aws-sdk-ec2 1.493.0 → 1.495.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -3258,6 +3258,43 @@ module Aws::EC2
3258
3258
  include Aws::Structure
3259
3259
  end
3260
3260
 
3261
+ # A summary report for the attribute across all Regions.
3262
+ #
3263
+ # @!attribute [rw] attribute_name
3264
+ # The name of the attribute.
3265
+ # @return [String]
3266
+ #
3267
+ # @!attribute [rw] most_frequent_value
3268
+ # The configuration value that is most frequently observed for the
3269
+ # attribute.
3270
+ # @return [String]
3271
+ #
3272
+ # @!attribute [rw] number_of_matched_accounts
3273
+ # The number of accounts with the same configuration value for the
3274
+ # attribute that is most frequently observed.
3275
+ # @return [Integer]
3276
+ #
3277
+ # @!attribute [rw] number_of_unmatched_accounts
3278
+ # The number of accounts with a configuration value different from the
3279
+ # most frequently observed value for the attribute.
3280
+ # @return [Integer]
3281
+ #
3282
+ # @!attribute [rw] regional_summaries
3283
+ # The summary report for each Region for the attribute.
3284
+ # @return [Array<Types::RegionalSummary>]
3285
+ #
3286
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AttributeSummary AWS API Documentation
3287
+ #
3288
+ class AttributeSummary < Struct.new(
3289
+ :attribute_name,
3290
+ :most_frequent_value,
3291
+ :number_of_matched_accounts,
3292
+ :number_of_unmatched_accounts,
3293
+ :regional_summaries)
3294
+ SENSITIVE = []
3295
+ include Aws::Structure
3296
+ end
3297
+
3261
3298
  # Describes a value for a resource attribute that is a String.
3262
3299
  #
3263
3300
  # @!attribute [rw] value
@@ -4281,6 +4318,38 @@ module Aws::EC2
4281
4318
  include Aws::Structure
4282
4319
  end
4283
4320
 
4321
+ # @!attribute [rw] dry_run
4322
+ # Checks whether you have the required permissions for the action,
4323
+ # without actually making the request, and provides an error response.
4324
+ # If you have the required permissions, the error response is
4325
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
4326
+ # @return [Boolean]
4327
+ #
4328
+ # @!attribute [rw] report_id
4329
+ # The ID of the report.
4330
+ # @return [String]
4331
+ #
4332
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CancelDeclarativePoliciesReportRequest AWS API Documentation
4333
+ #
4334
+ class CancelDeclarativePoliciesReportRequest < Struct.new(
4335
+ :dry_run,
4336
+ :report_id)
4337
+ SENSITIVE = []
4338
+ include Aws::Structure
4339
+ end
4340
+
4341
+ # @!attribute [rw] return
4342
+ # Is `true` if the request succeeds, and an error otherwise.
4343
+ # @return [Boolean]
4344
+ #
4345
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CancelDeclarativePoliciesReportResult AWS API Documentation
4346
+ #
4347
+ class CancelDeclarativePoliciesReportResult < Struct.new(
4348
+ :return)
4349
+ SENSITIVE = []
4350
+ include Aws::Structure
4351
+ end
4352
+
4284
4353
  # @!attribute [rw] export_task_id
4285
4354
  # The ID of the export task. This is the ID returned by the
4286
4355
  # `CreateInstanceExportTask` and `ExportImage` operations.
@@ -6655,6 +6724,10 @@ module Aws::EC2
6655
6724
  # The state of the notification.
6656
6725
  # @return [String]
6657
6726
  #
6727
+ # @!attribute [rw] service_region
6728
+ # The Region for the endpoint service.
6729
+ # @return [String]
6730
+ #
6658
6731
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ConnectionNotification AWS API Documentation
6659
6732
  #
6660
6733
  class ConnectionNotification < Struct.new(
@@ -6664,7 +6737,8 @@ module Aws::EC2
6664
6737
  :connection_notification_type,
6665
6738
  :connection_notification_arn,
6666
6739
  :connection_events,
6667
- :connection_notification_state)
6740
+ :connection_notification_state,
6741
+ :service_region)
6668
6742
  SENSITIVE = []
6669
6743
  include Aws::Structure
6670
6744
  end
@@ -7184,6 +7258,20 @@ module Aws::EC2
7184
7258
  # The tags to apply to the new snapshot.
7185
7259
  # @return [Array<Types::TagSpecification>]
7186
7260
  #
7261
+ # @!attribute [rw] completion_duration_minutes
7262
+ # Specify a completion duration, in 15 minute increments, to initiate
7263
+ # a time-based snapshot copy. Time-based snapshot copy operations
7264
+ # complete within the specified duration. For more information, see [
7265
+ # Time-based copies][1].
7266
+ #
7267
+ # If you do not specify a value, the snapshot copy operation is
7268
+ # completed on a best-effort basis.
7269
+ #
7270
+ #
7271
+ #
7272
+ # [1]: https://docs.aws.amazon.com/ebs/latest/userguide/time-based-copies.html
7273
+ # @return [Integer]
7274
+ #
7187
7275
  # @!attribute [rw] dry_run
7188
7276
  # Checks whether you have the required permissions for the action,
7189
7277
  # without actually making the request, and provides an error response.
@@ -7203,6 +7291,7 @@ module Aws::EC2
7203
7291
  :source_region,
7204
7292
  :source_snapshot_id,
7205
7293
  :tag_specifications,
7294
+ :completion_duration_minutes,
7206
7295
  :dry_run)
7207
7296
  SENSITIVE = [:presigned_url]
7208
7297
  include Aws::Structure
@@ -12824,6 +12913,35 @@ module Aws::EC2
12824
12913
  include Aws::Structure
12825
12914
  end
12826
12915
 
12916
+ # Describes the CIDR options for a Verified Access endpoint.
12917
+ #
12918
+ # @!attribute [rw] protocol
12919
+ # The protocol.
12920
+ # @return [String]
12921
+ #
12922
+ # @!attribute [rw] subnet_ids
12923
+ # The IDs of the subnets.
12924
+ # @return [Array<String>]
12925
+ #
12926
+ # @!attribute [rw] cidr
12927
+ # The CIDR.
12928
+ # @return [String]
12929
+ #
12930
+ # @!attribute [rw] port_ranges
12931
+ # The port ranges.
12932
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12933
+ #
12934
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointCidrOptions AWS API Documentation
12935
+ #
12936
+ class CreateVerifiedAccessEndpointCidrOptions < Struct.new(
12937
+ :protocol,
12938
+ :subnet_ids,
12939
+ :cidr,
12940
+ :port_ranges)
12941
+ SENSITIVE = []
12942
+ include Aws::Structure
12943
+ end
12944
+
12827
12945
  # Describes the network interface options when creating an Amazon Web
12828
12946
  # Services Verified Access endpoint using the `network-interface` type.
12829
12947
  #
@@ -12839,12 +12957,17 @@ module Aws::EC2
12839
12957
  # The IP port number.
12840
12958
  # @return [Integer]
12841
12959
  #
12960
+ # @!attribute [rw] port_ranges
12961
+ # The port ranges.
12962
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12963
+ #
12842
12964
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointEniOptions AWS API Documentation
12843
12965
  #
12844
12966
  class CreateVerifiedAccessEndpointEniOptions < Struct.new(
12845
12967
  :network_interface_id,
12846
12968
  :protocol,
12847
- :port)
12969
+ :port,
12970
+ :port_ranges)
12848
12971
  SENSITIVE = []
12849
12972
  include Aws::Structure
12850
12973
  end
@@ -12868,12 +12991,80 @@ module Aws::EC2
12868
12991
  # The IDs of the subnets.
12869
12992
  # @return [Array<String>]
12870
12993
  #
12994
+ # @!attribute [rw] port_ranges
12995
+ # The port ranges.
12996
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12997
+ #
12871
12998
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
12872
12999
  #
12873
13000
  class CreateVerifiedAccessEndpointLoadBalancerOptions < Struct.new(
12874
13001
  :protocol,
12875
13002
  :port,
12876
13003
  :load_balancer_arn,
13004
+ :subnet_ids,
13005
+ :port_ranges)
13006
+ SENSITIVE = []
13007
+ include Aws::Structure
13008
+ end
13009
+
13010
+ # Describes the port range for a Verified Access endpoint.
13011
+ #
13012
+ # @!attribute [rw] from_port
13013
+ # The start of the port range.
13014
+ # @return [Integer]
13015
+ #
13016
+ # @!attribute [rw] to_port
13017
+ # The end of the port range.
13018
+ # @return [Integer]
13019
+ #
13020
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointPortRange AWS API Documentation
13021
+ #
13022
+ class CreateVerifiedAccessEndpointPortRange < Struct.new(
13023
+ :from_port,
13024
+ :to_port)
13025
+ SENSITIVE = []
13026
+ include Aws::Structure
13027
+ end
13028
+
13029
+ # Describes the RDS options for a Verified Access endpoint.
13030
+ #
13031
+ # @!attribute [rw] protocol
13032
+ # The protocol.
13033
+ # @return [String]
13034
+ #
13035
+ # @!attribute [rw] port
13036
+ # The port.
13037
+ # @return [Integer]
13038
+ #
13039
+ # @!attribute [rw] rds_db_instance_arn
13040
+ # The ARN of the RDS instance.
13041
+ # @return [String]
13042
+ #
13043
+ # @!attribute [rw] rds_db_cluster_arn
13044
+ # The ARN of the DB cluster.
13045
+ # @return [String]
13046
+ #
13047
+ # @!attribute [rw] rds_db_proxy_arn
13048
+ # The ARN of the RDS proxy.
13049
+ # @return [String]
13050
+ #
13051
+ # @!attribute [rw] rds_endpoint
13052
+ # The RDS endpoint.
13053
+ # @return [String]
13054
+ #
13055
+ # @!attribute [rw] subnet_ids
13056
+ # The IDs of the subnets.
13057
+ # @return [Array<String>]
13058
+ #
13059
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointRdsOptions AWS API Documentation
13060
+ #
13061
+ class CreateVerifiedAccessEndpointRdsOptions < Struct.new(
13062
+ :protocol,
13063
+ :port,
13064
+ :rds_db_instance_arn,
13065
+ :rds_db_cluster_arn,
13066
+ :rds_db_proxy_arn,
13067
+ :rds_endpoint,
12877
13068
  :subnet_ids)
12878
13069
  SENSITIVE = []
12879
13070
  include Aws::Structure
@@ -12958,6 +13149,16 @@ module Aws::EC2
12958
13149
  # The options for server side encryption.
12959
13150
  # @return [Types::VerifiedAccessSseSpecificationRequest]
12960
13151
  #
13152
+ # @!attribute [rw] rds_options
13153
+ # The RDS details. This parameter is required if the endpoint type is
13154
+ # `rds`.
13155
+ # @return [Types::CreateVerifiedAccessEndpointRdsOptions]
13156
+ #
13157
+ # @!attribute [rw] cidr_options
13158
+ # The CIDR options. This parameter is required if the endpoint type is
13159
+ # `cidr`.
13160
+ # @return [Types::CreateVerifiedAccessEndpointCidrOptions]
13161
+ #
12961
13162
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointRequest AWS API Documentation
12962
13163
  #
12963
13164
  class CreateVerifiedAccessEndpointRequest < Struct.new(
@@ -12975,7 +13176,9 @@ module Aws::EC2
12975
13176
  :tag_specifications,
12976
13177
  :client_token,
12977
13178
  :dry_run,
12978
- :sse_specification)
13179
+ :sse_specification,
13180
+ :rds_options,
13181
+ :cidr_options)
12979
13182
  SENSITIVE = []
12980
13183
  include Aws::Structure
12981
13184
  end
@@ -13091,6 +13294,10 @@ module Aws::EC2
13091
13294
  # Standards (FIPS) on the instance.
13092
13295
  # @return [Boolean]
13093
13296
  #
13297
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
13298
+ # The custom subdomain.
13299
+ # @return [String]
13300
+ #
13094
13301
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessInstanceRequest AWS API Documentation
13095
13302
  #
13096
13303
  class CreateVerifiedAccessInstanceRequest < Struct.new(
@@ -13098,7 +13305,8 @@ module Aws::EC2
13098
13305
  :tag_specifications,
13099
13306
  :client_token,
13100
13307
  :dry_run,
13101
- :fips_enabled)
13308
+ :fips_enabled,
13309
+ :cidr_endpoints_custom_sub_domain)
13102
13310
  SENSITIVE = []
13103
13311
  include Aws::Structure
13104
13312
  end
@@ -13115,6 +13323,55 @@ module Aws::EC2
13115
13323
  include Aws::Structure
13116
13324
  end
13117
13325
 
13326
+ # Describes the OpenID Connect (OIDC) options.
13327
+ #
13328
+ # @!attribute [rw] public_signing_key_endpoint
13329
+ # The public signing key endpoint.
13330
+ # @return [String]
13331
+ #
13332
+ # @!attribute [rw] issuer
13333
+ # The OIDC issuer identifier of the IdP.
13334
+ # @return [String]
13335
+ #
13336
+ # @!attribute [rw] authorization_endpoint
13337
+ # The authorization endpoint of the IdP.
13338
+ # @return [String]
13339
+ #
13340
+ # @!attribute [rw] token_endpoint
13341
+ # The token endpoint of the IdP.
13342
+ # @return [String]
13343
+ #
13344
+ # @!attribute [rw] user_info_endpoint
13345
+ # The user info endpoint of the IdP.
13346
+ # @return [String]
13347
+ #
13348
+ # @!attribute [rw] client_id
13349
+ # The OAuth 2.0 client identifier.
13350
+ # @return [String]
13351
+ #
13352
+ # @!attribute [rw] client_secret
13353
+ # The OAuth 2.0 client secret.
13354
+ # @return [String]
13355
+ #
13356
+ # @!attribute [rw] scope
13357
+ # The set of user claims to be requested from the IdP.
13358
+ # @return [String]
13359
+ #
13360
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessNativeApplicationOidcOptions AWS API Documentation
13361
+ #
13362
+ class CreateVerifiedAccessNativeApplicationOidcOptions < Struct.new(
13363
+ :public_signing_key_endpoint,
13364
+ :issuer,
13365
+ :authorization_endpoint,
13366
+ :token_endpoint,
13367
+ :user_info_endpoint,
13368
+ :client_id,
13369
+ :client_secret,
13370
+ :scope)
13371
+ SENSITIVE = [:client_secret]
13372
+ include Aws::Structure
13373
+ end
13374
+
13118
13375
  # Describes the options when creating an Amazon Web Services Verified
13119
13376
  # Access trust provider using the `device` type.
13120
13377
  #
@@ -13244,6 +13501,10 @@ module Aws::EC2
13244
13501
  # The options for server side encryption.
13245
13502
  # @return [Types::VerifiedAccessSseSpecificationRequest]
13246
13503
  #
13504
+ # @!attribute [rw] native_application_oidc_options
13505
+ # The OpenID Connect (OIDC) options.
13506
+ # @return [Types::CreateVerifiedAccessNativeApplicationOidcOptions]
13507
+ #
13247
13508
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessTrustProviderRequest AWS API Documentation
13248
13509
  #
13249
13510
  class CreateVerifiedAccessTrustProviderRequest < Struct.new(
@@ -13257,7 +13518,8 @@ module Aws::EC2
13257
13518
  :tag_specifications,
13258
13519
  :client_token,
13259
13520
  :dry_run,
13260
- :sse_specification)
13521
+ :sse_specification,
13522
+ :native_application_oidc_options)
13261
13523
  SENSITIVE = []
13262
13524
  include Aws::Structure
13263
13525
  end
@@ -13733,6 +13995,21 @@ module Aws::EC2
13733
13995
  # The subnet configurations for the endpoint.
13734
13996
  # @return [Array<Types::SubnetConfiguration>]
13735
13997
  #
13998
+ # @!attribute [rw] service_network_arn
13999
+ # The Amazon Resource Name (ARN) of a service network that will be
14000
+ # associated with the VPC endpoint of type service-network.
14001
+ # @return [String]
14002
+ #
14003
+ # @!attribute [rw] resource_configuration_arn
14004
+ # The Amazon Resource Name (ARN) of a resource configuration that will
14005
+ # be associated with the VPC endpoint of type resource.
14006
+ # @return [String]
14007
+ #
14008
+ # @!attribute [rw] service_region
14009
+ # The Region where the service is hosted. The default is the current
14010
+ # Region.
14011
+ # @return [String]
14012
+ #
13736
14013
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVpcEndpointRequest AWS API Documentation
13737
14014
  #
13738
14015
  class CreateVpcEndpointRequest < Struct.new(
@@ -13749,7 +14026,10 @@ module Aws::EC2
13749
14026
  :client_token,
13750
14027
  :private_dns_enabled,
13751
14028
  :tag_specifications,
13752
- :subnet_configurations)
14029
+ :subnet_configurations,
14030
+ :service_network_arn,
14031
+ :resource_configuration_arn,
14032
+ :service_region)
13753
14033
  SENSITIVE = []
13754
14034
  include Aws::Structure
13755
14035
  end
@@ -13802,6 +14082,10 @@ module Aws::EC2
13802
14082
  # `ipv6`.
13803
14083
  # @return [Array<String>]
13804
14084
  #
14085
+ # @!attribute [rw] supported_regions
14086
+ # The Regions from which service consumers can access the service.
14087
+ # @return [Array<String>]
14088
+ #
13805
14089
  # @!attribute [rw] client_token
13806
14090
  # Unique, case-sensitive identifier that you provide to ensure the
13807
14091
  # idempotency of the request. For more information, see [How to ensure
@@ -13825,6 +14109,7 @@ module Aws::EC2
13825
14109
  :network_load_balancer_arns,
13826
14110
  :gateway_load_balancer_arns,
13827
14111
  :supported_ip_address_types,
14112
+ :supported_regions,
13828
14113
  :client_token,
13829
14114
  :tag_specifications)
13830
14115
  SENSITIVE = []
@@ -14374,6 +14659,63 @@ module Aws::EC2
14374
14659
  include Aws::Structure
14375
14660
  end
14376
14661
 
14662
+ # Describes the metadata of the account status report.
14663
+ #
14664
+ # @!attribute [rw] report_id
14665
+ # The ID of the report.
14666
+ # @return [String]
14667
+ #
14668
+ # @!attribute [rw] s3_bucket
14669
+ # The name of the Amazon S3 bucket where the report is located.
14670
+ # @return [String]
14671
+ #
14672
+ # @!attribute [rw] s3_prefix
14673
+ # The prefix for your S3 object.
14674
+ # @return [String]
14675
+ #
14676
+ # @!attribute [rw] target_id
14677
+ # The root ID, organizational unit ID, or account ID.
14678
+ #
14679
+ # Format:
14680
+ #
14681
+ # * For root: `r-ab12`
14682
+ #
14683
+ # * For OU: `ou-ab12-cdef1234`
14684
+ #
14685
+ # * For account: `123456789012`
14686
+ # @return [String]
14687
+ #
14688
+ # @!attribute [rw] start_time
14689
+ # The time when the report generation started.
14690
+ # @return [Time]
14691
+ #
14692
+ # @!attribute [rw] end_time
14693
+ # The time when the report generation ended.
14694
+ # @return [Time]
14695
+ #
14696
+ # @!attribute [rw] status
14697
+ # The current status of the report.
14698
+ # @return [String]
14699
+ #
14700
+ # @!attribute [rw] tags
14701
+ # Any tags assigned to the report.
14702
+ # @return [Array<Types::Tag>]
14703
+ #
14704
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeclarativePoliciesReport AWS API Documentation
14705
+ #
14706
+ class DeclarativePoliciesReport < Struct.new(
14707
+ :report_id,
14708
+ :s3_bucket,
14709
+ :s3_prefix,
14710
+ :target_id,
14711
+ :start_time,
14712
+ :end_time,
14713
+ :status,
14714
+ :tags)
14715
+ SENSITIVE = []
14716
+ include Aws::Structure
14717
+ end
14718
+
14377
14719
  # @!attribute [rw] carrier_gateway_id
14378
14720
  # The ID of the carrier gateway.
14379
14721
  # @return [String]
@@ -18961,6 +19303,62 @@ module Aws::EC2
18961
19303
  include Aws::Structure
18962
19304
  end
18963
19305
 
19306
+ # @!attribute [rw] dry_run
19307
+ # Checks whether you have the required permissions for the action,
19308
+ # without actually making the request, and provides an error response.
19309
+ # If you have the required permissions, the error response is
19310
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
19311
+ # @return [Boolean]
19312
+ #
19313
+ # @!attribute [rw] next_token
19314
+ # The token returned from a previous paginated request. Pagination
19315
+ # continues from the end of the items returned by the previous
19316
+ # request.
19317
+ # @return [String]
19318
+ #
19319
+ # @!attribute [rw] max_results
19320
+ # The maximum number of items to return for this request. To get the
19321
+ # next page of items, make another request with the token returned in
19322
+ # the output. For more information, see [Pagination][1].
19323
+ #
19324
+ #
19325
+ #
19326
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination
19327
+ # @return [Integer]
19328
+ #
19329
+ # @!attribute [rw] report_ids
19330
+ # One or more report IDs.
19331
+ # @return [Array<String>]
19332
+ #
19333
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeDeclarativePoliciesReportsRequest AWS API Documentation
19334
+ #
19335
+ class DescribeDeclarativePoliciesReportsRequest < Struct.new(
19336
+ :dry_run,
19337
+ :next_token,
19338
+ :max_results,
19339
+ :report_ids)
19340
+ SENSITIVE = []
19341
+ include Aws::Structure
19342
+ end
19343
+
19344
+ # @!attribute [rw] next_token
19345
+ # The token to include in another request to get the next page of
19346
+ # items. This value is `null` when there are no more items to return.
19347
+ # @return [String]
19348
+ #
19349
+ # @!attribute [rw] reports
19350
+ # The report metadata.
19351
+ # @return [Array<Types::DeclarativePoliciesReport>]
19352
+ #
19353
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeDeclarativePoliciesReportsResult AWS API Documentation
19354
+ #
19355
+ class DescribeDeclarativePoliciesReportsResult < Struct.new(
19356
+ :next_token,
19357
+ :reports)
19358
+ SENSITIVE = []
19359
+ include Aws::Structure
19360
+ end
19361
+
18964
19362
  # @!attribute [rw] dhcp_options_ids
18965
19363
  # The IDs of DHCP option sets.
18966
19364
  # @return [Array<String>]
@@ -20583,6 +20981,9 @@ module Aws::EC2
20583
20981
  #
20584
20982
  # * `hypervisor` - The hypervisor type (`ovm` \| `xen`).
20585
20983
  #
20984
+ # * `image-allowed` - A Boolean that indicates whether the image meets
20985
+ # the criteria specified for Allowed AMIs.
20986
+ #
20586
20987
  # * `image-id` - The ID of the image.
20587
20988
  #
20588
20989
  # * `image-type` - The image type (`machine` \| `kernel` \|
@@ -20623,6 +21024,11 @@ module Aws::EC2
20623
21024
  # * `root-device-type` - The type of the root device volume (`ebs` \|
20624
21025
  # `instance-store`).
20625
21026
  #
21027
+ # * `source-image-id` - The ID of the source AMI from which the AMI
21028
+ # was created.
21029
+ #
21030
+ # * `source-image-region` - The Region of the source AMI.
21031
+ #
20626
21032
  # * `source-instance-id` - The ID of the instance that the AMI was
20627
21033
  # created from if the AMI was created using CreateImage. This filter
20628
21034
  # is applicable only if the AMI was created using [CreateImage][1].
@@ -21114,6 +21520,9 @@ module Aws::EC2
21114
21520
  #
21115
21521
  # * `instance-id` - The ID of the instance.
21116
21522
  #
21523
+ # * `image-allowed` - A Boolean that indicates whether the image meets
21524
+ # the criteria specified for Allowed AMIs.
21525
+ #
21117
21526
  # * `instance-state-name` - The state of the instance (`pending` \|
21118
21527
  # `running` \| `shutting-down` \| `terminated` \| `stopping` \|
21119
21528
  # `stopped`).
@@ -21125,6 +21534,16 @@ module Aws::EC2
21125
21534
  # for example, `2023-09-29T11:04:43.305Z`. You can use a wildcard
21126
21535
  # (`*`), for example, `2023-09-29T*`, which matches an entire day.
21127
21536
  #
21537
+ # * `owner-alias` - The owner alias (`amazon` \| `aws-marketplace` \|
21538
+ # `aws-backup-vault`). The valid aliases are defined in an
21539
+ # Amazon-maintained list. This is not the Amazon Web Services
21540
+ # account alias that can be set using the IAM console. We recommend
21541
+ # that you use the `Owner` request parameter instead of this filter.
21542
+ #
21543
+ # * `owner-id` - The Amazon Web Services account ID of the owner. We
21544
+ # recommend that you use the `Owner` request parameter instead of
21545
+ # this filter.
21546
+ #
21128
21547
  # * `tag:<key>` - The key/value combination of a tag assigned to the
21129
21548
  # resource. Use the tag key in the filter name and the tag value as
21130
21549
  # the filter value. For example, to find all resources that have a
@@ -21279,6 +21698,12 @@ module Aws::EC2
21279
21698
  # `impaired` \| `initializing` \| `insufficient-data` \|
21280
21699
  # `not-applicable`).
21281
21700
  #
21701
+ # * `operator.managed` - A Boolean that indicates whether this is a
21702
+ # managed instance.
21703
+ #
21704
+ # * `operator.principal` - The principal that manages the instance.
21705
+ # Only valid for managed instances, where `managed` is `true`.
21706
+ #
21282
21707
  # * `system-status.reachability` - Filters on system status where the
21283
21708
  # name is `reachability` (`passed` \| `failed` \| `initializing` \|
21284
21709
  # `insufficient-data`).
@@ -22011,6 +22436,13 @@ module Aws::EC2
22011
22436
  # * `network-interface.network-interface-id` - The ID of the network
22012
22437
  # interface.
22013
22438
  #
22439
+ # * `network-interface.operator.managed` - A Boolean that indicates
22440
+ # whether the instance has a managed network interface.
22441
+ #
22442
+ # * `network-interface.operator.principal` - The principal that
22443
+ # manages the network interface. Only valid for instances with
22444
+ # managed network interfaces, where `managed` is `true`.
22445
+ #
22014
22446
  # * `network-interface.outpost-arn` - The ARN of the Outpost.
22015
22447
  #
22016
22448
  # * `network-interface.owner-id` - The ID of the owner of the network
@@ -22050,6 +22482,12 @@ module Aws::EC2
22050
22482
  # * `network-interface.vpc-id` - The ID of the VPC for the network
22051
22483
  # interface.
22052
22484
  #
22485
+ # * `operator.managed` - A Boolean that indicates whether this is a
22486
+ # managed instance.
22487
+ #
22488
+ # * `operator.principal` - The principal that manages the instance.
22489
+ # Only valid for managed instances, where `managed` is `true`.
22490
+ #
22053
22491
  # * `outpost-arn` - The Amazon Resource Name (ARN) of the Outpost.
22054
22492
  #
22055
22493
  # * `owner-id` - The Amazon Web Services account ID of the instance
@@ -24479,6 +24917,13 @@ module Aws::EC2
24479
24917
  #
24480
24918
  # * `network-interface-id` - The ID of the network interface.
24481
24919
  #
24920
+ # * `operator.managed` - A Boolean that indicates whether this is a
24921
+ # managed network interface.
24922
+ #
24923
+ # * `operator.principal` - The principal that manages the network
24924
+ # interface. Only valid for managed network interfaces, where
24925
+ # `managed` is `true`.
24926
+ #
24482
24927
  # * `owner-id` - The Amazon Web Services account ID of the network
24483
24928
  # interface owner.
24484
24929
  #
@@ -26137,6 +26582,9 @@ module Aws::EC2
26137
26582
  # * `storage-tier` - The storage tier of the snapshot (`archive` \|
26138
26583
  # `standard`).
26139
26584
  #
26585
+ # * `transfer-type` - The type of operation used to create the
26586
+ # snapshot (`time-based` \| `standard`).
26587
+ #
26140
26588
  # * `tag`:&lt;key&gt; - The key/value combination of a tag assigned to
26141
26589
  # the resource. Use the tag key in the filter name and the tag value
26142
26590
  # as the filter value. For example, to find all resources that have
@@ -28689,13 +29137,19 @@ module Aws::EC2
28689
29137
  # * `encrypted` - Indicates whether the volume is encrypted (`true` \|
28690
29138
  # `false`)
28691
29139
  #
28692
- # * `multi-attach-enabled` - Indicates whether the volume is enabled
28693
- # for Multi-Attach (`true` \| `false`)
28694
- #
28695
29140
  # * `fast-restored` - Indicates whether the volume was created from a
28696
29141
  # snapshot that is enabled for fast snapshot restore (`true` \|
28697
29142
  # `false`).
28698
29143
  #
29144
+ # * `multi-attach-enabled` - Indicates whether the volume is enabled
29145
+ # for Multi-Attach (`true` \| `false`)
29146
+ #
29147
+ # * `operator.managed` - A Boolean that indicates whether this is a
29148
+ # managed volume.
29149
+ #
29150
+ # * `operator.principal` - The principal that manages the volume. Only
29151
+ # valid for managed volumes, where `managed` is `true`.
29152
+ #
28699
29153
  # * `size` - The size of the volume, in GiB.
28700
29154
  #
28701
29155
  # * `snapshot-id` - The snapshot from which the volume was created.
@@ -29033,6 +29487,79 @@ module Aws::EC2
29033
29487
  include Aws::Structure
29034
29488
  end
29035
29489
 
29490
+ # @!attribute [rw] dry_run
29491
+ # Checks whether you have the required permissions for the action,
29492
+ # without actually making the request, and provides an error response.
29493
+ # If you have the required permissions, the error response is
29494
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
29495
+ # @return [Boolean]
29496
+ #
29497
+ # @!attribute [rw] vpc_endpoint_ids
29498
+ # The IDs of the VPC endpoints.
29499
+ # @return [Array<String>]
29500
+ #
29501
+ # @!attribute [rw] filters
29502
+ # The filters.
29503
+ #
29504
+ # * `vpc-endpoint-id` - The ID of the VPC endpoint.
29505
+ #
29506
+ # * `associated-resource-accessibility` - The association state. When
29507
+ # the state is `accessible`, it returns `AVAILABLE`. When the state
29508
+ # is `inaccessible`, it returns `PENDING` or `FAILED`.
29509
+ #
29510
+ # * `association-id` - The ID of the VPC endpoint association.
29511
+ #
29512
+ # * `associated-resource-id` - The ID of the associated resource
29513
+ # configuration.
29514
+ #
29515
+ # * `service-network-arn` - The Amazon Resource Name (ARN) of the
29516
+ # associated service network. Only VPC endpoints of type service
29517
+ # network will be returned.
29518
+ #
29519
+ # * `resource-configuration-group-arn` - The Amazon Resource Name
29520
+ # (ARN) of the resource configuration of type GROUP.
29521
+ #
29522
+ # * `service-network-resource-association-id` - The ID of the
29523
+ # association.
29524
+ # @return [Array<Types::Filter>]
29525
+ #
29526
+ # @!attribute [rw] max_results
29527
+ # The maximum page size.
29528
+ # @return [Integer]
29529
+ #
29530
+ # @!attribute [rw] next_token
29531
+ # The pagination token.
29532
+ # @return [String]
29533
+ #
29534
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointAssociationsRequest AWS API Documentation
29535
+ #
29536
+ class DescribeVpcEndpointAssociationsRequest < Struct.new(
29537
+ :dry_run,
29538
+ :vpc_endpoint_ids,
29539
+ :filters,
29540
+ :max_results,
29541
+ :next_token)
29542
+ SENSITIVE = []
29543
+ include Aws::Structure
29544
+ end
29545
+
29546
+ # @!attribute [rw] vpc_endpoint_associations
29547
+ # Details of the endpoint associations.
29548
+ # @return [Array<Types::VpcEndpointAssociation>]
29549
+ #
29550
+ # @!attribute [rw] next_token
29551
+ # The pagination token.
29552
+ # @return [String]
29553
+ #
29554
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointAssociationsResult AWS API Documentation
29555
+ #
29556
+ class DescribeVpcEndpointAssociationsResult < Struct.new(
29557
+ :vpc_endpoint_associations,
29558
+ :next_token)
29559
+ SENSITIVE = []
29560
+ include Aws::Structure
29561
+ end
29562
+
29036
29563
  # @!attribute [rw] dry_run
29037
29564
  # Checks whether you have the required permissions for the action,
29038
29565
  # without actually making the request, and provides an error response.
@@ -29120,6 +29647,9 @@ module Aws::EC2
29120
29647
  # * `vpc-endpoint-owner` - The ID of the Amazon Web Services account
29121
29648
  # ID that owns the endpoint.
29122
29649
  #
29650
+ # * `vpc-endpoint-region` - The Region of the endpoint or
29651
+ # `cross-region` to find endpoints for other Regions.
29652
+ #
29123
29653
  # * `vpc-endpoint-state` - The state of the endpoint
29124
29654
  # (`pendingAcceptance` \| `pending` \| `available` \| `deleting` \|
29125
29655
  # `deleted` \| `rejected` \| `failed`).
@@ -29326,6 +29856,8 @@ module Aws::EC2
29326
29856
  #
29327
29857
  # * `service-name` - The name of the service.
29328
29858
  #
29859
+ # * `service-region` - The Region of the service.
29860
+ #
29329
29861
  # * `service-type` - The type of service (`Interface` \| `Gateway` \|
29330
29862
  # `GatewayLoadBalancer`).
29331
29863
  #
@@ -29357,6 +29889,10 @@ module Aws::EC2
29357
29889
  # token from a prior call.)
29358
29890
  # @return [String]
29359
29891
  #
29892
+ # @!attribute [rw] service_regions
29893
+ # The service Regions.
29894
+ # @return [Array<String>]
29895
+ #
29360
29896
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointServicesRequest AWS API Documentation
29361
29897
  #
29362
29898
  class DescribeVpcEndpointServicesRequest < Struct.new(
@@ -29364,7 +29900,8 @@ module Aws::EC2
29364
29900
  :service_names,
29365
29901
  :filters,
29366
29902
  :max_results,
29367
- :next_token)
29903
+ :next_token,
29904
+ :service_regions)
29368
29905
  SENSITIVE = []
29369
29906
  include Aws::Structure
29370
29907
  end
@@ -29410,6 +29947,8 @@ module Aws::EC2
29410
29947
  #
29411
29948
  # * `service-name` - The name of the service.
29412
29949
  #
29950
+ # * `service-region` - The Region of the service.
29951
+ #
29413
29952
  # * `tag`:&lt;key&gt; - The key/value combination of a tag assigned to
29414
29953
  # the resource. Use the tag key in the filter name and the tag value
29415
29954
  # as the filter value. For example, to find all resources that have
@@ -30259,6 +30798,34 @@ module Aws::EC2
30259
30798
  include Aws::Structure
30260
30799
  end
30261
30800
 
30801
+ # @!attribute [rw] dry_run
30802
+ # Checks whether you have the required permissions for the action,
30803
+ # without actually making the request, and provides an error response.
30804
+ # If you have the required permissions, the error response is
30805
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
30806
+ # @return [Boolean]
30807
+ #
30808
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableAllowedImagesSettingsRequest AWS API Documentation
30809
+ #
30810
+ class DisableAllowedImagesSettingsRequest < Struct.new(
30811
+ :dry_run)
30812
+ SENSITIVE = []
30813
+ include Aws::Structure
30814
+ end
30815
+
30816
+ # @!attribute [rw] allowed_images_settings_state
30817
+ # Returns `disabled` if the request succeeds; otherwise, it returns an
30818
+ # error.
30819
+ # @return [String]
30820
+ #
30821
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableAllowedImagesSettingsResult AWS API Documentation
30822
+ #
30823
+ class DisableAllowedImagesSettingsResult < Struct.new(
30824
+ :allowed_images_settings_state)
30825
+ SENSITIVE = []
30826
+ include Aws::Structure
30827
+ end
30828
+
30262
30829
  # @!attribute [rw] source
30263
30830
  # The source Region or Availability Zone that the metric subscription
30264
30831
  # is disabled for. For example, `us-east-1`.
@@ -32039,7 +32606,7 @@ module Aws::EC2
32039
32606
  # @return [String]
32040
32607
  #
32041
32608
  # @!attribute [rw] operator
32042
- # The entity that manages the EBS volume.
32609
+ # The service provider that manages the EBS volume.
32043
32610
  # @return [Types::OperatorResponse]
32044
32611
  #
32045
32612
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EbsInstanceBlockDevice AWS API Documentation
@@ -32645,6 +33212,41 @@ module Aws::EC2
32645
33212
  include Aws::Structure
32646
33213
  end
32647
33214
 
33215
+ # @!attribute [rw] allowed_images_settings_state
33216
+ # Specify `enabled` to apply the image criteria specified by the
33217
+ # Allowed AMIs settings. Specify `audit-mode` so that you can check
33218
+ # which AMIs will be allowed or not allowed by the image criteria.
33219
+ # @return [String]
33220
+ #
33221
+ # @!attribute [rw] dry_run
33222
+ # Checks whether you have the required permissions for the action,
33223
+ # without actually making the request, and provides an error response.
33224
+ # If you have the required permissions, the error response is
33225
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
33226
+ # @return [Boolean]
33227
+ #
33228
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableAllowedImagesSettingsRequest AWS API Documentation
33229
+ #
33230
+ class EnableAllowedImagesSettingsRequest < Struct.new(
33231
+ :allowed_images_settings_state,
33232
+ :dry_run)
33233
+ SENSITIVE = []
33234
+ include Aws::Structure
33235
+ end
33236
+
33237
+ # @!attribute [rw] allowed_images_settings_state
33238
+ # Returns `enabled` or `audit-mode` if the request succeeds;
33239
+ # otherwise, it returns an error.
33240
+ # @return [String]
33241
+ #
33242
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableAllowedImagesSettingsResult AWS API Documentation
33243
+ #
33244
+ class EnableAllowedImagesSettingsResult < Struct.new(
33245
+ :allowed_images_settings_state)
33246
+ SENSITIVE = []
33247
+ include Aws::Structure
33248
+ end
33249
+
32648
33250
  # @!attribute [rw] source
32649
33251
  # The source Region (like `us-east-1`) or Availability Zone ID (like
32650
33252
  # `use1-az1`) that the metric subscription is enabled for. If you use
@@ -34357,6 +34959,63 @@ module Aws::EC2
34357
34959
  include Aws::Structure
34358
34960
  end
34359
34961
 
34962
+ # @!attribute [rw] verified_access_instance_id
34963
+ # The ID of the Verified Access instance.
34964
+ # @return [String]
34965
+ #
34966
+ # @!attribute [rw] dry_run
34967
+ # Checks whether you have the required permissions for the action,
34968
+ # without actually making the request, and provides an error response.
34969
+ # If you have the required permissions, the error response is
34970
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
34971
+ # @return [Boolean]
34972
+ #
34973
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportVerifiedAccessInstanceClientConfigurationRequest AWS API Documentation
34974
+ #
34975
+ class ExportVerifiedAccessInstanceClientConfigurationRequest < Struct.new(
34976
+ :verified_access_instance_id,
34977
+ :dry_run)
34978
+ SENSITIVE = []
34979
+ include Aws::Structure
34980
+ end
34981
+
34982
+ # @!attribute [rw] version
34983
+ # The version.
34984
+ # @return [String]
34985
+ #
34986
+ # @!attribute [rw] verified_access_instance_id
34987
+ # The ID of the Verified Access instance.
34988
+ # @return [String]
34989
+ #
34990
+ # @!attribute [rw] region
34991
+ # The Region.
34992
+ # @return [String]
34993
+ #
34994
+ # @!attribute [rw] device_trust_providers
34995
+ # The device trust providers.
34996
+ # @return [Array<String>]
34997
+ #
34998
+ # @!attribute [rw] user_trust_provider
34999
+ # The user identity trust provider.
35000
+ # @return [Types::VerifiedAccessInstanceUserTrustProviderClientConfiguration]
35001
+ #
35002
+ # @!attribute [rw] open_vpn_configurations
35003
+ # The Open VPN configuration.
35004
+ # @return [Array<Types::VerifiedAccessInstanceOpenVpnClientConfiguration>]
35005
+ #
35006
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportVerifiedAccessInstanceClientConfigurationResult AWS API Documentation
35007
+ #
35008
+ class ExportVerifiedAccessInstanceClientConfigurationResult < Struct.new(
35009
+ :version,
35010
+ :verified_access_instance_id,
35011
+ :region,
35012
+ :device_trust_providers,
35013
+ :user_trust_provider,
35014
+ :open_vpn_configurations)
35015
+ SENSITIVE = []
35016
+ include Aws::Structure
35017
+ end
35018
+
34360
35019
  # Describes a Capacity Reservation Fleet that could not be cancelled.
34361
35020
  #
34362
35021
  # @!attribute [rw] capacity_reservation_fleet_id
@@ -35805,6 +36464,62 @@ module Aws::EC2
35805
36464
  include Aws::Structure
35806
36465
  end
35807
36466
 
36467
+ # @!attribute [rw] dry_run
36468
+ # Checks whether you have the required permissions for the action,
36469
+ # without actually making the request, and provides an error response.
36470
+ # If you have the required permissions, the error response is
36471
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
36472
+ # @return [Boolean]
36473
+ #
36474
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAllowedImagesSettingsRequest AWS API Documentation
36475
+ #
36476
+ class GetAllowedImagesSettingsRequest < Struct.new(
36477
+ :dry_run)
36478
+ SENSITIVE = []
36479
+ include Aws::Structure
36480
+ end
36481
+
36482
+ # @!attribute [rw] state
36483
+ # The current state of the Allowed AMIs setting at the account level
36484
+ # in the specified Amazon Web Services Region.
36485
+ #
36486
+ # Possible values:
36487
+ #
36488
+ # * `disabled`: All AMIs are allowed.
36489
+ #
36490
+ # * `audit-mode`: All AMIs are allowed, but the `ImageAllowed` field
36491
+ # is set to `true` if the AMI would be allowed with the current list
36492
+ # of criteria if allowed AMIs was enabled.
36493
+ #
36494
+ # * `enabled`: Only AMIs matching the image criteria are discoverable
36495
+ # and available for use.
36496
+ # @return [String]
36497
+ #
36498
+ # @!attribute [rw] image_criteria
36499
+ # The list of criteria for images that are discoverable and usable in
36500
+ # the account in the specified Amazon Web Services Region.
36501
+ # @return [Array<Types::ImageCriterion>]
36502
+ #
36503
+ # @!attribute [rw] managed_by
36504
+ # The entity that manages the Allowed AMIs settings. Possible values
36505
+ # include:
36506
+ #
36507
+ # * `account` - The Allowed AMIs settings is managed by the account.
36508
+ #
36509
+ # * `declarative-policy` - The Allowed AMIs settings is managed by a
36510
+ # declarative policy and can't be modified by the account.
36511
+ # @return [String]
36512
+ #
36513
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAllowedImagesSettingsResult AWS API Documentation
36514
+ #
36515
+ class GetAllowedImagesSettingsResult < Struct.new(
36516
+ :state,
36517
+ :image_criteria,
36518
+ :managed_by)
36519
+ SENSITIVE = []
36520
+ include Aws::Structure
36521
+ end
36522
+
35808
36523
  # @!attribute [rw] certificate_arn
35809
36524
  # The ARN of the ACM certificate for which to view the associated IAM
35810
36525
  # roles, encryption keys, and Amazon S3 object information.
@@ -36240,6 +36955,88 @@ module Aws::EC2
36240
36955
  include Aws::Structure
36241
36956
  end
36242
36957
 
36958
+ # @!attribute [rw] dry_run
36959
+ # Checks whether you have the required permissions for the action,
36960
+ # without actually making the request, and provides an error response.
36961
+ # If you have the required permissions, the error response is
36962
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
36963
+ # @return [Boolean]
36964
+ #
36965
+ # @!attribute [rw] report_id
36966
+ # The ID of the report.
36967
+ # @return [String]
36968
+ #
36969
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDeclarativePoliciesReportSummaryRequest AWS API Documentation
36970
+ #
36971
+ class GetDeclarativePoliciesReportSummaryRequest < Struct.new(
36972
+ :dry_run,
36973
+ :report_id)
36974
+ SENSITIVE = []
36975
+ include Aws::Structure
36976
+ end
36977
+
36978
+ # @!attribute [rw] report_id
36979
+ # The ID of the report.
36980
+ # @return [String]
36981
+ #
36982
+ # @!attribute [rw] s3_bucket
36983
+ # The name of the Amazon S3 bucket where the report is located.
36984
+ # @return [String]
36985
+ #
36986
+ # @!attribute [rw] s3_prefix
36987
+ # The prefix for your S3 object.
36988
+ # @return [String]
36989
+ #
36990
+ # @!attribute [rw] target_id
36991
+ # The root ID, organizational unit ID, or account ID.
36992
+ #
36993
+ # Format:
36994
+ #
36995
+ # * For root: `r-ab12`
36996
+ #
36997
+ # * For OU: `ou-ab12-cdef1234`
36998
+ #
36999
+ # * For account: `123456789012`
37000
+ # @return [String]
37001
+ #
37002
+ # @!attribute [rw] start_time
37003
+ # The time when the report generation started.
37004
+ # @return [Time]
37005
+ #
37006
+ # @!attribute [rw] end_time
37007
+ # The time when the report generation ended.
37008
+ # @return [Time]
37009
+ #
37010
+ # @!attribute [rw] number_of_accounts
37011
+ # The total number of accounts associated with the specified
37012
+ # `targetId`.
37013
+ # @return [Integer]
37014
+ #
37015
+ # @!attribute [rw] number_of_failed_accounts
37016
+ # The number of accounts where attributes could not be retrieved in
37017
+ # any Region.
37018
+ # @return [Integer]
37019
+ #
37020
+ # @!attribute [rw] attribute_summaries
37021
+ # The attributes described in the report.
37022
+ # @return [Array<Types::AttributeSummary>]
37023
+ #
37024
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDeclarativePoliciesReportSummaryResult AWS API Documentation
37025
+ #
37026
+ class GetDeclarativePoliciesReportSummaryResult < Struct.new(
37027
+ :report_id,
37028
+ :s3_bucket,
37029
+ :s3_prefix,
37030
+ :target_id,
37031
+ :start_time,
37032
+ :end_time,
37033
+ :number_of_accounts,
37034
+ :number_of_failed_accounts,
37035
+ :attribute_summaries)
37036
+ SENSITIVE = []
37037
+ include Aws::Structure
37038
+ end
37039
+
36243
37040
  # @!attribute [rw] dry_run
36244
37041
  # Checks whether you have the required permissions for the operation,
36245
37042
  # without actually making the request, and provides an error response.
@@ -36508,10 +37305,21 @@ module Aws::EC2
36508
37305
  # shared.
36509
37306
  # @return [String]
36510
37307
  #
37308
+ # @!attribute [rw] managed_by
37309
+ # The entity that manages the state for block public access for AMIs.
37310
+ # Possible values include:
37311
+ #
37312
+ # * `account` - The state is managed by the account.
37313
+ #
37314
+ # * `declarative-policy` - The state is managed by a declarative
37315
+ # policy and can't be modified by the account.
37316
+ # @return [String]
37317
+ #
36511
37318
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessStateResult AWS API Documentation
36512
37319
  #
36513
37320
  class GetImageBlockPublicAccessStateResult < Struct.new(
36514
- :image_block_public_access_state)
37321
+ :image_block_public_access_state,
37322
+ :managed_by)
36515
37323
  SENSITIVE = []
36516
37324
  include Aws::Structure
36517
37325
  end
@@ -37621,10 +38429,21 @@ module Aws::EC2
37621
38429
  # console of all instances is disabled for your account.
37622
38430
  # @return [Boolean]
37623
38431
  #
38432
+ # @!attribute [rw] managed_by
38433
+ # The entity that manages access to the serial console. Possible
38434
+ # values include:
38435
+ #
38436
+ # * `account` - Access is managed by the account.
38437
+ #
38438
+ # * `declarative-policy` - Access is managed by a declarative policy
38439
+ # and can't be modified by the account.
38440
+ # @return [String]
38441
+ #
37624
38442
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSerialConsoleAccessStatusResult AWS API Documentation
37625
38443
  #
37626
38444
  class GetSerialConsoleAccessStatusResult < Struct.new(
37627
- :serial_console_access_enabled)
38445
+ :serial_console_access_enabled,
38446
+ :managed_by)
37628
38447
  SENSITIVE = []
37629
38448
  include Aws::Structure
37630
38449
  end
@@ -37662,10 +38481,21 @@ module Aws::EC2
37662
38481
  # share snapshots.
37663
38482
  # @return [String]
37664
38483
  #
38484
+ # @!attribute [rw] managed_by
38485
+ # The entity that manages the state for block public access for
38486
+ # snapshots. Possible values include:
38487
+ #
38488
+ # * `account` - The state is managed by the account.
38489
+ #
38490
+ # * `declarative-policy` - The state is managed by a declarative
38491
+ # policy and can't be modified by the account.
38492
+ # @return [String]
38493
+ #
37665
38494
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessStateResult AWS API Documentation
37666
38495
  #
37667
38496
  class GetSnapshotBlockPublicAccessStateResult < Struct.new(
37668
- :state)
38497
+ :state,
38498
+ :managed_by)
37669
38499
  SENSITIVE = []
37670
38500
  include Aws::Structure
37671
38501
  end
@@ -38334,6 +39164,56 @@ module Aws::EC2
38334
39164
  include Aws::Structure
38335
39165
  end
38336
39166
 
39167
+ # @!attribute [rw] verified_access_endpoint_id
39168
+ # The ID of the network CIDR endpoint.
39169
+ # @return [String]
39170
+ #
39171
+ # @!attribute [rw] max_results
39172
+ # The maximum number of results to return with a single call. To
39173
+ # retrieve the remaining results, make another call with the returned
39174
+ # `nextToken` value.
39175
+ # @return [Integer]
39176
+ #
39177
+ # @!attribute [rw] next_token
39178
+ # The token for the next page of results.
39179
+ # @return [String]
39180
+ #
39181
+ # @!attribute [rw] dry_run
39182
+ # Checks whether you have the required permissions for the action,
39183
+ # without actually making the request, and provides an error response.
39184
+ # If you have the required permissions, the error response is
39185
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
39186
+ # @return [Boolean]
39187
+ #
39188
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVerifiedAccessEndpointTargetsRequest AWS API Documentation
39189
+ #
39190
+ class GetVerifiedAccessEndpointTargetsRequest < Struct.new(
39191
+ :verified_access_endpoint_id,
39192
+ :max_results,
39193
+ :next_token,
39194
+ :dry_run)
39195
+ SENSITIVE = []
39196
+ include Aws::Structure
39197
+ end
39198
+
39199
+ # @!attribute [rw] verified_access_endpoint_targets
39200
+ # The Verified Access targets.
39201
+ # @return [Array<Types::VerifiedAccessEndpointTarget>]
39202
+ #
39203
+ # @!attribute [rw] next_token
39204
+ # The token to use to retrieve the next page of results. This value is
39205
+ # `null` when there are no more results to return.
39206
+ # @return [String]
39207
+ #
39208
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVerifiedAccessEndpointTargetsResult AWS API Documentation
39209
+ #
39210
+ class GetVerifiedAccessEndpointTargetsResult < Struct.new(
39211
+ :verified_access_endpoint_targets,
39212
+ :next_token)
39213
+ SENSITIVE = []
39214
+ include Aws::Structure
39215
+ end
39216
+
38337
39217
  # @!attribute [rw] verified_access_group_id
38338
39218
  # The ID of the Verified Access group.
38339
39219
  # @return [String]
@@ -39363,6 +40243,21 @@ module Aws::EC2
39363
40243
  # [1]: http://www.iso.org/iso/iso8601
39364
40244
  # @return [String]
39365
40245
  #
40246
+ # @!attribute [rw] image_allowed
40247
+ # If `true`, the AMI satisfies the criteria for Allowed AMIs and can
40248
+ # be discovered and used in the account. If `false` and Allowed AMIs
40249
+ # is set to `enabled`, the AMI can't be discovered or used in the
40250
+ # account. If `false` and Allowed AMIs is set to `audit-mode`, the AMI
40251
+ # can be discovered and used in the account.
40252
+ #
40253
+ # For more information, see [Control the discovery and use of AMIs in
40254
+ # Amazon EC2 with Allowed AMIs][1] in *Amazon EC2 User Guide*.
40255
+ #
40256
+ #
40257
+ #
40258
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html
40259
+ # @return [Boolean]
40260
+ #
39366
40261
  # @!attribute [rw] source_image_id
39367
40262
  # The ID of the source AMI from which the AMI was created.
39368
40263
  #
@@ -39471,6 +40366,7 @@ module Aws::EC2
39471
40366
  :source_instance_id,
39472
40367
  :deregistration_protection,
39473
40368
  :last_launched_time,
40369
+ :image_allowed,
39474
40370
  :source_image_id,
39475
40371
  :source_image_region,
39476
40372
  :image_id,
@@ -39601,6 +40497,91 @@ module Aws::EC2
39601
40497
  include Aws::Structure
39602
40498
  end
39603
40499
 
40500
+ # The list of criteria that are evaluated to determine whch AMIs are
40501
+ # discoverable and usable in the account in the specified Amazon Web
40502
+ # Services Region. Currently, the only criteria that can be specified
40503
+ # are AMI providers.
40504
+ #
40505
+ # Up to 10 `imageCriteria` objects can be specified, and up to a total
40506
+ # of 200 values for all `imageProviders`. For more information, see
40507
+ # [JSON configuration for the Allowed AMIs criteria][1] in the *Amazon
40508
+ # EC2 User Guide*.
40509
+ #
40510
+ #
40511
+ #
40512
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html#allowed-amis-json-configuration
40513
+ #
40514
+ # @!attribute [rw] image_providers
40515
+ # A list of AMI providers whose AMIs are discoverable and useable in
40516
+ # the account. Up to a total of 200 values can be specified.
40517
+ #
40518
+ # Possible values:
40519
+ #
40520
+ # `amazon`: Allow AMIs created by Amazon Web Services.
40521
+ #
40522
+ # `aws-marketplace`: Allow AMIs created by verified providers in the
40523
+ # Amazon Web Services Marketplace.
40524
+ #
40525
+ # `aws-backup-vault`: Allow AMIs created by Amazon Web Services
40526
+ # Backup.
40527
+ #
40528
+ # 12-digit account ID: Allow AMIs created by this account. One or more
40529
+ # account IDs can be specified.
40530
+ #
40531
+ # `none`: Allow AMIs created by your own account only.
40532
+ # @return [Array<String>]
40533
+ #
40534
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImageCriterion AWS API Documentation
40535
+ #
40536
+ class ImageCriterion < Struct.new(
40537
+ :image_providers)
40538
+ SENSITIVE = []
40539
+ include Aws::Structure
40540
+ end
40541
+
40542
+ # The list of criteria that are evaluated to determine whch AMIs are
40543
+ # discoverable and usable in the account in the specified Amazon Web
40544
+ # Services Region. Currently, the only criteria that can be specified
40545
+ # are AMI providers.
40546
+ #
40547
+ # Up to 10 `imageCriteria` objects can be specified, and up to a total
40548
+ # of 200 values for all `imageProviders`. For more information, see
40549
+ # [JSON configuration for the Allowed AMIs criteria][1] in the *Amazon
40550
+ # EC2 User Guide*.
40551
+ #
40552
+ #
40553
+ #
40554
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html#allowed-amis-json-configuration
40555
+ #
40556
+ # @!attribute [rw] image_providers
40557
+ # A list of image providers whose AMIs are discoverable and useable in
40558
+ # the account. Up to a total of 200 values can be specified.
40559
+ #
40560
+ # Possible values:
40561
+ #
40562
+ # `amazon`: Allow AMIs created by Amazon Web Services.
40563
+ #
40564
+ # `aws-marketplace`: Allow AMIs created by verified providers in the
40565
+ # Amazon Web Services Marketplace.
40566
+ #
40567
+ # `aws-backup-vault`: Allow AMIs created by Amazon Web Services
40568
+ # Backup.
40569
+ #
40570
+ # 12-digit account ID: Allow AMIs created by this account. One or more
40571
+ # account IDs can be specified.
40572
+ #
40573
+ # `none`: Allow AMIs created by your own account only. When `none` is
40574
+ # specified, no other values can be specified.
40575
+ # @return [Array<String>]
40576
+ #
40577
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImageCriterionRequest AWS API Documentation
40578
+ #
40579
+ class ImageCriterionRequest < Struct.new(
40580
+ :image_providers)
40581
+ SENSITIVE = []
40582
+ include Aws::Structure
40583
+ end
40584
+
39604
40585
  # Describes the disk container object for an import image task.
39605
40586
  #
39606
40587
  # @!attribute [rw] description
@@ -39677,6 +40658,19 @@ module Aws::EC2
39677
40658
  # format: *YYYY*-*MM*-*DD*T*HH*:*MM*:*SS*Z.
39678
40659
  # @return [String]
39679
40660
  #
40661
+ # @!attribute [rw] image_allowed
40662
+ # If `true`, the AMI satisfies the criteria for Allowed AMIs and can
40663
+ # be discovered and used in the account. If `false`, the AMI can't be
40664
+ # discovered or used in the account.
40665
+ #
40666
+ # For more information, see [Control the discovery and use of AMIs in
40667
+ # Amazon EC2 with Allowed AMIs][1] in *Amazon EC2 User Guide*.
40668
+ #
40669
+ #
40670
+ #
40671
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html
40672
+ # @return [Boolean]
40673
+ #
39680
40674
  # @!attribute [rw] is_public
39681
40675
  # Indicates whether the AMI has public launch permissions. A value of
39682
40676
  # `true` means this AMI has public launch permissions, while `false`
@@ -39694,6 +40688,7 @@ module Aws::EC2
39694
40688
  :image_owner_alias,
39695
40689
  :creation_date,
39696
40690
  :deprecation_time,
40691
+ :image_allowed,
39697
40692
  :is_public)
39698
40693
  SENSITIVE = []
39699
40694
  include Aws::Structure
@@ -40945,7 +41940,7 @@ module Aws::EC2
40945
41940
  # @return [String]
40946
41941
  #
40947
41942
  # @!attribute [rw] operator
40948
- # The entity that manages the instance.
41943
+ # The service provider that manages the instance.
40949
41944
  # @return [Types::OperatorResponse]
40950
41945
  #
40951
41946
  # @!attribute [rw] instance_id
@@ -41877,13 +42872,30 @@ module Aws::EC2
41877
42872
  # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS
41878
42873
  # @return [String]
41879
42874
  #
42875
+ # @!attribute [rw] managed_by
42876
+ # The entity that manages the IMDS default settings. Possible values
42877
+ # include:
42878
+ #
42879
+ # * `account` - The IMDS default settings are managed by the account.
42880
+ #
42881
+ # * `declarative-policy` - The IMDS default settings are managed by a
42882
+ # declarative policy and can't be modified by the account.
42883
+ # @return [String]
42884
+ #
42885
+ # @!attribute [rw] managed_exception_message
42886
+ # The customized exception message that is specified in the
42887
+ # declarative policy.
42888
+ # @return [String]
42889
+ #
41880
42890
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceMetadataDefaultsResponse AWS API Documentation
41881
42891
  #
41882
42892
  class InstanceMetadataDefaultsResponse < Struct.new(
41883
42893
  :http_tokens,
41884
42894
  :http_put_response_hop_limit,
41885
42895
  :http_endpoint,
41886
- :instance_metadata_tags)
42896
+ :instance_metadata_tags,
42897
+ :managed_by,
42898
+ :managed_exception_message)
41887
42899
  SENSITIVE = []
41888
42900
  include Aws::Structure
41889
42901
  end
@@ -42142,7 +43154,7 @@ module Aws::EC2
42142
43154
  # @return [Types::ConnectionTrackingSpecificationResponse]
42143
43155
  #
42144
43156
  # @!attribute [rw] operator
42145
- # The entity that manages the network interface.
43157
+ # The service provider that manages the network interface.
42146
43158
  # @return [Types::OperatorResponse]
42147
43159
  #
42148
43160
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceNetworkInterface AWS API Documentation
@@ -42575,6 +43587,8 @@ module Aws::EC2
42575
43587
  # * For instance types with Amazon Web Services CPUs, specify
42576
43588
  # `amazon-web-services`.
42577
43589
  #
43590
+ # * For instance types with Apple CPUs, specify `apple`.
43591
+ #
42578
43592
  # <note markdown="1"> Don't confuse the CPU manufacturer with the CPU architecture.
42579
43593
  # Instances will be launched with a compatible CPU architecture based
42580
43594
  # on the Amazon Machine Image (AMI) that you specify in your launch
@@ -43056,6 +44070,8 @@ module Aws::EC2
43056
44070
  # * For instance types with Amazon Web Services CPUs, specify
43057
44071
  # `amazon-web-services`.
43058
44072
  #
44073
+ # * For instance types with Apple CPUs, specify `apple`.
44074
+ #
43059
44075
  # <note markdown="1"> Don't confuse the CPU manufacturer with the CPU architecture.
43060
44076
  # Instances will be launched with a compatible CPU architecture based
43061
44077
  # on the Amazon Machine Image (AMI) that you specify in your launch
@@ -43616,7 +44632,7 @@ module Aws::EC2
43616
44632
  # @return [String]
43617
44633
  #
43618
44634
  # @!attribute [rw] operator
43619
- # The entity that manages the instance.
44635
+ # The service provider that manages the instance.
43620
44636
  # @return [Types::OperatorResponse]
43621
44637
  #
43622
44638
  # @!attribute [rw] events
@@ -46373,9 +47389,13 @@ module Aws::EC2
46373
47389
  # Indicates the instance's Capacity Reservation preferences. Possible
46374
47390
  # preferences include:
46375
47391
  #
47392
+ # * `capacity-reservations-only` - The instance will only run in a
47393
+ # Capacity Reservation or Capacity Reservation group. If capacity
47394
+ # isn't available, the instance will fail to launch.
47395
+ #
46376
47396
  # * `open` - The instance can run in any `open` Capacity Reservation
46377
47397
  # that has matching attributes (instance type, platform,
46378
- # Availability Zone).
47398
+ # Availability Zone, tenancy).
46379
47399
  #
46380
47400
  # * `none` - The instance avoids running in a Capacity Reservation
46381
47401
  # even if one is available. The instance runs in On-Demand capacity.
@@ -52240,6 +53260,20 @@ module Aws::EC2
52240
53260
  include Aws::Structure
52241
53261
  end
52242
53262
 
53263
+ # The CIDR options for a Verified Access endpoint.
53264
+ #
53265
+ # @!attribute [rw] port_ranges
53266
+ # The port ranges.
53267
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53268
+ #
53269
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointCidrOptions AWS API Documentation
53270
+ #
53271
+ class ModifyVerifiedAccessEndpointCidrOptions < Struct.new(
53272
+ :port_ranges)
53273
+ SENSITIVE = []
53274
+ include Aws::Structure
53275
+ end
53276
+
52243
53277
  # Describes the options when modifying a Verified Access endpoint with
52244
53278
  # the `network-interface` type.
52245
53279
  #
@@ -52251,11 +53285,16 @@ module Aws::EC2
52251
53285
  # The IP port number.
52252
53286
  # @return [Integer]
52253
53287
  #
53288
+ # @!attribute [rw] port_ranges
53289
+ # The port ranges.
53290
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53291
+ #
52254
53292
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointEniOptions AWS API Documentation
52255
53293
  #
52256
53294
  class ModifyVerifiedAccessEndpointEniOptions < Struct.new(
52257
53295
  :protocol,
52258
- :port)
53296
+ :port,
53297
+ :port_ranges)
52259
53298
  SENSITIVE = []
52260
53299
  include Aws::Structure
52261
53300
  end
@@ -52275,12 +53314,17 @@ module Aws::EC2
52275
53314
  # The IP port number.
52276
53315
  # @return [Integer]
52277
53316
  #
53317
+ # @!attribute [rw] port_ranges
53318
+ # The port ranges.
53319
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53320
+ #
52278
53321
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
52279
53322
  #
52280
53323
  class ModifyVerifiedAccessEndpointLoadBalancerOptions < Struct.new(
52281
53324
  :subnet_ids,
52282
53325
  :protocol,
52283
- :port)
53326
+ :port,
53327
+ :port_ranges)
52284
53328
  SENSITIVE = []
52285
53329
  include Aws::Structure
52286
53330
  end
@@ -52356,6 +53400,49 @@ module Aws::EC2
52356
53400
  include Aws::Structure
52357
53401
  end
52358
53402
 
53403
+ # Describes the port range for a Verified Access endpoint.
53404
+ #
53405
+ # @!attribute [rw] from_port
53406
+ # The start of the port range.
53407
+ # @return [Integer]
53408
+ #
53409
+ # @!attribute [rw] to_port
53410
+ # The end of the port range.
53411
+ # @return [Integer]
53412
+ #
53413
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointPortRange AWS API Documentation
53414
+ #
53415
+ class ModifyVerifiedAccessEndpointPortRange < Struct.new(
53416
+ :from_port,
53417
+ :to_port)
53418
+ SENSITIVE = []
53419
+ include Aws::Structure
53420
+ end
53421
+
53422
+ # The RDS options for a Verified Access endpoint.
53423
+ #
53424
+ # @!attribute [rw] subnet_ids
53425
+ # The IDs of the subnets.
53426
+ # @return [Array<String>]
53427
+ #
53428
+ # @!attribute [rw] port
53429
+ # The port.
53430
+ # @return [Integer]
53431
+ #
53432
+ # @!attribute [rw] rds_endpoint
53433
+ # The RDS endpoint.
53434
+ # @return [String]
53435
+ #
53436
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointRdsOptions AWS API Documentation
53437
+ #
53438
+ class ModifyVerifiedAccessEndpointRdsOptions < Struct.new(
53439
+ :subnet_ids,
53440
+ :port,
53441
+ :rds_endpoint)
53442
+ SENSITIVE = []
53443
+ include Aws::Structure
53444
+ end
53445
+
52359
53446
  # @!attribute [rw] verified_access_endpoint_id
52360
53447
  # The ID of the Verified Access endpoint.
52361
53448
  # @return [String]
@@ -52397,6 +53484,14 @@ module Aws::EC2
52397
53484
  # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
52398
53485
  # @return [Boolean]
52399
53486
  #
53487
+ # @!attribute [rw] rds_options
53488
+ # The RDS options.
53489
+ # @return [Types::ModifyVerifiedAccessEndpointRdsOptions]
53490
+ #
53491
+ # @!attribute [rw] cidr_options
53492
+ # The CIDR options.
53493
+ # @return [Types::ModifyVerifiedAccessEndpointCidrOptions]
53494
+ #
52400
53495
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointRequest AWS API Documentation
52401
53496
  #
52402
53497
  class ModifyVerifiedAccessEndpointRequest < Struct.new(
@@ -52406,7 +53501,9 @@ module Aws::EC2
52406
53501
  :network_interface_options,
52407
53502
  :description,
52408
53503
  :client_token,
52409
- :dry_run)
53504
+ :dry_run,
53505
+ :rds_options,
53506
+ :cidr_options)
52410
53507
  SENSITIVE = []
52411
53508
  include Aws::Structure
52412
53509
  end
@@ -52629,13 +53726,18 @@ module Aws::EC2
52629
53726
  # [1]: https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html
52630
53727
  # @return [String]
52631
53728
  #
53729
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
53730
+ # The custom subdomain.
53731
+ # @return [String]
53732
+ #
52632
53733
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessInstanceRequest AWS API Documentation
52633
53734
  #
52634
53735
  class ModifyVerifiedAccessInstanceRequest < Struct.new(
52635
53736
  :verified_access_instance_id,
52636
53737
  :description,
52637
53738
  :dry_run,
52638
- :client_token)
53739
+ :client_token,
53740
+ :cidr_endpoints_custom_sub_domain)
52639
53741
  SENSITIVE = []
52640
53742
  include Aws::Structure
52641
53743
  end
@@ -52652,6 +53754,55 @@ module Aws::EC2
52652
53754
  include Aws::Structure
52653
53755
  end
52654
53756
 
53757
+ # Describes the OpenID Connect (OIDC) options.
53758
+ #
53759
+ # @!attribute [rw] public_signing_key_endpoint
53760
+ # The public signing key endpoint.
53761
+ # @return [String]
53762
+ #
53763
+ # @!attribute [rw] issuer
53764
+ # The OIDC issuer identifier of the IdP.
53765
+ # @return [String]
53766
+ #
53767
+ # @!attribute [rw] authorization_endpoint
53768
+ # The authorization endpoint of the IdP.
53769
+ # @return [String]
53770
+ #
53771
+ # @!attribute [rw] token_endpoint
53772
+ # The token endpoint of the IdP.
53773
+ # @return [String]
53774
+ #
53775
+ # @!attribute [rw] user_info_endpoint
53776
+ # The user info endpoint of the IdP.
53777
+ # @return [String]
53778
+ #
53779
+ # @!attribute [rw] client_id
53780
+ # The OAuth 2.0 client identifier.
53781
+ # @return [String]
53782
+ #
53783
+ # @!attribute [rw] client_secret
53784
+ # The OAuth 2.0 client secret.
53785
+ # @return [String]
53786
+ #
53787
+ # @!attribute [rw] scope
53788
+ # The set of user claims to be requested from the IdP.
53789
+ # @return [String]
53790
+ #
53791
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessNativeApplicationOidcOptions AWS API Documentation
53792
+ #
53793
+ class ModifyVerifiedAccessNativeApplicationOidcOptions < Struct.new(
53794
+ :public_signing_key_endpoint,
53795
+ :issuer,
53796
+ :authorization_endpoint,
53797
+ :token_endpoint,
53798
+ :user_info_endpoint,
53799
+ :client_id,
53800
+ :client_secret,
53801
+ :scope)
53802
+ SENSITIVE = [:client_secret]
53803
+ include Aws::Structure
53804
+ end
53805
+
52655
53806
  # Modifies the configuration of the specified device-based Amazon Web
52656
53807
  # Services Verified Access trust provider.
52657
53808
  #
@@ -52756,6 +53907,10 @@ module Aws::EC2
52756
53907
  # The options for server side encryption.
52757
53908
  # @return [Types::VerifiedAccessSseSpecificationRequest]
52758
53909
  #
53910
+ # @!attribute [rw] native_application_oidc_options
53911
+ # The OpenID Connect (OIDC) options.
53912
+ # @return [Types::ModifyVerifiedAccessNativeApplicationOidcOptions]
53913
+ #
52759
53914
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessTrustProviderRequest AWS API Documentation
52760
53915
  #
52761
53916
  class ModifyVerifiedAccessTrustProviderRequest < Struct.new(
@@ -52765,7 +53920,8 @@ module Aws::EC2
52765
53920
  :description,
52766
53921
  :dry_run,
52767
53922
  :client_token,
52768
- :sse_specification)
53923
+ :sse_specification,
53924
+ :native_application_oidc_options)
52769
53925
  SENSITIVE = []
52770
53926
  include Aws::Structure
52771
53927
  end
@@ -53227,36 +54383,44 @@ module Aws::EC2
53227
54383
  # @return [Boolean]
53228
54384
  #
53229
54385
  # @!attribute [rw] acceptance_required
53230
- # Indicates whether requests to create an endpoint to your service
53231
- # must be accepted.
54386
+ # Indicates whether requests to create an endpoint to the service must
54387
+ # be accepted.
53232
54388
  # @return [Boolean]
53233
54389
  #
53234
54390
  # @!attribute [rw] add_network_load_balancer_arns
53235
54391
  # The Amazon Resource Names (ARNs) of Network Load Balancers to add to
53236
- # your service configuration.
54392
+ # the service configuration.
53237
54393
  # @return [Array<String>]
53238
54394
  #
53239
54395
  # @!attribute [rw] remove_network_load_balancer_arns
53240
54396
  # The Amazon Resource Names (ARNs) of Network Load Balancers to remove
53241
- # from your service configuration.
54397
+ # from the service configuration.
53242
54398
  # @return [Array<String>]
53243
54399
  #
53244
54400
  # @!attribute [rw] add_gateway_load_balancer_arns
53245
54401
  # The Amazon Resource Names (ARNs) of Gateway Load Balancers to add to
53246
- # your service configuration.
54402
+ # the service configuration.
53247
54403
  # @return [Array<String>]
53248
54404
  #
53249
54405
  # @!attribute [rw] remove_gateway_load_balancer_arns
53250
54406
  # The Amazon Resource Names (ARNs) of Gateway Load Balancers to remove
53251
- # from your service configuration.
54407
+ # from the service configuration.
53252
54408
  # @return [Array<String>]
53253
54409
  #
53254
54410
  # @!attribute [rw] add_supported_ip_address_types
53255
- # The IP address types to add to your service configuration.
54411
+ # The IP address types to add to the service configuration.
53256
54412
  # @return [Array<String>]
53257
54413
  #
53258
54414
  # @!attribute [rw] remove_supported_ip_address_types
53259
- # The IP address types to remove from your service configuration.
54415
+ # The IP address types to remove from the service configuration.
54416
+ # @return [Array<String>]
54417
+ #
54418
+ # @!attribute [rw] add_supported_regions
54419
+ # The supported Regions to add to the service configuration.
54420
+ # @return [Array<String>]
54421
+ #
54422
+ # @!attribute [rw] remove_supported_regions
54423
+ # The supported Regions to remove from the service configuration.
53260
54424
  # @return [Array<String>]
53261
54425
  #
53262
54426
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpcEndpointServiceConfigurationRequest AWS API Documentation
@@ -53272,7 +54436,9 @@ module Aws::EC2
53272
54436
  :add_gateway_load_balancer_arns,
53273
54437
  :remove_gateway_load_balancer_arns,
53274
54438
  :add_supported_ip_address_types,
53275
- :remove_supported_ip_address_types)
54439
+ :remove_supported_ip_address_types,
54440
+ :add_supported_regions,
54441
+ :remove_supported_regions)
53276
54442
  SENSITIVE = []
53277
54443
  include Aws::Structure
53278
54444
  end
@@ -54259,6 +55425,50 @@ module Aws::EC2
54259
55425
  include Aws::Structure
54260
55426
  end
54261
55427
 
55428
+ # Describes the OpenID Connect (OIDC) options.
55429
+ #
55430
+ # @!attribute [rw] public_signing_key_endpoint
55431
+ # The public signing key endpoint.
55432
+ # @return [String]
55433
+ #
55434
+ # @!attribute [rw] issuer
55435
+ # The OIDC issuer identifier of the IdP.
55436
+ # @return [String]
55437
+ #
55438
+ # @!attribute [rw] authorization_endpoint
55439
+ # The authorization endpoint of the IdP.
55440
+ # @return [String]
55441
+ #
55442
+ # @!attribute [rw] token_endpoint
55443
+ # The token endpoint of the IdP.
55444
+ # @return [String]
55445
+ #
55446
+ # @!attribute [rw] user_info_endpoint
55447
+ # The user info endpoint of the IdP.
55448
+ # @return [String]
55449
+ #
55450
+ # @!attribute [rw] client_id
55451
+ # The OAuth 2.0 client identifier.
55452
+ # @return [String]
55453
+ #
55454
+ # @!attribute [rw] scope
55455
+ # The set of user claims to be requested from the IdP.
55456
+ # @return [String]
55457
+ #
55458
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/NativeApplicationOidcOptions AWS API Documentation
55459
+ #
55460
+ class NativeApplicationOidcOptions < Struct.new(
55461
+ :public_signing_key_endpoint,
55462
+ :issuer,
55463
+ :authorization_endpoint,
55464
+ :token_endpoint,
55465
+ :user_info_endpoint,
55466
+ :client_id,
55467
+ :scope)
55468
+ SENSITIVE = []
55469
+ include Aws::Structure
55470
+ end
55471
+
54262
55472
  # Describes a network ACL.
54263
55473
  #
54264
55474
  # @!attribute [rw] associations
@@ -54989,7 +56199,7 @@ module Aws::EC2
54989
56199
  # @return [String]
54990
56200
  #
54991
56201
  # @!attribute [rw] operator
54992
- # The entity that manages the network interface.
56202
+ # The service provider that manages the network interface.
54993
56203
  # @return [Types::OperatorResponse]
54994
56204
  #
54995
56205
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/NetworkInterface AWS API Documentation
@@ -55631,10 +56841,10 @@ module Aws::EC2
55631
56841
  include Aws::Structure
55632
56842
  end
55633
56843
 
55634
- # The entity that manages the resource.
56844
+ # The service provider that manages the resource.
55635
56845
  #
55636
56846
  # @!attribute [rw] principal
55637
- # The entity that manages the resource.
56847
+ # The service provider that manages the resource.
55638
56848
  # @return [String]
55639
56849
  #
55640
56850
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/OperatorRequest AWS API Documentation
@@ -55645,16 +56855,16 @@ module Aws::EC2
55645
56855
  include Aws::Structure
55646
56856
  end
55647
56857
 
55648
- # Describes whether the resource is managed by an entity and, if so,
55649
- # describes the entity that manages it.
56858
+ # Describes whether the resource is managed by an service provider and,
56859
+ # if so, describes the service provider that manages it.
55650
56860
  #
55651
56861
  # @!attribute [rw] managed
55652
- # If `true`, the resource is managed by an entity.
56862
+ # If `true`, the resource is managed by an service provider.
55653
56863
  # @return [Boolean]
55654
56864
  #
55655
56865
  # @!attribute [rw] principal
55656
56866
  # If `managed` is `true`, then the principal is returned. The
55657
- # principal is the entity that manages the resource.
56867
+ # principal is the service provider that manages the resource.
55658
56868
  # @return [String]
55659
56869
  #
55660
56870
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/OperatorResponse AWS API Documentation
@@ -57896,6 +59106,32 @@ module Aws::EC2
57896
59106
  include Aws::Structure
57897
59107
  end
57898
59108
 
59109
+ # A summary report for the attribute for a Region.
59110
+ #
59111
+ # @!attribute [rw] region_name
59112
+ # The Amazon Web Services Region.
59113
+ # @return [String]
59114
+ #
59115
+ # @!attribute [rw] number_of_matched_accounts
59116
+ # The number of accounts in the Region with the same configuration
59117
+ # value for the attribute that is most frequently observed.
59118
+ # @return [Integer]
59119
+ #
59120
+ # @!attribute [rw] number_of_unmatched_accounts
59121
+ # The number of accounts in the Region with a configuration value
59122
+ # different from the most frequently observed value for the attribute.
59123
+ # @return [Integer]
59124
+ #
59125
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegionalSummary AWS API Documentation
59126
+ #
59127
+ class RegionalSummary < Struct.new(
59128
+ :region_name,
59129
+ :number_of_matched_accounts,
59130
+ :number_of_unmatched_accounts)
59131
+ SENSITIVE = []
59132
+ include Aws::Structure
59133
+ end
59134
+
57899
59135
  # Contains the parameters for RegisterImage.
57900
59136
  #
57901
59137
  # @!attribute [rw] image_location
@@ -58699,6 +59935,41 @@ module Aws::EC2
58699
59935
  include Aws::Structure
58700
59936
  end
58701
59937
 
59938
+ # @!attribute [rw] image_criteria
59939
+ # The list of criteria that are evaluated to determine whether AMIs
59940
+ # are discoverable and usable in the account in the specified Amazon
59941
+ # Web Services Region.
59942
+ # @return [Array<Types::ImageCriterionRequest>]
59943
+ #
59944
+ # @!attribute [rw] dry_run
59945
+ # Checks whether you have the required permissions for the action,
59946
+ # without actually making the request, and provides an error response.
59947
+ # If you have the required permissions, the error response is
59948
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
59949
+ # @return [Boolean]
59950
+ #
59951
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceImageCriteriaInAllowedImagesSettingsRequest AWS API Documentation
59952
+ #
59953
+ class ReplaceImageCriteriaInAllowedImagesSettingsRequest < Struct.new(
59954
+ :image_criteria,
59955
+ :dry_run)
59956
+ SENSITIVE = []
59957
+ include Aws::Structure
59958
+ end
59959
+
59960
+ # @!attribute [rw] return_value
59961
+ # Returns `true` if the request succeeds; otherwise, it returns an
59962
+ # error.
59963
+ # @return [Boolean]
59964
+ #
59965
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceImageCriteriaInAllowedImagesSettingsResult AWS API Documentation
59966
+ #
59967
+ class ReplaceImageCriteriaInAllowedImagesSettingsResult < Struct.new(
59968
+ :return_value)
59969
+ SENSITIVE = []
59970
+ include Aws::Structure
59971
+ end
59972
+
58702
59973
  # @!attribute [rw] dry_run
58703
59974
  # Checks whether you have the required permissions for the action,
58704
59975
  # without actually making the request, and provides an error response.
@@ -63836,6 +65107,15 @@ module Aws::EC2
63836
65107
  # The tags assigned to the service.
63837
65108
  # @return [Array<Types::Tag>]
63838
65109
  #
65110
+ # @!attribute [rw] supported_regions
65111
+ # The supported Regions.
65112
+ # @return [Array<Types::SupportedRegionDetail>]
65113
+ #
65114
+ # @!attribute [rw] remote_access_enabled
65115
+ # Indicates whether consumers can access the service from a Region
65116
+ # other than the Region where the service is hosted.
65117
+ # @return [Boolean]
65118
+ #
63839
65119
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ServiceConfiguration AWS API Documentation
63840
65120
  #
63841
65121
  class ServiceConfiguration < Struct.new(
@@ -63853,7 +65133,9 @@ module Aws::EC2
63853
65133
  :private_dns_name,
63854
65134
  :private_dns_name_configuration,
63855
65135
  :payer_responsibility,
63856
- :tags)
65136
+ :tags,
65137
+ :supported_regions,
65138
+ :remote_access_enabled)
63857
65139
  SENSITIVE = []
63858
65140
  include Aws::Structure
63859
65141
  end
@@ -63872,6 +65154,10 @@ module Aws::EC2
63872
65154
  # The type of service.
63873
65155
  # @return [Array<Types::ServiceTypeDetail>]
63874
65156
  #
65157
+ # @!attribute [rw] service_region
65158
+ # The Region where the service is hosted.
65159
+ # @return [String]
65160
+ #
63875
65161
  # @!attribute [rw] availability_zones
63876
65162
  # The Availability Zones in which the service is available.
63877
65163
  # @return [Array<String>]
@@ -63932,6 +65218,7 @@ module Aws::EC2
63932
65218
  :service_name,
63933
65219
  :service_id,
63934
65220
  :service_type,
65221
+ :service_region,
63935
65222
  :availability_zones,
63936
65223
  :owner,
63937
65224
  :base_endpoint_dns_names,
@@ -64047,6 +65334,38 @@ module Aws::EC2
64047
65334
  # Reserved for future use.
64048
65335
  # @return [String]
64049
65336
  #
65337
+ # @!attribute [rw] transfer_type
65338
+ # <note markdown="1"> Only for snapshot copies.
65339
+ #
65340
+ # </note>
65341
+ #
65342
+ # Indicates whether the snapshot copy was created with a standard or
65343
+ # time-based snapshot copy operation. Time-based snapshot copy
65344
+ # operations complete within the completion duration specified in the
65345
+ # request. Standard snapshot copy operations are completed on a
65346
+ # best-effort basis.
65347
+ #
65348
+ # * `standard` - The snapshot copy was created with a standard
65349
+ # snapshot copy operation.
65350
+ #
65351
+ # * `time-based` - The snapshot copy was created with a time-based
65352
+ # snapshot copy operation.
65353
+ # @return [String]
65354
+ #
65355
+ # @!attribute [rw] completion_duration_minutes
65356
+ # <note markdown="1"> Only for snapshot copies created with time-based snapshot copy
65357
+ # operations.
65358
+ #
65359
+ # </note>
65360
+ #
65361
+ # The completion duration requested for the time-based snapshot copy
65362
+ # operation.
65363
+ # @return [Integer]
65364
+ #
65365
+ # @!attribute [rw] completion_time
65366
+ # The time stamp when the snapshot was completed.
65367
+ # @return [Time]
65368
+ #
64050
65369
  # @!attribute [rw] snapshot_id
64051
65370
  # The ID of the snapshot. Each snapshot receives a unique identifier
64052
65371
  # when it is created.
@@ -64120,6 +65439,9 @@ module Aws::EC2
64120
65439
  :storage_tier,
64121
65440
  :restore_expiry_time,
64122
65441
  :sse_type,
65442
+ :transfer_type,
65443
+ :completion_duration_minutes,
65444
+ :completion_time,
64123
65445
  :snapshot_id,
64124
65446
  :volume_id,
64125
65447
  :state,
@@ -65966,6 +67288,61 @@ module Aws::EC2
65966
67288
  include Aws::Structure
65967
67289
  end
65968
67290
 
67291
+ # @!attribute [rw] dry_run
67292
+ # Checks whether you have the required permissions for the action,
67293
+ # without actually making the request, and provides an error response.
67294
+ # If you have the required permissions, the error response is
67295
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
67296
+ # @return [Boolean]
67297
+ #
67298
+ # @!attribute [rw] s3_bucket
67299
+ # The name of the S3 bucket where the report will be saved.
67300
+ # @return [String]
67301
+ #
67302
+ # @!attribute [rw] s3_prefix
67303
+ # The prefix for your S3 object.
67304
+ # @return [String]
67305
+ #
67306
+ # @!attribute [rw] target_id
67307
+ # The root ID, organizational unit ID, or account ID.
67308
+ #
67309
+ # Format:
67310
+ #
67311
+ # * For root: `r-ab12`
67312
+ #
67313
+ # * For OU: `ou-ab12-cdef1234`
67314
+ #
67315
+ # * For account: `123456789012`
67316
+ # @return [String]
67317
+ #
67318
+ # @!attribute [rw] tag_specifications
67319
+ # The tags to apply.
67320
+ # @return [Array<Types::TagSpecification>]
67321
+ #
67322
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartDeclarativePoliciesReportRequest AWS API Documentation
67323
+ #
67324
+ class StartDeclarativePoliciesReportRequest < Struct.new(
67325
+ :dry_run,
67326
+ :s3_bucket,
67327
+ :s3_prefix,
67328
+ :target_id,
67329
+ :tag_specifications)
67330
+ SENSITIVE = []
67331
+ include Aws::Structure
67332
+ end
67333
+
67334
+ # @!attribute [rw] report_id
67335
+ # The ID of the report.
67336
+ # @return [String]
67337
+ #
67338
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartDeclarativePoliciesReportResult AWS API Documentation
67339
+ #
67340
+ class StartDeclarativePoliciesReportResult < Struct.new(
67341
+ :report_id)
67342
+ SENSITIVE = []
67343
+ include Aws::Structure
67344
+ end
67345
+
65969
67346
  # @!attribute [rw] instance_ids
65970
67347
  # The IDs of the instances.
65971
67348
  # @return [Array<String>]
@@ -66609,6 +67986,25 @@ module Aws::EC2
66609
67986
  include Aws::Structure
66610
67987
  end
66611
67988
 
67989
+ # Prefixes of the subnet IP.
67990
+ #
67991
+ # @!attribute [rw] subnet_id
67992
+ # ID of the subnet.
67993
+ # @return [String]
67994
+ #
67995
+ # @!attribute [rw] ip_prefixes
67996
+ # Array of SubnetIpPrefixes objects.
67997
+ # @return [Array<String>]
67998
+ #
67999
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SubnetIpPrefixes AWS API Documentation
68000
+ #
68001
+ class SubnetIpPrefixes < Struct.new(
68002
+ :subnet_id,
68003
+ :ip_prefixes)
68004
+ SENSITIVE = []
68005
+ include Aws::Structure
68006
+ end
68007
+
66612
68008
  # Describes an association between a subnet and an IPv6 CIDR block.
66613
68009
  #
66614
68010
  # @!attribute [rw] association_id
@@ -66714,6 +68110,26 @@ module Aws::EC2
66714
68110
  include Aws::Structure
66715
68111
  end
66716
68112
 
68113
+ # Describes a supported Region.
68114
+ #
68115
+ # @!attribute [rw] region
68116
+ # The Region code.
68117
+ # @return [String]
68118
+ #
68119
+ # @!attribute [rw] service_state
68120
+ # The service state. The possible values are `Pending`, `Available`,
68121
+ # `Deleting`, `Deleted`, `Failed`, and `Closed`.
68122
+ # @return [String]
68123
+ #
68124
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SupportedRegionDetail AWS API Documentation
68125
+ #
68126
+ class SupportedRegionDetail < Struct.new(
68127
+ :region,
68128
+ :service_state)
68129
+ SENSITIVE = []
68130
+ include Aws::Structure
68131
+ end
68132
+
66717
68133
  # Describes a tag.
66718
68134
  #
66719
68135
  # @!attribute [rw] key
@@ -69915,6 +71331,14 @@ module Aws::EC2
69915
71331
  # The options in use for server side encryption.
69916
71332
  # @return [Types::VerifiedAccessSseSpecificationResponse]
69917
71333
  #
71334
+ # @!attribute [rw] rds_options
71335
+ # The options for an RDS endpoint.
71336
+ # @return [Types::VerifiedAccessEndpointRdsOptions]
71337
+ #
71338
+ # @!attribute [rw] cidr_options
71339
+ # The options for a CIDR endpoint.
71340
+ # @return [Types::VerifiedAccessEndpointCidrOptions]
71341
+ #
69918
71342
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpoint AWS API Documentation
69919
71343
  #
69920
71344
  class VerifiedAccessEndpoint < Struct.new(
@@ -69936,7 +71360,38 @@ module Aws::EC2
69936
71360
  :last_updated_time,
69937
71361
  :deletion_time,
69938
71362
  :tags,
69939
- :sse_specification)
71363
+ :sse_specification,
71364
+ :rds_options,
71365
+ :cidr_options)
71366
+ SENSITIVE = []
71367
+ include Aws::Structure
71368
+ end
71369
+
71370
+ # Describes the CIDR options for a Verified Access endpoint.
71371
+ #
71372
+ # @!attribute [rw] cidr
71373
+ # The CIDR.
71374
+ # @return [String]
71375
+ #
71376
+ # @!attribute [rw] port_ranges
71377
+ # The port ranges.
71378
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71379
+ #
71380
+ # @!attribute [rw] protocol
71381
+ # The protocol.
71382
+ # @return [String]
71383
+ #
71384
+ # @!attribute [rw] subnet_ids
71385
+ # The IDs of the subnets.
71386
+ # @return [Array<String>]
71387
+ #
71388
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointCidrOptions AWS API Documentation
71389
+ #
71390
+ class VerifiedAccessEndpointCidrOptions < Struct.new(
71391
+ :cidr,
71392
+ :port_ranges,
71393
+ :protocol,
71394
+ :subnet_ids)
69940
71395
  SENSITIVE = []
69941
71396
  include Aws::Structure
69942
71397
  end
@@ -69955,12 +71410,17 @@ module Aws::EC2
69955
71410
  # The IP port number.
69956
71411
  # @return [Integer]
69957
71412
  #
71413
+ # @!attribute [rw] port_ranges
71414
+ # The port ranges.
71415
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71416
+ #
69958
71417
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointEniOptions AWS API Documentation
69959
71418
  #
69960
71419
  class VerifiedAccessEndpointEniOptions < Struct.new(
69961
71420
  :network_interface_id,
69962
71421
  :protocol,
69963
- :port)
71422
+ :port,
71423
+ :port_ranges)
69964
71424
  SENSITIVE = []
69965
71425
  include Aws::Structure
69966
71426
  end
@@ -69984,12 +71444,80 @@ module Aws::EC2
69984
71444
  # The IDs of the subnets.
69985
71445
  # @return [Array<String>]
69986
71446
  #
71447
+ # @!attribute [rw] port_ranges
71448
+ # The port ranges.
71449
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71450
+ #
69987
71451
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
69988
71452
  #
69989
71453
  class VerifiedAccessEndpointLoadBalancerOptions < Struct.new(
69990
71454
  :protocol,
69991
71455
  :port,
69992
71456
  :load_balancer_arn,
71457
+ :subnet_ids,
71458
+ :port_ranges)
71459
+ SENSITIVE = []
71460
+ include Aws::Structure
71461
+ end
71462
+
71463
+ # Describes a port range.
71464
+ #
71465
+ # @!attribute [rw] from_port
71466
+ # The start of the port range.
71467
+ # @return [Integer]
71468
+ #
71469
+ # @!attribute [rw] to_port
71470
+ # The end of the port range.
71471
+ # @return [Integer]
71472
+ #
71473
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointPortRange AWS API Documentation
71474
+ #
71475
+ class VerifiedAccessEndpointPortRange < Struct.new(
71476
+ :from_port,
71477
+ :to_port)
71478
+ SENSITIVE = []
71479
+ include Aws::Structure
71480
+ end
71481
+
71482
+ # Describes the RDS options for a Verified Access endpoint.
71483
+ #
71484
+ # @!attribute [rw] protocol
71485
+ # The protocol.
71486
+ # @return [String]
71487
+ #
71488
+ # @!attribute [rw] port
71489
+ # The port.
71490
+ # @return [Integer]
71491
+ #
71492
+ # @!attribute [rw] rds_db_instance_arn
71493
+ # The ARN of the RDS instance.
71494
+ # @return [String]
71495
+ #
71496
+ # @!attribute [rw] rds_db_cluster_arn
71497
+ # The ARN of the DB cluster.
71498
+ # @return [String]
71499
+ #
71500
+ # @!attribute [rw] rds_db_proxy_arn
71501
+ # The ARN of the RDS proxy.
71502
+ # @return [String]
71503
+ #
71504
+ # @!attribute [rw] rds_endpoint
71505
+ # The RDS endpoint.
71506
+ # @return [String]
71507
+ #
71508
+ # @!attribute [rw] subnet_ids
71509
+ # The IDs of the subnets.
71510
+ # @return [Array<String>]
71511
+ #
71512
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointRdsOptions AWS API Documentation
71513
+ #
71514
+ class VerifiedAccessEndpointRdsOptions < Struct.new(
71515
+ :protocol,
71516
+ :port,
71517
+ :rds_db_instance_arn,
71518
+ :rds_db_cluster_arn,
71519
+ :rds_db_proxy_arn,
71520
+ :rds_endpoint,
69993
71521
  :subnet_ids)
69994
71522
  SENSITIVE = []
69995
71523
  include Aws::Structure
@@ -70014,6 +71542,30 @@ module Aws::EC2
70014
71542
  include Aws::Structure
70015
71543
  end
70016
71544
 
71545
+ # Describes the targets for the specified Verified Access endpoint.
71546
+ #
71547
+ # @!attribute [rw] verified_access_endpoint_id
71548
+ # The ID of the Verified Access endpoint.
71549
+ # @return [String]
71550
+ #
71551
+ # @!attribute [rw] verified_access_endpoint_target_ip_address
71552
+ # The IP address of the target.
71553
+ # @return [String]
71554
+ #
71555
+ # @!attribute [rw] verified_access_endpoint_target_dns
71556
+ # The DNS name of the target.
71557
+ # @return [String]
71558
+ #
71559
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointTarget AWS API Documentation
71560
+ #
71561
+ class VerifiedAccessEndpointTarget < Struct.new(
71562
+ :verified_access_endpoint_id,
71563
+ :verified_access_endpoint_target_ip_address,
71564
+ :verified_access_endpoint_target_dns)
71565
+ SENSITIVE = []
71566
+ include Aws::Structure
71567
+ end
71568
+
70017
71569
  # Describes a Verified Access group.
70018
71570
  #
70019
71571
  # @!attribute [rw] verified_access_group_id
@@ -70104,6 +71656,10 @@ module Aws::EC2
70104
71656
  # Standards (FIPS) is enabled on the instance.
70105
71657
  # @return [Boolean]
70106
71658
  #
71659
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
71660
+ # The custom subdomain.
71661
+ # @return [Types::VerifiedAccessInstanceCustomSubDomain]
71662
+ #
70107
71663
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstance AWS API Documentation
70108
71664
  #
70109
71665
  class VerifiedAccessInstance < Struct.new(
@@ -70113,7 +71669,28 @@ module Aws::EC2
70113
71669
  :creation_time,
70114
71670
  :last_updated_time,
70115
71671
  :tags,
70116
- :fips_enabled)
71672
+ :fips_enabled,
71673
+ :cidr_endpoints_custom_sub_domain)
71674
+ SENSITIVE = []
71675
+ include Aws::Structure
71676
+ end
71677
+
71678
+ # Describes a custom subdomain for a network CIDR endpoint for Verified
71679
+ # Access.
71680
+ #
71681
+ # @!attribute [rw] sub_domain
71682
+ # The subdomain.
71683
+ # @return [String]
71684
+ #
71685
+ # @!attribute [rw] nameservers
71686
+ # The name servers.
71687
+ # @return [Array<String>]
71688
+ #
71689
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceCustomSubDomain AWS API Documentation
71690
+ #
71691
+ class VerifiedAccessInstanceCustomSubDomain < Struct.new(
71692
+ :sub_domain,
71693
+ :nameservers)
70117
71694
  SENSITIVE = []
70118
71695
  include Aws::Structure
70119
71696
  end
@@ -70138,6 +71715,98 @@ module Aws::EC2
70138
71715
  include Aws::Structure
70139
71716
  end
70140
71717
 
71718
+ # Describes a set of routes.
71719
+ #
71720
+ # @!attribute [rw] config
71721
+ # The base64-encoded Open VPN client configuration.
71722
+ # @return [String]
71723
+ #
71724
+ # @!attribute [rw] routes
71725
+ # The routes.
71726
+ # @return [Array<Types::VerifiedAccessInstanceOpenVpnClientConfigurationRoute>]
71727
+ #
71728
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceOpenVpnClientConfiguration AWS API Documentation
71729
+ #
71730
+ class VerifiedAccessInstanceOpenVpnClientConfiguration < Struct.new(
71731
+ :config,
71732
+ :routes)
71733
+ SENSITIVE = []
71734
+ include Aws::Structure
71735
+ end
71736
+
71737
+ # Describes a route.
71738
+ #
71739
+ # @!attribute [rw] cidr
71740
+ # The CIDR block.
71741
+ # @return [String]
71742
+ #
71743
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceOpenVpnClientConfigurationRoute AWS API Documentation
71744
+ #
71745
+ class VerifiedAccessInstanceOpenVpnClientConfigurationRoute < Struct.new(
71746
+ :cidr)
71747
+ SENSITIVE = []
71748
+ include Aws::Structure
71749
+ end
71750
+
71751
+ # Describes the trust provider.
71752
+ #
71753
+ # @!attribute [rw] type
71754
+ # The trust provider type.
71755
+ # @return [String]
71756
+ #
71757
+ # @!attribute [rw] scopes
71758
+ # The set of user claims to be requested from the IdP.
71759
+ # @return [String]
71760
+ #
71761
+ # @!attribute [rw] issuer
71762
+ # The OIDC issuer identifier of the IdP.
71763
+ # @return [String]
71764
+ #
71765
+ # @!attribute [rw] authorization_endpoint
71766
+ # The authorization endpoint of the IdP.
71767
+ # @return [String]
71768
+ #
71769
+ # @!attribute [rw] public_signing_key_endpoint
71770
+ # The public signing key endpoint.
71771
+ # @return [String]
71772
+ #
71773
+ # @!attribute [rw] token_endpoint
71774
+ # The token endpoint of the IdP.
71775
+ # @return [String]
71776
+ #
71777
+ # @!attribute [rw] user_info_endpoint
71778
+ # The user info endpoint of the IdP.
71779
+ # @return [String]
71780
+ #
71781
+ # @!attribute [rw] client_id
71782
+ # The OAuth 2.0 client identifier.
71783
+ # @return [String]
71784
+ #
71785
+ # @!attribute [rw] client_secret
71786
+ # The OAuth 2.0 client secret.
71787
+ # @return [String]
71788
+ #
71789
+ # @!attribute [rw] pkce_enabled
71790
+ # Indicates whether Proof of Key Code Exchange (PKCE) is enabled.
71791
+ # @return [Boolean]
71792
+ #
71793
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceUserTrustProviderClientConfiguration AWS API Documentation
71794
+ #
71795
+ class VerifiedAccessInstanceUserTrustProviderClientConfiguration < Struct.new(
71796
+ :type,
71797
+ :scopes,
71798
+ :issuer,
71799
+ :authorization_endpoint,
71800
+ :public_signing_key_endpoint,
71801
+ :token_endpoint,
71802
+ :user_info_endpoint,
71803
+ :client_id,
71804
+ :client_secret,
71805
+ :pkce_enabled)
71806
+ SENSITIVE = [:client_secret]
71807
+ include Aws::Structure
71808
+ end
71809
+
70141
71810
  # Options for CloudWatch Logs as a logging destination.
70142
71811
  #
70143
71812
  # @!attribute [rw] enabled
@@ -70477,6 +72146,10 @@ module Aws::EC2
70477
72146
  # The options in use for server side encryption.
70478
72147
  # @return [Types::VerifiedAccessSseSpecificationResponse]
70479
72148
  #
72149
+ # @!attribute [rw] native_application_oidc_options
72150
+ # The OpenID Connect (OIDC) options.
72151
+ # @return [Types::NativeApplicationOidcOptions]
72152
+ #
70480
72153
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessTrustProvider AWS API Documentation
70481
72154
  #
70482
72155
  class VerifiedAccessTrustProvider < Struct.new(
@@ -70491,7 +72164,8 @@ module Aws::EC2
70491
72164
  :creation_time,
70492
72165
  :last_updated_time,
70493
72166
  :tags,
70494
- :sse_specification)
72167
+ :sse_specification,
72168
+ :native_application_oidc_options)
70495
72169
  SENSITIVE = []
70496
72170
  include Aws::Structure
70497
72171
  end
@@ -70621,7 +72295,7 @@ module Aws::EC2
70621
72295
  # @return [String]
70622
72296
  #
70623
72297
  # @!attribute [rw] operator
70624
- # The entity that manages the volume.
72298
+ # The service provider that manages the volume.
70625
72299
  # @return [Types::OperatorResponse]
70626
72300
  #
70627
72301
  # @!attribute [rw] volume_id
@@ -71229,6 +72903,26 @@ module Aws::EC2
71229
72903
  # The last time the VPC BPA mode was updated.
71230
72904
  # @return [Time]
71231
72905
  #
72906
+ # @!attribute [rw] managed_by
72907
+ # The entity that manages the state of VPC BPA. Possible values
72908
+ # include:
72909
+ #
72910
+ # * `account` - The state is managed by the account.
72911
+ #
72912
+ # * `declarative-policy` - The state is managed by a declarative
72913
+ # policy and can't be modified by the account.
72914
+ # @return [String]
72915
+ #
72916
+ # @!attribute [rw] exclusions_allowed
72917
+ # Determines if exclusions are allowed. If you have [enabled VPC BPA
72918
+ # at the Organization level][1], exclusions may be `not-allowed`.
72919
+ # Otherwise, they are `allowed`.
72920
+ #
72921
+ #
72922
+ #
72923
+ # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html#security-vpc-bpa-exclusions-orgs
72924
+ # @return [String]
72925
+ #
71232
72926
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcBlockPublicAccessOptions AWS API Documentation
71233
72927
  #
71234
72928
  class VpcBlockPublicAccessOptions < Struct.new(
@@ -71237,7 +72931,9 @@ module Aws::EC2
71237
72931
  :state,
71238
72932
  :internet_gateway_block_mode,
71239
72933
  :reason,
71240
- :last_update_timestamp)
72934
+ :last_update_timestamp,
72935
+ :managed_by,
72936
+ :exclusions_allowed)
71241
72937
  SENSITIVE = []
71242
72938
  include Aws::Structure
71243
72939
  end
@@ -71394,6 +73090,30 @@ module Aws::EC2
71394
73090
  # The last error that occurred for endpoint.
71395
73091
  # @return [Types::LastError]
71396
73092
  #
73093
+ # @!attribute [rw] ipv_4_prefixes
73094
+ # Array of IPv4 prefixes.
73095
+ # @return [Array<Types::SubnetIpPrefixes>]
73096
+ #
73097
+ # @!attribute [rw] ipv_6_prefixes
73098
+ # Array of IPv6 prefixes.
73099
+ # @return [Array<Types::SubnetIpPrefixes>]
73100
+ #
73101
+ # @!attribute [rw] failure_reason
73102
+ # Reason for the failure.
73103
+ # @return [String]
73104
+ #
73105
+ # @!attribute [rw] service_network_arn
73106
+ # The Amazon Resource Name (ARN) of the service network.
73107
+ # @return [String]
73108
+ #
73109
+ # @!attribute [rw] resource_configuration_arn
73110
+ # The Amazon Resource Name (ARN) of the resource configuration.
73111
+ # @return [String]
73112
+ #
73113
+ # @!attribute [rw] service_region
73114
+ # The Region where the service is hosted.
73115
+ # @return [String]
73116
+ #
71397
73117
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcEndpoint AWS API Documentation
71398
73118
  #
71399
73119
  class VpcEndpoint < Struct.new(
@@ -71415,7 +73135,86 @@ module Aws::EC2
71415
73135
  :creation_timestamp,
71416
73136
  :tags,
71417
73137
  :owner_id,
71418
- :last_error)
73138
+ :last_error,
73139
+ :ipv_4_prefixes,
73140
+ :ipv_6_prefixes,
73141
+ :failure_reason,
73142
+ :service_network_arn,
73143
+ :resource_configuration_arn,
73144
+ :service_region)
73145
+ SENSITIVE = []
73146
+ include Aws::Structure
73147
+ end
73148
+
73149
+ # Describes the VPC resources, VPC endpoint services, Lattice services,
73150
+ # or service networks associated with the VPC endpoint.
73151
+ #
73152
+ # @!attribute [rw] id
73153
+ # The ID of the VPC endpoint association.
73154
+ # @return [String]
73155
+ #
73156
+ # @!attribute [rw] vpc_endpoint_id
73157
+ # The ID of the VPC endpoint.
73158
+ # @return [String]
73159
+ #
73160
+ # @!attribute [rw] service_network_arn
73161
+ # The Amazon Resource Name (ARN) of the service network.
73162
+ # @return [String]
73163
+ #
73164
+ # @!attribute [rw] service_network_name
73165
+ # The name of the service network.
73166
+ # @return [String]
73167
+ #
73168
+ # @!attribute [rw] associated_resource_accessibility
73169
+ # The connectivity status of the resources associated to a VPC
73170
+ # endpoint. The resource is accessible if the associated resource
73171
+ # configuration is `AVAILABLE`, otherwise the resource is
73172
+ # inaccessible.
73173
+ # @return [String]
73174
+ #
73175
+ # @!attribute [rw] failure_reason
73176
+ # A message related to why an VPC endpoint association failed.
73177
+ # @return [String]
73178
+ #
73179
+ # @!attribute [rw] failure_code
73180
+ # An error code related to why an VPC endpoint association failed.
73181
+ # @return [String]
73182
+ #
73183
+ # @!attribute [rw] dns_entry
73184
+ # The DNS entry of the VPC endpoint association.
73185
+ # @return [Types::DnsEntry]
73186
+ #
73187
+ # @!attribute [rw] private_dns_entry
73188
+ # The private DNS entry of the VPC endpoint association.
73189
+ # @return [Types::DnsEntry]
73190
+ #
73191
+ # @!attribute [rw] associated_resource_arn
73192
+ # The Amazon Resource Name (ARN) of the associated resource.
73193
+ # @return [String]
73194
+ #
73195
+ # @!attribute [rw] resource_configuration_group_arn
73196
+ # The Amazon Resource Name (ARN) of the resource configuration group.
73197
+ # @return [String]
73198
+ #
73199
+ # @!attribute [rw] tags
73200
+ # The tags to apply to the VPC endpoint association.
73201
+ # @return [Array<Types::Tag>]
73202
+ #
73203
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcEndpointAssociation AWS API Documentation
73204
+ #
73205
+ class VpcEndpointAssociation < Struct.new(
73206
+ :id,
73207
+ :vpc_endpoint_id,
73208
+ :service_network_arn,
73209
+ :service_network_name,
73210
+ :associated_resource_accessibility,
73211
+ :failure_reason,
73212
+ :failure_code,
73213
+ :dns_entry,
73214
+ :private_dns_entry,
73215
+ :associated_resource_arn,
73216
+ :resource_configuration_group_arn,
73217
+ :tags)
71419
73218
  SENSITIVE = []
71420
73219
  include Aws::Structure
71421
73220
  end
@@ -71469,6 +73268,10 @@ module Aws::EC2
71469
73268
  # The tags.
71470
73269
  # @return [Array<Types::Tag>]
71471
73270
  #
73271
+ # @!attribute [rw] vpc_endpoint_region
73272
+ # The Region of the endpoint.
73273
+ # @return [String]
73274
+ #
71472
73275
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcEndpointConnection AWS API Documentation
71473
73276
  #
71474
73277
  class VpcEndpointConnection < Struct.new(
@@ -71482,7 +73285,8 @@ module Aws::EC2
71482
73285
  :gateway_load_balancer_arns,
71483
73286
  :ip_address_type,
71484
73287
  :vpc_endpoint_connection_id,
71485
- :tags)
73288
+ :tags,
73289
+ :vpc_endpoint_region)
71486
73290
  SENSITIVE = []
71487
73291
  include Aws::Structure
71488
73292
  end