aws-sdk-ec2 1.171.0 → 1.176.0

data/lib/aws-sdk-ec2/network_acl.rb

@@ -227,7 +227,9 @@ module Aws::EC2
     # @param [Hash] options ({})
     # @option options [String] :cidr_block
     #   The IPv4 network range to allow or deny, in CIDR notation (for example
-    #   `172.16.0.0/24`).
+    #   `172.16.0.0/24`). We modify the specified CIDR block to its canonical
+    #   form; for example, if you specify `100.68.0.18/18`, we modify it to
+    #   `100.68.0.0/18`.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.

data/lib/aws-sdk-ec2/resource.rb

@@ -44,11 +44,24 @@ module Aws::EC2
     #         values: ["String"],
     #       },
     #     ],
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #     dry_run: false,
     #   })
     # @param [Hash] options ({})
     # @option options [required, Array<Types::NewDhcpConfiguration>] :dhcp_configurations
     #   A DHCP configuration option.
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the DHCP option.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -514,9 +527,22 @@ module Aws::EC2
     # @example Request syntax with placeholder values
     #
     #   internetgateway = ec2.create_internet_gateway({
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #     dry_run: false,
     #   })
     # @param [Hash] options ({})
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the internet gateway.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -629,6 +655,17 @@ module Aws::EC2
     #   networkacl = ec2.create_network_acl({
     #     dry_run: false,
     #     vpc_id: "VpcId", # required
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #   })
     # @param [Hash] options ({})
     # @option options [Boolean] :dry_run
@@ -638,6 +675,8 @@ module Aws::EC2
     #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
     # @option options [required, String] :vpc_id
     #   The ID of the VPC.
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the network ACL.
     # @return [NetworkAcl]
     def create_network_acl(options = {})
       resp = @client.create_network_acl(options)
@@ -670,6 +709,17 @@ module Aws::EC2
     #     secondary_private_ip_address_count: 1,
     #     interface_type: "efa", # accepts efa
     #     subnet_id: "SubnetId", # required
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #   })
     # @param [Hash] options ({})
     # @option options [String] :description
@@ -724,6 +774,8 @@ module Aws::EC2
     #   [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html
     # @option options [required, String] :subnet_id
     #   The ID of the subnet to associate with the network interface.
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to apply to the new network interface.
     # @return [NetworkInterface]
     def create_network_interface(options = {})
       resp = @client.create_network_interface(options)
@@ -810,6 +862,17 @@ module Aws::EC2
     #     description: "String", # required
     #     group_name: "String", # required
     #     vpc_id: "VpcId",
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #     dry_run: false,
     #   })
     # @param [Hash] options ({})
@@ -833,6 +896,8 @@ module Aws::EC2
     #   .\_-:/()#,@\[\]+=&amp;;\\\{\\}!$*
     # @option options [String] :vpc_id
     #   \[EC2-VPC\] The ID of the VPC. Required for EC2-VPC.
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the security group.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -890,6 +955,17 @@ module Aws::EC2
     # @example Request syntax with placeholder values
     #
     #   subnet = ec2.create_subnet({
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #     availability_zone: "String",
     #     availability_zone_id: "String",
     #     cidr_block: "String", # required
@@ -899,6 +975,8 @@ module Aws::EC2
     #     dry_run: false,
     #   })
     # @param [Hash] options ({})
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the subnet.
     # @option options [String] :availability_zone
     #   The Availability Zone or Local Zone for the subnet.
     #
@@ -921,7 +999,9 @@ module Aws::EC2
     #   The AZ ID or the Local Zone ID of the subnet.
     # @option options [required, String] :cidr_block
     #   The IPv4 network range for the subnet, in CIDR notation. For example,
-    #   `10.0.0.0/24`.
+    #   `10.0.0.0/24`. We modify the specified CIDR block to its canonical
+    #   form; for example, if you specify `100.68.0.18/18`, we modify it to
+    #   `100.68.0.0/18`.
     # @option options [String] :ipv_6_cidr_block
     #   The IPv6 network range for the subnet, in CIDR notation. The subnet
     #   size must use a /64 prefix length.
@@ -1157,11 +1237,24 @@ module Aws::EC2
     #     dry_run: false,
     #     instance_tenancy: "default", # accepts default, dedicated, host
     #     ipv_6_cidr_block_network_border_group: "String",
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #   })
     # @param [Hash] options ({})
     # @option options [required, String] :cidr_block
     #   The IPv4 network range for the VPC, in CIDR notation. For example,
-    #   `10.0.0.0/16`.
+    #   `10.0.0.0/16`. We modify the specified CIDR block to its canonical
+    #   form; for example, if you specify `100.68.0.18/18`, we modify it to
+    #   `100.68.0.0/18`.
     # @option options [Boolean] :amazon_provided_ipv_6_cidr_block
     #   Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length
     #   for the VPC. You cannot specify the range of IP addresses, or the size
@@ -1197,6 +1290,8 @@ module Aws::EC2
     #
     #   You must set `AmazonProvidedIpv6CidrBlock` to `true` to use this
     #   parameter.
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to assign to the VPC.
     # @return [Vpc]
     def create_vpc(options = {})
       resp = @client.create_vpc(options)
@@ -2422,9 +2517,6 @@ module Aws::EC2
     #   * `attachment.instance-owner-id` - The owner ID of the instance to
     #     which the network interface is attached.
     #
-    #   * `attachment.nat-gateway-id` - The ID of the NAT gateway to which the
-    #     network interface is attached.
-    #
     #   * `attachment.status` - The status of the attachment (`attaching` \|
     #     `attached` \| `detaching` \| `detached`).
     #
@@ -2761,8 +2853,8 @@ module Aws::EC2
     #   * `egress.ip-permission.ipv6-cidr` - An IPv6 CIDR block for an
     #     outbound security group rule.
     #
-    #   * `egress.ip-permission.prefix-list-id` - The ID (prefix) of the AWS
-    #     service to which a security group rule allows outbound access.
+    #   * `egress.ip-permission.prefix-list-id` - The ID of a prefix list to
+    #     which a security group rule allows outbound access.
     #
     #   * `egress.ip-permission.protocol` - The IP protocol for an outbound
     #     security group rule (`tcp` \| `udp` \| `icmp` or a protocol number).
@@ -2792,8 +2884,8 @@ module Aws::EC2
     #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR block for an inbound
     #     security group rule.
     #
-    #   * `ip-permission.prefix-list-id` - The ID (prefix) of the AWS service
-    #     from which a security group rule allows inbound access.
+    #   * `ip-permission.prefix-list-id` - The ID of a prefix list from which
+    #     a security group rule allows inbound access.
     #
     #   * `ip-permission.protocol` - The IP protocol for an inbound security
     #     group rule (`tcp` \| `udp` \| `icmp` or a protocol number).

data/lib/aws-sdk-ec2/route.rb

@@ -264,12 +264,15 @@ module Aws::EC2
     #
     #   route.delete({
     #     destination_ipv_6_cidr_block: "String",
+    #     destination_prefix_list_id: "PrefixListResourceId",
     #     dry_run: false,
     #   })
     # @param [Hash] options ({})
     # @option options [String] :destination_ipv_6_cidr_block
     #   The IPv6 CIDR range for the route. The value you specify must match
     #   the CIDR for the route exactly.
+    # @option options [String] :destination_prefix_list_id
+    #   The ID of the prefix list for the route.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -289,6 +292,7 @@ module Aws::EC2
     #
     #   route.replace({
     #     destination_ipv_6_cidr_block: "String",
+    #     destination_prefix_list_id: "PrefixListResourceId",
     #     dry_run: false,
     #     egress_only_internet_gateway_id: "EgressOnlyInternetGatewayId",
     #     gateway_id: "RouteGatewayId",
@@ -305,6 +309,8 @@ module Aws::EC2
     #   The IPv6 CIDR address block used for the destination match. The value
     #   that you provide must match the CIDR of an existing route in the
     #   table.
+    # @option options [String] :destination_prefix_list_id
+    #   The ID of the prefix list for the route.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.

data/lib/aws-sdk-ec2/route_table.rb

@@ -225,6 +225,7 @@ module Aws::EC2
     #   route = route_table.create_route({
     #     destination_cidr_block: "String",
     #     destination_ipv_6_cidr_block: "String",
+    #     destination_prefix_list_id: "PrefixListResourceId",
     #     dry_run: false,
     #     egress_only_internet_gateway_id: "EgressOnlyInternetGatewayId",
     #     gateway_id: "RouteGatewayId",
@@ -238,10 +239,14 @@ module Aws::EC2
     # @param [Hash] options ({})
     # @option options [String] :destination_cidr_block
     #   The IPv4 CIDR address block used for the destination match. Routing
-    #   decisions are based on the most specific match.
+    #   decisions are based on the most specific match. We modify the
+    #   specified CIDR block to its canonical form; for example, if you
+    #   specify `100.68.0.18/18`, we modify it to `100.68.0.0/18`.
     # @option options [String] :destination_ipv_6_cidr_block
     #   The IPv6 CIDR block used for the destination match. Routing decisions
     #   are based on the most specific match.
+    # @option options [String] :destination_prefix_list_id
+    #   The ID of a prefix list used for the destination match.
     # @option options [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.

data/lib/aws-sdk-ec2/subnet.rb

@@ -735,6 +735,17 @@ module Aws::EC2
     #     ],
     #     secondary_private_ip_address_count: 1,
     #     interface_type: "efa", # accepts efa
+    #     tag_specifications: [
+    #       {
+    #         resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #         tags: [
+    #           {
+    #             key: "String",
+    #             value: "String",
+    #           },
+    #         ],
+    #       },
+    #     ],
     #   })
     # @param [Hash] options ({})
     # @option options [String] :description
@@ -787,6 +798,8 @@ module Aws::EC2
     #
     #
     #   [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html
+    # @option options [Array<Types::TagSpecification>] :tag_specifications
+    #   The tags to apply to the new network interface.
     # @return [NetworkInterface]
     def create_network_interface(options = {})
       options = options.merge(subnet_id: @id)
@@ -1344,9 +1357,6 @@ module Aws::EC2
     #   * `attachment.instance-owner-id` - The owner ID of the instance to
     #     which the network interface is attached.
     #
-    #   * `attachment.nat-gateway-id` - The ID of the NAT gateway to which the
-    #     network interface is attached.
-    #
     #   * `attachment.status` - The status of the attachment (`attaching` \|
     #     `attached` \| `detaching` \| `detached`).
     #

data/lib/aws-sdk-ec2/types.rb

@@ -300,6 +300,35 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # An entry for a prefix list.
+    #
+    # @note When making an API call, you may pass AddPrefixListEntry
+    #   data as a hash:
+    #
+    #       {
+    #         cidr: "String", # required
+    #         description: "String",
+    #       }
+    #
+    # @!attribute [rw] cidr
+    #   The CIDR block.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   A description for the entry.
+    #
+    #   Constraints: Up to 255 characters in length.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AddPrefixListEntry AWS API Documentation
+    #
+    class AddPrefixListEntry < Struct.new(
+      :cidr,
+      :description)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes an Elastic IP address.
     #
     # @!attribute [rw] instance_id
@@ -2101,10 +2130,10 @@ module Aws::EC2
       include Aws::Structure
     end
 
-    # Describes an Availability Zone or Local Zone.
+    # Describes a Zone.
     #
     # @!attribute [rw] state
-    #   The state of the Availability Zone or Local Zone.
+    #   The state of the Zone.
     #   @return [String]
     #
     # @!attribute [rw] opt_in_status
@@ -2116,7 +2145,7 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] messages
-    #   Any messages about the Availability Zone or Local Zone.
+    #   Any messages about the Zone.
     #   @return [Array<Types::AvailabilityZoneMessage>]
     #
     # @!attribute [rw] region_name
@@ -2124,11 +2153,11 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] zone_name
-    #   The name of the Availability Zone or Local Zone.
+    #   The name of the Zone.
     #   @return [String]
     #
     # @!attribute [rw] zone_id
-    #   The ID of the Availability Zone or Local Zone.
+    #   The ID of the Zone.
     #   @return [String]
     #
     # @!attribute [rw] group_name
@@ -2143,6 +2172,21 @@ module Aws::EC2
     #   The name of the location from which the address is advertised.
     #   @return [String]
     #
+    # @!attribute [rw] zone_type
+    #   The type of zone. The valid values are `availability-zone` and
+    #   `local-zone`.
+    #   @return [String]
+    #
+    # @!attribute [rw] parent_zone_name
+    #   The name of the zone that handles some of the Local Zone control
+    #   plane operations, such as API calls.
+    #   @return [String]
+    #
+    # @!attribute [rw] parent_zone_id
+    #   The ID of the zone that handles some of the Local Zone control plane
+    #   operations, such as API calls.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AvailabilityZone AWS API Documentation
     #
     class AvailabilityZone < Struct.new(
@@ -2153,15 +2197,18 @@ module Aws::EC2
       :zone_name,
       :zone_id,
       :group_name,
-      :network_border_group)
+      :network_border_group,
+      :zone_type,
+      :parent_zone_name,
+      :parent_zone_id)
       SENSITIVE = []
       include Aws::Structure
     end
 
-    # Describes a message about an Availability Zone or Local Zone.
+    # Describes a message about a Zone.
     #
     # @!attribute [rw] message
-    #   The message about the Availability Zone or Local Zone.
+    #   The message about the Zone.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AvailabilityZoneMessage AWS API Documentation
@@ -3143,6 +3190,9 @@ module Aws::EC2
     #   * `none` - The instance avoids running in a Capacity Reservation
     #     even if one is available. The instance runs as an On-Demand
     #     Instance.
+    #
+    #   When `CapacityReservationPreference` is not specified, it defaults
+    #   to `open`.
     #   @return [String]
     #
     # @!attribute [rw] capacity_reservation_target
@@ -5197,6 +5247,17 @@ module Aws::EC2
     #             values: ["String"],
     #           },
     #         ],
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #         dry_run: false,
     #       }
     #
@@ -5204,6 +5265,10 @@ module Aws::EC2
     #   A DHCP configuration option.
     #   @return [Array<Types::NewDhcpConfiguration>]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the DHCP option.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -5215,6 +5280,7 @@ module Aws::EC2
     #
     class CreateDhcpOptionsRequest < Struct.new(
       :dhcp_configurations,
+      :tag_specifications,
       :dry_run)
       SENSITIVE = []
       include Aws::Structure
@@ -5239,6 +5305,17 @@ module Aws::EC2
     #         client_token: "String",
     #         dry_run: false,
     #         vpc_id: "VpcId", # required
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] client_token
@@ -5263,12 +5340,17 @@ module Aws::EC2
     #   gateway.
     #   @return [String]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the egress-only internet gateway.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateEgressOnlyInternetGatewayRequest AWS API Documentation
     #
     class CreateEgressOnlyInternetGatewayRequest < Struct.new(
       :client_token,
       :dry_run,
-      :vpc_id)
+      :vpc_id,
+      :tag_specifications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6040,9 +6122,24 @@ module Aws::EC2
     #   data as a hash:
     #
     #       {
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #         dry_run: false,
     #       }
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the internet gateway.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -6053,6 +6150,7 @@ module Aws::EC2
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInternetGatewayRequest AWS API Documentation
     #
     class CreateInternetGatewayRequest < Struct.new(
+      :tag_specifications,
       :dry_run)
       SENSITIVE = []
       include Aws::Structure
@@ -6670,6 +6768,107 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass CreateManagedPrefixListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_name: "String", # required
+    #         entries: [
+    #           {
+    #             cidr: "String", # required
+    #             description: "String",
+    #           },
+    #         ],
+    #         max_entries: 1, # required
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
+    #         address_family: "String", # required
+    #         client_token: "String",
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_name
+    #   A name for the prefix list.
+    #
+    #   Constraints: Up to 255 characters in length. The name cannot start
+    #   with `com.amazonaws`.
+    #   @return [String]
+    #
+    # @!attribute [rw] entries
+    #   One or more entries for the prefix list.
+    #   @return [Array<Types::AddPrefixListEntry>]
+    #
+    # @!attribute [rw] max_entries
+    #   The maximum number of entries for the prefix list.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] tag_specifications
+    #   The tags to apply to the prefix list during creation.
+    #   @return [Array<Types::TagSpecification>]
+    #
+    # @!attribute [rw] address_family
+    #   The IP address type.
+    #
+    #   Valid Values: `IPv4` \| `IPv6`
+    #   @return [String]
+    #
+    # @!attribute [rw] client_token
+    #   Unique, case-sensitive identifier you provide to ensure the
+    #   idempotency of the request. For more information, see [Ensuring
+    #   Idempotency][1].
+    #
+    #   Constraints: Up to 255 UTF-8 characters in length.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateManagedPrefixListRequest AWS API Documentation
+    #
+    class CreateManagedPrefixListRequest < Struct.new(
+      :dry_run,
+      :prefix_list_name,
+      :entries,
+      :max_entries,
+      :tag_specifications,
+      :address_family,
+      :client_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] prefix_list
+    #   Information about the prefix list.
+    #   @return [Types::ManagedPrefixList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateManagedPrefixListResult AWS API Documentation
+    #
+    class CreateManagedPrefixListResult < Struct.new(
+      :prefix_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass CreateNatGatewayRequest
     #   data as a hash:
     #
@@ -6782,7 +6981,9 @@ module Aws::EC2
     #
     # @!attribute [rw] cidr_block
     #   The IPv4 network range to allow or deny, in CIDR notation (for
-    #   example `172.16.0.0/24`).
+    #   example `172.16.0.0/24`). We modify the specified CIDR block to its
+    #   canonical form; for example, if you specify `100.68.0.18/18`, we
+    #   modify it to `100.68.0.0/18`.
     #   @return [String]
     #
     # @!attribute [rw] dry_run
@@ -6864,6 +7065,17 @@ module Aws::EC2
     #       {
     #         dry_run: false,
     #         vpc_id: "VpcId", # required
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] dry_run
@@ -6877,11 +7089,16 @@ module Aws::EC2
     #   The ID of the VPC.
     #   @return [String]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the network ACL.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateNetworkAclRequest AWS API Documentation
     #
     class CreateNetworkAclRequest < Struct.new(
       :dry_run,
-      :vpc_id)
+      :vpc_id,
+      :tag_specifications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -6985,6 +7202,17 @@ module Aws::EC2
     #         secondary_private_ip_address_count: 1,
     #         interface_type: "efa", # accepts efa
     #         subnet_id: "SubnetId", # required
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] description
@@ -7060,6 +7288,10 @@ module Aws::EC2
     #   The ID of the subnet to associate with the network interface.
     #   @return [String]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to apply to the new network interface.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateNetworkInterfaceRequest AWS API Documentation
     #
     class CreateNetworkInterfaceRequest < Struct.new(
@@ -7072,7 +7304,8 @@ module Aws::EC2
       :private_ip_addresses,
       :secondary_private_ip_address_count,
       :interface_type,
-      :subnet_id)
+      :subnet_id,
+      :tag_specifications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7238,6 +7471,7 @@ module Aws::EC2
     #       {
     #         destination_cidr_block: "String",
     #         destination_ipv_6_cidr_block: "String",
+    #         destination_prefix_list_id: "PrefixListResourceId",
     #         dry_run: false,
     #         egress_only_internet_gateway_id: "EgressOnlyInternetGatewayId",
     #         gateway_id: "RouteGatewayId",
@@ -7252,7 +7486,9 @@ module Aws::EC2
     #
     # @!attribute [rw] destination_cidr_block
     #   The IPv4 CIDR address block used for the destination match. Routing
-    #   decisions are based on the most specific match.
+    #   decisions are based on the most specific match. We modify the
+    #   specified CIDR block to its canonical form; for example, if you
+    #   specify `100.68.0.18/18`, we modify it to `100.68.0.0/18`.
     #   @return [String]
     #
     # @!attribute [rw] destination_ipv_6_cidr_block
@@ -7260,6 +7496,10 @@ module Aws::EC2
     #   decisions are based on the most specific match.
     #   @return [String]
     #
+    # @!attribute [rw] destination_prefix_list_id
+    #   The ID of a prefix list used for the destination match.
+    #   @return [String]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -7311,6 +7551,7 @@ module Aws::EC2
     class CreateRouteRequest < Struct.new(
       :destination_cidr_block,
       :destination_ipv_6_cidr_block,
+      :destination_prefix_list_id,
       :dry_run,
       :egress_only_internet_gateway_id,
       :gateway_id,
@@ -7385,6 +7626,17 @@ module Aws::EC2
     #         description: "String", # required
     #         group_name: "String", # required
     #         vpc_id: "VpcId",
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #         dry_run: false,
     #       }
     #
@@ -7415,6 +7667,10 @@ module Aws::EC2
     #   \[EC2-VPC\] The ID of the VPC. Required for EC2-VPC.
     #   @return [String]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the security group.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -7428,6 +7684,7 @@ module Aws::EC2
       :description,
       :group_name,
       :vpc_id,
+      :tag_specifications,
       :dry_run)
       SENSITIVE = []
       include Aws::Structure
@@ -7437,10 +7694,15 @@ module Aws::EC2
     #   The ID of the security group.
     #   @return [String]
     #
+    # @!attribute [rw] tags
+    #   The tags assigned to the security group.
+    #   @return [Array<Types::Tag>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateSecurityGroupResult AWS API Documentation
     #
     class CreateSecurityGroupResult < Struct.new(
-      :group_id)
+      :group_id,
+      :tags)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -7622,6 +7884,17 @@ module Aws::EC2
     #   data as a hash:
     #
     #       {
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #         availability_zone: "String",
     #         availability_zone_id: "String",
     #         cidr_block: "String", # required
@@ -7631,6 +7904,10 @@ module Aws::EC2
     #         dry_run: false,
     #       }
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the subnet.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @!attribute [rw] availability_zone
     #   The Availability Zone or Local Zone for the subnet.
     #
@@ -7657,7 +7934,9 @@ module Aws::EC2
     #
     # @!attribute [rw] cidr_block
     #   The IPv4 network range for the subnet, in CIDR notation. For
-    #   example, `10.0.0.0/24`.
+    #   example, `10.0.0.0/24`. We modify the specified CIDR block to its
+    #   canonical form; for example, if you specify `100.68.0.18/18`, we
+    #   modify it to `100.68.0.0/18`.
     #   @return [String]
     #
     # @!attribute [rw] ipv_6_cidr_block
@@ -7685,6 +7964,7 @@ module Aws::EC2
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateSubnetRequest AWS API Documentation
     #
     class CreateSubnetRequest < Struct.new(
+      :tag_specifications,
       :availability_zone,
       :availability_zone_id,
       :cidr_block,
@@ -9235,11 +9515,24 @@ module Aws::EC2
     #         dry_run: false,
     #         instance_tenancy: "default", # accepts default, dedicated, host
     #         ipv_6_cidr_block_network_border_group: "String",
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #       }
     #
     # @!attribute [rw] cidr_block
     #   The IPv4 network range for the VPC, in CIDR notation. For example,
-    #   `10.0.0.0/16`.
+    #   `10.0.0.0/16`. We modify the specified CIDR block to its canonical
+    #   form; for example, if you specify `100.68.0.18/18`, we modify it to
+    #   `100.68.0.0/18`.
     #   @return [String]
     #
     # @!attribute [rw] amazon_provided_ipv_6_cidr_block
@@ -9290,6 +9583,10 @@ module Aws::EC2
     #   parameter.
     #   @return [String]
     #
+    # @!attribute [rw] tag_specifications
+    #   The tags to assign to the VPC.
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVpcRequest AWS API Documentation
     #
     class CreateVpcRequest < Struct.new(
@@ -9299,7 +9596,8 @@ module Aws::EC2
       :ipv_6_cidr_block,
       :dry_run,
       :instance_tenancy,
-      :ipv_6_cidr_block_network_border_group)
+      :ipv_6_cidr_block_network_border_group,
+      :tag_specifications)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -10317,6 +10615,46 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DeleteManagedPrefixListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_id: "PrefixListResourceId", # required
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteManagedPrefixListRequest AWS API Documentation
+    #
+    class DeleteManagedPrefixListRequest < Struct.new(
+      :dry_run,
+      :prefix_list_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] prefix_list
+    #   Information about the prefix list.
+    #   @return [Types::ManagedPrefixList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteManagedPrefixListResult AWS API Documentation
+    #
+    class DeleteManagedPrefixListResult < Struct.new(
+      :prefix_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DeleteNatGatewayRequest
     #   data as a hash:
     #
@@ -10606,6 +10944,7 @@ module Aws::EC2
     #       {
     #         destination_cidr_block: "String",
     #         destination_ipv_6_cidr_block: "String",
+    #         destination_prefix_list_id: "PrefixListResourceId",
     #         dry_run: false,
     #         route_table_id: "RouteTableId", # required
     #       }
@@ -10620,6 +10959,10 @@ module Aws::EC2
     #   the CIDR for the route exactly.
     #   @return [String]
     #
+    # @!attribute [rw] destination_prefix_list_id
+    #   The ID of the prefix list for the route.
+    #   @return [String]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -10636,6 +10979,7 @@ module Aws::EC2
     class DeleteRouteRequest < Struct.new(
       :destination_cidr_block,
       :destination_ipv_6_cidr_block,
+      :destination_prefix_list_id,
       :dry_run,
       :route_table_id)
       SENSITIVE = []
@@ -11999,13 +12343,13 @@ module Aws::EC2
     #     Local Zones, use the name of the group associated with the Local
     #     Zone (for example, `us-west-2-lax-1`).
     #
-    #   * `message` - The Availability Zone or Local Zone message.
+    #   * `message` - The Zone message.
     #
     #   * `opt-in-status` - The opt in status (`opted-in`, and
     #     `not-opted-in` \| `opt-in-not-required`).
     #
-    #   * `region-name` - The name of the Region for the Availability Zone
-    #     or Local Zone (for example, `us-east-1`).
+    #   * `region-name` - The name of the Region for the Zone (for example,
+    #     `us-east-1`).
     #
     #   * `state` - The state of the Availability Zone or Local Zone
     #     (`available` \| `information` \| `impaired` \| `unavailable`).
@@ -12019,11 +12363,11 @@ module Aws::EC2
     #   @return [Array<Types::Filter>]
     #
     # @!attribute [rw] zone_names
-    #   The names of the Availability Zones and Local Zones.
+    #   The names of the Zones.
     #   @return [Array<String>]
     #
     # @!attribute [rw] zone_ids
-    #   The IDs of the Availability Zones and Local Zones.
+    #   The IDs of the Zones.
     #   @return [Array<String>]
     #
     # @!attribute [rw] all_availability_zones
@@ -12054,7 +12398,7 @@ module Aws::EC2
     end
 
     # @!attribute [rw] availability_zones
-    #   Information about the Availability Zones and Local Zones.
+    #   Information about the Zones.
     #   @return [Array<Types::AvailabilityZone>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeAvailabilityZonesResult AWS API Documentation
@@ -16771,6 +17115,83 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass DescribeManagedPrefixListsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         filters: [
+    #           {
+    #             name: "String",
+    #             values: ["String"],
+    #           },
+    #         ],
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #         prefix_list_ids: ["String"],
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] filters
+    #   One or more filters.
+    #
+    #   * `owner-id` - The ID of the prefix list owner.
+    #
+    #   * `prefix-list-id` - The ID of the prefix list.
+    #
+    #   * `prefix-list-name` - The name of the prefix list.
+    #   @return [Array<Types::Filter>]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return with a single call. To
+    #   retrieve the remaining results, make another call with the returned
+    #   `nextToken` value.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The token for the next page of results.
+    #   @return [String]
+    #
+    # @!attribute [rw] prefix_list_ids
+    #   One or more prefix list IDs.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeManagedPrefixListsRequest AWS API Documentation
+    #
+    class DescribeManagedPrefixListsRequest < Struct.new(
+      :dry_run,
+      :filters,
+      :max_results,
+      :next_token,
+      :prefix_list_ids)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] next_token
+    #   The token to use to retrieve the next page of results. This value is
+    #   `null` when there are no more results to return.
+    #   @return [String]
+    #
+    # @!attribute [rw] prefix_lists
+    #   Information about the prefix lists.
+    #   @return [Array<Types::ManagedPrefixList>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeManagedPrefixListsResult AWS API Documentation
+    #
+    class DescribeManagedPrefixListsResult < Struct.new(
+      :next_token,
+      :prefix_lists)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass DescribeMovingAddressesRequest
     #   data as a hash:
     #
@@ -17283,9 +17704,6 @@ module Aws::EC2
     #   * `attachment.instance-owner-id` - The owner ID of the instance to
     #     which the network interface is attached.
     #
-    #   * `attachment.nat-gateway-id` - The ID of the NAT gateway to which
-    #     the network interface is attached.
-    #
     #   * `attachment.status` - The status of the attachment (`attaching` \|
     #     `attached` \| `detaching` \| `detached`).
     #
@@ -18689,8 +19107,8 @@ module Aws::EC2
     #   * `egress.ip-permission.ipv6-cidr` - An IPv6 CIDR block for an
     #     outbound security group rule.
     #
-    #   * `egress.ip-permission.prefix-list-id` - The ID (prefix) of the AWS
-    #     service to which a security group rule allows outbound access.
+    #   * `egress.ip-permission.prefix-list-id` - The ID of a prefix list to
+    #     which a security group rule allows outbound access.
     #
     #   * `egress.ip-permission.protocol` - The IP protocol for an outbound
     #     security group rule (`tcp` \| `udp` \| `icmp` or a protocol
@@ -18721,8 +19139,8 @@ module Aws::EC2
     #   * `ip-permission.ipv6-cidr` - An IPv6 CIDR block for an inbound
     #     security group rule.
     #
-    #   * `ip-permission.prefix-list-id` - The ID (prefix) of the AWS
-    #     service from which a security group rule allows inbound access.
+    #   * `ip-permission.prefix-list-id` - The ID of a prefix list from
+    #     which a security group rule allows inbound access.
     #
     #   * `ip-permission.protocol` - The IP protocol for an inbound security
     #     group rule (`tcp` \| `udp` \| `icmp` or a protocol number).
@@ -19398,8 +19816,8 @@ module Aws::EC2
     #   * `state` - The state of the Spot Instance request (`open` \|
     #     `active` \| `closed` \| `cancelled` \| `failed`). Spot request
     #     status information can help you track your Amazon EC2 Spot
-    #     Instance requests. For more information, see [Spot Request
-    #     Status][1] in the *Amazon EC2 User Guide for Linux Instances*.
+    #     Instance requests. For more information, see [Spot request
+    #     status][1] in the *Amazon EC2 User Guide for Linux Instances*.
     #
     #   * `status-code` - The short code describing the most recent
     #     evaluation of your Spot Instance request.
@@ -26389,6 +26807,133 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass GetManagedPrefixListAssociationsRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_id: "PrefixListResourceId", # required
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return with a single call. To
+    #   retrieve the remaining results, make another call with the returned
+    #   `nextToken` value.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The token for the next page of results.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListAssociationsRequest AWS API Documentation
+    #
+    class GetManagedPrefixListAssociationsRequest < Struct.new(
+      :dry_run,
+      :prefix_list_id,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] prefix_list_associations
+    #   Information about the associations.
+    #   @return [Array<Types::PrefixListAssociation>]
+    #
+    # @!attribute [rw] next_token
+    #   The token to use to retrieve the next page of results. This value is
+    #   `null` when there are no more results to return.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListAssociationsResult AWS API Documentation
+    #
+    class GetManagedPrefixListAssociationsResult < Struct.new(
+      :prefix_list_associations,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @note When making an API call, you may pass GetManagedPrefixListEntriesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_id: "PrefixListResourceId", # required
+    #         target_version: 1,
+    #         max_results: 1,
+    #         next_token: "NextToken",
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] target_version
+    #   The version of the prefix list for which to return the entries. The
+    #   default is the current version.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] max_results
+    #   The maximum number of results to return with a single call. To
+    #   retrieve the remaining results, make another call with the returned
+    #   `nextToken` value.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_token
+    #   The token for the next page of results.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListEntriesRequest AWS API Documentation
+    #
+    class GetManagedPrefixListEntriesRequest < Struct.new(
+      :dry_run,
+      :prefix_list_id,
+      :target_version,
+      :max_results,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] entries
+    #   Information about the prefix list entries.
+    #   @return [Array<Types::PrefixListEntry>]
+    #
+    # @!attribute [rw] next_token
+    #   The token to use to retrieve the next page of results. This value is
+    #   `null` when there are no more results to return.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetManagedPrefixListEntriesResult AWS API Documentation
+    #
+    class GetManagedPrefixListEntriesResult < Struct.new(
+      :entries,
+      :next_token)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass GetPasswordDataRequest
     #   data as a hash:
     #
@@ -30646,9 +31191,7 @@ module Aws::EC2
     #   @return [Array<Types::Ipv6Range>]
     #
     # @!attribute [rw] prefix_list_ids
-    #   \[VPC only\] The prefix list IDs for an AWS service. With outbound
-    #   rules, this is the AWS service to access through a VPC endpoint from
-    #   instances associated with the security group.
+    #   \[VPC only\] The prefix list IDs.
     #   @return [Array<Types::PrefixListId>]
     #
     # @!attribute [rw] to_port
@@ -32917,6 +33460,65 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Describes a managed prefix list.
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] address_family
+    #   The IP address version.
+    #   @return [String]
+    #
+    # @!attribute [rw] state
+    #   The state of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] state_message
+    #   The state message.
+    #   @return [String]
+    #
+    # @!attribute [rw] prefix_list_arn
+    #   The Amazon Resource Name (ARN) for the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] prefix_list_name
+    #   The name of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_entries
+    #   The maximum number of entries for the prefix list.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] version
+    #   The version of the prefix list.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] tags
+    #   The tags for the prefix list.
+    #   @return [Array<Types::Tag>]
+    #
+    # @!attribute [rw] owner_id
+    #   The ID of the owner of the prefix list.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ManagedPrefixList AWS API Documentation
+    #
+    class ManagedPrefixList < Struct.new(
+      :prefix_list_id,
+      :address_family,
+      :state,
+      :state_message,
+      :prefix_list_arn,
+      :prefix_list_name,
+      :max_entries,
+      :version,
+      :tags,
+      :owner_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes the memory for the instance type.
     #
     # @!attribute [rw] size_in_mi_b
@@ -34316,6 +34918,79 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ModifyManagedPrefixListRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_id: "PrefixListResourceId", # required
+    #         current_version: 1,
+    #         prefix_list_name: "String",
+    #         add_entries: [
+    #           {
+    #             cidr: "String", # required
+    #             description: "String",
+    #           },
+    #         ],
+    #         remove_entries: [
+    #           {
+    #             cidr: "String", # required
+    #           },
+    #         ],
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] current_version
+    #   The current version of the prefix list.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] prefix_list_name
+    #   A name for the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] add_entries
+    #   One or more entries to add to the prefix list.
+    #   @return [Array<Types::AddPrefixListEntry>]
+    #
+    # @!attribute [rw] remove_entries
+    #   One or more entries to remove from the prefix list.
+    #   @return [Array<Types::RemovePrefixListEntry>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyManagedPrefixListRequest AWS API Documentation
+    #
+    class ModifyManagedPrefixListRequest < Struct.new(
+      :dry_run,
+      :prefix_list_id,
+      :current_version,
+      :prefix_list_name,
+      :add_entries,
+      :remove_entries)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] prefix_list
+    #   Information about the prefix list.
+    #   @return [Types::ManagedPrefixList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyManagedPrefixListResult AWS API Documentation
+    #
+    class ModifyManagedPrefixListResult < Struct.new(
+      :prefix_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Contains the parameters for ModifyNetworkInterfaceAttribute.
     #
     # @note When making an API call, you may pass ModifyNetworkInterfaceAttributeRequest
@@ -37486,6 +38161,44 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Describes the resource with which a prefix list is associated.
+    #
+    # @!attribute [rw] resource_id
+    #   The ID of the resource.
+    #   @return [String]
+    #
+    # @!attribute [rw] resource_owner
+    #   The owner of the resource.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PrefixListAssociation AWS API Documentation
+    #
+    class PrefixListAssociation < Struct.new(
+      :resource_id,
+      :resource_owner)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Describes a prefix list entry.
+    #
+    # @!attribute [rw] cidr
+    #   The CIDR block.
+    #   @return [String]
+    #
+    # @!attribute [rw] description
+    #   The description.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PrefixListEntry AWS API Documentation
+    #
+    class PrefixListEntry < Struct.new(
+      :cidr,
+      :description)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes a prefix list ID.
     #
     # @note When making an API call, you may pass PrefixListId
@@ -38977,6 +39690,27 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # An entry for a prefix list.
+    #
+    # @note When making an API call, you may pass RemovePrefixListEntry
+    #   data as a hash:
+    #
+    #       {
+    #         cidr: "String", # required
+    #       }
+    #
+    # @!attribute [rw] cidr
+    #   The CIDR block.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RemovePrefixListEntry AWS API Documentation
+    #
+    class RemovePrefixListEntry < Struct.new(
+      :cidr)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ReplaceIamInstanceProfileAssociationRequest
     #   data as a hash:
     #
@@ -39167,6 +39901,7 @@ module Aws::EC2
     #       {
     #         destination_cidr_block: "String",
     #         destination_ipv_6_cidr_block: "String",
+    #         destination_prefix_list_id: "PrefixListResourceId",
     #         dry_run: false,
     #         egress_only_internet_gateway_id: "EgressOnlyInternetGatewayId",
     #         gateway_id: "RouteGatewayId",
@@ -39192,6 +39927,10 @@ module Aws::EC2
     #   the table.
     #   @return [String]
     #
+    # @!attribute [rw] destination_prefix_list_id
+    #   The ID of the prefix list for the route.
+    #   @return [String]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -39245,6 +39984,7 @@ module Aws::EC2
     class ReplaceRouteRequest < Struct.new(
       :destination_cidr_block,
       :destination_ipv_6_cidr_block,
+      :destination_prefix_list_id,
       :dry_run,
       :egress_only_internet_gateway_id,
       :gateway_id,
@@ -40105,6 +40845,17 @@ module Aws::EC2
     #         type: "one-time", # accepts one-time, persistent
     #         valid_from: Time.now,
     #         valid_until: Time.now,
+    #         tag_specifications: [
+    #           {
+    #             resource_type: "client-vpn-endpoint", # accepts client-vpn-endpoint, customer-gateway, dedicated-host, dhcp-options, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, internet-gateway, key-pair, launch-template, local-gateway-route-table-vpc-association, natgateway, network-acl, network-interface, placement-group, reserved-instances, route-table, security-group, snapshot, spot-fleet-request, spot-instances-request, subnet, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-multicast-domain, transit-gateway-route-table, volume, vpc, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log
+    #             tags: [
+    #               {
+    #                 key: "String",
+    #                 value: "String",
+    #               },
+    #             ],
+    #           },
+    #         ],
     #         instance_interruption_behavior: "hibernate", # accepts hibernate, stop, terminate
     #       }
     #
@@ -40214,6 +40965,18 @@ module Aws::EC2
     #   default end date is 7 days from the current date.
     #   @return [Time]
     #
+    # @!attribute [rw] tag_specifications
+    #   The key-value pair for tagging the Spot Instance request on
+    #   creation. The value for `ResourceType` must be
+    #   `spot-instances-request`, otherwise the Spot Instance request fails.
+    #   To tag the Spot Instance request after it has been created, see
+    #   [CreateTags][1].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html
+    #   @return [Array<Types::TagSpecification>]
+    #
     # @!attribute [rw] instance_interruption_behavior
     #   The behavior when a Spot Instance is interrupted. The default is
     #   `terminate`.
@@ -40233,6 +40996,7 @@ module Aws::EC2
       :type,
       :valid_from,
       :valid_until,
+      :tag_specifications,
       :instance_interruption_behavior)
       SENSITIVE = []
       include Aws::Structure
@@ -41405,6 +42169,58 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass RestoreManagedPrefixListVersionRequest
+    #   data as a hash:
+    #
+    #       {
+    #         dry_run: false,
+    #         prefix_list_id: "PrefixListResourceId", # required
+    #         previous_version: 1, # required
+    #         current_version: 1, # required
+    #       }
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request, and provides an error response.
+    #   If you have the required permissions, the error response is
+    #   `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] prefix_list_id
+    #   The ID of the prefix list.
+    #   @return [String]
+    #
+    # @!attribute [rw] previous_version
+    #   The version to restore.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] current_version
+    #   The current version number for the prefix list.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RestoreManagedPrefixListVersionRequest AWS API Documentation
+    #
+    class RestoreManagedPrefixListVersionRequest < Struct.new(
+      :dry_run,
+      :prefix_list_id,
+      :previous_version,
+      :current_version)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] prefix_list
+    #   Information about the prefix list.
+    #   @return [Types::ManagedPrefixList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RestoreManagedPrefixListVersionResult AWS API Documentation
+    #
+    class RestoreManagedPrefixListVersionResult < Struct.new(
+      :prefix_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass RevokeClientVpnIngressRequest
     #   data as a hash:
     #
@@ -44923,7 +45739,7 @@ module Aws::EC2
     #   The Amazon Resource Name (ARN) of an AWS Identity and Access
     #   Management (IAM) role that grants the Spot Fleet the permission to
     #   request, launch, terminate, and tag instances on your behalf. For
-    #   more information, see [Spot Fleet Prerequisites][1] in the *Amazon
+    #   more information, see [Spot Fleet prerequisites][1] in the *Amazon
     #   EC2 User Guide for Linux Instances*. Spot Fleet can terminate Spot
     #   Instances on your behalf when you cancel its Spot Fleet request
     #   using [CancelSpotFleetRequests][2] or when the Spot Fleet request
@@ -45200,7 +46016,7 @@ module Aws::EC2
     # @!attribute [rw] state
     #   The state of the Spot Instance request. Spot status information
     #   helps track your Spot Instance requests. For more information, see
-    #   [Spot Status][1] in the *Amazon EC2 User Guide for Linux Instances*.
+    #   [Spot status][1] in the *Amazon EC2 User Guide for Linux Instances*.
     #
     #
     #
@@ -45287,8 +46103,8 @@ module Aws::EC2
     # Describes the status of a Spot Instance request.
     #
     # @!attribute [rw] code
-    #   The status code. For a list of status codes, see [Spot Status
-    #   Codes][1] in the *Amazon EC2 User Guide for Linux Instances*.
+    #   The status code. For a list of status codes, see [Spot status
+    #   codes][1] in the *Amazon EC2 User Guide for Linux Instances*.
     #
     #
     #
@@ -45617,8 +46433,7 @@ module Aws::EC2
     #   @return [Array<String>]
     #
     # @!attribute [rw] prefix_list_ids
-    #   The prefix list IDs for an AWS service. Not applicable for stale
-    #   security group rules.
+    #   The prefix list IDs. Not applicable for stale security group rules.
     #   @return [Array<String>]
     #
     # @!attribute [rw] to_port
@@ -46225,15 +47040,19 @@ module Aws::EC2
     # @!attribute [rw] resource_type
     #   The type of resource to tag. Currently, the resource types that
     #   support tagging on creation are: `capacity-reservation` \|
-    #   `client-vpn-endpoint` \| `dedicated-host` \| `fleet` \| `fpga-image`
-    #   \| `host-reservation` \| `instance` \| `ipv4pool-ec2` \|
-    #   `ipv6pool-ec2` \| `key-pair` \| `launch-template` \| `natgateway` \|
-    #   `spot-fleet-request` \| `placement-group` \| `snapshot` \|
+    #   `client-vpn-endpoint` \| `dedicated-host` \| `dhcp-options` \|
+    #   `export-image-task` \| `export-instance-task` \| `fleet` \|
+    #   `fpga-image` \| `host-reservation` \| `import-image-task` \|
+    #   `import-snapshot-task` \| `instance` \| `internet-gateway` \|
+    #   `ipv4pool-ec2` \| `ipv6pool-ec2` \| `key-pair` \| `launch-template`
+    #   \| `placement-group` \| `prefix-list` \| `launch-template` \|
+    #   `natgateway` \| `network-acl` \| `security-group` \|
+    #   `spot-fleet-request` \| `snapshot` \| `subnet` \|
     #   `traffic-mirror-filter` \| `traffic-mirror-session` \|
     #   `traffic-mirror-target` \| `transit-gateway` \|
     #   `transit-gateway-attachment` \| `transit-gateway-route-table` \|
-    #   `vpc-endpoint` (for interface and gateway endpoints) \|
-    #   `vpc-endpoint-service` (for AWS PrivateLink) \| `volume` \|
+    #   `volume` \|`vpc` \| `vpc-endpoint` (for interface and gateway
+    #   endpoints) \| `vpc-endpoint-service` (for AWS PrivateLink) \|
     #   `vpc-flow-log`.
     #
     #   To tag a resource after it has been created, see [CreateTags][1].