aws-sdk-ec2 1.15.0 → 1.16.0

data/lib/aws-sdk-ec2/client_api.rb

@@ -398,6 +398,8 @@ module Aws::EC2
     DiskImageFormat = Shapes::StringShape.new(name: 'DiskImageFormat')
     DiskImageList = Shapes::ListShape.new(name: 'DiskImageList')
     DiskImageVolumeDescription = Shapes::StructureShape.new(name: 'DiskImageVolumeDescription')
+    DnsEntry = Shapes::StructureShape.new(name: 'DnsEntry')
+    DnsEntrySet = Shapes::ListShape.new(name: 'DnsEntrySet')
     DomainType = Shapes::StringShape.new(name: 'DomainType')
     Double = Shapes::FloatShape.new(name: 'Double')
     EbsBlockDevice = Shapes::StructureShape.new(name: 'EbsBlockDevice')
@@ -463,6 +465,7 @@ module Aws::EC2
     GroupIdStringList = Shapes::ListShape.new(name: 'GroupIdStringList')
     GroupIdentifier = Shapes::StructureShape.new(name: 'GroupIdentifier')
     GroupIdentifierList = Shapes::ListShape.new(name: 'GroupIdentifierList')
+    GroupIdentifierSet = Shapes::ListShape.new(name: 'GroupIdentifierSet')
     GroupIds = Shapes::ListShape.new(name: 'GroupIds')
     GroupNameStringList = Shapes::ListShape.new(name: 'GroupNameStringList')
     HistoryRecord = Shapes::StructureShape.new(name: 'HistoryRecord')
@@ -828,10 +831,16 @@ module Aws::EC2
     ScheduledInstancesSecurityGroupIdSet = Shapes::ListShape.new(name: 'ScheduledInstancesSecurityGroupIdSet')
     SecurityGroup = Shapes::StructureShape.new(name: 'SecurityGroup')
     SecurityGroupIdStringList = Shapes::ListShape.new(name: 'SecurityGroupIdStringList')
+    SecurityGroupIdentifier = Shapes::StructureShape.new(name: 'SecurityGroupIdentifier')
     SecurityGroupList = Shapes::ListShape.new(name: 'SecurityGroupList')
     SecurityGroupReference = Shapes::StructureShape.new(name: 'SecurityGroupReference')
     SecurityGroupReferences = Shapes::ListShape.new(name: 'SecurityGroupReferences')
     SecurityGroupStringList = Shapes::ListShape.new(name: 'SecurityGroupStringList')
+    ServiceDetail = Shapes::StructureShape.new(name: 'ServiceDetail')
+    ServiceDetailSet = Shapes::ListShape.new(name: 'ServiceDetailSet')
+    ServiceType = Shapes::StringShape.new(name: 'ServiceType')
+    ServiceTypeDetail = Shapes::StructureShape.new(name: 'ServiceTypeDetail')
+    ServiceTypeDetailSet = Shapes::ListShape.new(name: 'ServiceTypeDetailSet')
     ShutdownBehavior = Shapes::StringShape.new(name: 'ShutdownBehavior')
     SlotDateTimeRangeRequest = Shapes::StructureShape.new(name: 'SlotDateTimeRangeRequest')
     SlotStartTimeRangeRequest = Shapes::StructureShape.new(name: 'SlotStartTimeRangeRequest')
@@ -966,6 +975,7 @@ module Aws::EC2
     VpcClassicLinkList = Shapes::ListShape.new(name: 'VpcClassicLinkList')
     VpcEndpoint = Shapes::StructureShape.new(name: 'VpcEndpoint')
     VpcEndpointSet = Shapes::ListShape.new(name: 'VpcEndpointSet')
+    VpcEndpointType = Shapes::StringShape.new(name: 'VpcEndpointType')
     VpcIdStringList = Shapes::ListShape.new(name: 'VpcIdStringList')
     VpcIpv6CidrBlockAssociation = Shapes::StructureShape.new(name: 'VpcIpv6CidrBlockAssociation')
     VpcIpv6CidrBlockAssociationSet = Shapes::ListShape.new(name: 'VpcIpv6CidrBlockAssociationSet')
@@ -1641,16 +1651,20 @@ module Aws::EC2
     CreateVolumeRequest.add_member(:tag_specifications, Shapes::ShapeRef.new(shape: TagSpecificationList, location_name: "TagSpecification"))
     CreateVolumeRequest.struct_class = Types::CreateVolumeRequest
 
-    CreateVpcEndpointRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "ClientToken"))
     CreateVpcEndpointRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
+    CreateVpcEndpointRequest.add_member(:vpc_endpoint_type, Shapes::ShapeRef.new(shape: VpcEndpointType, location_name: "VpcEndpointType"))
+    CreateVpcEndpointRequest.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VpcId"))
+    CreateVpcEndpointRequest.add_member(:service_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "ServiceName"))
     CreateVpcEndpointRequest.add_member(:policy_document, Shapes::ShapeRef.new(shape: String, location_name: "PolicyDocument"))
     CreateVpcEndpointRequest.add_member(:route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "RouteTableId"))
-    CreateVpcEndpointRequest.add_member(:service_name, Shapes::ShapeRef.new(shape: String, required: true, location_name: "ServiceName"))
-    CreateVpcEndpointRequest.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VpcId"))
+    CreateVpcEndpointRequest.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "SubnetId"))
+    CreateVpcEndpointRequest.add_member(:security_group_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "SecurityGroupId"))
+    CreateVpcEndpointRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "ClientToken"))
+    CreateVpcEndpointRequest.add_member(:private_dns_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "PrivateDnsEnabled"))
     CreateVpcEndpointRequest.struct_class = Types::CreateVpcEndpointRequest
 
-    CreateVpcEndpointResult.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "clientToken"))
     CreateVpcEndpointResult.add_member(:vpc_endpoint, Shapes::ShapeRef.new(shape: VpcEndpoint, location_name: "vpcEndpoint"))
+    CreateVpcEndpointResult.add_member(:client_token, Shapes::ShapeRef.new(shape: String, location_name: "clientToken"))
     CreateVpcEndpointResult.struct_class = Types::CreateVpcEndpointResult
 
     CreateVpcPeeringConnectionRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "dryRun"))
@@ -2479,23 +2493,26 @@ module Aws::EC2
     DescribeVpcClassicLinkResult.struct_class = Types::DescribeVpcClassicLinkResult
 
     DescribeVpcEndpointServicesRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
+    DescribeVpcEndpointServicesRequest.add_member(:service_names, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "ServiceName"))
+    DescribeVpcEndpointServicesRequest.add_member(:filters, Shapes::ShapeRef.new(shape: FilterList, location_name: "Filter"))
     DescribeVpcEndpointServicesRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: Integer, location_name: "MaxResults"))
     DescribeVpcEndpointServicesRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "NextToken"))
     DescribeVpcEndpointServicesRequest.struct_class = Types::DescribeVpcEndpointServicesRequest
 
-    DescribeVpcEndpointServicesResult.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
     DescribeVpcEndpointServicesResult.add_member(:service_names, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "serviceNameSet"))
+    DescribeVpcEndpointServicesResult.add_member(:service_details, Shapes::ShapeRef.new(shape: ServiceDetailSet, location_name: "serviceDetailSet"))
+    DescribeVpcEndpointServicesResult.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
     DescribeVpcEndpointServicesResult.struct_class = Types::DescribeVpcEndpointServicesResult
 
     DescribeVpcEndpointsRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
+    DescribeVpcEndpointsRequest.add_member(:vpc_endpoint_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "VpcEndpointId"))
     DescribeVpcEndpointsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: FilterList, location_name: "Filter"))
     DescribeVpcEndpointsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: Integer, location_name: "MaxResults"))
     DescribeVpcEndpointsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "NextToken"))
-    DescribeVpcEndpointsRequest.add_member(:vpc_endpoint_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "VpcEndpointId"))
     DescribeVpcEndpointsRequest.struct_class = Types::DescribeVpcEndpointsRequest
 
-    DescribeVpcEndpointsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
     DescribeVpcEndpointsResult.add_member(:vpc_endpoints, Shapes::ShapeRef.new(shape: VpcEndpointSet, location_name: "vpcEndpointSet"))
+    DescribeVpcEndpointsResult.add_member(:next_token, Shapes::ShapeRef.new(shape: String, location_name: "nextToken"))
     DescribeVpcEndpointsResult.struct_class = Types::DescribeVpcEndpointsResult
 
     DescribeVpcPeeringConnectionsRequest.add_member(:filters, Shapes::ShapeRef.new(shape: FilterList, location_name: "Filter"))
@@ -2646,6 +2663,12 @@ module Aws::EC2
     DiskImageVolumeDescription.add_member(:size, Shapes::ShapeRef.new(shape: Long, location_name: "size"))
     DiskImageVolumeDescription.struct_class = Types::DiskImageVolumeDescription
 
+    DnsEntry.add_member(:dns_name, Shapes::ShapeRef.new(shape: String, location_name: "dnsName"))
+    DnsEntry.add_member(:hosted_zone_id, Shapes::ShapeRef.new(shape: String, location_name: "hostedZoneId"))
+    DnsEntry.struct_class = Types::DnsEntry
+
+    DnsEntrySet.member = Shapes::ShapeRef.new(shape: DnsEntry, location_name: "item")
+
     EbsBlockDevice.add_member(:encrypted, Shapes::ShapeRef.new(shape: Boolean, location_name: "encrypted"))
     EbsBlockDevice.add_member(:delete_on_termination, Shapes::ShapeRef.new(shape: Boolean, location_name: "deleteOnTermination"))
     EbsBlockDevice.add_member(:iops, Shapes::ShapeRef.new(shape: Integer, location_name: "iops"))
@@ -2863,6 +2886,8 @@ module Aws::EC2
 
     GroupIdentifierList.member = Shapes::ShapeRef.new(shape: GroupIdentifier, location_name: "item")
 
+    GroupIdentifierSet.member = Shapes::ShapeRef.new(shape: SecurityGroupIdentifier, location_name: "item")
+
     GroupIds.member = Shapes::ShapeRef.new(shape: String, location_name: "item")
 
     GroupNameStringList.member = Shapes::ShapeRef.new(shape: String, location_name: "GroupName")
@@ -3568,12 +3593,17 @@ module Aws::EC2
     ModifyVpcAttributeRequest.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "vpcId"))
     ModifyVpcAttributeRequest.struct_class = Types::ModifyVpcAttributeRequest
 
-    ModifyVpcEndpointRequest.add_member(:add_route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "AddRouteTableId"))
     ModifyVpcEndpointRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
+    ModifyVpcEndpointRequest.add_member(:vpc_endpoint_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VpcEndpointId"))
+    ModifyVpcEndpointRequest.add_member(:reset_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "ResetPolicy"))
     ModifyVpcEndpointRequest.add_member(:policy_document, Shapes::ShapeRef.new(shape: String, location_name: "PolicyDocument"))
+    ModifyVpcEndpointRequest.add_member(:add_route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "AddRouteTableId"))
     ModifyVpcEndpointRequest.add_member(:remove_route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "RemoveRouteTableId"))
-    ModifyVpcEndpointRequest.add_member(:reset_policy, Shapes::ShapeRef.new(shape: Boolean, location_name: "ResetPolicy"))
-    ModifyVpcEndpointRequest.add_member(:vpc_endpoint_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VpcEndpointId"))
+    ModifyVpcEndpointRequest.add_member(:add_subnet_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "AddSubnetId"))
+    ModifyVpcEndpointRequest.add_member(:remove_subnet_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "RemoveSubnetId"))
+    ModifyVpcEndpointRequest.add_member(:add_security_group_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "AddSecurityGroupId"))
+    ModifyVpcEndpointRequest.add_member(:remove_security_group_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "RemoveSecurityGroupId"))
+    ModifyVpcEndpointRequest.add_member(:private_dns_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "PrivateDnsEnabled"))
     ModifyVpcEndpointRequest.struct_class = Types::ModifyVpcEndpointRequest
 
     ModifyVpcEndpointResult.add_member(:return, Shapes::ShapeRef.new(shape: Boolean, location_name: "return"))
@@ -4481,6 +4511,10 @@ module Aws::EC2
 
     SecurityGroupIdStringList.member = Shapes::ShapeRef.new(shape: String, location_name: "SecurityGroupId")
 
+    SecurityGroupIdentifier.add_member(:group_id, Shapes::ShapeRef.new(shape: String, location_name: "groupId"))
+    SecurityGroupIdentifier.add_member(:group_name, Shapes::ShapeRef.new(shape: String, location_name: "groupName"))
+    SecurityGroupIdentifier.struct_class = Types::SecurityGroupIdentifier
+
     SecurityGroupList.member = Shapes::ShapeRef.new(shape: SecurityGroup, location_name: "item")
 
     SecurityGroupReference.add_member(:group_id, Shapes::ShapeRef.new(shape: String, required: true, location_name: "groupId"))
@@ -4492,6 +4526,23 @@ module Aws::EC2
 
     SecurityGroupStringList.member = Shapes::ShapeRef.new(shape: String, location_name: "SecurityGroup")
 
+    ServiceDetail.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
+    ServiceDetail.add_member(:service_type, Shapes::ShapeRef.new(shape: ServiceTypeDetailSet, location_name: "serviceType"))
+    ServiceDetail.add_member(:availability_zones, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "availabilityZoneSet"))
+    ServiceDetail.add_member(:owner, Shapes::ShapeRef.new(shape: String, location_name: "owner"))
+    ServiceDetail.add_member(:base_endpoint_dns_names, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "baseEndpointDnsNameSet"))
+    ServiceDetail.add_member(:private_dns_name, Shapes::ShapeRef.new(shape: String, location_name: "privateDnsName"))
+    ServiceDetail.add_member(:vpc_endpoint_policy_supported, Shapes::ShapeRef.new(shape: Boolean, location_name: "vpcEndpointPolicySupported"))
+    ServiceDetail.add_member(:acceptance_required, Shapes::ShapeRef.new(shape: Boolean, location_name: "acceptanceRequired"))
+    ServiceDetail.struct_class = Types::ServiceDetail
+
+    ServiceDetailSet.member = Shapes::ShapeRef.new(shape: ServiceDetail, location_name: "item")
+
+    ServiceTypeDetail.add_member(:service_type, Shapes::ShapeRef.new(shape: ServiceType, location_name: "serviceType"))
+    ServiceTypeDetail.struct_class = Types::ServiceTypeDetail
+
+    ServiceTypeDetailSet.member = Shapes::ShapeRef.new(shape: ServiceTypeDetail, location_name: "item")
+
     SlotDateTimeRangeRequest.add_member(:earliest_time, Shapes::ShapeRef.new(shape: DateTime, required: true, location_name: "EarliestTime"))
     SlotDateTimeRangeRequest.add_member(:latest_time, Shapes::ShapeRef.new(shape: DateTime, required: true, location_name: "LatestTime"))
     SlotDateTimeRangeRequest.struct_class = Types::SlotDateTimeRangeRequest
@@ -4988,13 +5039,19 @@ module Aws::EC2
 
     VpcClassicLinkList.member = Shapes::ShapeRef.new(shape: VpcClassicLink, location_name: "item")
 
-    VpcEndpoint.add_member(:creation_timestamp, Shapes::ShapeRef.new(shape: DateTime, location_name: "creationTimestamp"))
-    VpcEndpoint.add_member(:policy_document, Shapes::ShapeRef.new(shape: String, location_name: "policyDocument"))
-    VpcEndpoint.add_member(:route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "routeTableIdSet"))
-    VpcEndpoint.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
-    VpcEndpoint.add_member(:state, Shapes::ShapeRef.new(shape: State, location_name: "state"))
     VpcEndpoint.add_member(:vpc_endpoint_id, Shapes::ShapeRef.new(shape: String, location_name: "vpcEndpointId"))
+    VpcEndpoint.add_member(:vpc_endpoint_type, Shapes::ShapeRef.new(shape: VpcEndpointType, location_name: "vpcEndpointType"))
     VpcEndpoint.add_member(:vpc_id, Shapes::ShapeRef.new(shape: String, location_name: "vpcId"))
+    VpcEndpoint.add_member(:service_name, Shapes::ShapeRef.new(shape: String, location_name: "serviceName"))
+    VpcEndpoint.add_member(:state, Shapes::ShapeRef.new(shape: State, location_name: "state"))
+    VpcEndpoint.add_member(:policy_document, Shapes::ShapeRef.new(shape: String, location_name: "policyDocument"))
+    VpcEndpoint.add_member(:route_table_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "routeTableIdSet"))
+    VpcEndpoint.add_member(:subnet_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "subnetIdSet"))
+    VpcEndpoint.add_member(:groups, Shapes::ShapeRef.new(shape: GroupIdentifierSet, location_name: "groupSet"))
+    VpcEndpoint.add_member(:private_dns_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "privateDnsEnabled"))
+    VpcEndpoint.add_member(:network_interface_ids, Shapes::ShapeRef.new(shape: ValueStringList, location_name: "networkInterfaceIdSet"))
+    VpcEndpoint.add_member(:dns_entries, Shapes::ShapeRef.new(shape: DnsEntrySet, location_name: "dnsEntrySet"))
+    VpcEndpoint.add_member(:creation_timestamp, Shapes::ShapeRef.new(shape: DateTime, location_name: "creationTimestamp"))
     VpcEndpoint.struct_class = Types::VpcEndpoint
 
     VpcEndpointSet.member = Shapes::ShapeRef.new(shape: VpcEndpoint, location_name: "item")

data/lib/aws-sdk-ec2/resource.rb

@@ -151,14 +151,11 @@ module Aws::EC2
     #   })
     # @param [Hash] options ({})
     # @option options [Array<Types::BlockDeviceMapping>] :block_device_mappings
-    #   The block device mapping.
-    #
-    #   Supplying both a snapshot ID and an encryption value as arguments for
-    #   block-device mapping results in an error. This is because only blank
-    #   volumes can be encrypted on start, and these are not created from a
-    #   snapshot. If a snapshot is the basis for the volume, it contains data
-    #   by definition and its encryption status cannot be changed using this
-    #   action.
+    #   One or more block device mapping entries. You can't specify both a
+    #   snapshot ID and an encryption value. This is because only blank
+    #   volumes can be encrypted on creation. If a snapshot is the basis for a
+    #   volume, it is not blank and its encryption status is used for the
+    #   volume encryption status.
     # @option options [required, String] :image_id
     #   The ID of the AMI, which you can get by calling DescribeImages.
     # @option options [String] :instance_type
@@ -1230,6 +1227,9 @@ module Aws::EC2
     #
     #   * `state-reason-message` - The message for the state change.
     #
+    #   * `sriov-net-support` - A value of `simple` indicates that enhanced
+    #     networking with the Intel 82599 VF interface is enabled.
+    #
     #   * `tag`\:*key*=*value* - The key/value combination of a tag assigned
     #     to the resource. Specify the key of the tag in the filter name and
     #     the value of the tag in the filter value. For example, for the tag
@@ -2219,36 +2219,63 @@ module Aws::EC2
     #
     #   * `description` - The description of the security group.
     #
+    #   * `egress.ip-permission.cidr` - An IPv4 CIDR block for an outbound
+    #     security group rule.
+    #
+    #   * `egress.ip-permission.from-port` - For an outbound rule, the start
+    #     of port range for the TCP and UDP protocols, or an ICMP type number.
+    #
+    #   * `egress.ip-permission.group-id` - The ID of a security group that
+    #     has been referenced in an outbound security group rule.
+    #
+    #   * `egress.ip-permission.group-name` - The name of a security group
+    #     that has been referenced in an outbound security group rule.
+    #
+    #   * `egress.ip-permission.ipv6-cidr` - An IPv6 CIDR block for an
+    #     outbound security group rule.
+    #
     #   * `egress.ip-permission.prefix-list-id` - The ID (prefix) of the AWS
-    #     service to which the security group allows access.
+    #     service to which a security group rule allows outbound access.
+    #
+    #   * `egress.ip-permission.protocol` - The IP protocol for an outbound
+    #     security group rule (`tcp` \| `udp` \| `icmp` or a protocol number).
+    #
+    #   * `egress.ip-permission.to-port` - For an outbound rule, the end of
+    #     port range for the TCP and UDP protocols, or an ICMP code.
+    #
+    #   * `egress.ip-permission.user-id` - The ID of an AWS account that has
+    #     been referenced in an outbound security group rule.
     #
     #   * `group-id` - The ID of the security group.
     #
     #   * `group-name` - The name of the security group.
     #
-    #   * `ip-permission.cidr` - An IPv4 CIDR range that has been granted
-    #     permission in a security group rule.
+    #   * `ip-permission.cidr` - An IPv4 CIDR block for an inbound security
+    #     group rule.
     #
-    #   * `ip-permission.from-port` - The start of port range for the TCP and
-    #     UDP protocols, or an ICMP type number.
+    #   * `ip-permission.from-port` - For an inbound rule, the start of port
+    #     range for the TCP and UDP protocols, or an ICMP type number.
     #
     #   * `ip-permission.group-id` - The ID of a security group that has been
-    #     granted permission.
+    #     referenced in an inbound security group rule.
     #
     #   * `ip-permission.group-name` - The name of a security group that has
-    #     been granted permission.
+    #     been referenced in an inbound security group rule.
+    #
+    #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR block for an inbound
+    #     security group rule.
     #
-    #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR range that has been granted
-    #     permission in a security group rule.
+    #   * `ip-permission.prefix-list-id` - The ID (prefix) of the AWS service
+    #     from which a security group rule allows inbound access.
     #
-    #   * `ip-permission.protocol` - The IP protocol for the permission (`tcp`
-    #     \| `udp` \| `icmp` or a protocol number).
+    #   * `ip-permission.protocol` - The IP protocol for an inbound security
+    #     group rule (`tcp` \| `udp` \| `icmp` or a protocol number).
     #
-    #   * `ip-permission.to-port` - The end of port range for the TCP and UDP
-    #     protocols, or an ICMP code.
+    #   * `ip-permission.to-port` - For an inbound rule, the end of port range
+    #     for the TCP and UDP protocols, or an ICMP code.
     #
     #   * `ip-permission.user-id` - The ID of an AWS account that has been
-    #     granted permission.
+    #     referenced in an inbound security group rule.
     #
     #   * `owner-id` - The AWS account ID of the owner of the security group.
     #

data/lib/aws-sdk-ec2/subnet.rb

@@ -329,14 +329,11 @@ module Aws::EC2
     #   })
     # @param [Hash] options ({})
     # @option options [Array<Types::BlockDeviceMapping>] :block_device_mappings
-    #   The block device mapping.
-    #
-    #   Supplying both a snapshot ID and an encryption value as arguments for
-    #   block-device mapping results in an error. This is because only blank
-    #   volumes can be encrypted on start, and these are not created from a
-    #   snapshot. If a snapshot is the basis for the volume, it contains data
-    #   by definition and its encryption status cannot be changed using this
-    #   action.
+    #   One or more block device mapping entries. You can't specify both a
+    #   snapshot ID and an encryption value. This is because only blank
+    #   volumes can be encrypted on creation. If a snapshot is the basis for a
+    #   volume, it is not blank and its encryption status is used for the
+    #   volume encryption status.
     # @option options [required, String] :image_id
     #   The ID of the AMI, which you can get by calling DescribeImages.
     # @option options [String] :instance_type

data/lib/aws-sdk-ec2/types.rb

@@ -4061,24 +4061,18 @@ module Aws::EC2
     #   data as a hash:
     #
     #       {
-    #         client_token: "String",
     #         dry_run: false,
+    #         vpc_endpoint_type: "Interface", # accepts Interface, Gateway
+    #         vpc_id: "String", # required
+    #         service_name: "String", # required
     #         policy_document: "String",
     #         route_table_ids: ["String"],
-    #         service_name: "String", # required
-    #         vpc_id: "String", # required
+    #         subnet_ids: ["String"],
+    #         security_group_ids: ["String"],
+    #         client_token: "String",
+    #         private_dns_enabled: false,
     #       }
     #
-    # @!attribute [rw] client_token
-    #   Unique, case-sensitive identifier you provide to ensure the
-    #   idempotency of the request. For more information, see [How to Ensure
-    #   Idempotency][1].
-    #
-    #
-    #
-    #   [1]: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html
-    #   @return [String]
-    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -4086,16 +4080,14 @@ module Aws::EC2
     #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
     #   @return [Boolean]
     #
-    # @!attribute [rw] policy_document
-    #   A policy to attach to the endpoint that controls access to the
-    #   service. The policy must be in valid JSON format. If this parameter
-    #   is not specified, we attach a default policy that allows full access
-    #   to the service.
+    # @!attribute [rw] vpc_endpoint_type
+    #   The type of endpoint. If not specified, the default is a gateway
+    #   endpoint.
     #   @return [String]
     #
-    # @!attribute [rw] route_table_ids
-    #   One or more route table IDs.
-    #   @return [Array<String>]
+    # @!attribute [rw] vpc_id
+    #   The ID of the VPC in which the endpoint will be used.
+    #   @return [String]
     #
     # @!attribute [rw] service_name
     #   The AWS service name, in the form `com.amazonaws.region.service `.
@@ -4103,38 +4095,86 @@ module Aws::EC2
     #   DescribeVpcEndpointServices request.
     #   @return [String]
     #
-    # @!attribute [rw] vpc_id
-    #   The ID of the VPC in which the endpoint will be used.
+    # @!attribute [rw] policy_document
+    #   (Gateway endpoint) A policy to attach to the endpoint that controls
+    #   access to the service. The policy must be in valid JSON format. If
+    #   this parameter is not specified, we attach a default policy that
+    #   allows full access to the service.
     #   @return [String]
     #
+    # @!attribute [rw] route_table_ids
+    #   (Gateway endpoint) One or more route table IDs.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] subnet_ids
+    #   (Interface endpoint) The ID of one or more subnets in which to
+    #   create a network interface for the endpoint.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] security_group_ids
+    #   (Interface endpoint) The ID of one or more security groups to
+    #   associate with the network interface.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] client_token
+    #   Unique, case-sensitive identifier you provide to ensure the
+    #   idempotency of the request. For more information, see [How to Ensure
+    #   Idempotency][1].
+    #
+    #
+    #
+    #   [1]: http://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html
+    #   @return [String]
+    #
+    # @!attribute [rw] private_dns_enabled
+    #   (Interface endpoint) Indicate whether to associate a private hosted
+    #   zone with the specified VPC. The private hosted zone contains a
+    #   record set for the default public DNS name for the service for the
+    #   region (for example, `kinesis.us-east-1.amazonaws.com`) which
+    #   resolves to the private IP addresses of the endpoint network
+    #   interfaces in the VPC. This enables you to make requests to the
+    #   default public DNS name for the service instead of the public DNS
+    #   names that are automatically generated by the VPC endpoint service.
+    #
+    #   To use a private hosted zone, you must set the following VPC
+    #   attributes to `true`\: `enableDnsHostnames` and `enableDnsSupport`.
+    #   Use ModifyVpcAttribute to set the VPC attributes.
+    #
+    #   Default: `true`
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVpcEndpointRequest AWS API Documentation
     #
     class CreateVpcEndpointRequest < Struct.new(
-      :client_token,
       :dry_run,
+      :vpc_endpoint_type,
+      :vpc_id,
+      :service_name,
       :policy_document,
       :route_table_ids,
-      :service_name,
-      :vpc_id)
+      :subnet_ids,
+      :security_group_ids,
+      :client_token,
+      :private_dns_enabled)
       include Aws::Structure
     end
 
     # Contains the output of CreateVpcEndpoint.
     #
+    # @!attribute [rw] vpc_endpoint
+    #   Information about the endpoint.
+    #   @return [Types::VpcEndpoint]
+    #
     # @!attribute [rw] client_token
     #   Unique, case-sensitive identifier you provide to ensure the
     #   idempotency of the request.
     #   @return [String]
     #
-    # @!attribute [rw] vpc_endpoint
-    #   Information about the endpoint.
-    #   @return [Types::VpcEndpoint]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVpcEndpointResult AWS API Documentation
     #
     class CreateVpcEndpointResult < Struct.new(
-      :client_token,
-      :vpc_endpoint)
+      :vpc_endpoint,
+      :client_token)
       include Aws::Structure
     end
 
@@ -6908,6 +6948,9 @@ module Aws::EC2
     #
     #   * `state-reason-message` - The message for the state change.
     #
+    #   * `sriov-net-support` - A value of `simple` indicates that enhanced
+    #     networking with the Intel 82599 VF interface is enabled.
+    #
     #   * `tag`\:*key*=*value* - The key/value combination of a tag assigned
     #     to the resource. Specify the key of the tag in the filter name and
     #     the value of the tag in the filter value. For example, for the tag
@@ -9472,36 +9515,65 @@ module Aws::EC2
     #
     #   * `description` - The description of the security group.
     #
+    #   * `egress.ip-permission.cidr` - An IPv4 CIDR block for an outbound
+    #     security group rule.
+    #
+    #   * `egress.ip-permission.from-port` - For an outbound rule, the start
+    #     of port range for the TCP and UDP protocols, or an ICMP type
+    #     number.
+    #
+    #   * `egress.ip-permission.group-id` - The ID of a security group that
+    #     has been referenced in an outbound security group rule.
+    #
+    #   * `egress.ip-permission.group-name` - The name of a security group
+    #     that has been referenced in an outbound security group rule.
+    #
+    #   * `egress.ip-permission.ipv6-cidr` - An IPv6 CIDR block for an
+    #     outbound security group rule.
+    #
     #   * `egress.ip-permission.prefix-list-id` - The ID (prefix) of the AWS
-    #     service to which the security group allows access.
+    #     service to which a security group rule allows outbound access.
+    #
+    #   * `egress.ip-permission.protocol` - The IP protocol for an outbound
+    #     security group rule (`tcp` \| `udp` \| `icmp` or a protocol
+    #     number).
+    #
+    #   * `egress.ip-permission.to-port` - For an outbound rule, the end of
+    #     port range for the TCP and UDP protocols, or an ICMP code.
+    #
+    #   * `egress.ip-permission.user-id` - The ID of an AWS account that has
+    #     been referenced in an outbound security group rule.
     #
     #   * `group-id` - The ID of the security group.
     #
     #   * `group-name` - The name of the security group.
     #
-    #   * `ip-permission.cidr` - An IPv4 CIDR range that has been granted
-    #     permission in a security group rule.
+    #   * `ip-permission.cidr` - An IPv4 CIDR block for an inbound security
+    #     group rule.
     #
-    #   * `ip-permission.from-port` - The start of port range for the TCP
-    #     and UDP protocols, or an ICMP type number.
+    #   * `ip-permission.from-port` - For an inbound rule, the start of port
+    #     range for the TCP and UDP protocols, or an ICMP type number.
     #
     #   * `ip-permission.group-id` - The ID of a security group that has
-    #     been granted permission.
+    #     been referenced in an inbound security group rule.
     #
     #   * `ip-permission.group-name` - The name of a security group that has
-    #     been granted permission.
+    #     been referenced in an inbound security group rule.
     #
-    #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR range that has been
-    #     granted permission in a security group rule.
+    #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR block for an inbound
+    #     security group rule.
     #
-    #   * `ip-permission.protocol` - The IP protocol for the permission
-    #     (`tcp` \| `udp` \| `icmp` or a protocol number).
+    #   * `ip-permission.prefix-list-id` - The ID (prefix) of the AWS
+    #     service from which a security group rule allows inbound access.
     #
-    #   * `ip-permission.to-port` - The end of port range for the TCP and
-    #     UDP protocols, or an ICMP code.
+    #   * `ip-permission.protocol` - The IP protocol for an inbound security
+    #     group rule (`tcp` \| `udp` \| `icmp` or a protocol number).
+    #
+    #   * `ip-permission.to-port` - For an inbound rule, the end of port
+    #     range for the TCP and UDP protocols, or an ICMP code.
     #
     #   * `ip-permission.user-id` - The ID of an AWS account that has been
-    #     granted permission.
+    #     referenced in an inbound security group rule.
     #
     #   * `owner-id` - The AWS account ID of the owner of the security
     #     group.
@@ -11174,6 +11246,13 @@ module Aws::EC2
     #
     #       {
     #         dry_run: false,
+    #         service_names: ["String"],
+    #         filters: [
+    #           {
+    #             name: "String",
+    #             values: ["String"],
+    #           },
+    #         ],
     #         max_results: 1,
     #         next_token: "String",
     #       }
@@ -11185,6 +11264,18 @@ module Aws::EC2
     #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] service_names
+    #   One or more service names.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] filters
+    #   One or more filters.
+    #
+    #   * `service-name`\: The name of the service.
+    #
+    #   ^
+    #   @return [Array<Types::Filter>]
+    #
     # @!attribute [rw] max_results
     #   The maximum number of items to return for this request. The request
     #   returns a token that you can specify in a subsequent call to get the
@@ -11203,6 +11294,8 @@ module Aws::EC2
     #
     class DescribeVpcEndpointServicesRequest < Struct.new(
       :dry_run,
+      :service_names,
+      :filters,
       :max_results,
       :next_token)
       include Aws::Structure
@@ -11210,20 +11303,25 @@ module Aws::EC2
 
     # Contains the output of DescribeVpcEndpointServices.
     #
+    # @!attribute [rw] service_names
+    #   A list of supported AWS services.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] service_details
+    #   Information about the service.
+    #   @return [Array<Types::ServiceDetail>]
+    #
     # @!attribute [rw] next_token
     #   The token to use when requesting the next set of items. If there are
     #   no additional items to return, the string is empty.
     #   @return [String]
     #
-    # @!attribute [rw] service_names
-    #   A list of supported AWS services.
-    #   @return [Array<String>]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointServicesResult AWS API Documentation
     #
     class DescribeVpcEndpointServicesResult < Struct.new(
-      :next_token,
-      :service_names)
+      :service_names,
+      :service_details,
+      :next_token)
       include Aws::Structure
     end
 
@@ -11234,6 +11332,7 @@ module Aws::EC2
     #
     #       {
     #         dry_run: false,
+    #         vpc_endpoint_ids: ["String"],
     #         filters: [
     #           {
     #             name: "String",
@@ -11242,7 +11341,6 @@ module Aws::EC2
     #         ],
     #         max_results: 1,
     #         next_token: "String",
-    #         vpc_endpoint_ids: ["String"],
     #       }
     #
     # @!attribute [rw] dry_run
@@ -11252,6 +11350,10 @@ module Aws::EC2
     #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] vpc_endpoint_ids
+    #   One or more endpoint IDs.
+    #   @return [Array<String>]
+    #
     # @!attribute [rw] filters
     #   One or more filters.
     #
@@ -11279,37 +11381,33 @@ module Aws::EC2
     #   token from a prior call.)
     #   @return [String]
     #
-    # @!attribute [rw] vpc_endpoint_ids
-    #   One or more endpoint IDs.
-    #   @return [Array<String>]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointsRequest AWS API Documentation
     #
     class DescribeVpcEndpointsRequest < Struct.new(
       :dry_run,
+      :vpc_endpoint_ids,
       :filters,
       :max_results,
-      :next_token,
-      :vpc_endpoint_ids)
+      :next_token)
       include Aws::Structure
     end
 
     # Contains the output of DescribeVpcEndpoints.
     #
+    # @!attribute [rw] vpc_endpoints
+    #   Information about the endpoints.
+    #   @return [Array<Types::VpcEndpoint>]
+    #
     # @!attribute [rw] next_token
     #   The token to use when requesting the next set of items. If there are
     #   no additional items to return, the string is empty.
     #   @return [String]
     #
-    # @!attribute [rw] vpc_endpoints
-    #   Information about the endpoints.
-    #   @return [Array<Types::VpcEndpoint>]
-    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointsResult AWS API Documentation
     #
     class DescribeVpcEndpointsResult < Struct.new(
-      :next_token,
-      :vpc_endpoints)
+      :vpc_endpoints,
+      :next_token)
       include Aws::Structure
     end
 
@@ -12372,6 +12470,24 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Describes a DNS entry.
+    #
+    # @!attribute [rw] dns_name
+    #   The DNS name.
+    #   @return [String]
+    #
+    # @!attribute [rw] hosted_zone_id
+    #   The ID of the private hosted zone.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DnsEntry AWS API Documentation
+    #
+    class DnsEntry < Struct.new(
+      :dns_name,
+      :hosted_zone_id)
+      include Aws::Structure
+    end
+
     # Describes a block device for an EBS volume.
     #
     # @note When making an API call, you may pass EbsBlockDevice
@@ -12387,9 +12503,11 @@ module Aws::EC2
     #       }
     #
     # @!attribute [rw] encrypted
-    #   Indicates whether the EBS volume is encrypted. Encrypted Amazon EBS
-    #   volumes may only be attached to instances that support Amazon EBS
-    #   encryption.
+    #   Indicates whether the EBS volume is encrypted. Encrypted volumes can
+    #   only be attached to instances that support Amazon EBS encryption. If
+    #   you are creating a volume from a snapshot, you can't specify an
+    #   encryption value. This is because only blank volumes can be
+    #   encrypted on creation.
     #   @return [Boolean]
     #
     # @!attribute [rw] delete_on_termination
@@ -17424,18 +17542,19 @@ module Aws::EC2
     #   data as a hash:
     #
     #       {
-    #         add_route_table_ids: ["String"],
     #         dry_run: false,
+    #         vpc_endpoint_id: "String", # required
+    #         reset_policy: false,
     #         policy_document: "String",
+    #         add_route_table_ids: ["String"],
     #         remove_route_table_ids: ["String"],
-    #         reset_policy: false,
-    #         vpc_endpoint_id: "String", # required
+    #         add_subnet_ids: ["String"],
+    #         remove_subnet_ids: ["String"],
+    #         add_security_group_ids: ["String"],
+    #         remove_security_group_ids: ["String"],
+    #         private_dns_enabled: false,
     #       }
     #
-    # @!attribute [rw] add_route_table_ids
-    #   One or more route tables IDs to associate with the endpoint.
-    #   @return [Array<String>]
-    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -17443,38 +17562,73 @@ module Aws::EC2
     #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
     #   @return [Boolean]
     #
+    # @!attribute [rw] vpc_endpoint_id
+    #   The ID of the endpoint.
+    #   @return [String]
+    #
+    # @!attribute [rw] reset_policy
+    #   (Gateway endpoint) Specify `true` to reset the policy document to
+    #   the default policy. The default policy allows full access to the
+    #   service.
+    #   @return [Boolean]
+    #
     # @!attribute [rw] policy_document
-    #   A policy document to attach to the endpoint. The policy must be in
-    #   valid JSON format.
+    #   (Gateway endpoint) A policy document to attach to the endpoint. The
+    #   policy must be in valid JSON format.
     #   @return [String]
     #
+    # @!attribute [rw] add_route_table_ids
+    #   (Gateway endpoint) One or more route tables IDs to associate with
+    #   the endpoint.
+    #   @return [Array<String>]
+    #
     # @!attribute [rw] remove_route_table_ids
-    #   One or more route table IDs to disassociate from the endpoint.
+    #   (Gateway endpoint) One or more route table IDs to disassociate from
+    #   the endpoint.
     #   @return [Array<String>]
     #
-    # @!attribute [rw] reset_policy
-    #   Specify `true` to reset the policy document to the default policy.
-    #   The default policy allows access to the service.
-    #   @return [Boolean]
+    # @!attribute [rw] add_subnet_ids
+    #   (Interface endpoint) One or more subnet IDs in which to serve the
+    #   endpoint.
+    #   @return [Array<String>]
     #
-    # @!attribute [rw] vpc_endpoint_id
-    #   The ID of the endpoint.
-    #   @return [String]
+    # @!attribute [rw] remove_subnet_ids
+    #   (Interface endpoint) One or more subnets IDs in which to remove the
+    #   endpoint.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] add_security_group_ids
+    #   (Interface endpoint) One or more security group IDs to associate
+    #   with the network interface.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] remove_security_group_ids
+    #   (Interface endpoint) One or more security group IDs to disassociate
+    #   from the network interface.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] private_dns_enabled
+    #   (Interface endpoint) Indicate whether a private hosted zone is
+    #   associated with the VPC.
+    #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpcEndpointRequest AWS API Documentation
     #
     class ModifyVpcEndpointRequest < Struct.new(
-      :add_route_table_ids,
       :dry_run,
+      :vpc_endpoint_id,
+      :reset_policy,
       :policy_document,
+      :add_route_table_ids,
       :remove_route_table_ids,
-      :reset_policy,
-      :vpc_endpoint_id)
+      :add_subnet_ids,
+      :remove_subnet_ids,
+      :add_security_group_ids,
+      :remove_security_group_ids,
+      :private_dns_enabled)
       include Aws::Structure
     end
 
-    # Contains the output of ModifyVpcEndpoint.
-    #
     # @!attribute [rw] return
     #   Returns `true` if the request succeeds; otherwise, it returns an
     #   error.
@@ -20257,7 +20411,11 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] block_device_mappings
-    #   One or more block device mapping entries.
+    #   One or more block device mapping entries. You can't specify both a
+    #   snapshot ID and an encryption value. This is because only blank
+    #   volumes can be encrypted on creation. If a snapshot is the basis for
+    #   a volume, it is not blank and its encryption status is used for the
+    #   volume encryption status.
     #   @return [Array<Types::BlockDeviceMapping>]
     #
     # @!attribute [rw] ebs_optimized
@@ -21607,14 +21765,11 @@ module Aws::EC2
     #       }
     #
     # @!attribute [rw] block_device_mappings
-    #   The block device mapping.
-    #
-    #   Supplying both a snapshot ID and an encryption value as arguments
-    #   for block-device mapping results in an error. This is because only
-    #   blank volumes can be encrypted on start, and these are not created
-    #   from a snapshot. If a snapshot is the basis for the volume, it
-    #   contains data by definition and its encryption status cannot be
-    #   changed using this action.
+    #   One or more block device mapping entries. You can't specify both a
+    #   snapshot ID and an encryption value. This is because only blank
+    #   volumes can be encrypted on creation. If a snapshot is the basis for
+    #   a volume, it is not blank and its encryption status is used for the
+    #   volume encryption status.
     #   @return [Array<Types::BlockDeviceMapping>]
     #
     # @!attribute [rw] image_id
@@ -22864,6 +23019,24 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Describes a security group.
+    #
+    # @!attribute [rw] group_id
+    #   The ID of the security group.
+    #   @return [String]
+    #
+    # @!attribute [rw] group_name
+    #   The name of the security group.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SecurityGroupIdentifier AWS API Documentation
+    #
+    class SecurityGroupIdentifier < Struct.new(
+      :group_id,
+      :group_name)
+      include Aws::Structure
+    end
+
     # Describes a VPC with a security group that references your security
     # group.
     #
@@ -22888,6 +23061,68 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Describes a service.
+    #
+    # @!attribute [rw] service_name
+    #   The Amazon Resource Name (ARN) of the service.
+    #   @return [String]
+    #
+    # @!attribute [rw] service_type
+    #   The type of service.
+    #   @return [Array<Types::ServiceTypeDetail>]
+    #
+    # @!attribute [rw] availability_zones
+    #   The Availability Zones in which the service is available.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] owner
+    #   The AWS account ID of the service owner.
+    #   @return [String]
+    #
+    # @!attribute [rw] base_endpoint_dns_names
+    #   The DNS names for the service.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] private_dns_name
+    #   The private DNS name for the service.
+    #   @return [String]
+    #
+    # @!attribute [rw] vpc_endpoint_policy_supported
+    #   Indicates whether the service supports endpoint policies.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] acceptance_required
+    #   Indicates whether VPC endpoint connection requests to the service
+    #   must be accepted by the service owner.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ServiceDetail AWS API Documentation
+    #
+    class ServiceDetail < Struct.new(
+      :service_name,
+      :service_type,
+      :availability_zones,
+      :owner,
+      :base_endpoint_dns_names,
+      :private_dns_name,
+      :vpc_endpoint_policy_supported,
+      :acceptance_required)
+      include Aws::Structure
+    end
+
+    # Describes the type of service for a VPC endpoint.
+    #
+    # @!attribute [rw] service_type
+    #   The type of service.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ServiceTypeDetail AWS API Documentation
+    #
+    class ServiceTypeDetail < Struct.new(
+      :service_type)
+      include Aws::Structure
+    end
+
     # Describes the time period for a Scheduled Instance to start its first
     # schedule. The time period must span less than one day.
     #
@@ -23333,7 +23568,11 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] block_device_mappings
-    #   One or more block device mapping entries.
+    #   One or more block device mapping entries. You can't specify both a
+    #   snapshot ID and an encryption value. This is because only blank
+    #   volumes can be encrypted on creation. If a snapshot is the basis for
+    #   a volume, it is not blank and its encryption status is used for the
+    #   volume encryption status.
     #   @return [Array<Types::BlockDeviceMapping>]
     #
     # @!attribute [rw] ebs_optimized
@@ -25596,17 +25835,17 @@ module Aws::EC2
 
     # Describes a VPC endpoint.
     #
-    # @!attribute [rw] creation_timestamp
-    #   The date and time the VPC endpoint was created.
-    #   @return [Time]
+    # @!attribute [rw] vpc_endpoint_id
+    #   The ID of the VPC endpoint.
+    #   @return [String]
     #
-    # @!attribute [rw] policy_document
-    #   The policy document associated with the endpoint.
+    # @!attribute [rw] vpc_endpoint_type
+    #   The type of endpoint.
     #   @return [String]
     #
-    # @!attribute [rw] route_table_ids
-    #   One or more route tables associated with the endpoint.
-    #   @return [Array<String>]
+    # @!attribute [rw] vpc_id
+    #   The ID of the VPC to which the endpoint is associated.
+    #   @return [String]
     #
     # @!attribute [rw] service_name
     #   The name of the AWS service to which the endpoint is associated.
@@ -25616,24 +25855,59 @@ module Aws::EC2
     #   The state of the VPC endpoint.
     #   @return [String]
     #
-    # @!attribute [rw] vpc_endpoint_id
-    #   The ID of the VPC endpoint.
+    # @!attribute [rw] policy_document
+    #   The policy document associated with the endpoint, if applicable.
     #   @return [String]
     #
-    # @!attribute [rw] vpc_id
-    #   The ID of the VPC to which the endpoint is associated.
-    #   @return [String]
+    # @!attribute [rw] route_table_ids
+    #   (Gateway endpoint) One or more route tables associated with the
+    #   endpoint.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] subnet_ids
+    #   (Interface endpoint) One or more subnets in which the endpoint is
+    #   located.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] groups
+    #   (Interface endpoint) Information about the security groups
+    #   associated with the network interface.
+    #   @return [Array<Types::SecurityGroupIdentifier>]
+    #
+    # @!attribute [rw] private_dns_enabled
+    #   (Interface endpoint) Indicates whether the VPC is associated with a
+    #   private hosted zone.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] network_interface_ids
+    #   (Interface endpoint) One or more network interfaces for the
+    #   endpoint.
+    #   @return [Array<String>]
+    #
+    # @!attribute [rw] dns_entries
+    #   (Interface endpoint) The DNS entries for the endpoint.
+    #   @return [Array<Types::DnsEntry>]
+    #
+    # @!attribute [rw] creation_timestamp
+    #   The date and time the VPC endpoint was created.
+    #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcEndpoint AWS API Documentation
     #
     class VpcEndpoint < Struct.new(
-      :creation_timestamp,
-      :policy_document,
-      :route_table_ids,
+      :vpc_endpoint_id,
+      :vpc_endpoint_type,
+      :vpc_id,
       :service_name,
       :state,
-      :vpc_endpoint_id,
-      :vpc_id)
+      :policy_document,
+      :route_table_ids,
+      :subnet_ids,
+      :groups,
+      :private_dns_enabled,
+      :network_interface_ids,
+      :dns_entries,
+      :creation_timestamp)
       include Aws::Structure
     end