aws-sdk-core 3.251.0 → 3.252.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ecf99427b1716ed51214604de9538ab9901b0d17fb5a5d62282740b7925de8aa
-  data.tar.gz: 238136e308696d22945157ca92be189295ff42b716a9bed22861e1361c8c052c
+  metadata.gz: 96694b8f2f5836a441a97a28c54192ac0c7ecd4bc17ce0e7f38aa1979f4b44ce
+  data.tar.gz: 22beaae2d0474238fb04148a1b388ce0de31efa1f8f2ac5c7daff1315cfbb44f
 SHA512:
-  metadata.gz: ddd7a5d0d8fb62f8e7d3dd612ff2a2b4231ee18ac317a1061d13ada4526d1fc05e7c4323344fe0c4c06437b72e1e6e1e2212bf4f424710668afdcbb9c22a38d6
-  data.tar.gz: 0d3d1b1109b28de4900a27c6e3955bddaa651a2031c238dee600f923d0dda6eff1cdd970100ef40edf945aa28be85130becc4893adcf28256a11a5500658d675
+  metadata.gz: 40fa25ff493916dd88b63b5bc77f18675e066fbf74a38773adee76b1ec6b4376430d03fb53697ddb0759e11c41815e54c7e30bba71cd0622571f1ae18a47a2d8
+  data.tar.gz: c81b88488d9029025ecec32d86b9fd83ae71b8e144025eaf859227e75996d8f9b1bce06ee375de7f9ac00eea06d36a48744f79b49db4ab3b636596fbcf2a8d19

data/CHANGELOG.md

@@ -1,6 +1,13 @@
 Unreleased Changes
 ------------------
 
+3.252.0 (2026-06-10)
+------------------
+
+* Feature - Updated Aws::Signin::Client with the latest API changes.
+
+* Feature - AWS Sign-In now allows customers to control access to the AWS Management Console using resource-based policies. With this release customers can restrict console access based on network perimeters such as VPC IDs, VPC endpoints, and IP addresses.
+
 3.251.0 (2026-06-02)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-3.251.0
+3.252.0

data/lib/aws-sdk-signin/client.rb

@@ -559,6 +559,267 @@ module Aws::Signin
       req.send_request(options)
     end
 
+    # Delete console authorization configuration with automatic scope
+    # detection
+    #
+    # @option params [String] :target_id
+    #   Target account identifier
+    #
+    # @return [Types::DeleteConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeleteConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
+    #   * {Types::DeleteConsoleAuthorizationConfigurationOutput#scope #scope} => String
+    #   * {Types::DeleteConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_console_authorization_configuration({
+    #     target_id: "TargetId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.target_id #=> String
+    #   resp.scope #=> String
+    #   resp.console_authorization_enabled #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/DeleteConsoleAuthorizationConfiguration AWS API Documentation
+    #
+    # @overload delete_console_authorization_configuration(params = {})
+    # @param [Hash] params ({})
+    def delete_console_authorization_configuration(params = {}, options = {})
+      req = build_request(:delete_console_authorization_configuration, params)
+      req.send_request(options)
+    end
+
+    # Remove a permission statement from the account's SignIn
+    # resource-based policy
+    #
+    # @option params [required, String] :statement_id
+    #   Unique identifier of the permission statement to delete
+    #
+    # @option params [String] :client_token
+    #   Idempotency token for the request
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_resource_permission_statement({
+    #     statement_id: "StatementId", # required
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/DeleteResourcePermissionStatement AWS API Documentation
+    #
+    # @overload delete_resource_permission_statement(params = {})
+    # @param [Hash] params ({})
+    def delete_resource_permission_statement(params = {}, options = {})
+      req = build_request(:delete_resource_permission_statement, params)
+      req.send_request(options)
+    end
+
+    # Get console authorization configuration with automatic scope detection
+    #
+    # @option params [String] :target_id
+    #   Target account identifier
+    #
+    # @return [Types::GetConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
+    #   * {Types::GetConsoleAuthorizationConfigurationOutput#scope #scope} => String
+    #   * {Types::GetConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_console_authorization_configuration({
+    #     target_id: "TargetId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.target_id #=> String
+    #   resp.scope #=> String
+    #   resp.console_authorization_enabled #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/GetConsoleAuthorizationConfiguration AWS API Documentation
+    #
+    # @overload get_console_authorization_configuration(params = {})
+    # @param [Hash] params ({})
+    def get_console_authorization_configuration(params = {}, options = {})
+      req = build_request(:get_console_authorization_configuration, params)
+      req.send_request(options)
+    end
+
+    # Retrieve the account's consolidated SignIn resource-based policy
+    #
+    # @return [Types::GetResourcePolicyOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetResourcePolicyOutput#signin_resource_based_policy #signin_resource_based_policy} => Types::SigninResourceBasedPolicy
+    #
+    # @example Response structure
+    #
+    #   resp.signin_resource_based_policy.version #=> String
+    #   resp.signin_resource_based_policy.statement #=> Array
+    #   resp.signin_resource_based_policy.statement[0].effect #=> String
+    #   resp.signin_resource_based_policy.statement[0].principal #=> Hash
+    #   resp.signin_resource_based_policy.statement[0].principal["String"] #=> String
+    #   resp.signin_resource_based_policy.statement[0].action #=> Array
+    #   resp.signin_resource_based_policy.statement[0].action[0] #=> String
+    #   resp.signin_resource_based_policy.statement[0].resource #=> String
+    #   resp.signin_resource_based_policy.statement[0].condition #=> Hash
+    #   resp.signin_resource_based_policy.statement[0].condition["ConditionType"] #=> Hash
+    #   resp.signin_resource_based_policy.statement[0].condition["ConditionType"]["String"] #=> Array
+    #   resp.signin_resource_based_policy.statement[0].condition["ConditionType"]["String"][0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/GetResourcePolicy AWS API Documentation
+    #
+    # @overload get_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def get_resource_policy(params = {}, options = {})
+      req = build_request(:get_resource_policy, params)
+      req.send_request(options)
+    end
+
+    # Retrieve all permission statements in the account's SignIn
+    # resource-based policy
+    #
+    # @option params [Integer] :max_results
+    #   Maximum number of results to return
+    #
+    # @option params [String] :next_token
+    #   Token for pagination
+    #
+    # @return [Types::ListResourcePermissionStatementsOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListResourcePermissionStatementsOutput#permission_statements #permission_statements} => Array<Types::PermissionStatementSummary>
+    #   * {Types::ListResourcePermissionStatementsOutput#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_resource_permission_statements({
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.permission_statements #=> Array
+    #   resp.permission_statements[0].sid #=> String
+    #   resp.permission_statements[0].condition #=> Hash
+    #   resp.permission_statements[0].condition["ConditionType"] #=> Hash
+    #   resp.permission_statements[0].condition["ConditionType"]["String"] #=> Array
+    #   resp.permission_statements[0].condition["ConditionType"]["String"][0] #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/ListResourcePermissionStatements AWS API Documentation
+    #
+    # @overload list_resource_permission_statements(params = {})
+    # @param [Hash] params ({})
+    def list_resource_permission_statements(params = {}, options = {})
+      req = build_request(:list_resource_permission_statements, params)
+      req.send_request(options)
+    end
+
+    # Enable console authorization configuration with automatic scope
+    # detection
+    #
+    # @option params [String] :target_id
+    #   Target account identifier
+    #
+    # @return [Types::PutConsoleAuthorizationConfigurationOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutConsoleAuthorizationConfigurationOutput#target_id #target_id} => String
+    #   * {Types::PutConsoleAuthorizationConfigurationOutput#scope #scope} => String
+    #   * {Types::PutConsoleAuthorizationConfigurationOutput#console_authorization_enabled #console_authorization_enabled} => Boolean
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_console_authorization_configuration({
+    #     target_id: "TargetId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.target_id #=> String
+    #   resp.scope #=> String
+    #   resp.console_authorization_enabled #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/PutConsoleAuthorizationConfiguration AWS API Documentation
+    #
+    # @overload put_console_authorization_configuration(params = {})
+    # @param [Hash] params ({})
+    def put_console_authorization_configuration(params = {}, options = {})
+      req = build_request(:put_console_authorization_configuration, params)
+      req.send_request(options)
+    end
+
+    # Create a permission statement in the account's SignIn resource-based
+    # policy
+    #
+    # @option params [String] :source_vpc
+    #   VPC identifier to restrict console access
+    #
+    # @option params [String] :signin_source_vpce
+    #   SignIn VPC endpoint identifier
+    #
+    # @option params [String] :console_source_vpce
+    #   Console VPC endpoint identifier
+    #
+    # @option params [String] :vpc_source_ip
+    #   Source IP address within VPC
+    #
+    # @option params [String] :source_ip
+    #   Source IP address
+    #
+    # @option params [String] :requested_region
+    #   AWS region where the VPC and VPC endpoint reside Required when
+    #   sourceVpc or signinSourceVpce/consoleSourceVpce is provided
+    #
+    # @option params [String] :excluded_principal
+    #   Principal to exclude from the permission statement
+    #
+    # @option params [String] :client_token
+    #   Idempotency token for the request
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Types::PutResourcePermissionStatementOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutResourcePermissionStatementOutput#statement_id #statement_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_resource_permission_statement({
+    #     source_vpc: "SourceVpc",
+    #     signin_source_vpce: "SourceVpce",
+    #     console_source_vpce: "SourceVpce",
+    #     vpc_source_ip: "VpcSourceIp",
+    #     source_ip: "SourceIp",
+    #     requested_region: "RequestedRegion",
+    #     excluded_principal: "ExcludedPrincipal",
+    #     client_token: "ClientToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.statement_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/signin-2023-01-01/PutResourcePermissionStatement AWS API Documentation
+    #
+    # @overload put_resource_permission_statement(params = {})
+    # @param [Hash] params ({})
+    def put_resource_permission_statement(params = {}, options = {})
+      req = build_request(:put_resource_permission_statement, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -577,7 +838,7 @@ module Aws::Signin
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-core'
-      context[:gem_version] = '3.251.0'
+      context[:gem_version] = '3.252.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-signin/client_api.rb

@@ -17,23 +17,63 @@ module Aws::Signin
     AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
     AccessToken = Shapes::StructureShape.new(name: 'AccessToken')
     AuthorizationCode = Shapes::StringShape.new(name: 'AuthorizationCode')
+    Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     ClientId = Shapes::StringShape.new(name: 'ClientId')
+    ClientToken = Shapes::StringShape.new(name: 'ClientToken')
     CodeVerifier = Shapes::StringShape.new(name: 'CodeVerifier')
+    Condition = Shapes::MapShape.new(name: 'Condition')
+    ConditionBlock = Shapes::MapShape.new(name: 'ConditionBlock')
+    ConditionType = Shapes::StringShape.new(name: 'ConditionType')
+    ConditionValues = Shapes::ListShape.new(name: 'ConditionValues')
+    ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
+    ConsolePermissionMaxResults = Shapes::IntegerShape.new(name: 'ConsolePermissionMaxResults')
     CreateOAuth2TokenRequest = Shapes::StructureShape.new(name: 'CreateOAuth2TokenRequest')
     CreateOAuth2TokenRequestBody = Shapes::StructureShape.new(name: 'CreateOAuth2TokenRequestBody')
     CreateOAuth2TokenResponse = Shapes::StructureShape.new(name: 'CreateOAuth2TokenResponse')
     CreateOAuth2TokenResponseBody = Shapes::StructureShape.new(name: 'CreateOAuth2TokenResponseBody')
+    DeleteConsoleAuthorizationConfigurationInput = Shapes::StructureShape.new(name: 'DeleteConsoleAuthorizationConfigurationInput')
+    DeleteConsoleAuthorizationConfigurationOutput = Shapes::StructureShape.new(name: 'DeleteConsoleAuthorizationConfigurationOutput')
+    DeleteResourcePermissionStatementInput = Shapes::StructureShape.new(name: 'DeleteResourcePermissionStatementInput')
+    DeleteResourcePermissionStatementOutput = Shapes::StructureShape.new(name: 'DeleteResourcePermissionStatementOutput')
+    ExcludedPrincipal = Shapes::StringShape.new(name: 'ExcludedPrincipal')
     ExpiresIn = Shapes::IntegerShape.new(name: 'ExpiresIn')
+    GetConsoleAuthorizationConfigurationInput = Shapes::StructureShape.new(name: 'GetConsoleAuthorizationConfigurationInput')
+    GetConsoleAuthorizationConfigurationOutput = Shapes::StructureShape.new(name: 'GetConsoleAuthorizationConfigurationOutput')
+    GetResourcePolicyInput = Shapes::StructureShape.new(name: 'GetResourcePolicyInput')
+    GetResourcePolicyOutput = Shapes::StructureShape.new(name: 'GetResourcePolicyOutput')
     GrantType = Shapes::StringShape.new(name: 'GrantType')
     IdToken = Shapes::StringShape.new(name: 'IdToken')
     InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
+    ListResourcePermissionStatementsInput = Shapes::StructureShape.new(name: 'ListResourcePermissionStatementsInput')
+    ListResourcePermissionStatementsOutput = Shapes::StructureShape.new(name: 'ListResourcePermissionStatementsOutput')
+    NextToken = Shapes::StringShape.new(name: 'NextToken')
     OAuth2ErrorCode = Shapes::StringShape.new(name: 'OAuth2ErrorCode')
+    PermissionStatementSummaries = Shapes::ListShape.new(name: 'PermissionStatementSummaries')
+    PermissionStatementSummary = Shapes::StructureShape.new(name: 'PermissionStatementSummary')
+    PolicyActions = Shapes::ListShape.new(name: 'PolicyActions')
+    PolicyStatement = Shapes::StructureShape.new(name: 'PolicyStatement')
+    PolicyStatements = Shapes::ListShape.new(name: 'PolicyStatements')
+    Principal = Shapes::MapShape.new(name: 'Principal')
+    PutConsoleAuthorizationConfigurationInput = Shapes::StructureShape.new(name: 'PutConsoleAuthorizationConfigurationInput')
+    PutConsoleAuthorizationConfigurationOutput = Shapes::StructureShape.new(name: 'PutConsoleAuthorizationConfigurationOutput')
+    PutResourcePermissionStatementInput = Shapes::StructureShape.new(name: 'PutResourcePermissionStatementInput')
+    PutResourcePermissionStatementOutput = Shapes::StructureShape.new(name: 'PutResourcePermissionStatementOutput')
     RedirectUri = Shapes::StringShape.new(name: 'RedirectUri')
     RefreshToken = Shapes::StringShape.new(name: 'RefreshToken')
+    RequestedRegion = Shapes::StringShape.new(name: 'RequestedRegion')
+    ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
+    ServiceQuotaExceededException = Shapes::StructureShape.new(name: 'ServiceQuotaExceededException')
+    SigninResourceBasedPolicy = Shapes::StructureShape.new(name: 'SigninResourceBasedPolicy')
+    SourceIp = Shapes::StringShape.new(name: 'SourceIp')
+    SourceVpc = Shapes::StringShape.new(name: 'SourceVpc')
+    SourceVpce = Shapes::StringShape.new(name: 'SourceVpce')
+    StatementId = Shapes::StringShape.new(name: 'StatementId')
     String = Shapes::StringShape.new(name: 'String')
+    TargetId = Shapes::StringShape.new(name: 'TargetId')
     TokenType = Shapes::StringShape.new(name: 'TokenType')
     TooManyRequestsError = Shapes::StructureShape.new(name: 'TooManyRequestsError')
     ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
+    VpcSourceIp = Shapes::StringShape.new(name: 'VpcSourceIp')
 
     AccessDeniedException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
     AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
@@ -44,6 +84,18 @@ module Aws::Signin
     AccessToken.add_member(:session_token, Shapes::ShapeRef.new(shape: String, required: true, location_name: "sessionToken"))
     AccessToken.struct_class = Types::AccessToken
 
+    Condition.key = Shapes::ShapeRef.new(shape: String)
+    Condition.value = Shapes::ShapeRef.new(shape: ConditionValues)
+
+    ConditionBlock.key = Shapes::ShapeRef.new(shape: ConditionType)
+    ConditionBlock.value = Shapes::ShapeRef.new(shape: Condition)
+
+    ConditionValues.member = Shapes::ShapeRef.new(shape: String)
+
+    ConflictException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    ConflictException.struct_class = Types::ConflictException
+
     CreateOAuth2TokenRequest.add_member(:token_input, Shapes::ShapeRef.new(shape: CreateOAuth2TokenRequestBody, required: true, location_name: "tokenInput"))
     CreateOAuth2TokenRequest.struct_class = Types::CreateOAuth2TokenRequest
     CreateOAuth2TokenRequest[:payload] = :token_input
@@ -69,10 +121,98 @@ module Aws::Signin
     CreateOAuth2TokenResponseBody.add_member(:id_token, Shapes::ShapeRef.new(shape: IdToken, location_name: "idToken"))
     CreateOAuth2TokenResponseBody.struct_class = Types::CreateOAuth2TokenResponseBody
 
+    DeleteConsoleAuthorizationConfigurationInput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, location_name: "targetId"))
+    DeleteConsoleAuthorizationConfigurationInput.struct_class = Types::DeleteConsoleAuthorizationConfigurationInput
+
+    DeleteConsoleAuthorizationConfigurationOutput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, required: true, location_name: "targetId"))
+    DeleteConsoleAuthorizationConfigurationOutput.add_member(:scope, Shapes::ShapeRef.new(shape: String, required: true, location_name: "scope"))
+    DeleteConsoleAuthorizationConfigurationOutput.add_member(:console_authorization_enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "consoleAuthorizationEnabled"))
+    DeleteConsoleAuthorizationConfigurationOutput.struct_class = Types::DeleteConsoleAuthorizationConfigurationOutput
+
+    DeleteResourcePermissionStatementInput.add_member(:statement_id, Shapes::ShapeRef.new(shape: StatementId, required: true, location_name: "statementId"))
+    DeleteResourcePermissionStatementInput.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken" => true}))
+    DeleteResourcePermissionStatementInput.struct_class = Types::DeleteResourcePermissionStatementInput
+
+    DeleteResourcePermissionStatementOutput.struct_class = Types::DeleteResourcePermissionStatementOutput
+
+    GetConsoleAuthorizationConfigurationInput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, location_name: "targetId"))
+    GetConsoleAuthorizationConfigurationInput.struct_class = Types::GetConsoleAuthorizationConfigurationInput
+
+    GetConsoleAuthorizationConfigurationOutput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, required: true, location_name: "targetId"))
+    GetConsoleAuthorizationConfigurationOutput.add_member(:scope, Shapes::ShapeRef.new(shape: String, required: true, location_name: "scope"))
+    GetConsoleAuthorizationConfigurationOutput.add_member(:console_authorization_enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "consoleAuthorizationEnabled"))
+    GetConsoleAuthorizationConfigurationOutput.struct_class = Types::GetConsoleAuthorizationConfigurationOutput
+
+    GetResourcePolicyInput.struct_class = Types::GetResourcePolicyInput
+
+    GetResourcePolicyOutput.add_member(:signin_resource_based_policy, Shapes::ShapeRef.new(shape: SigninResourceBasedPolicy, required: true, location_name: "signinResourceBasedPolicy"))
+    GetResourcePolicyOutput.struct_class = Types::GetResourcePolicyOutput
+
     InternalServerException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
     InternalServerException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
     InternalServerException.struct_class = Types::InternalServerException
 
+    ListResourcePermissionStatementsInput.add_member(:max_results, Shapes::ShapeRef.new(shape: ConsolePermissionMaxResults, location_name: "maxResults"))
+    ListResourcePermissionStatementsInput.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "nextToken"))
+    ListResourcePermissionStatementsInput.struct_class = Types::ListResourcePermissionStatementsInput
+
+    ListResourcePermissionStatementsOutput.add_member(:permission_statements, Shapes::ShapeRef.new(shape: PermissionStatementSummaries, required: true, location_name: "permissionStatements"))
+    ListResourcePermissionStatementsOutput.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "nextToken"))
+    ListResourcePermissionStatementsOutput.struct_class = Types::ListResourcePermissionStatementsOutput
+
+    PermissionStatementSummaries.member = Shapes::ShapeRef.new(shape: PermissionStatementSummary)
+
+    PermissionStatementSummary.add_member(:sid, Shapes::ShapeRef.new(shape: StatementId, required: true, location_name: "sid"))
+    PermissionStatementSummary.add_member(:condition, Shapes::ShapeRef.new(shape: ConditionBlock, location_name: "condition"))
+    PermissionStatementSummary.struct_class = Types::PermissionStatementSummary
+
+    PolicyActions.member = Shapes::ShapeRef.new(shape: String)
+
+    PolicyStatement.add_member(:effect, Shapes::ShapeRef.new(shape: String, location_name: "Effect"))
+    PolicyStatement.add_member(:principal, Shapes::ShapeRef.new(shape: Principal, location_name: "Principal"))
+    PolicyStatement.add_member(:action, Shapes::ShapeRef.new(shape: PolicyActions, location_name: "Action"))
+    PolicyStatement.add_member(:resource, Shapes::ShapeRef.new(shape: String, location_name: "Resource"))
+    PolicyStatement.add_member(:condition, Shapes::ShapeRef.new(shape: ConditionBlock, location_name: "Condition"))
+    PolicyStatement.struct_class = Types::PolicyStatement
+
+    PolicyStatements.member = Shapes::ShapeRef.new(shape: PolicyStatement)
+
+    Principal.key = Shapes::ShapeRef.new(shape: String)
+    Principal.value = Shapes::ShapeRef.new(shape: String)
+
+    PutConsoleAuthorizationConfigurationInput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, location_name: "targetId"))
+    PutConsoleAuthorizationConfigurationInput.struct_class = Types::PutConsoleAuthorizationConfigurationInput
+
+    PutConsoleAuthorizationConfigurationOutput.add_member(:target_id, Shapes::ShapeRef.new(shape: TargetId, required: true, location_name: "targetId"))
+    PutConsoleAuthorizationConfigurationOutput.add_member(:scope, Shapes::ShapeRef.new(shape: String, required: true, location_name: "scope"))
+    PutConsoleAuthorizationConfigurationOutput.add_member(:console_authorization_enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "consoleAuthorizationEnabled"))
+    PutConsoleAuthorizationConfigurationOutput.struct_class = Types::PutConsoleAuthorizationConfigurationOutput
+
+    PutResourcePermissionStatementInput.add_member(:source_vpc, Shapes::ShapeRef.new(shape: SourceVpc, location_name: "sourceVpc"))
+    PutResourcePermissionStatementInput.add_member(:signin_source_vpce, Shapes::ShapeRef.new(shape: SourceVpce, location_name: "signinSourceVpce"))
+    PutResourcePermissionStatementInput.add_member(:console_source_vpce, Shapes::ShapeRef.new(shape: SourceVpce, location_name: "consoleSourceVpce"))
+    PutResourcePermissionStatementInput.add_member(:vpc_source_ip, Shapes::ShapeRef.new(shape: VpcSourceIp, location_name: "vpcSourceIp"))
+    PutResourcePermissionStatementInput.add_member(:source_ip, Shapes::ShapeRef.new(shape: SourceIp, location_name: "sourceIp"))
+    PutResourcePermissionStatementInput.add_member(:requested_region, Shapes::ShapeRef.new(shape: RequestedRegion, location_name: "requestedRegion"))
+    PutResourcePermissionStatementInput.add_member(:excluded_principal, Shapes::ShapeRef.new(shape: ExcludedPrincipal, location_name: "excludedPrincipal"))
+    PutResourcePermissionStatementInput.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, location_name: "clientToken", metadata: {"idempotencyToken" => true}))
+    PutResourcePermissionStatementInput.struct_class = Types::PutResourcePermissionStatementInput
+
+    PutResourcePermissionStatementOutput.add_member(:statement_id, Shapes::ShapeRef.new(shape: StatementId, required: true, location_name: "statementId"))
+    PutResourcePermissionStatementOutput.struct_class = Types::PutResourcePermissionStatementOutput
+
+    ResourceNotFoundException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
+
+    ServiceQuotaExceededException.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
+    ServiceQuotaExceededException.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
+    ServiceQuotaExceededException.struct_class = Types::ServiceQuotaExceededException
+
+    SigninResourceBasedPolicy.add_member(:version, Shapes::ShapeRef.new(shape: String, location_name: "Version"))
+    SigninResourceBasedPolicy.add_member(:statement, Shapes::ShapeRef.new(shape: PolicyStatements, location_name: "Statement"))
+    SigninResourceBasedPolicy.struct_class = Types::SigninResourceBasedPolicy
+
     TooManyRequestsError.add_member(:error, Shapes::ShapeRef.new(shape: OAuth2ErrorCode, required: true, location_name: "error"))
     TooManyRequestsError.add_member(:message, Shapes::ShapeRef.new(shape: String, required: true, location_name: "message"))
     TooManyRequestsError.struct_class = Types::TooManyRequestsError
@@ -113,6 +253,104 @@ module Aws::Signin
         o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
+
+      api.add_operation(:delete_console_authorization_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteConsoleAuthorizationConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/delete-console-authorization-configuration"
+        o.input = Shapes::ShapeRef.new(shape: DeleteConsoleAuthorizationConfigurationInput)
+        o.output = Shapes::ShapeRef.new(shape: DeleteConsoleAuthorizationConfigurationOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:delete_resource_permission_statement, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteResourcePermissionStatement"
+        o.http_method = "POST"
+        o.http_request_uri = "/delete-resource-permission-statement"
+        o.input = Shapes::ShapeRef.new(shape: DeleteResourcePermissionStatementInput)
+        o.output = Shapes::ShapeRef.new(shape: DeleteResourcePermissionStatementOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:get_console_authorization_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetConsoleAuthorizationConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/get-console-authorization-configuration"
+        o.input = Shapes::ShapeRef.new(shape: GetConsoleAuthorizationConfigurationInput)
+        o.output = Shapes::ShapeRef.new(shape: GetConsoleAuthorizationConfigurationOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:get_resource_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetResourcePolicy"
+        o.http_method = "POST"
+        o.http_request_uri = "/get-resource-policy"
+        o.input = Shapes::ShapeRef.new(shape: GetResourcePolicyInput)
+        o.output = Shapes::ShapeRef.new(shape: GetResourcePolicyOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:list_resource_permission_statements, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListResourcePermissionStatements"
+        o.http_method = "POST"
+        o.http_request_uri = "/list-resource-permission-statements"
+        o.input = Shapes::ShapeRef.new(shape: ListResourcePermissionStatementsInput)
+        o.output = Shapes::ShapeRef.new(shape: ListResourcePermissionStatementsOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
+
+      api.add_operation(:put_console_authorization_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutConsoleAuthorizationConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/put-console-authorization-configuration"
+        o.input = Shapes::ShapeRef.new(shape: PutConsoleAuthorizationConfigurationInput)
+        o.output = Shapes::ShapeRef.new(shape: PutConsoleAuthorizationConfigurationOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:put_resource_permission_statement, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutResourcePermissionStatement"
+        o.http_method = "POST"
+        o.http_request_uri = "/put-resource-permission-statement"
+        o.input = Shapes::ShapeRef.new(shape: PutResourcePermissionStatementInput)
+        o.output = Shapes::ShapeRef.new(shape: PutResourcePermissionStatementOutput)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsError)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceQuotaExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
     end
 
   end

data/lib/aws-sdk-signin/endpoint_parameters.rb

@@ -30,11 +30,17 @@ module Aws::Signin
   #
   #   @return [string]
   #
+  # @!attribute is_control_plane
+  #   Indicates if the operation targets the control plane endpoint
+  #
+  #   @return [boolean]
+  #
   EndpointParameters = Struct.new(
     :use_dual_stack,
     :use_fips,
     :endpoint,
     :region,
+    :is_control_plane,
   ) do
     include Aws::Structure
 
@@ -45,6 +51,7 @@ module Aws::Signin
         'UseFIPS' => :use_fips,
         'Endpoint' => :endpoint,
         'Region' => :region,
+        'IsControlPlane' => :is_control_plane,
       }.freeze
     end
 
@@ -55,6 +62,7 @@ module Aws::Signin
       self[:use_fips] = false if self[:use_fips].nil?
       self[:endpoint] = options[:endpoint]
       self[:region] = options[:region]
+      self[:is_control_plane] = options[:is_control_plane]
     end
 
     def self.create(config, options={})