Updates which users in a workspace have the Grafana Admin or Editor roles. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation UpdatePermissions for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdatePermissions +func (c *ManagedGrafana) UpdatePermissions(input *UpdatePermissionsInput) (*UpdatePermissionsOutput, error) { + req, out := c.UpdatePermissionsRequest(input) + return out, req.Send() +} + +// UpdatePermissionsWithContext is the same as UpdatePermissions with the addition of +// the ability to pass a context and additional request options. +// +// See UpdatePermissions for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) UpdatePermissionsWithContext(ctx aws.Context, input *UpdatePermissionsInput, opts ...request.Option) (*UpdatePermissionsOutput, error) { + req, out := c.UpdatePermissionsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateWorkspace = "UpdateWorkspace" + +// UpdateWorkspaceRequest generates a "aws/request.Request" representing the +// client's request for the UpdateWorkspace operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateWorkspace for more information on using the UpdateWorkspace +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateWorkspaceRequest method. +// req, resp := client.UpdateWorkspaceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspace +func (c *ManagedGrafana) UpdateWorkspaceRequest(input *UpdateWorkspaceInput) (req *request.Request, output *UpdateWorkspaceOutput) { + op := &request.Operation{ + Name: opUpdateWorkspace, + HTTPMethod: "PUT", + HTTPPath: "/workspaces/{workspaceId}", + } + + if input == nil { + input = &UpdateWorkspaceInput{} + } + + output = &UpdateWorkspaceOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateWorkspace API operation for Amazon Managed Grafana. +// +// Modifies an existing Amazon Managed Grafana workspace. If you use this operation +// and omit any optional parameters, the existing values of those parameters +// are not changed. +// +// To modify the user authentication methods that the workspace uses, such as +// SAML or IAM Identity Center, use UpdateWorkspaceAuthentication (https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdateWorkspaceAuthentication.html). +// +// To modify which users in the workspace have the Admin and Editor Grafana +// roles, use UpdatePermissions (https://docs.aws.amazon.com/grafana/latest/APIReference/API_UpdatePermissions.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation UpdateWorkspace for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspace +func (c *ManagedGrafana) UpdateWorkspace(input *UpdateWorkspaceInput) (*UpdateWorkspaceOutput, error) { + req, out := c.UpdateWorkspaceRequest(input) + return out, req.Send() +} + +// UpdateWorkspaceWithContext is the same as UpdateWorkspace with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateWorkspace for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) UpdateWorkspaceWithContext(ctx aws.Context, input *UpdateWorkspaceInput, opts ...request.Option) (*UpdateWorkspaceOutput, error) { + req, out := c.UpdateWorkspaceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateWorkspaceAuthentication = "UpdateWorkspaceAuthentication" + +// UpdateWorkspaceAuthenticationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateWorkspaceAuthentication operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateWorkspaceAuthentication for more information on using the UpdateWorkspaceAuthentication +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateWorkspaceAuthenticationRequest method. +// req, resp := client.UpdateWorkspaceAuthenticationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceAuthentication +func (c *ManagedGrafana) UpdateWorkspaceAuthenticationRequest(input *UpdateWorkspaceAuthenticationInput) (req *request.Request, output *UpdateWorkspaceAuthenticationOutput) { + op := &request.Operation{ + Name: opUpdateWorkspaceAuthentication, + HTTPMethod: "POST", + HTTPPath: "/workspaces/{workspaceId}/authentication", + } + + if input == nil { + input = &UpdateWorkspaceAuthenticationInput{} + } + + output = &UpdateWorkspaceAuthenticationOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateWorkspaceAuthentication API operation for Amazon Managed Grafana. +// +// Use this operation to define the identity provider (IdP) that this workspace +// authenticates users from, using SAML. You can also map SAML assertion attributes +// to workspace user information and define which groups in the assertion attribute +// are to have the Admin and Editor roles in the workspace. +// +// Changes to the authentication method for a workspace may take a few minutes +// to take effect. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation UpdateWorkspaceAuthentication for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceAuthentication +func (c *ManagedGrafana) UpdateWorkspaceAuthentication(input *UpdateWorkspaceAuthenticationInput) (*UpdateWorkspaceAuthenticationOutput, error) { + req, out := c.UpdateWorkspaceAuthenticationRequest(input) + return out, req.Send() +} + +// UpdateWorkspaceAuthenticationWithContext is the same as UpdateWorkspaceAuthentication with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateWorkspaceAuthentication for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) UpdateWorkspaceAuthenticationWithContext(ctx aws.Context, input *UpdateWorkspaceAuthenticationInput, opts ...request.Option) (*UpdateWorkspaceAuthenticationOutput, error) { + req, out := c.UpdateWorkspaceAuthenticationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateWorkspaceConfiguration = "UpdateWorkspaceConfiguration" + +// UpdateWorkspaceConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateWorkspaceConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateWorkspaceConfiguration for more information on using the UpdateWorkspaceConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateWorkspaceConfigurationRequest method. +// req, resp := client.UpdateWorkspaceConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfiguration +func (c *ManagedGrafana) UpdateWorkspaceConfigurationRequest(input *UpdateWorkspaceConfigurationInput) (req *request.Request, output *UpdateWorkspaceConfigurationOutput) { + op := &request.Operation{ + Name: opUpdateWorkspaceConfiguration, + HTTPMethod: "PUT", + HTTPPath: "/workspaces/{workspaceId}/configuration", + } + + if input == nil { + input = &UpdateWorkspaceConfigurationInput{} + } + + output = &UpdateWorkspaceConfigurationOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateWorkspaceConfiguration API operation for Amazon Managed Grafana. +// +// # Updates the configuration string for the given workspace +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Managed Grafana's +// API operation UpdateWorkspaceConfiguration for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The request references a resource that does not exist. +// +// - ThrottlingException +// The request was denied because of request throttling. Retry the request. +// +// - ConflictException +// A resource was in an inconsistent state during an update or a deletion. +// +// - ValidationException +// The value of a parameter in the request caused an error. +// +// - AccessDeniedException +// You do not have sufficient permissions to perform this action. +// +// - InternalServerException +// Unexpected error while processing the request. Retry the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/grafana-2020-08-18/UpdateWorkspaceConfiguration +func (c *ManagedGrafana) UpdateWorkspaceConfiguration(input *UpdateWorkspaceConfigurationInput) (*UpdateWorkspaceConfigurationOutput, error) { + req, out := c.UpdateWorkspaceConfigurationRequest(input) + return out, req.Send() +} + +// UpdateWorkspaceConfigurationWithContext is the same as UpdateWorkspaceConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateWorkspaceConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *ManagedGrafana) UpdateWorkspaceConfigurationWithContext(ctx aws.Context, input *UpdateWorkspaceConfigurationInput, opts ...request.Option) (*UpdateWorkspaceConfigurationOutput, error) { + req, out := c.UpdateWorkspaceConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient permissions to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A structure that defines which attributes in the IdP assertion are to be +// used to define information about the users authenticated by the IdP to use // the workspace. type AssertionAttributes struct { _ struct{} `type:"structure"` - // The name of the attribute within the SAML assertion to use as the email names - // for SAML users. - Email *string `locationName:"email" min:"1" type:"string"` + // The name of the attribute within the SAML assertion to use as the email names + // for SAML users. + Email *string `locationName:"email" min:"1" type:"string"` + + // The name of the attribute within the SAML assertion to use as the user full + // "friendly" names for user groups. + Groups *string `locationName:"groups" min:"1" type:"string"` + + // The name of the attribute within the SAML assertion to use as the login names + // for SAML users. + Login *string `locationName:"login" min:"1" type:"string"` + + // The name of the attribute within the SAML assertion to use as the user full + // "friendly" names for SAML users. + Name *string `locationName:"name" min:"1" type:"string"` + + // The name of the attribute within the SAML assertion to use as the user full + // "friendly" names for the users' organizations. + Org *string `locationName:"org" min:"1" type:"string"` + + // The name of the attribute within the SAML assertion to use as the user roles. + Role *string `locationName:"role" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssertionAttributes) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssertionAttributes) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssertionAttributes) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssertionAttributes"} + if s.Email != nil && len(*s.Email) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Email", 1)) + } + if s.Groups != nil && len(*s.Groups) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Groups", 1)) + } + if s.Login != nil && len(*s.Login) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Login", 1)) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.Org != nil && len(*s.Org) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Org", 1)) + } + if s.Role != nil && len(*s.Role) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Role", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetEmail sets the Email field's value. +func (s *AssertionAttributes) SetEmail(v string) *AssertionAttributes { + s.Email = &v + return s +} + +// SetGroups sets the Groups field's value. +func (s *AssertionAttributes) SetGroups(v string) *AssertionAttributes { + s.Groups = &v + return s +} + +// SetLogin sets the Login field's value. +func (s *AssertionAttributes) SetLogin(v string) *AssertionAttributes { + s.Login = &v + return s +} + +// SetName sets the Name field's value. +func (s *AssertionAttributes) SetName(v string) *AssertionAttributes { + s.Name = &v + return s +} + +// SetOrg sets the Org field's value. +func (s *AssertionAttributes) SetOrg(v string) *AssertionAttributes { + s.Org = &v + return s +} + +// SetRole sets the Role field's value. +func (s *AssertionAttributes) SetRole(v string) *AssertionAttributes { + s.Role = &v + return s +} + +type AssociateLicenseInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // A token from Grafana Labs that ties your Amazon Web Services account with + // a Grafana Labs account. For more information, see Link your account with + // Grafana Labs (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). + GrafanaToken *string `location:"header" locationName:"Grafana-Token" min:"1" type:"string"` + + // The type of license to associate with the workspace. + // + // Amazon Managed Grafana workspaces no longer support Grafana Enterprise free + // trials. + // + // LicenseType is a required field + LicenseType *string `location:"uri" locationName:"licenseType" type:"string" required:"true" enum:"LicenseType"` + + // The ID of the workspace to associate the license with. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLicenseInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLicenseInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateLicenseInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateLicenseInput"} + if s.GrafanaToken != nil && len(*s.GrafanaToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GrafanaToken", 1)) + } + if s.LicenseType == nil { + invalidParams.Add(request.NewErrParamRequired("LicenseType")) + } + if s.LicenseType != nil && len(*s.LicenseType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LicenseType", 1)) + } + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGrafanaToken sets the GrafanaToken field's value. +func (s *AssociateLicenseInput) SetGrafanaToken(v string) *AssociateLicenseInput { + s.GrafanaToken = &v + return s +} + +// SetLicenseType sets the LicenseType field's value. +func (s *AssociateLicenseInput) SetLicenseType(v string) *AssociateLicenseInput { + s.LicenseType = &v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *AssociateLicenseInput) SetWorkspaceId(v string) *AssociateLicenseInput { + s.WorkspaceId = &v + return s +} + +type AssociateLicenseOutput struct { + _ struct{} `type:"structure"` + + // A structure containing data about the workspace. + // + // Workspace is a required field + Workspace *WorkspaceDescription `locationName:"workspace" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLicenseOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateLicenseOutput) GoString() string { + return s.String() +} + +// SetWorkspace sets the Workspace field's value. +func (s *AssociateLicenseOutput) SetWorkspace(v *WorkspaceDescription) *AssociateLicenseOutput { + s.Workspace = v + return s +} + +// A structure containing information about the user authentication methods +// used by the workspace. +type AuthenticationDescription struct { + _ struct{} `type:"structure"` + + // A structure containing information about how this workspace works with IAM + // Identity Center. + AwsSso *AwsSsoAuthentication `locationName:"awsSso" type:"structure"` - // The name of the attribute within the SAML assertion to use as the user full - // "friendly" names for user groups. - Groups *string `locationName:"groups" min:"1" type:"string"` + // Specifies whether this workspace uses IAM Identity Center, SAML, or both + // methods to authenticate users to use the Grafana console in the Amazon Managed + // Grafana workspace. + // + // Providers is a required field + Providers []*string `locationName:"providers" type:"list" required:"true" enum:"AuthenticationProviderTypes"` - // The name of the attribute within the SAML assertion to use as the login names - // for SAML users. - Login *string `locationName:"login" min:"1" type:"string"` + // A structure containing information about how this workspace works with SAML, + // including what attributes within the assertion are to be mapped to user information + // in the workspace. + Saml *SamlAuthentication `locationName:"saml" type:"structure"` +} - // The name of the attribute within the SAML assertion to use as the user full - // "friendly" names for SAML users. - Name *string `locationName:"name" min:"1" type:"string"` +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationDescription) String() string { + return awsutil.Prettify(s) +} - // The name of the attribute within the SAML assertion to use as the user full - // "friendly" names for the users' organizations. - Org *string `locationName:"org" min:"1" type:"string"` +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationDescription) GoString() string { + return s.String() +} - // The name of the attribute within the SAML assertion to use as the user roles. - Role *string `locationName:"role" min:"1" type:"string"` +// SetAwsSso sets the AwsSso field's value. +func (s *AuthenticationDescription) SetAwsSso(v *AwsSsoAuthentication) *AuthenticationDescription { + s.AwsSso = v + return s +} + +// SetProviders sets the Providers field's value. +func (s *AuthenticationDescription) SetProviders(v []*string) *AuthenticationDescription { + s.Providers = v + return s +} + +// SetSaml sets the Saml field's value. +func (s *AuthenticationDescription) SetSaml(v *SamlAuthentication) *AuthenticationDescription { + s.Saml = v + return s +} + +// A structure that describes whether the workspace uses SAML, IAM Identity +// Center, or both methods for user authentication, and whether that authentication +// is fully configured. +type AuthenticationSummary struct { + _ struct{} `type:"structure"` + + // Specifies whether the workspace uses SAML, IAM Identity Center, or both methods + // for user authentication. + // + // Providers is a required field + Providers []*string `locationName:"providers" type:"list" required:"true" enum:"AuthenticationProviderTypes"` + + // Specifies whether the workplace's user authentication method is fully configured. + SamlConfigurationStatus *string `locationName:"samlConfigurationStatus" type:"string" enum:"SamlConfigurationStatus"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationSummary) GoString() string { + return s.String() +} + +// SetProviders sets the Providers field's value. +func (s *AuthenticationSummary) SetProviders(v []*string) *AuthenticationSummary { + s.Providers = v + return s +} + +// SetSamlConfigurationStatus sets the SamlConfigurationStatus field's value. +func (s *AuthenticationSummary) SetSamlConfigurationStatus(v string) *AuthenticationSummary { + s.SamlConfigurationStatus = &v + return s +} + +// A structure containing information about how this workspace works with IAM +// Identity Center. +type AwsSsoAuthentication struct { + _ struct{} `type:"structure"` + + // The ID of the IAM Identity Center-managed application that is created by + // Amazon Managed Grafana. + SsoClientId *string `locationName:"ssoClientId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AwsSsoAuthentication) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AwsSsoAuthentication) GoString() string { + return s.String() +} + +// SetSsoClientId sets the SsoClientId field's value. +func (s *AwsSsoAuthentication) SetSsoClientId(v string) *AwsSsoAuthentication { + s.SsoClientId = &v + return s +} + +// A resource was in an inconsistent state during an update or a deletion. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // A description of the error. + Message_ *string `locationName:"message" type:"string"` + + // The ID of the resource that is associated with the error. + // + // ResourceId is a required field + ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + + // The type of the resource that is associated with the error. + // + // ResourceType is a required field + ResourceType *string `locationName:"resourceType" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateWorkspaceApiKeyInput struct { + _ struct{} `type:"structure"` + + // Specifies the name of the key. Keynames must be unique to the workspace. + // + // KeyName is a required field + KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` + + // Specifies the permission level of the key. + // + // Valid values: ADMIN|EDITOR|VIEWER + // + // KeyRole is a required field + KeyRole *string `locationName:"keyRole" type:"string" required:"true"` + + // Specifies the time in seconds until the key expires. Keys can be valid for + // up to 30 days. + // + // SecondsToLive is a required field + SecondsToLive *int64 `locationName:"secondsToLive" min:"1" type:"integer" required:"true"` + + // The ID of the workspace to create an API key. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -2071,7 +3253,7 @@ type AssertionAttributes struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssertionAttributes) String() string { +func (s CreateWorkspaceApiKeyInput) String() string { return awsutil.Prettify(s) } @@ -2080,30 +3262,33 @@ func (s AssertionAttributes) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssertionAttributes) GoString() string { +func (s CreateWorkspaceApiKeyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *AssertionAttributes) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssertionAttributes"} - if s.Email != nil && len(*s.Email) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Email", 1)) +func (s *CreateWorkspaceApiKeyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceApiKeyInput"} + if s.KeyName == nil { + invalidParams.Add(request.NewErrParamRequired("KeyName")) } - if s.Groups != nil && len(*s.Groups) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Groups", 1)) + if s.KeyName != nil && len(*s.KeyName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyName", 1)) } - if s.Login != nil && len(*s.Login) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Login", 1)) + if s.KeyRole == nil { + invalidParams.Add(request.NewErrParamRequired("KeyRole")) } - if s.Name != nil && len(*s.Name) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + if s.SecondsToLive == nil { + invalidParams.Add(request.NewErrParamRequired("SecondsToLive")) } - if s.Org != nil && len(*s.Org) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Org", 1)) + if s.SecondsToLive != nil && *s.SecondsToLive < 1 { + invalidParams.Add(request.NewErrParamMinValue("SecondsToLive", 1)) } - if s.Role != nil && len(*s.Role) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Role", 1)) + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) } if invalidParams.Len() > 0 { @@ -2112,62 +3297,224 @@ func (s *AssertionAttributes) Validate() error { return nil } -// SetEmail sets the Email field's value. -func (s *AssertionAttributes) SetEmail(v string) *AssertionAttributes { - s.Email = &v +// SetKeyName sets the KeyName field's value. +func (s *CreateWorkspaceApiKeyInput) SetKeyName(v string) *CreateWorkspaceApiKeyInput { + s.KeyName = &v return s } -// SetGroups sets the Groups field's value. -func (s *AssertionAttributes) SetGroups(v string) *AssertionAttributes { - s.Groups = &v +// SetKeyRole sets the KeyRole field's value. +func (s *CreateWorkspaceApiKeyInput) SetKeyRole(v string) *CreateWorkspaceApiKeyInput { + s.KeyRole = &v return s } -// SetLogin sets the Login field's value. -func (s *AssertionAttributes) SetLogin(v string) *AssertionAttributes { - s.Login = &v +// SetSecondsToLive sets the SecondsToLive field's value. +func (s *CreateWorkspaceApiKeyInput) SetSecondsToLive(v int64) *CreateWorkspaceApiKeyInput { + s.SecondsToLive = &v return s } -// SetName sets the Name field's value. -func (s *AssertionAttributes) SetName(v string) *AssertionAttributes { - s.Name = &v +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *CreateWorkspaceApiKeyInput) SetWorkspaceId(v string) *CreateWorkspaceApiKeyInput { + s.WorkspaceId = &v return s } -// SetOrg sets the Org field's value. -func (s *AssertionAttributes) SetOrg(v string) *AssertionAttributes { - s.Org = &v +type CreateWorkspaceApiKeyOutput struct { + _ struct{} `type:"structure"` + + // The key token. Use this value as a bearer token to authenticate HTTP requests + // to the workspace. + // + // Key is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceApiKeyOutput's + // String and GoString methods. + // + // Key is a required field + Key *string `locationName:"key" type:"string" required:"true" sensitive:"true"` + + // The name of the key that was created. + // + // KeyName is a required field + KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` + + // The ID of the workspace that the key is valid for. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateWorkspaceApiKeyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateWorkspaceApiKeyOutput) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *CreateWorkspaceApiKeyOutput) SetKey(v string) *CreateWorkspaceApiKeyOutput { + s.Key = &v return s } -// SetRole sets the Role field's value. -func (s *AssertionAttributes) SetRole(v string) *AssertionAttributes { - s.Role = &v +// SetKeyName sets the KeyName field's value. +func (s *CreateWorkspaceApiKeyOutput) SetKeyName(v string) *CreateWorkspaceApiKeyOutput { + s.KeyName = &v return s } -type AssociateLicenseInput struct { - _ struct{} `type:"structure" nopayload:"true"` +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *CreateWorkspaceApiKeyOutput) SetWorkspaceId(v string) *CreateWorkspaceApiKeyOutput { + s.WorkspaceId = &v + return s +} - // A token from Grafana Labs that ties your Amazon Web Services account with - // a Grafana Labs account. For more information, see Register with Grafana Labs - // (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). - GrafanaToken *string `location:"header" locationName:"Grafana-Token" min:"1" type:"string"` +type CreateWorkspaceInput struct { + _ struct{} `type:"structure"` - // The type of license to associate with the workspace. + // Specifies whether the workspace can access Amazon Web Services resources + // in this Amazon Web Services account only, or whether it can also access Amazon + // Web Services resources in other accounts in the same organization. If you + // specify ORGANIZATION, you must specify which organizational units the workspace + // can access in the workspaceOrganizationalUnits parameter. // - // Amazon Managed Grafana workspaces no longer support Grafana Enterprise free - // trials. + // AccountAccessType is a required field + AccountAccessType *string `locationName:"accountAccessType" type:"string" required:"true" enum:"AccountAccessType"` + + // Specifies whether this workspace uses SAML 2.0, IAM Identity Center, or both + // to authenticate users for using the Grafana console within a workspace. For + // more information, see User authentication in Amazon Managed Grafana (https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html). // - // LicenseType is a required field - LicenseType *string `location:"uri" locationName:"licenseType" type:"string" required:"true" enum:"LicenseType"` + // AuthenticationProviders is a required field + AuthenticationProviders []*string `locationName:"authenticationProviders" type:"list" required:"true" enum:"AuthenticationProviderTypes"` - // The ID of the workspace to associate the license with. + // A unique, case-sensitive, user-provided identifier to ensure the idempotency + // of the request. + ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"` + + // The configuration string for the workspace that you create. For more information + // about the format and configuration options available, see Working in your + // Grafana workspace (https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html). + Configuration *string `locationName:"configuration" min:"2" type:"string"` + + // Specifies the version of Grafana to support in the new workspace. If not + // specified, defaults to the latest version (for example, 10.4). // - // WorkspaceId is a required field - WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` + // To get a list of supported versions, use the ListVersions operation. + GrafanaVersion *string `locationName:"grafanaVersion" min:"1" type:"string"` + + // Configuration for network access to your workspace. + // + // When this is configured, only listed IP addresses and VPC endpoints will + // be able to access your workspace. Standard Grafana authentication and authorization + // will still be required. + // + // If this is not configured, or is removed, then all IP addresses and VPC endpoints + // will be allowed. Standard Grafana authentication and authorization will still + // be required. + NetworkAccessControl *NetworkAccessConfiguration `locationName:"networkAccessControl" type:"structure"` + + // The name of an IAM role that already exists to use with Organizations to + // access Amazon Web Services data sources and notification channels in other + // accounts in an organization. + // + // OrganizationRoleName is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceInput's + // String and GoString methods. + OrganizationRoleName *string `locationName:"organizationRoleName" min:"1" type:"string" sensitive:"true"` + + // When creating a workspace through the Amazon Web Services API, CLI or Amazon + // Web Services CloudFormation, you must manage IAM roles and provision the + // permissions that the workspace needs to use Amazon Web Services data sources + // and notification channels. + // + // You must also specify a workspaceRoleArn for a role that you will manage + // for the workspace to use when accessing those datasources and notification + // channels. + // + // The ability for Amazon Managed Grafana to create and update IAM roles on + // behalf of the user is supported only in the Amazon Managed Grafana console, + // where this value may be set to SERVICE_MANAGED. + // + // Use only the CUSTOMER_MANAGED permission type when creating a workspace with + // the API, CLI or Amazon Web Services CloudFormation. + // + // For more information, see Amazon Managed Grafana permissions and policies + // for Amazon Web Services data sources and notification channels (https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html). + // + // PermissionType is a required field + PermissionType *string `locationName:"permissionType" type:"string" required:"true" enum:"PermissionType"` + + // The name of the CloudFormation stack set to use to generate IAM roles to + // be used for this workspace. + StackSetName *string `locationName:"stackSetName" type:"string"` + + // The list of tags associated with the workspace. + Tags map[string]*string `locationName:"tags" type:"map"` + + // The configuration settings for an Amazon VPC that contains data sources for + // your Grafana workspace to connect to. + // + // Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) + // Region (ap-northeast-2). + VpcConfiguration *VpcConfiguration `locationName:"vpcConfiguration" type:"structure"` + + // This parameter is for internal use only, and should not be used. + WorkspaceDataSources []*string `locationName:"workspaceDataSources" type:"list" enum:"DataSourceType"` + + // A description for the workspace. This is used only to help you identify this + // workspace. + // + // Pattern: ^[\\p{L}\\p{Z}\\p{N}\\p{P}]{0,2048}$ + // + // WorkspaceDescription is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceInput's + // String and GoString methods. + WorkspaceDescription *string `locationName:"workspaceDescription" type:"string" sensitive:"true"` + + // The name for the workspace. It does not have to be unique. + // + // WorkspaceName is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceInput's + // String and GoString methods. + WorkspaceName *string `locationName:"workspaceName" type:"string" sensitive:"true"` + + // Specify the Amazon Web Services notification channels that you plan to use + // in this workspace. Specifying these data sources here enables Amazon Managed + // Grafana to create IAM roles and permissions that allow Amazon Managed Grafana + // to use these channels. + WorkspaceNotificationDestinations []*string `locationName:"workspaceNotificationDestinations" type:"list" enum:"NotificationDestinationType"` + + // Specifies the organizational units that this workspace is allowed to use + // data sources from, if this workspace is in an account that is part of an + // organization. + // + // WorkspaceOrganizationalUnits is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceInput's + // String and GoString methods. + WorkspaceOrganizationalUnits []*string `locationName:"workspaceOrganizationalUnits" type:"list" sensitive:"true"` + + // Specified the IAM role that grants permissions to the Amazon Web Services + // resources that the workspace will view data from, including both data sources + // and notification channels. You are responsible for managing the permissions + // for this role as new data sources or notification channels are added. + // + // WorkspaceRoleArn is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateWorkspaceInput's + // String and GoString methods. + WorkspaceRoleArn *string `locationName:"workspaceRoleArn" min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -2175,7 +3522,7 @@ type AssociateLicenseInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateLicenseInput) String() string { +func (s CreateWorkspaceInput) String() string { return awsutil.Prettify(s) } @@ -2184,27 +3531,43 @@ func (s AssociateLicenseInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateLicenseInput) GoString() string { +func (s CreateWorkspaceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *AssociateLicenseInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssociateLicenseInput"} - if s.GrafanaToken != nil && len(*s.GrafanaToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("GrafanaToken", 1)) +func (s *CreateWorkspaceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceInput"} + if s.AccountAccessType == nil { + invalidParams.Add(request.NewErrParamRequired("AccountAccessType")) } - if s.LicenseType == nil { - invalidParams.Add(request.NewErrParamRequired("LicenseType")) + if s.AuthenticationProviders == nil { + invalidParams.Add(request.NewErrParamRequired("AuthenticationProviders")) } - if s.LicenseType != nil && len(*s.LicenseType) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LicenseType", 1)) + if s.Configuration != nil && len(*s.Configuration) < 2 { + invalidParams.Add(request.NewErrParamMinLen("Configuration", 2)) } - if s.WorkspaceId == nil { - invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + if s.GrafanaVersion != nil && len(*s.GrafanaVersion) < 1 { + invalidParams.Add(request.NewErrParamMinLen("GrafanaVersion", 1)) } - if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) + if s.OrganizationRoleName != nil && len(*s.OrganizationRoleName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationRoleName", 1)) + } + if s.PermissionType == nil { + invalidParams.Add(request.NewErrParamRequired("PermissionType")) + } + if s.WorkspaceRoleArn != nil && len(*s.WorkspaceRoleArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceRoleArn", 1)) + } + if s.NetworkAccessControl != nil { + if err := s.NetworkAccessControl.Validate(); err != nil { + invalidParams.AddNested("NetworkAccessControl", err.(request.ErrInvalidParams)) + } + } + if s.VpcConfiguration != nil { + if err := s.VpcConfiguration.Validate(); err != nil { + invalidParams.AddNested("VpcConfiguration", err.(request.ErrInvalidParams)) + } } if invalidParams.Len() > 0 { @@ -2213,129 +3576,115 @@ func (s *AssociateLicenseInput) Validate() error { return nil } -// SetGrafanaToken sets the GrafanaToken field's value. -func (s *AssociateLicenseInput) SetGrafanaToken(v string) *AssociateLicenseInput { - s.GrafanaToken = &v +// SetAccountAccessType sets the AccountAccessType field's value. +func (s *CreateWorkspaceInput) SetAccountAccessType(v string) *CreateWorkspaceInput { + s.AccountAccessType = &v return s } -// SetLicenseType sets the LicenseType field's value. -func (s *AssociateLicenseInput) SetLicenseType(v string) *AssociateLicenseInput { - s.LicenseType = &v +// SetAuthenticationProviders sets the AuthenticationProviders field's value. +func (s *CreateWorkspaceInput) SetAuthenticationProviders(v []*string) *CreateWorkspaceInput { + s.AuthenticationProviders = v return s } -// SetWorkspaceId sets the WorkspaceId field's value. -func (s *AssociateLicenseInput) SetWorkspaceId(v string) *AssociateLicenseInput { - s.WorkspaceId = &v +// SetClientToken sets the ClientToken field's value. +func (s *CreateWorkspaceInput) SetClientToken(v string) *CreateWorkspaceInput { + s.ClientToken = &v return s } -type AssociateLicenseOutput struct { - _ struct{} `type:"structure"` +// SetConfiguration sets the Configuration field's value. +func (s *CreateWorkspaceInput) SetConfiguration(v string) *CreateWorkspaceInput { + s.Configuration = &v + return s +} - // A structure containing data about the workspace. - // - // Workspace is a required field - Workspace *WorkspaceDescription `locationName:"workspace" type:"structure" required:"true"` +// SetGrafanaVersion sets the GrafanaVersion field's value. +func (s *CreateWorkspaceInput) SetGrafanaVersion(v string) *CreateWorkspaceInput { + s.GrafanaVersion = &v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateLicenseOutput) String() string { - return awsutil.Prettify(s) +// SetNetworkAccessControl sets the NetworkAccessControl field's value. +func (s *CreateWorkspaceInput) SetNetworkAccessControl(v *NetworkAccessConfiguration) *CreateWorkspaceInput { + s.NetworkAccessControl = v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateLicenseOutput) GoString() string { - return s.String() +// SetOrganizationRoleName sets the OrganizationRoleName field's value. +func (s *CreateWorkspaceInput) SetOrganizationRoleName(v string) *CreateWorkspaceInput { + s.OrganizationRoleName = &v + return s } -// SetWorkspace sets the Workspace field's value. -func (s *AssociateLicenseOutput) SetWorkspace(v *WorkspaceDescription) *AssociateLicenseOutput { - s.Workspace = v +// SetPermissionType sets the PermissionType field's value. +func (s *CreateWorkspaceInput) SetPermissionType(v string) *CreateWorkspaceInput { + s.PermissionType = &v return s } -// A structure containing information about the user authentication methods -// used by the workspace. -type AuthenticationDescription struct { - _ struct{} `type:"structure"` +// SetStackSetName sets the StackSetName field's value. +func (s *CreateWorkspaceInput) SetStackSetName(v string) *CreateWorkspaceInput { + s.StackSetName = &v + return s +} - // A structure containing information about how this workspace works with IAM - // Identity Center. - AwsSso *AwsSsoAuthentication `locationName:"awsSso" type:"structure"` +// SetTags sets the Tags field's value. +func (s *CreateWorkspaceInput) SetTags(v map[string]*string) *CreateWorkspaceInput { + s.Tags = v + return s +} - // Specifies whether this workspace uses IAM Identity Center, SAML, or both - // methods to authenticate users to use the Grafana console in the Amazon Managed - // Grafana workspace. - // - // Providers is a required field - Providers []*string `locationName:"providers" type:"list" required:"true" enum:"AuthenticationProviderTypes"` +// SetVpcConfiguration sets the VpcConfiguration field's value. +func (s *CreateWorkspaceInput) SetVpcConfiguration(v *VpcConfiguration) *CreateWorkspaceInput { + s.VpcConfiguration = v + return s +} - // A structure containing information about how this workspace works with SAML, - // including what attributes within the assertion are to be mapped to user information - // in the workspace. - Saml *SamlAuthentication `locationName:"saml" type:"structure"` +// SetWorkspaceDataSources sets the WorkspaceDataSources field's value. +func (s *CreateWorkspaceInput) SetWorkspaceDataSources(v []*string) *CreateWorkspaceInput { + s.WorkspaceDataSources = v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AuthenticationDescription) String() string { - return awsutil.Prettify(s) +// SetWorkspaceDescription sets the WorkspaceDescription field's value. +func (s *CreateWorkspaceInput) SetWorkspaceDescription(v string) *CreateWorkspaceInput { + s.WorkspaceDescription = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AuthenticationDescription) GoString() string { - return s.String() +// SetWorkspaceName sets the WorkspaceName field's value. +func (s *CreateWorkspaceInput) SetWorkspaceName(v string) *CreateWorkspaceInput { + s.WorkspaceName = &v + return s } -// SetAwsSso sets the AwsSso field's value. -func (s *AuthenticationDescription) SetAwsSso(v *AwsSsoAuthentication) *AuthenticationDescription { - s.AwsSso = v +// SetWorkspaceNotificationDestinations sets the WorkspaceNotificationDestinations field's value. +func (s *CreateWorkspaceInput) SetWorkspaceNotificationDestinations(v []*string) *CreateWorkspaceInput { + s.WorkspaceNotificationDestinations = v return s } -// SetProviders sets the Providers field's value. -func (s *AuthenticationDescription) SetProviders(v []*string) *AuthenticationDescription { - s.Providers = v +// SetWorkspaceOrganizationalUnits sets the WorkspaceOrganizationalUnits field's value. +func (s *CreateWorkspaceInput) SetWorkspaceOrganizationalUnits(v []*string) *CreateWorkspaceInput { + s.WorkspaceOrganizationalUnits = v return s } -// SetSaml sets the Saml field's value. -func (s *AuthenticationDescription) SetSaml(v *SamlAuthentication) *AuthenticationDescription { - s.Saml = v +// SetWorkspaceRoleArn sets the WorkspaceRoleArn field's value. +func (s *CreateWorkspaceInput) SetWorkspaceRoleArn(v string) *CreateWorkspaceInput { + s.WorkspaceRoleArn = &v return s } -// A structure that describes whether the workspace uses SAML, IAM Identity -// Center, or both methods for user authentication, and whether that authentication -// is fully configured. -type AuthenticationSummary struct { +type CreateWorkspaceOutput struct { _ struct{} `type:"structure"` - // Specifies whether the workspace uses SAML, IAM Identity Center, or both methods - // for user authentication. + // A structure containing data about the workspace that was created. // - // Providers is a required field - Providers []*string `locationName:"providers" type:"list" required:"true" enum:"AuthenticationProviderTypes"` - - // Specifies whether the workplace's user authentication method is fully configured. - SamlConfigurationStatus *string `locationName:"samlConfigurationStatus" type:"string" enum:"SamlConfigurationStatus"` + // Workspace is a required field + Workspace *WorkspaceDescription `locationName:"workspace" type:"structure" required:"true"` } // String returns the string representation. @@ -2343,7 +3692,7 @@ type AuthenticationSummary struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AuthenticationSummary) String() string { +func (s CreateWorkspaceOutput) String() string { return awsutil.Prettify(s) } @@ -2352,30 +3701,38 @@ func (s AuthenticationSummary) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AuthenticationSummary) GoString() string { +func (s CreateWorkspaceOutput) GoString() string { return s.String() } -// SetProviders sets the Providers field's value. -func (s *AuthenticationSummary) SetProviders(v []*string) *AuthenticationSummary { - s.Providers = v - return s -} - -// SetSamlConfigurationStatus sets the SamlConfigurationStatus field's value. -func (s *AuthenticationSummary) SetSamlConfigurationStatus(v string) *AuthenticationSummary { - s.SamlConfigurationStatus = &v +// SetWorkspace sets the Workspace field's value. +func (s *CreateWorkspaceOutput) SetWorkspace(v *WorkspaceDescription) *CreateWorkspaceOutput { + s.Workspace = v return s } -// A structure containing information about how this workspace works with IAM -// Identity Center. -type AwsSsoAuthentication struct { +type CreateWorkspaceServiceAccountInput struct { _ struct{} `type:"structure"` - // The ID of the IAM Identity Center-managed application that is created by - // Amazon Managed Grafana. - SsoClientId *string `locationName:"ssoClientId" type:"string"` + // The permission level to use for this service account. + // + // For more information about the roles and the permissions each has, see User + // roles (https://docs.aws.amazon.com/grafana/latest/userguide/Grafana-user-roles.html) + // in the Amazon Managed Grafana User Guide. + // + // GrafanaRole is a required field + GrafanaRole *string `locationName:"grafanaRole" type:"string" required:"true" enum:"Role"` + + // A name for the service account. The name must be unique within the workspace, + // as it determines the ID associated with the service account. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` + + // The ID of the workspace within which to create the service account. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -2383,42 +3740,84 @@ type AwsSsoAuthentication struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AwsSsoAuthentication) String() string { +func (s CreateWorkspaceServiceAccountInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AwsSsoAuthentication) GoString() string { - return s.String() +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateWorkspaceServiceAccountInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateWorkspaceServiceAccountInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceServiceAccountInput"} + if s.GrafanaRole == nil { + invalidParams.Add(request.NewErrParamRequired("GrafanaRole")) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetGrafanaRole sets the GrafanaRole field's value. +func (s *CreateWorkspaceServiceAccountInput) SetGrafanaRole(v string) *CreateWorkspaceServiceAccountInput { + s.GrafanaRole = &v + return s } -// SetSsoClientId sets the SsoClientId field's value. -func (s *AwsSsoAuthentication) SetSsoClientId(v string) *AwsSsoAuthentication { - s.SsoClientId = &v +// SetName sets the Name field's value. +func (s *CreateWorkspaceServiceAccountInput) SetName(v string) *CreateWorkspaceServiceAccountInput { + s.Name = &v return s } -// A resource was in an inconsistent state during an update or a deletion. -type ConflictException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *CreateWorkspaceServiceAccountInput) SetWorkspaceId(v string) *CreateWorkspaceServiceAccountInput { + s.WorkspaceId = &v + return s +} - // A description of the error. - Message_ *string `locationName:"message" type:"string"` +type CreateWorkspaceServiceAccountOutput struct { + _ struct{} `type:"structure"` - // The ID of the resource that is associated with the error. + // The permission level given to the service account. // - // ResourceId is a required field - ResourceId *string `locationName:"resourceId" type:"string" required:"true"` + // GrafanaRole is a required field + GrafanaRole *string `locationName:"grafanaRole" type:"string" required:"true" enum:"Role"` - // The type of the resource that is associated with the error. + // The ID of the service account. // - // ResourceType is a required field - ResourceType *string `locationName:"resourceType" type:"string" required:"true"` + // Id is a required field + Id *string `locationName:"id" type:"string" required:"true"` + + // The name of the service account. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` + + // The workspace with which the service account is associated. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -2426,7 +3825,7 @@ type ConflictException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConflictException) String() string { +func (s CreateWorkspaceServiceAccountOutput) String() string { return awsutil.Prettify(s) } @@ -2435,70 +3834,54 @@ func (s ConflictException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ConflictException) GoString() string { +func (s CreateWorkspaceServiceAccountOutput) GoString() string { return s.String() } -func newErrorConflictException(v protocol.ResponseMetadata) error { - return &ConflictException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *ConflictException) Code() string { - return "ConflictException" -} - -// Message returns the exception's message. -func (s *ConflictException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ConflictException) OrigErr() error { - return nil +// SetGrafanaRole sets the GrafanaRole field's value. +func (s *CreateWorkspaceServiceAccountOutput) SetGrafanaRole(v string) *CreateWorkspaceServiceAccountOutput { + s.GrafanaRole = &v + return s } -func (s *ConflictException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +// SetId sets the Id field's value. +func (s *CreateWorkspaceServiceAccountOutput) SetId(v string) *CreateWorkspaceServiceAccountOutput { + s.Id = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *ConflictException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetName sets the Name field's value. +func (s *CreateWorkspaceServiceAccountOutput) SetName(v string) *CreateWorkspaceServiceAccountOutput { + s.Name = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *ConflictException) RequestID() string { - return s.RespMetadata.RequestID +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *CreateWorkspaceServiceAccountOutput) SetWorkspaceId(v string) *CreateWorkspaceServiceAccountOutput { + s.WorkspaceId = &v + return s } -type CreateWorkspaceApiKeyInput struct { +type CreateWorkspaceServiceAccountTokenInput struct { _ struct{} `type:"structure"` - // Specifies the name of the key. Keynames must be unique to the workspace. - // - // KeyName is a required field - KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` - - // Specifies the permission level of the key. + // A name for the token to create. // - // Valid values: VIEWER|EDITOR|ADMIN - // - // KeyRole is a required field - KeyRole *string `locationName:"keyRole" type:"string" required:"true"` + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` - // Specifies the time in seconds until the key expires. Keys can be valid for - // up to 30 days. + // Sets how long the token will be valid, in seconds. You can set the time up + // to 30 days in the future. // // SecondsToLive is a required field SecondsToLive *int64 `locationName:"secondsToLive" min:"1" type:"integer" required:"true"` - // The ID of the workspace to create an API key. + // The ID of the service account for which to create a token. + // + // ServiceAccountId is a required field + ServiceAccountId *string `location:"uri" locationName:"serviceAccountId" type:"string" required:"true"` + + // The ID of the workspace the service account resides within. // // WorkspaceId is a required field WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` @@ -2509,7 +3892,7 @@ type CreateWorkspaceApiKeyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceApiKeyInput) String() string { +func (s CreateWorkspaceServiceAccountTokenInput) String() string { return awsutil.Prettify(s) } @@ -2518,21 +3901,18 @@ func (s CreateWorkspaceApiKeyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceApiKeyInput) GoString() string { +func (s CreateWorkspaceServiceAccountTokenInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateWorkspaceApiKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceApiKeyInput"} - if s.KeyName == nil { - invalidParams.Add(request.NewErrParamRequired("KeyName")) - } - if s.KeyName != nil && len(*s.KeyName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("KeyName", 1)) +func (s *CreateWorkspaceServiceAccountTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceServiceAccountTokenInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) } - if s.KeyRole == nil { - invalidParams.Add(request.NewErrParamRequired("KeyRole")) + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } if s.SecondsToLive == nil { invalidParams.Add(request.NewErrParamRequired("SecondsToLive")) @@ -2540,6 +3920,12 @@ func (s *CreateWorkspaceApiKeyInput) Validate() error { if s.SecondsToLive != nil && *s.SecondsToLive < 1 { invalidParams.Add(request.NewErrParamMinValue("SecondsToLive", 1)) } + if s.ServiceAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceAccountId")) + } + if s.ServiceAccountId != nil && len(*s.ServiceAccountId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServiceAccountId", 1)) + } if s.WorkspaceId == nil { invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) } @@ -2553,49 +3939,45 @@ func (s *CreateWorkspaceApiKeyInput) Validate() error { return nil } -// SetKeyName sets the KeyName field's value. -func (s *CreateWorkspaceApiKeyInput) SetKeyName(v string) *CreateWorkspaceApiKeyInput { - s.KeyName = &v +// SetName sets the Name field's value. +func (s *CreateWorkspaceServiceAccountTokenInput) SetName(v string) *CreateWorkspaceServiceAccountTokenInput { + s.Name = &v return s } -// SetKeyRole sets the KeyRole field's value. -func (s *CreateWorkspaceApiKeyInput) SetKeyRole(v string) *CreateWorkspaceApiKeyInput { - s.KeyRole = &v +// SetSecondsToLive sets the SecondsToLive field's value. +func (s *CreateWorkspaceServiceAccountTokenInput) SetSecondsToLive(v int64) *CreateWorkspaceServiceAccountTokenInput { + s.SecondsToLive = &v return s } -// SetSecondsToLive sets the SecondsToLive field's value. -func (s *CreateWorkspaceApiKeyInput) SetSecondsToLive(v int64) *CreateWorkspaceApiKeyInput { - s.SecondsToLive = &v +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *CreateWorkspaceServiceAccountTokenInput) SetServiceAccountId(v string) *CreateWorkspaceServiceAccountTokenInput { + s.ServiceAccountId = &v return s } // SetWorkspaceId sets the WorkspaceId field's value. -func (s *CreateWorkspaceApiKeyInput) SetWorkspaceId(v string) *CreateWorkspaceApiKeyInput { +func (s *CreateWorkspaceServiceAccountTokenInput) SetWorkspaceId(v string) *CreateWorkspaceServiceAccountTokenInput { s.WorkspaceId = &v return s } -type CreateWorkspaceApiKeyOutput struct { +type CreateWorkspaceServiceAccountTokenOutput struct { _ struct{} `type:"structure"` - // The key token. Use this value as a bearer token to authenticate HTTP requests - // to the workspace. - // - // Key is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceApiKeyOutput's - // String and GoString methods. + // The ID of the service account where the token was created. // - // Key is a required field - Key *string `locationName:"key" type:"string" required:"true" sensitive:"true"` + // ServiceAccountId is a required field + ServiceAccountId *string `locationName:"serviceAccountId" type:"string" required:"true"` - // The name of the key that was created. + // Information about the created token, including the key. Be sure to store + // the key securely. // - // KeyName is a required field - KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` + // ServiceAccountToken is a required field + ServiceAccountToken *ServiceAccountTokenSummaryWithKey `locationName:"serviceAccountToken" type:"structure" required:"true"` - // The ID of the workspace that the key is valid for. + // The ID of the workspace where the token was created. // // WorkspaceId is a required field WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` @@ -2606,171 +3988,49 @@ type CreateWorkspaceApiKeyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceApiKeyOutput) String() string { +func (s CreateWorkspaceServiceAccountTokenOutput) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. // // API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s CreateWorkspaceApiKeyOutput) GoString() string { - return s.String() -} - -// SetKey sets the Key field's value. -func (s *CreateWorkspaceApiKeyOutput) SetKey(v string) *CreateWorkspaceApiKeyOutput { - s.Key = &v - return s -} - -// SetKeyName sets the KeyName field's value. -func (s *CreateWorkspaceApiKeyOutput) SetKeyName(v string) *CreateWorkspaceApiKeyOutput { - s.KeyName = &v - return s -} - -// SetWorkspaceId sets the WorkspaceId field's value. -func (s *CreateWorkspaceApiKeyOutput) SetWorkspaceId(v string) *CreateWorkspaceApiKeyOutput { - s.WorkspaceId = &v - return s -} - -type CreateWorkspaceInput struct { - _ struct{} `type:"structure"` - - // Specifies whether the workspace can access Amazon Web Services resources - // in this Amazon Web Services account only, or whether it can also access Amazon - // Web Services resources in other accounts in the same organization. If you - // specify ORGANIZATION, you must specify which organizational units the workspace - // can access in the workspaceOrganizationalUnits parameter. - // - // AccountAccessType is a required field - AccountAccessType *string `locationName:"accountAccessType" type:"string" required:"true" enum:"AccountAccessType"` - - // Specifies whether this workspace uses SAML 2.0, IAM Identity Center, or both - // to authenticate users for using the Grafana console within a workspace. For - // more information, see User authentication in Amazon Managed Grafana (https://docs.aws.amazon.com/grafana/latest/userguide/authentication-in-AMG.html). - // - // AuthenticationProviders is a required field - AuthenticationProviders []*string `locationName:"authenticationProviders" type:"list" required:"true" enum:"AuthenticationProviderTypes"` - - // A unique, case-sensitive, user-provided identifier to ensure the idempotency - // of the request. - ClientToken *string `locationName:"clientToken" type:"string" idempotencyToken:"true"` - - // The configuration string for the workspace that you create. For more information - // about the format and configuration options available, see Working in your - // Grafana workspace (https://docs.aws.amazon.com/grafana/latest/userguide/AMG-configure-workspace.html). - Configuration *string `locationName:"configuration" min:"2" type:"string"` - - // Specifies the version of Grafana to support in the new workspace. If not - // specified, defaults to the latest version (for example, 9.4). - // - // To get a list of supported versions, use the ListVersions operation. - GrafanaVersion *string `locationName:"grafanaVersion" min:"1" type:"string"` - - // Configuration for network access to your workspace. - // - // When this is configured, only listed IP addresses and VPC endpoints will - // be able to access your workspace. Standard Grafana authentication and authorization - // will still be required. - // - // If this is not configured, or is removed, then all IP addresses and VPC endpoints - // will be allowed. Standard Grafana authentication and authorization will still - // be required. - NetworkAccessControl *NetworkAccessConfiguration `locationName:"networkAccessControl" type:"structure"` - - // The name of an IAM role that already exists to use with Organizations to - // access Amazon Web Services data sources and notification channels in other - // accounts in an organization. - // - // OrganizationRoleName is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceInput's - // String and GoString methods. - OrganizationRoleName *string `locationName:"organizationRoleName" min:"1" type:"string" sensitive:"true"` - - // When creating a workspace through the Amazon Web Services API, CLI or Amazon - // Web Services CloudFormation, you must manage IAM roles and provision the - // permissions that the workspace needs to use Amazon Web Services data sources - // and notification channels. - // - // You must also specify a workspaceRoleArn for a role that you will manage - // for the workspace to use when accessing those datasources and notification - // channels. - // - // The ability for Amazon Managed Grafana to create and update IAM roles on - // behalf of the user is supported only in the Amazon Managed Grafana console, - // where this value may be set to SERVICE_MANAGED. - // - // Use only the CUSTOMER_MANAGED permission type when creating a workspace with - // the API, CLI or Amazon Web Services CloudFormation. - // - // For more information, see Amazon Managed Grafana permissions and policies - // for Amazon Web Services data sources and notification channels (https://docs.aws.amazon.com/grafana/latest/userguide/AMG-manage-permissions.html). - // - // PermissionType is a required field - PermissionType *string `locationName:"permissionType" type:"string" required:"true" enum:"PermissionType"` - - // The name of the CloudFormation stack set to use to generate IAM roles to - // be used for this workspace. - StackSetName *string `locationName:"stackSetName" type:"string"` - - // The list of tags associated with the workspace. - Tags map[string]*string `locationName:"tags" type:"map"` - - // The configuration settings for an Amazon VPC that contains data sources for - // your Grafana workspace to connect to. - // - // Connecting to a private VPC is not yet available in the Asia Pacific (Seoul) - // Region (ap-northeast-2). - VpcConfiguration *VpcConfiguration `locationName:"vpcConfiguration" type:"structure"` +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateWorkspaceServiceAccountTokenOutput) GoString() string { + return s.String() +} - // This parameter is for internal use only, and should not be used. - WorkspaceDataSources []*string `locationName:"workspaceDataSources" type:"list" enum:"DataSourceType"` +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *CreateWorkspaceServiceAccountTokenOutput) SetServiceAccountId(v string) *CreateWorkspaceServiceAccountTokenOutput { + s.ServiceAccountId = &v + return s +} - // A description for the workspace. This is used only to help you identify this - // workspace. - // - // Pattern: ^[\\p{L}\\p{Z}\\p{N}\\p{P}]{0,2048}$ - // - // WorkspaceDescription is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceInput's - // String and GoString methods. - WorkspaceDescription *string `locationName:"workspaceDescription" type:"string" sensitive:"true"` +// SetServiceAccountToken sets the ServiceAccountToken field's value. +func (s *CreateWorkspaceServiceAccountTokenOutput) SetServiceAccountToken(v *ServiceAccountTokenSummaryWithKey) *CreateWorkspaceServiceAccountTokenOutput { + s.ServiceAccountToken = v + return s +} - // The name for the workspace. It does not have to be unique. - // - // WorkspaceName is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceInput's - // String and GoString methods. - WorkspaceName *string `locationName:"workspaceName" type:"string" sensitive:"true"` +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *CreateWorkspaceServiceAccountTokenOutput) SetWorkspaceId(v string) *CreateWorkspaceServiceAccountTokenOutput { + s.WorkspaceId = &v + return s +} - // Specify the Amazon Web Services notification channels that you plan to use - // in this workspace. Specifying these data sources here enables Amazon Managed - // Grafana to create IAM roles and permissions that allow Amazon Managed Grafana - // to use these channels. - WorkspaceNotificationDestinations []*string `locationName:"workspaceNotificationDestinations" type:"list" enum:"NotificationDestinationType"` +type DeleteWorkspaceApiKeyInput struct { + _ struct{} `type:"structure" nopayload:"true"` - // Specifies the organizational units that this workspace is allowed to use - // data sources from, if this workspace is in an account that is part of an - // organization. + // The name of the API key to delete. // - // WorkspaceOrganizationalUnits is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceInput's - // String and GoString methods. - WorkspaceOrganizationalUnits []*string `locationName:"workspaceOrganizationalUnits" type:"list" sensitive:"true"` + // KeyName is a required field + KeyName *string `location:"uri" locationName:"keyName" min:"1" type:"string" required:"true"` - // Specified the IAM role that grants permissions to the Amazon Web Services - // resources that the workspace will view data from, including both data sources - // and notification channels. You are responsible for managing the permissions - // for this role as new data sources or notification channels are added. + // The ID of the workspace to delete. // - // WorkspaceRoleArn is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateWorkspaceInput's - // String and GoString methods. - WorkspaceRoleArn *string `locationName:"workspaceRoleArn" min:"1" type:"string" sensitive:"true"` + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -2778,7 +4038,7 @@ type CreateWorkspaceInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceInput) String() string { +func (s DeleteWorkspaceApiKeyInput) String() string { return awsutil.Prettify(s) } @@ -2787,43 +4047,24 @@ func (s CreateWorkspaceInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceInput) GoString() string { +func (s DeleteWorkspaceApiKeyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateWorkspaceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateWorkspaceInput"} - if s.AccountAccessType == nil { - invalidParams.Add(request.NewErrParamRequired("AccountAccessType")) - } - if s.AuthenticationProviders == nil { - invalidParams.Add(request.NewErrParamRequired("AuthenticationProviders")) - } - if s.Configuration != nil && len(*s.Configuration) < 2 { - invalidParams.Add(request.NewErrParamMinLen("Configuration", 2)) - } - if s.GrafanaVersion != nil && len(*s.GrafanaVersion) < 1 { - invalidParams.Add(request.NewErrParamMinLen("GrafanaVersion", 1)) - } - if s.OrganizationRoleName != nil && len(*s.OrganizationRoleName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("OrganizationRoleName", 1)) - } - if s.PermissionType == nil { - invalidParams.Add(request.NewErrParamRequired("PermissionType")) +func (s *DeleteWorkspaceApiKeyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceApiKeyInput"} + if s.KeyName == nil { + invalidParams.Add(request.NewErrParamRequired("KeyName")) } - if s.WorkspaceRoleArn != nil && len(*s.WorkspaceRoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("WorkspaceRoleArn", 1)) + if s.KeyName != nil && len(*s.KeyName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("KeyName", 1)) } - if s.NetworkAccessControl != nil { - if err := s.NetworkAccessControl.Validate(); err != nil { - invalidParams.AddNested("NetworkAccessControl", err.(request.ErrInvalidParams)) - } + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) } - if s.VpcConfiguration != nil { - if err := s.VpcConfiguration.Validate(); err != nil { - invalidParams.AddNested("VpcConfiguration", err.(request.ErrInvalidParams)) - } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) } if invalidParams.Len() > 0 { @@ -2832,112 +4073,115 @@ func (s *CreateWorkspaceInput) Validate() error { return nil } -// SetAccountAccessType sets the AccountAccessType field's value. -func (s *CreateWorkspaceInput) SetAccountAccessType(v string) *CreateWorkspaceInput { - s.AccountAccessType = &v - return s -} - -// SetAuthenticationProviders sets the AuthenticationProviders field's value. -func (s *CreateWorkspaceInput) SetAuthenticationProviders(v []*string) *CreateWorkspaceInput { - s.AuthenticationProviders = v +// SetKeyName sets the KeyName field's value. +func (s *DeleteWorkspaceApiKeyInput) SetKeyName(v string) *DeleteWorkspaceApiKeyInput { + s.KeyName = &v return s } -// SetClientToken sets the ClientToken field's value. -func (s *CreateWorkspaceInput) SetClientToken(v string) *CreateWorkspaceInput { - s.ClientToken = &v +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *DeleteWorkspaceApiKeyInput) SetWorkspaceId(v string) *DeleteWorkspaceApiKeyInput { + s.WorkspaceId = &v return s } -// SetConfiguration sets the Configuration field's value. -func (s *CreateWorkspaceInput) SetConfiguration(v string) *CreateWorkspaceInput { - s.Configuration = &v - return s -} +type DeleteWorkspaceApiKeyOutput struct { + _ struct{} `type:"structure"` -// SetGrafanaVersion sets the GrafanaVersion field's value. -func (s *CreateWorkspaceInput) SetGrafanaVersion(v string) *CreateWorkspaceInput { - s.GrafanaVersion = &v - return s -} + // The name of the key that was deleted. + // + // KeyName is a required field + KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` -// SetNetworkAccessControl sets the NetworkAccessControl field's value. -func (s *CreateWorkspaceInput) SetNetworkAccessControl(v *NetworkAccessConfiguration) *CreateWorkspaceInput { - s.NetworkAccessControl = v - return s + // The ID of the workspace where the key was deleted. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` } -// SetOrganizationRoleName sets the OrganizationRoleName field's value. -func (s *CreateWorkspaceInput) SetOrganizationRoleName(v string) *CreateWorkspaceInput { - s.OrganizationRoleName = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkspaceApiKeyOutput) String() string { + return awsutil.Prettify(s) } -// SetPermissionType sets the PermissionType field's value. -func (s *CreateWorkspaceInput) SetPermissionType(v string) *CreateWorkspaceInput { - s.PermissionType = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkspaceApiKeyOutput) GoString() string { + return s.String() } -// SetStackSetName sets the StackSetName field's value. -func (s *CreateWorkspaceInput) SetStackSetName(v string) *CreateWorkspaceInput { - s.StackSetName = &v +// SetKeyName sets the KeyName field's value. +func (s *DeleteWorkspaceApiKeyOutput) SetKeyName(v string) *DeleteWorkspaceApiKeyOutput { + s.KeyName = &v return s } -// SetTags sets the Tags field's value. -func (s *CreateWorkspaceInput) SetTags(v map[string]*string) *CreateWorkspaceInput { - s.Tags = v +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *DeleteWorkspaceApiKeyOutput) SetWorkspaceId(v string) *DeleteWorkspaceApiKeyOutput { + s.WorkspaceId = &v return s } -// SetVpcConfiguration sets the VpcConfiguration field's value. -func (s *CreateWorkspaceInput) SetVpcConfiguration(v *VpcConfiguration) *CreateWorkspaceInput { - s.VpcConfiguration = v - return s -} +type DeleteWorkspaceInput struct { + _ struct{} `type:"structure" nopayload:"true"` -// SetWorkspaceDataSources sets the WorkspaceDataSources field's value. -func (s *CreateWorkspaceInput) SetWorkspaceDataSources(v []*string) *CreateWorkspaceInput { - s.WorkspaceDataSources = v - return s + // The ID of the workspace to delete. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` } -// SetWorkspaceDescription sets the WorkspaceDescription field's value. -func (s *CreateWorkspaceInput) SetWorkspaceDescription(v string) *CreateWorkspaceInput { - s.WorkspaceDescription = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkspaceInput) String() string { + return awsutil.Prettify(s) } -// SetWorkspaceName sets the WorkspaceName field's value. -func (s *CreateWorkspaceInput) SetWorkspaceName(v string) *CreateWorkspaceInput { - s.WorkspaceName = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteWorkspaceInput) GoString() string { + return s.String() } -// SetWorkspaceNotificationDestinations sets the WorkspaceNotificationDestinations field's value. -func (s *CreateWorkspaceInput) SetWorkspaceNotificationDestinations(v []*string) *CreateWorkspaceInput { - s.WorkspaceNotificationDestinations = v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteWorkspaceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceInput"} + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) + } -// SetWorkspaceOrganizationalUnits sets the WorkspaceOrganizationalUnits field's value. -func (s *CreateWorkspaceInput) SetWorkspaceOrganizationalUnits(v []*string) *CreateWorkspaceInput { - s.WorkspaceOrganizationalUnits = v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetWorkspaceRoleArn sets the WorkspaceRoleArn field's value. -func (s *CreateWorkspaceInput) SetWorkspaceRoleArn(v string) *CreateWorkspaceInput { - s.WorkspaceRoleArn = &v +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *DeleteWorkspaceInput) SetWorkspaceId(v string) *DeleteWorkspaceInput { + s.WorkspaceId = &v return s } -type CreateWorkspaceOutput struct { +type DeleteWorkspaceOutput struct { _ struct{} `type:"structure"` - // A structure containing data about the workspace that was created. + // A structure containing information about the workspace that was deleted. // // Workspace is a required field Workspace *WorkspaceDescription `locationName:"workspace" type:"structure" required:"true"` @@ -2948,7 +4192,7 @@ type CreateWorkspaceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceOutput) String() string { +func (s DeleteWorkspaceOutput) String() string { return awsutil.Prettify(s) } @@ -2957,25 +4201,25 @@ func (s CreateWorkspaceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateWorkspaceOutput) GoString() string { +func (s DeleteWorkspaceOutput) GoString() string { return s.String() } // SetWorkspace sets the Workspace field's value. -func (s *CreateWorkspaceOutput) SetWorkspace(v *WorkspaceDescription) *CreateWorkspaceOutput { +func (s *DeleteWorkspaceOutput) SetWorkspace(v *WorkspaceDescription) *DeleteWorkspaceOutput { s.Workspace = v return s } -type DeleteWorkspaceApiKeyInput struct { +type DeleteWorkspaceServiceAccountInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The name of the API key to delete. - // - // KeyName is a required field - KeyName *string `location:"uri" locationName:"keyName" min:"1" type:"string" required:"true"` + // The ID of the service account to delete. + // + // ServiceAccountId is a required field + ServiceAccountId *string `location:"uri" locationName:"serviceAccountId" type:"string" required:"true"` - // The ID of the workspace to delete. + // The ID of the workspace where the service account resides. // // WorkspaceId is a required field WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` @@ -2986,7 +4230,7 @@ type DeleteWorkspaceApiKeyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceApiKeyInput) String() string { +func (s DeleteWorkspaceServiceAccountInput) String() string { return awsutil.Prettify(s) } @@ -2995,18 +4239,18 @@ func (s DeleteWorkspaceApiKeyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceApiKeyInput) GoString() string { +func (s DeleteWorkspaceServiceAccountInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteWorkspaceApiKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceApiKeyInput"} - if s.KeyName == nil { - invalidParams.Add(request.NewErrParamRequired("KeyName")) +func (s *DeleteWorkspaceServiceAccountInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceServiceAccountInput"} + if s.ServiceAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceAccountId")) } - if s.KeyName != nil && len(*s.KeyName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("KeyName", 1)) + if s.ServiceAccountId != nil && len(*s.ServiceAccountId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServiceAccountId", 1)) } if s.WorkspaceId == nil { invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) @@ -3021,27 +4265,27 @@ func (s *DeleteWorkspaceApiKeyInput) Validate() error { return nil } -// SetKeyName sets the KeyName field's value. -func (s *DeleteWorkspaceApiKeyInput) SetKeyName(v string) *DeleteWorkspaceApiKeyInput { - s.KeyName = &v +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *DeleteWorkspaceServiceAccountInput) SetServiceAccountId(v string) *DeleteWorkspaceServiceAccountInput { + s.ServiceAccountId = &v return s } // SetWorkspaceId sets the WorkspaceId field's value. -func (s *DeleteWorkspaceApiKeyInput) SetWorkspaceId(v string) *DeleteWorkspaceApiKeyInput { +func (s *DeleteWorkspaceServiceAccountInput) SetWorkspaceId(v string) *DeleteWorkspaceServiceAccountInput { s.WorkspaceId = &v return s } -type DeleteWorkspaceApiKeyOutput struct { +type DeleteWorkspaceServiceAccountOutput struct { _ struct{} `type:"structure"` - // The name of the key that was deleted. + // The ID of the service account deleted. // - // KeyName is a required field - KeyName *string `locationName:"keyName" min:"1" type:"string" required:"true"` + // ServiceAccountId is a required field + ServiceAccountId *string `locationName:"serviceAccountId" type:"string" required:"true"` - // The ID of the workspace where the key was deleted. + // The ID of the workspace where the service account was deleted. // // WorkspaceId is a required field WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` @@ -3052,7 +4296,7 @@ type DeleteWorkspaceApiKeyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceApiKeyOutput) String() string { +func (s DeleteWorkspaceServiceAccountOutput) String() string { return awsutil.Prettify(s) } @@ -3061,26 +4305,36 @@ func (s DeleteWorkspaceApiKeyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceApiKeyOutput) GoString() string { +func (s DeleteWorkspaceServiceAccountOutput) GoString() string { return s.String() } -// SetKeyName sets the KeyName field's value. -func (s *DeleteWorkspaceApiKeyOutput) SetKeyName(v string) *DeleteWorkspaceApiKeyOutput { - s.KeyName = &v +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *DeleteWorkspaceServiceAccountOutput) SetServiceAccountId(v string) *DeleteWorkspaceServiceAccountOutput { + s.ServiceAccountId = &v return s } // SetWorkspaceId sets the WorkspaceId field's value. -func (s *DeleteWorkspaceApiKeyOutput) SetWorkspaceId(v string) *DeleteWorkspaceApiKeyOutput { +func (s *DeleteWorkspaceServiceAccountOutput) SetWorkspaceId(v string) *DeleteWorkspaceServiceAccountOutput { s.WorkspaceId = &v return s } -type DeleteWorkspaceInput struct { +type DeleteWorkspaceServiceAccountTokenInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The ID of the workspace to delete. + // The ID of the service account from which to delete the token. + // + // ServiceAccountId is a required field + ServiceAccountId *string `location:"uri" locationName:"serviceAccountId" type:"string" required:"true"` + + // The ID of the token to delete. + // + // TokenId is a required field + TokenId *string `location:"uri" locationName:"tokenId" type:"string" required:"true"` + + // The ID of the workspace from which to delete the token. // // WorkspaceId is a required field WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` @@ -3091,7 +4345,7 @@ type DeleteWorkspaceInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceInput) String() string { +func (s DeleteWorkspaceServiceAccountTokenInput) String() string { return awsutil.Prettify(s) } @@ -3100,13 +4354,25 @@ func (s DeleteWorkspaceInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceInput) GoString() string { +func (s DeleteWorkspaceServiceAccountTokenInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteWorkspaceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceInput"} +func (s *DeleteWorkspaceServiceAccountTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteWorkspaceServiceAccountTokenInput"} + if s.ServiceAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceAccountId")) + } + if s.ServiceAccountId != nil && len(*s.ServiceAccountId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServiceAccountId", 1)) + } + if s.TokenId == nil { + invalidParams.Add(request.NewErrParamRequired("TokenId")) + } + if s.TokenId != nil && len(*s.TokenId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TokenId", 1)) + } if s.WorkspaceId == nil { invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) } @@ -3120,19 +4386,41 @@ func (s *DeleteWorkspaceInput) Validate() error { return nil } +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *DeleteWorkspaceServiceAccountTokenInput) SetServiceAccountId(v string) *DeleteWorkspaceServiceAccountTokenInput { + s.ServiceAccountId = &v + return s +} + +// SetTokenId sets the TokenId field's value. +func (s *DeleteWorkspaceServiceAccountTokenInput) SetTokenId(v string) *DeleteWorkspaceServiceAccountTokenInput { + s.TokenId = &v + return s +} + // SetWorkspaceId sets the WorkspaceId field's value. -func (s *DeleteWorkspaceInput) SetWorkspaceId(v string) *DeleteWorkspaceInput { +func (s *DeleteWorkspaceServiceAccountTokenInput) SetWorkspaceId(v string) *DeleteWorkspaceServiceAccountTokenInput { s.WorkspaceId = &v return s } -type DeleteWorkspaceOutput struct { +type DeleteWorkspaceServiceAccountTokenOutput struct { _ struct{} `type:"structure"` - // A structure containing information about the workspace that was deleted. + // The ID of the service account where the token was deleted. // - // Workspace is a required field - Workspace *WorkspaceDescription `locationName:"workspace" type:"structure" required:"true"` + // ServiceAccountId is a required field + ServiceAccountId *string `locationName:"serviceAccountId" type:"string" required:"true"` + + // The ID of the token that was deleted. + // + // TokenId is a required field + TokenId *string `locationName:"tokenId" type:"string" required:"true"` + + // The ID of the workspace where the token was deleted. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -3140,7 +4428,7 @@ type DeleteWorkspaceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceOutput) String() string { +func (s DeleteWorkspaceServiceAccountTokenOutput) String() string { return awsutil.Prettify(s) } @@ -3149,13 +4437,25 @@ func (s DeleteWorkspaceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteWorkspaceOutput) GoString() string { +func (s DeleteWorkspaceServiceAccountTokenOutput) GoString() string { return s.String() } -// SetWorkspace sets the Workspace field's value. -func (s *DeleteWorkspaceOutput) SetWorkspace(v *WorkspaceDescription) *DeleteWorkspaceOutput { - s.Workspace = v +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *DeleteWorkspaceServiceAccountTokenOutput) SetServiceAccountId(v string) *DeleteWorkspaceServiceAccountTokenOutput { + s.ServiceAccountId = &v + return s +} + +// SetTokenId sets the TokenId field's value. +func (s *DeleteWorkspaceServiceAccountTokenOutput) SetTokenId(v string) *DeleteWorkspaceServiceAccountTokenOutput { + s.TokenId = &v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *DeleteWorkspaceServiceAccountTokenOutput) SetWorkspaceId(v string) *DeleteWorkspaceServiceAccountTokenOutput { + s.WorkspaceId = &v return s } @@ -3824,8 +5124,215 @@ func (s *ListTagsForResourceInput) Validate() error { if s.ResourceArn == nil { invalidParams.Add(request.NewErrParamRequired("ResourceArn")) } - if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { + s.ResourceArn = &v + return s +} + +type ListTagsForResourceOutput struct { + _ struct{} `type:"structure"` + + // The list of tags that are associated with the resource. + Tags map[string]*string `locationName:"tags" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsForResourceOutput) GoString() string { + return s.String() +} + +// SetTags sets the Tags field's value. +func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { + s.Tags = v + return s +} + +type ListVersionsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of results to include in the response. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token to use when requesting the next set of results. You receive this + // token from a previous ListVersions operation. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // The ID of the workspace to list the available upgrade versions. If not included, + // lists all versions of Grafana that are supported for CreateWorkspace. + WorkspaceId *string `location:"querystring" locationName:"workspace-id" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListVersionsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListVersionsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListVersionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListVersionsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListVersionsInput) SetMaxResults(v int64) *ListVersionsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListVersionsInput) SetNextToken(v string) *ListVersionsInput { + s.NextToken = &v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *ListVersionsInput) SetWorkspaceId(v string) *ListVersionsInput { + s.WorkspaceId = &v + return s +} + +type ListVersionsOutput struct { + _ struct{} `type:"structure"` + + // The Grafana versions available to create. If a workspace ID is included in + // the request, the Grafana versions to which this workspace can be upgraded. + GrafanaVersions []*string `locationName:"grafanaVersions" type:"list"` + + // The token to use in a subsequent ListVersions operation to return the next + // set of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListVersionsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListVersionsOutput) GoString() string { + return s.String() +} + +// SetGrafanaVersions sets the GrafanaVersions field's value. +func (s *ListVersionsOutput) SetGrafanaVersions(v []*string) *ListVersionsOutput { + s.GrafanaVersions = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListVersionsOutput) SetNextToken(v string) *ListVersionsOutput { + s.NextToken = &v + return s +} + +type ListWorkspaceServiceAccountTokensInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The maximum number of tokens to include in the results. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next set of service accounts to return. (You receive this + // token from a previous ListWorkspaceServiceAccountTokens operation.) + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` + + // The ID of the service account for which to return tokens. + // + // ServiceAccountId is a required field + ServiceAccountId *string `location:"uri" locationName:"serviceAccountId" type:"string" required:"true"` + + // The ID of the workspace for which to return tokens. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListWorkspaceServiceAccountTokensInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListWorkspaceServiceAccountTokensInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListWorkspaceServiceAccountTokensInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListWorkspaceServiceAccountTokensInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.ServiceAccountId == nil { + invalidParams.Add(request.NewErrParamRequired("ServiceAccountId")) + } + if s.ServiceAccountId != nil && len(*s.ServiceAccountId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ServiceAccountId", 1)) + } + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) } if invalidParams.Len() > 0 { @@ -3834,17 +5341,50 @@ func (s *ListTagsForResourceInput) Validate() error { return nil } -// SetResourceArn sets the ResourceArn field's value. -func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { - s.ResourceArn = &v +// SetMaxResults sets the MaxResults field's value. +func (s *ListWorkspaceServiceAccountTokensInput) SetMaxResults(v int64) *ListWorkspaceServiceAccountTokensInput { + s.MaxResults = &v return s } -type ListTagsForResourceOutput struct { +// SetNextToken sets the NextToken field's value. +func (s *ListWorkspaceServiceAccountTokensInput) SetNextToken(v string) *ListWorkspaceServiceAccountTokensInput { + s.NextToken = &v + return s +} + +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *ListWorkspaceServiceAccountTokensInput) SetServiceAccountId(v string) *ListWorkspaceServiceAccountTokensInput { + s.ServiceAccountId = &v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *ListWorkspaceServiceAccountTokensInput) SetWorkspaceId(v string) *ListWorkspaceServiceAccountTokensInput { + s.WorkspaceId = &v + return s +} + +type ListWorkspaceServiceAccountTokensOutput struct { _ struct{} `type:"structure"` - // The list of tags that are associated with the resource. - Tags map[string]*string `locationName:"tags" type:"map"` + // The token to use when requesting the next set of service accounts. + NextToken *string `locationName:"nextToken" type:"string"` + + // The ID of the service account where the tokens reside. + // + // ServiceAccountId is a required field + ServiceAccountId *string `locationName:"serviceAccountId" type:"string" required:"true"` + + // An array of structures containing information about the tokens. + // + // ServiceAccountTokens is a required field + ServiceAccountTokens []*ServiceAccountTokenSummary `locationName:"serviceAccountTokens" type:"list" required:"true"` + + // The ID of the workspace where the tokens reside. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -3852,7 +5392,7 @@ type ListTagsForResourceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) String() string { +func (s ListWorkspaceServiceAccountTokensOutput) String() string { return awsutil.Prettify(s) } @@ -3861,29 +5401,48 @@ func (s ListTagsForResourceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) GoString() string { +func (s ListWorkspaceServiceAccountTokensOutput) GoString() string { return s.String() } -// SetTags sets the Tags field's value. -func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { - s.Tags = v +// SetNextToken sets the NextToken field's value. +func (s *ListWorkspaceServiceAccountTokensOutput) SetNextToken(v string) *ListWorkspaceServiceAccountTokensOutput { + s.NextToken = &v return s } -type ListVersionsInput struct { +// SetServiceAccountId sets the ServiceAccountId field's value. +func (s *ListWorkspaceServiceAccountTokensOutput) SetServiceAccountId(v string) *ListWorkspaceServiceAccountTokensOutput { + s.ServiceAccountId = &v + return s +} + +// SetServiceAccountTokens sets the ServiceAccountTokens field's value. +func (s *ListWorkspaceServiceAccountTokensOutput) SetServiceAccountTokens(v []*ServiceAccountTokenSummary) *ListWorkspaceServiceAccountTokensOutput { + s.ServiceAccountTokens = v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *ListWorkspaceServiceAccountTokensOutput) SetWorkspaceId(v string) *ListWorkspaceServiceAccountTokensOutput { + s.WorkspaceId = &v + return s +} + +type ListWorkspaceServiceAccountsInput struct { _ struct{} `type:"structure" nopayload:"true"` - // The maximum number of results to include in the response. + // The maximum number of service accounts to include in the results. MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` - // The token to use when requesting the next set of results. You receive this - // token from a previous ListVersions operation. + // The token for the next set of service accounts to return. (You receive this + // token from a previous ListWorkspaceServiceAccounts operation.) NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` - // The ID of the workspace to list the available upgrade versions. If not included, - // lists all versions of Grafana that are supported for CreateWorkspace. - WorkspaceId *string `location:"querystring" locationName:"workspace-id" type:"string"` + // The workspace for which to list service accounts. + // + // WorkspaceId is a required field + WorkspaceId *string `location:"uri" locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -3891,7 +5450,7 @@ type ListVersionsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListVersionsInput) String() string { +func (s ListWorkspaceServiceAccountsInput) String() string { return awsutil.Prettify(s) } @@ -3900,16 +5459,22 @@ func (s ListVersionsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListVersionsInput) GoString() string { +func (s ListWorkspaceServiceAccountsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListVersionsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListVersionsInput"} +func (s *ListWorkspaceServiceAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListWorkspaceServiceAccountsInput"} if s.MaxResults != nil && *s.MaxResults < 1 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } + if s.WorkspaceId == nil { + invalidParams.Add(request.NewErrParamRequired("WorkspaceId")) + } + if s.WorkspaceId != nil && len(*s.WorkspaceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("WorkspaceId", 1)) + } if invalidParams.Len() > 0 { return invalidParams @@ -3918,33 +5483,38 @@ func (s *ListVersionsInput) Validate() error { } // SetMaxResults sets the MaxResults field's value. -func (s *ListVersionsInput) SetMaxResults(v int64) *ListVersionsInput { +func (s *ListWorkspaceServiceAccountsInput) SetMaxResults(v int64) *ListWorkspaceServiceAccountsInput { s.MaxResults = &v return s } // SetNextToken sets the NextToken field's value. -func (s *ListVersionsInput) SetNextToken(v string) *ListVersionsInput { +func (s *ListWorkspaceServiceAccountsInput) SetNextToken(v string) *ListWorkspaceServiceAccountsInput { s.NextToken = &v return s } // SetWorkspaceId sets the WorkspaceId field's value. -func (s *ListVersionsInput) SetWorkspaceId(v string) *ListVersionsInput { +func (s *ListWorkspaceServiceAccountsInput) SetWorkspaceId(v string) *ListWorkspaceServiceAccountsInput { s.WorkspaceId = &v return s } -type ListVersionsOutput struct { +type ListWorkspaceServiceAccountsOutput struct { _ struct{} `type:"structure"` - // The Grafana versions available to create. If a workspace ID is included in - // the request, the Grafana versions to which this workspace can be upgraded. - GrafanaVersions []*string `locationName:"grafanaVersions" type:"list"` - - // The token to use in a subsequent ListVersions operation to return the next - // set of results. + // The token to use when requesting the next set of service accounts. NextToken *string `locationName:"nextToken" type:"string"` + + // An array of structures containing information about the service accounts. + // + // ServiceAccounts is a required field + ServiceAccounts []*ServiceAccountSummary `locationName:"serviceAccounts" type:"list" required:"true"` + + // The workspace to which the service accounts are associated. + // + // WorkspaceId is a required field + WorkspaceId *string `locationName:"workspaceId" type:"string" required:"true"` } // String returns the string representation. @@ -3952,7 +5522,7 @@ type ListVersionsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListVersionsOutput) String() string { +func (s ListWorkspaceServiceAccountsOutput) String() string { return awsutil.Prettify(s) } @@ -3961,19 +5531,25 @@ func (s ListVersionsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListVersionsOutput) GoString() string { +func (s ListWorkspaceServiceAccountsOutput) GoString() string { return s.String() } -// SetGrafanaVersions sets the GrafanaVersions field's value. -func (s *ListVersionsOutput) SetGrafanaVersions(v []*string) *ListVersionsOutput { - s.GrafanaVersions = v +// SetNextToken sets the NextToken field's value. +func (s *ListWorkspaceServiceAccountsOutput) SetNextToken(v string) *ListWorkspaceServiceAccountsOutput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *ListVersionsOutput) SetNextToken(v string) *ListVersionsOutput { - s.NextToken = &v +// SetServiceAccounts sets the ServiceAccounts field's value. +func (s *ListWorkspaceServiceAccountsOutput) SetServiceAccounts(v []*ServiceAccountSummary) *ListWorkspaceServiceAccountsOutput { + s.ServiceAccounts = v + return s +} + +// SetWorkspaceId sets the WorkspaceId field's value. +func (s *ListWorkspaceServiceAccountsOutput) SetWorkspaceId(v string) *ListWorkspaceServiceAccountsOutput { + s.WorkspaceId = &v return s } @@ -4495,6 +6071,218 @@ func (s *SamlConfiguration) SetRoleValues(v *RoleValues) *SamlConfiguration { return s } +// A structure that contains the information about one service account. +type ServiceAccountSummary struct { + _ struct{} `type:"structure"` + + // The role of the service account, which sets the permission level used when + // calling Grafana APIs. + // + // GrafanaRole is a required field + GrafanaRole *string `locationName:"grafanaRole" type:"string" required:"true" enum:"Role"` + + // The unique ID of the service account. + // + // Id is a required field + Id *string `locationName:"id" type:"string" required:"true"` + + // Returns true if the service account is disabled. Service accounts can be + // disabled and enabled in the Amazon Managed Grafana console. + // + // IsDisabled is a required field + IsDisabled *string `locationName:"isDisabled" type:"string" required:"true"` + + // The name of the service account. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountSummary) GoString() string { + return s.String() +} + +// SetGrafanaRole sets the GrafanaRole field's value. +func (s *ServiceAccountSummary) SetGrafanaRole(v string) *ServiceAccountSummary { + s.GrafanaRole = &v + return s +} + +// SetId sets the Id field's value. +func (s *ServiceAccountSummary) SetId(v string) *ServiceAccountSummary { + s.Id = &v + return s +} + +// SetIsDisabled sets the IsDisabled field's value. +func (s *ServiceAccountSummary) SetIsDisabled(v string) *ServiceAccountSummary { + s.IsDisabled = &v + return s +} + +// SetName sets the Name field's value. +func (s *ServiceAccountSummary) SetName(v string) *ServiceAccountSummary { + s.Name = &v + return s +} + +// A structure that contains the information about a service account token. +type ServiceAccountTokenSummary struct { + _ struct{} `type:"structure"` + + // When the service account token was created. + // + // CreatedAt is a required field + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp" required:"true"` + + // When the service account token will expire. + // + // ExpiresAt is a required field + ExpiresAt *time.Time `locationName:"expiresAt" type:"timestamp" required:"true"` + + // The unique ID of the service account token. + // + // Id is a required field + Id *string `locationName:"id" type:"string" required:"true"` + + // The last time the token was used to authorize a Grafana HTTP API. + LastUsedAt *time.Time `locationName:"lastUsedAt" type:"timestamp"` + + // The name of the service account token. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountTokenSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountTokenSummary) GoString() string { + return s.String() +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *ServiceAccountTokenSummary) SetCreatedAt(v time.Time) *ServiceAccountTokenSummary { + s.CreatedAt = &v + return s +} + +// SetExpiresAt sets the ExpiresAt field's value. +func (s *ServiceAccountTokenSummary) SetExpiresAt(v time.Time) *ServiceAccountTokenSummary { + s.ExpiresAt = &v + return s +} + +// SetId sets the Id field's value. +func (s *ServiceAccountTokenSummary) SetId(v string) *ServiceAccountTokenSummary { + s.Id = &v + return s +} + +// SetLastUsedAt sets the LastUsedAt field's value. +func (s *ServiceAccountTokenSummary) SetLastUsedAt(v time.Time) *ServiceAccountTokenSummary { + s.LastUsedAt = &v + return s +} + +// SetName sets the Name field's value. +func (s *ServiceAccountTokenSummary) SetName(v string) *ServiceAccountTokenSummary { + s.Name = &v + return s +} + +// A structure that contains the information about a service account token. +// +// This structure is returned when creating the token. It is important to store +// the key that is returned, as it is not retrievable at a later time. +// +// If you lose the key, you can delete and recreate the token, which will create +// a new key. +type ServiceAccountTokenSummaryWithKey struct { + _ struct{} `type:"structure"` + + // The unique ID of the service account token. + // + // Id is a required field + Id *string `locationName:"id" type:"string" required:"true"` + + // The key for the service account token. Used when making calls to the Grafana + // HTTP APIs to authenticate and authorize the requests. + // + // Key is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ServiceAccountTokenSummaryWithKey's + // String and GoString methods. + // + // Key is a required field + Key *string `locationName:"key" type:"string" required:"true" sensitive:"true"` + + // The name of the service account token. + // + // Name is a required field + Name *string `locationName:"name" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountTokenSummaryWithKey) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ServiceAccountTokenSummaryWithKey) GoString() string { + return s.String() +} + +// SetId sets the Id field's value. +func (s *ServiceAccountTokenSummaryWithKey) SetId(v string) *ServiceAccountTokenSummaryWithKey { + s.Id = &v + return s +} + +// SetKey sets the Key field's value. +func (s *ServiceAccountTokenSummaryWithKey) SetKey(v string) *ServiceAccountTokenSummaryWithKey { + s.Key = &v + return s +} + +// SetName sets the Name field's value. +func (s *ServiceAccountTokenSummaryWithKey) SetName(v string) *ServiceAccountTokenSummaryWithKey { + s.Name = &v + return s +} + // The request would cause a service quota to be exceeded. type ServiceQuotaExceededException struct { _ struct{} `type:"structure"` @@ -5921,7 +7709,7 @@ type WorkspaceDescription struct { FreeTrialExpiration *time.Time `locationName:"freeTrialExpiration" type:"timestamp"` // The token that ties this workspace to a Grafana Labs account. For more information, - // see Register with Grafana Labs (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). + // see Link your account with Grafana Labs (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). GrafanaToken *string `locationName:"grafanaToken" min:"1" type:"string"` // The version of Grafana supported in this workspace. @@ -6224,7 +8012,7 @@ type WorkspaceSummary struct { Endpoint *string `locationName:"endpoint" min:"1" type:"string" required:"true"` // The token that ties this workspace to a Grafana Labs account. For more information, - // see Register with Grafana Labs (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). + // see Link your account with Grafana Labs (https://docs.aws.amazon.com/grafana/latest/userguide/upgrade-to-Grafana-Enterprise.html#AMG-workspace-register-enterprise). GrafanaToken *string `locationName:"grafanaToken" min:"1" type:"string"` // The Grafana version that the workspace is running. diff --git a/service/managedgrafana/managedgrafanaiface/interface.go b/service/managedgrafana/managedgrafanaiface/interface.go index 81c455ae3b5..3f6d714c536 100644 --- a/service/managedgrafana/managedgrafanaiface/interface.go +++ b/service/managedgrafana/managedgrafanaiface/interface.go @@ -72,6 +72,14 @@ type ManagedGrafanaAPI interface { CreateWorkspaceApiKeyWithContext(aws.Context, *managedgrafana.CreateWorkspaceApiKeyInput, ...request.Option) (*managedgrafana.CreateWorkspaceApiKeyOutput, error) CreateWorkspaceApiKeyRequest(*managedgrafana.CreateWorkspaceApiKeyInput) (*request.Request, *managedgrafana.CreateWorkspaceApiKeyOutput) + CreateWorkspaceServiceAccount(*managedgrafana.CreateWorkspaceServiceAccountInput) (*managedgrafana.CreateWorkspaceServiceAccountOutput, error) + CreateWorkspaceServiceAccountWithContext(aws.Context, *managedgrafana.CreateWorkspaceServiceAccountInput, ...request.Option) (*managedgrafana.CreateWorkspaceServiceAccountOutput, error) + CreateWorkspaceServiceAccountRequest(*managedgrafana.CreateWorkspaceServiceAccountInput) (*request.Request, *managedgrafana.CreateWorkspaceServiceAccountOutput) + + CreateWorkspaceServiceAccountToken(*managedgrafana.CreateWorkspaceServiceAccountTokenInput) (*managedgrafana.CreateWorkspaceServiceAccountTokenOutput, error) + CreateWorkspaceServiceAccountTokenWithContext(aws.Context, *managedgrafana.CreateWorkspaceServiceAccountTokenInput, ...request.Option) (*managedgrafana.CreateWorkspaceServiceAccountTokenOutput, error) + CreateWorkspaceServiceAccountTokenRequest(*managedgrafana.CreateWorkspaceServiceAccountTokenInput) (*request.Request, *managedgrafana.CreateWorkspaceServiceAccountTokenOutput) + DeleteWorkspace(*managedgrafana.DeleteWorkspaceInput) (*managedgrafana.DeleteWorkspaceOutput, error) DeleteWorkspaceWithContext(aws.Context, *managedgrafana.DeleteWorkspaceInput, ...request.Option) (*managedgrafana.DeleteWorkspaceOutput, error) DeleteWorkspaceRequest(*managedgrafana.DeleteWorkspaceInput) (*request.Request, *managedgrafana.DeleteWorkspaceOutput) @@ -80,6 +88,14 @@ type ManagedGrafanaAPI interface { DeleteWorkspaceApiKeyWithContext(aws.Context, *managedgrafana.DeleteWorkspaceApiKeyInput, ...request.Option) (*managedgrafana.DeleteWorkspaceApiKeyOutput, error) DeleteWorkspaceApiKeyRequest(*managedgrafana.DeleteWorkspaceApiKeyInput) (*request.Request, *managedgrafana.DeleteWorkspaceApiKeyOutput) + DeleteWorkspaceServiceAccount(*managedgrafana.DeleteWorkspaceServiceAccountInput) (*managedgrafana.DeleteWorkspaceServiceAccountOutput, error) + DeleteWorkspaceServiceAccountWithContext(aws.Context, *managedgrafana.DeleteWorkspaceServiceAccountInput, ...request.Option) (*managedgrafana.DeleteWorkspaceServiceAccountOutput, error) + DeleteWorkspaceServiceAccountRequest(*managedgrafana.DeleteWorkspaceServiceAccountInput) (*request.Request, *managedgrafana.DeleteWorkspaceServiceAccountOutput) + + DeleteWorkspaceServiceAccountToken(*managedgrafana.DeleteWorkspaceServiceAccountTokenInput) (*managedgrafana.DeleteWorkspaceServiceAccountTokenOutput, error) + DeleteWorkspaceServiceAccountTokenWithContext(aws.Context, *managedgrafana.DeleteWorkspaceServiceAccountTokenInput, ...request.Option) (*managedgrafana.DeleteWorkspaceServiceAccountTokenOutput, error) + DeleteWorkspaceServiceAccountTokenRequest(*managedgrafana.DeleteWorkspaceServiceAccountTokenInput) (*request.Request, *managedgrafana.DeleteWorkspaceServiceAccountTokenOutput) + DescribeWorkspace(*managedgrafana.DescribeWorkspaceInput) (*managedgrafana.DescribeWorkspaceOutput, error) DescribeWorkspaceWithContext(aws.Context, *managedgrafana.DescribeWorkspaceInput, ...request.Option) (*managedgrafana.DescribeWorkspaceOutput, error) DescribeWorkspaceRequest(*managedgrafana.DescribeWorkspaceInput) (*request.Request, *managedgrafana.DescribeWorkspaceOutput) @@ -114,6 +130,20 @@ type ManagedGrafanaAPI interface { ListVersionsPages(*managedgrafana.ListVersionsInput, func(*managedgrafana.ListVersionsOutput, bool) bool) error ListVersionsPagesWithContext(aws.Context, *managedgrafana.ListVersionsInput, func(*managedgrafana.ListVersionsOutput, bool) bool, ...request.Option) error + ListWorkspaceServiceAccountTokens(*managedgrafana.ListWorkspaceServiceAccountTokensInput) (*managedgrafana.ListWorkspaceServiceAccountTokensOutput, error) + ListWorkspaceServiceAccountTokensWithContext(aws.Context, *managedgrafana.ListWorkspaceServiceAccountTokensInput, ...request.Option) (*managedgrafana.ListWorkspaceServiceAccountTokensOutput, error) + ListWorkspaceServiceAccountTokensRequest(*managedgrafana.ListWorkspaceServiceAccountTokensInput) (*request.Request, *managedgrafana.ListWorkspaceServiceAccountTokensOutput) + + ListWorkspaceServiceAccountTokensPages(*managedgrafana.ListWorkspaceServiceAccountTokensInput, func(*managedgrafana.ListWorkspaceServiceAccountTokensOutput, bool) bool) error + ListWorkspaceServiceAccountTokensPagesWithContext(aws.Context, *managedgrafana.ListWorkspaceServiceAccountTokensInput, func(*managedgrafana.ListWorkspaceServiceAccountTokensOutput, bool) bool, ...request.Option) error + + ListWorkspaceServiceAccounts(*managedgrafana.ListWorkspaceServiceAccountsInput) (*managedgrafana.ListWorkspaceServiceAccountsOutput, error) + ListWorkspaceServiceAccountsWithContext(aws.Context, *managedgrafana.ListWorkspaceServiceAccountsInput, ...request.Option) (*managedgrafana.ListWorkspaceServiceAccountsOutput, error) + ListWorkspaceServiceAccountsRequest(*managedgrafana.ListWorkspaceServiceAccountsInput) (*request.Request, *managedgrafana.ListWorkspaceServiceAccountsOutput) + + ListWorkspaceServiceAccountsPages(*managedgrafana.ListWorkspaceServiceAccountsInput, func(*managedgrafana.ListWorkspaceServiceAccountsOutput, bool) bool) error + ListWorkspaceServiceAccountsPagesWithContext(aws.Context, *managedgrafana.ListWorkspaceServiceAccountsInput, func(*managedgrafana.ListWorkspaceServiceAccountsOutput, bool) bool, ...request.Option) error + ListWorkspaces(*managedgrafana.ListWorkspacesInput) (*managedgrafana.ListWorkspacesOutput, error) ListWorkspacesWithContext(aws.Context, *managedgrafana.ListWorkspacesInput, ...request.Option) (*managedgrafana.ListWorkspacesOutput, error) ListWorkspacesRequest(*managedgrafana.ListWorkspacesInput) (*request.Request, *managedgrafana.ListWorkspacesOutput) diff --git a/service/medicalimaging/api.go b/service/medicalimaging/api.go index 25b4d0790e3..47aed4216da 100644 --- a/service/medicalimaging/api.go +++ b/service/medicalimaging/api.go @@ -1473,11 +1473,11 @@ func (c *MedicalImaging) SearchImageSetsRequest(input *SearchImageSetsInput) (re // Search image sets based on defined input attributes. // // SearchImageSets accepts a single search query parameter and returns a paginated -// response of all image sets that have the matching criteria. All range queries -// must be input as (lowerBound, upperBound). +// response of all image sets that have the matching criteria. All date range +// queries must be input as (lowerBound, upperBound). // -// SearchImageSets uses the updatedAt field for sorting in decreasing order -// from latest to oldest. +// By default, SearchImageSets uses the updatedAt field for sorting in descending +// order from newest to oldest. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5733,6 +5733,9 @@ type StartDICOMImportJobInput struct { // DatastoreId is a required field DatastoreId *string `location:"uri" locationName:"datastoreId" type:"string" required:"true"` + // The account ID of the source S3 bucket owner. + InputOwnerAccountId *string `locationName:"inputOwnerAccountId" min:"12" type:"string"` + // The input prefix path for the S3 bucket that contains the DICOM files to // be imported. // @@ -5785,6 +5788,9 @@ func (s *StartDICOMImportJobInput) Validate() error { if s.DatastoreId != nil && len(*s.DatastoreId) < 1 { invalidParams.Add(request.NewErrParamMinLen("DatastoreId", 1)) } + if s.InputOwnerAccountId != nil && len(*s.InputOwnerAccountId) < 12 { + invalidParams.Add(request.NewErrParamMinLen("InputOwnerAccountId", 12)) + } if s.InputS3Uri == nil { invalidParams.Add(request.NewErrParamRequired("InputS3Uri")) } @@ -5825,6 +5831,12 @@ func (s *StartDICOMImportJobInput) SetDatastoreId(v string) *StartDICOMImportJob return s } +// SetInputOwnerAccountId sets the InputOwnerAccountId field's value. +func (s *StartDICOMImportJobInput) SetInputOwnerAccountId(v string) *StartDICOMImportJobInput { + s.InputOwnerAccountId = &v + return s +} + // SetInputS3Uri sets the InputS3Uri field's value. func (s *StartDICOMImportJobInput) SetInputS3Uri(v string) *StartDICOMImportJobInput { s.InputS3Uri = &v diff --git a/service/securityhub/api.go b/service/securityhub/api.go index 55f2f18c88b..83e68b57249 100644 --- a/service/securityhub/api.go +++ b/service/securityhub/api.go @@ -9212,6 +9212,8 @@ type ActionLocalPortDetails struct { Port *int64 `type:"integer"` // The port name of the local connection. + // + // Length Constraints: 128. PortName *string `type:"string"` } @@ -9325,6 +9327,8 @@ type ActionRemotePortDetails struct { Port *int64 `type:"integer"` // The port name of the remote connection. + // + // Length Constraints: 128. PortName *string `type:"string"` } @@ -11378,6 +11382,8 @@ type AwsApiCallAction struct { AffectedResources map[string]*string `type:"map"` // The name of the API method that was issued. + // + // Length Constraints: 128. Api *string `type:"string"` // Indicates whether the API call originated from a remote IP address (remoteip) @@ -11429,6 +11435,8 @@ type AwsApiCallAction struct { RemoteIpDetails *ActionRemoteIpDetails `type:"structure"` // The name of the Amazon Web Services service that the API method belongs to. + // + // Length Constraints: 128. ServiceName *string `type:"string"` } @@ -11504,6 +11512,8 @@ type AwsApiCallActionDomainDetails struct { _ struct{} `type:"structure"` // The name of the DNS domain that issued the API call. + // + // Length Constraints: 128. Domain *string `type:"string"` } @@ -42973,10 +42983,14 @@ type AwsSecurityFinding struct { // The Amazon Web Services account ID that a finding is generated in. // + // Length Constraints: 12. + // // AwsAccountId is a required field AwsAccountId *string `type:"string" required:"true"` // The name of the Amazon Web Services account from which a finding was generated. + // + // Length Constraints: Minimum length of 1. Maximum length of 50. AwsAccountName *string `type:"string"` // The name of the company for the product that generated the finding. @@ -42987,6 +43001,8 @@ type AwsSecurityFinding struct { // // When you use the Security Hub console or API to filter findings by company // name, you use this attribute. + // + // Length Constraints: Minimum length of 1. Maximum length of 128. CompanyName *string `type:"string"` // This data type is exclusive to findings that are generated as the result @@ -43029,9 +43045,9 @@ type AwsSecurityFinding struct { // a score of 100 is reserved for the most critical resources. Criticality *int64 `type:"integer"` - // A finding's description. + // A finding's description. Description is a required property. // - // In this release, Description is a required property. + // Length Constraints: Minimum length of 1. Maximum length of 1024. // // Description is a required field Description *string `type:"string" required:"true"` @@ -43069,13 +43085,18 @@ type AwsSecurityFinding struct { // The identifier for the solution-specific component (a discrete unit of logic) // that generated a finding. In various security findings providers' solutions, - // this generator can be called a rule, a check, a detector, a plugin, etc. + // this generator can be called a rule, a check, a detector, a plugin, or something + // else. + // + // Length Constraints: Minimum length of 1. Maximum length of 512. // // GeneratorId is a required field GeneratorId *string `type:"string" required:"true"` // The security findings provider-specific identifier for a finding. // + // Length Constraints: Minimum length of 1. Maximum length of 512. + // // Id is a required field Id *string `type:"string" required:"true"` @@ -43099,6 +43120,8 @@ type AwsSecurityFinding struct { LastObservedAt *string `type:"string"` // A list of malware related to a finding. + // + // Array Members: Maximum number of 5 items. Malware []*Malware `type:"list"` // The details of network-related information about a finding. @@ -43118,7 +43141,7 @@ type AwsSecurityFinding struct { // The details of process-related information about a finding. Process *ProcessDetails `type:"structure"` - // A imestamp that indicates when Security Hub received a finding and begins + // A timestamp that indicates when Security Hub received a finding and begins // to process it. // // This field accepts only the specified formats. Timestamps can end with Z @@ -43141,6 +43164,8 @@ type AwsSecurityFinding struct { // generates findings. This can be the ARN for a third-party product that is // integrated with Security Hub, or the ARN for a custom integration. // + // Length Constraints: Minimum length of 12. Maximum length of 2048. + // // ProductArn is a required field ProductArn *string `type:"string" required:"true"` @@ -43159,6 +43184,8 @@ type AwsSecurityFinding struct { // // When you use the Security Hub console or API to filter findings by product // name, you use this attribute. + // + // Length Constraints: Minimum length of 1. Maximum length of 128. ProductName *string `type:"string"` // The record state of a finding. @@ -43168,9 +43195,13 @@ type AwsSecurityFinding struct { // // Security Hub populates this attribute automatically for each finding. You // cannot update it using BatchImportFindings or BatchUpdateFindings. + // + // Length Constraints: Minimum length of 1. Maximum length of 16. Region *string `type:"string"` // A list of related findings. + // + // Array Members: Minimum number of 1 item. Maximum number of 10 items. RelatedFindings []*RelatedFinding `type:"list"` // A data type that describes the remediation options for a finding. @@ -43179,13 +43210,15 @@ type AwsSecurityFinding struct { // A set of resource data types that describe the resources that the finding // refers to. // + // Array Members: Minimum number of 1 item. Maximum number of 32 items. + // // Resources is a required field Resources []*Resource `type:"list" required:"true"` // Indicates whether the finding is a sample finding. Sample *bool `type:"boolean"` - // The schema version that a finding is formatted for. + // The schema version that a finding is formatted for. The value is 2018-10-08. // // SchemaVersion is a required field SchemaVersion *string `type:"string" required:"true"` @@ -43198,15 +43231,19 @@ type AwsSecurityFinding struct { SourceUrl *string `type:"string"` // Threat intelligence details related to a finding. + // + // Array Members: Minimum number of 1 item. Maximum number of 5 items. ThreatIntelIndicators []*ThreatIntelIndicator `type:"list"` // Details about the threat detected in a security finding and the file paths // that were affected by the threat. + // + // Array Members: Minimum number of 1 item. Maximum number of 32 items. Threats []*Threat `type:"list"` - // A finding's title. + // A finding's title. Title is a required property. // - // In this release, Title is a required property. + // Length Constraints: Minimum length of 1. Maximum length of 256. // // Title is a required field Title *string `type:"string" required:"true"` @@ -43216,6 +43253,8 @@ type AwsSecurityFinding struct { // // Valid namespace values are: Software and Configuration Checks | TTPs | Effects // | Unusual Behaviors | Sensitive Data Identifications + // + // Array Members: Maximum number of 50 items. Types []*string `type:"list"` // Indicates when the security findings provider last updated the finding record. @@ -43240,6 +43279,9 @@ type AwsSecurityFinding struct { // A list of name/value string pairs associated with the finding. These are // custom, user-defined fields added to a finding. + // + // Can contain up to 50 key-value pairs. For each key-value pair, the key can + // contain up to 128 characters, and the value can contain up to 1024 characters. UserDefinedFields map[string]*string `type:"map"` // Indicates the veracity of a finding. @@ -49419,6 +49461,8 @@ type Compliance struct { // For a control, the industry or regulatory framework requirements that are // related to the control. The check for that control is aligned with these // requirements. + // + // Array Members: Maximum number of 32 items. RelatedRequirements []*string `type:"list"` // The unique identifier of a control across standards. Values for this field @@ -49437,8 +49481,9 @@ type Compliance struct { // configuration. FAILED - Standards check failed for at least one evaluated // resource. NOT_AVAILABLE - Check could not be performed due to a service // outage, API error, or because the result of the Config evaluation was - // NOT_APPLICABLE. If the Config evaluation result was NOT_APPLICABLE, then - // after 3 days, Security Hub automatically archives the finding. + // NOT_APPLICABLE. If the Config evaluation result was NOT_APPLICABLE for + // a Security Hub control, Security Hub automatically archives the finding + // after 3 days. Status *string `type:"string" enum:"ComplianceStatus"` // For findings generated from controls, a list of reasons behind the value @@ -52674,9 +52719,13 @@ type DnsRequestAction struct { Blocked *bool `type:"boolean"` // The DNS domain that is associated with the DNS request. + // + // Length Constraints: 128. Domain *string `type:"string"` // The protocol that was used for the DNS request. + // + // Length Constraints: Minimum length of 1. Maximum length of 64. Protocol *string `type:"string"` } @@ -53110,15 +53159,23 @@ type FilePaths struct { _ struct{} `type:"structure"` // The name of the infected or suspicious file corresponding to the hash. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. FileName *string `type:"string"` // Path to the infected or suspicious file on the resource it was detected on. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. FilePath *string `type:"string"` // The hash value for the infected or suspicious file. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. Hash *string `type:"string"` // The Amazon Resource Name (ARN) of the resource on which the threat was detected. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. ResourceId *string `type:"string"` } @@ -53514,6 +53571,8 @@ type FindingProviderSeverity struct { Label *string `type:"string" enum:"SeverityLabel"` // The finding provider's original value for the severity. + // + // Length Constraints: Minimum length of 1. Maximum length of 64. Original *string `type:"string"` } @@ -53750,6 +53809,8 @@ type GeneratorDetails struct { Description *string `type:"string"` // An array of tags used to identify the detector associated with the finding. + // + // Array Members: Minimum number of 0 items. Maximum number of 10 items. Labels []*string `type:"list"` // The name of the detector used to identify the code vulnerability. @@ -57341,10 +57402,14 @@ type Malware struct { // The name of the malware that was observed. // + // Length Constraints: Minimum of 1. Maximum of 64. + // // Name is a required field Name *string `type:"string" required:"true"` // The file system path of the malware that was observed. + // + // Length Constraints: Minimum of 1. Maximum of 512. Path *string `type:"string"` // The state of the malware that was observed. @@ -57636,6 +57701,8 @@ type Network struct { _ struct{} `type:"structure"` // The destination domain of network-related information about a finding. + // + // Length Constraints: Minimum of 1. Maximum of 128. DestinationDomain *string `type:"string"` // The destination IPv4 address of network-related information about a finding. @@ -57654,9 +57721,13 @@ type Network struct { OpenPortRange *PortRange `type:"structure"` // The protocol of network-related information about a finding. + // + // Length Constraints: Minimum of 1. Maximum of 16. Protocol *string `type:"string"` // The source domain of network-related information about a finding. + // + // Length Constraints: Minimum of 1. Maximum of 128. SourceDomain *string `type:"string"` // The source IPv4 address of network-related information about a finding. @@ -57778,6 +57849,8 @@ type NetworkConnectionAction struct { LocalPortDetails *ActionLocalPortDetails `type:"structure"` // The protocol used to make the network connection request. + // + // Length Constraints: Minimum length of 1. Maximum length of 64. Protocol *string `type:"string"` // Information about the remote IP address that issued the network connection @@ -57851,6 +57924,8 @@ type NetworkHeader struct { Destination *NetworkPathComponentDetails `type:"structure"` // The protocol used for the component. + // + // Length Constraints: Minimum of 1. Maximum of 16. Protocol *string `type:"string"` // Information about the origin of the component. @@ -57898,9 +57973,13 @@ type NetworkPathComponent struct { _ struct{} `type:"structure"` // The identifier of a component in the network path. + // + // Length Constraints: Minimum of 1. Maximum of 32. ComponentId *string `type:"string"` // The type of component. + // + // Length Constraints: Minimum of 1. Maximum of 32. ComponentType *string `type:"string"` // Information about the component that comes after the current component in @@ -58001,6 +58080,8 @@ type Note struct { // The text of a note. // + // Length Constraints: Minimum of 1. Maximum of 512. + // // Text is a required field Text *string `type:"string" required:"true"` @@ -58627,34 +58708,50 @@ type PatchSummary struct { _ struct{} `type:"structure"` // The number of patches from the compliance standard that failed to install. + // + // The value can be an integer from 0 to 100000. FailedCount *int64 `type:"integer"` // The identifier of the compliance standard that was used to determine the // patch compliance status. // + // Length Constraints: Minimum length of 1. Maximum length of 256. + // // Id is a required field Id *string `type:"string" required:"true"` // The number of patches from the compliance standard that were installed successfully. + // + // The value can be an integer from 0 to 100000. InstalledCount *int64 `type:"integer"` // The number of installed patches that are not part of the compliance standard. + // + // The value can be an integer from 0 to 100000. InstalledOtherCount *int64 `type:"integer"` // The number of patches that were applied, but that require the instance to // be rebooted in order to be marked as installed. + // + // The value can be an integer from 0 to 100000. InstalledPendingReboot *int64 `type:"integer"` // The number of patches that are installed but are also on a list of patches // that the customer rejected. + // + // The value can be an integer from 0 to 100000. InstalledRejectedCount *int64 `type:"integer"` // The number of patches that are part of the compliance standard but are not // installed. The count includes patches that failed to install. + // + // The value can be an integer from 0 to 100000. MissingCount *int64 `type:"integer"` // The type of patch operation performed. For Patch Manager, the values are // SCAN and INSTALL. + // + // Length Constraints: Minimum length of 1. Maximum length of 256. Operation *string `type:"string"` // Indicates when the operation completed. @@ -58694,6 +58791,8 @@ type PatchSummary struct { OperationStartTime *string `type:"string"` // The reboot option specified for the instance. + // + // Length Constraints: Minimum length of 1. Maximum length of 256. RebootOption *string `type:"string"` } @@ -59047,6 +59146,8 @@ type ProcessDetails struct { LaunchedAt *string `type:"string"` // The name of the process. + // + // Length Constraints: Minimum of 1. Maximum of 64. Name *string `type:"string"` // The parent process ID. This field accepts positive integers between O and @@ -59054,6 +59155,8 @@ type ProcessDetails struct { ParentPid *int64 `type:"integer"` // The path to the process executable. + // + // Length Constraints: Minimum of 1. Maximum of 512. Path *string `type:"string"` // The process ID. @@ -59345,6 +59448,8 @@ type Recommendation struct { // Describes the recommended steps to take to remediate an issue identified // in a finding. + // + // Length Constraints: Minimum of 1 length. Maximum of 512 length. Text *string `type:"string"` // A URL to a page or site that contains information about how to remediate @@ -59547,6 +59652,8 @@ type Resource struct { // The canonical Amazon Web Services external Region name where this resource // is located. + // + // Length Constraints: Minimum length of 1. Maximum length of 16. Region *string `type:"string"` // Identifies the role of the resource in the finding. A resource is either @@ -59554,7 +59661,8 @@ type Resource struct { ResourceRole *string `type:"string"` // A list of Amazon Web Services tags associated with a resource at the time - // the finding was processed. + // the finding was processed. Tags must follow Amazon Web Services tag naming + // limits and requirements (https://docs.aws.amazon.com/tag-editor/latest/userguide/tagging.html#tag-conventions). Tags map[string]*string `type:"map"` // The type of the resource that details are provided for. If possible, set @@ -59564,6 +59672,8 @@ type Resource struct { // If the resource does not match any of the provided types, then set Type to // Other. // + // Length Constraints: Minimum length of 1. Maximum length of 256. + // // Type is a required field Type *string `type:"string" required:"true"` } @@ -62615,6 +62725,8 @@ type Severity struct { // Deprecated. The normalized severity of a finding. Instead of providing Normalized, // provide Label. // + // The value of Normalized can be an integer between 0 and 100. + // // If you provide Label and do not provide Normalized, then Normalized is set // automatically as follows. // @@ -62630,6 +62742,8 @@ type Severity struct { Normalized *int64 `type:"integer"` // The native severity from the finding product that generated the finding. + // + // Length Constraints: Minimum length of 1. Maximum length of 64. Original *string `type:"string"` // Deprecated. This attribute isn't included in findings. Instead of providing @@ -64508,15 +64622,21 @@ type Threat struct { _ struct{} `type:"structure"` // Provides information about the file paths that were affected by the threat. + // + // Array Members: Minimum number of 1 item. Maximum number of 5 items. FilePaths []*FilePaths `type:"list"` // This total number of items in which the threat has been detected. ItemCount *int64 `type:"integer"` // The name of the threat. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. Name *string `type:"string"` // The severity of the threat. + // + // Length Constraints: Minimum of 1 length. Maximum of 128 length. Severity *string `type:"string"` } @@ -64589,6 +64709,8 @@ type ThreatIntelIndicator struct { LastObservedAt *string `type:"string"` // The source of the threat intelligence indicator. + // + // Length Constraints: Minimum of 1 length. Maximum of 64 length. Source *string `type:"string"` // The URL to the page or site where you can get more information about the @@ -64599,6 +64721,8 @@ type ThreatIntelIndicator struct { Type *string `type:"string" enum:"ThreatIntelIndicatorType"` // The value of a threat intelligence indicator. + // + // Length Constraints: Minimum of 1 length. Maximum of 512 length. Value *string `type:"string"` }