aws-sdk-ec2 1.494.0 → 1.496.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -3258,6 +3258,43 @@ module Aws::EC2
3258
3258
  include Aws::Structure
3259
3259
  end
3260
3260
 
3261
+ # A summary report for the attribute across all Regions.
3262
+ #
3263
+ # @!attribute [rw] attribute_name
3264
+ # The name of the attribute.
3265
+ # @return [String]
3266
+ #
3267
+ # @!attribute [rw] most_frequent_value
3268
+ # The configuration value that is most frequently observed for the
3269
+ # attribute.
3270
+ # @return [String]
3271
+ #
3272
+ # @!attribute [rw] number_of_matched_accounts
3273
+ # The number of accounts with the same configuration value for the
3274
+ # attribute that is most frequently observed.
3275
+ # @return [Integer]
3276
+ #
3277
+ # @!attribute [rw] number_of_unmatched_accounts
3278
+ # The number of accounts with a configuration value different from the
3279
+ # most frequently observed value for the attribute.
3280
+ # @return [Integer]
3281
+ #
3282
+ # @!attribute [rw] regional_summaries
3283
+ # The summary report for each Region for the attribute.
3284
+ # @return [Array<Types::RegionalSummary>]
3285
+ #
3286
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AttributeSummary AWS API Documentation
3287
+ #
3288
+ class AttributeSummary < Struct.new(
3289
+ :attribute_name,
3290
+ :most_frequent_value,
3291
+ :number_of_matched_accounts,
3292
+ :number_of_unmatched_accounts,
3293
+ :regional_summaries)
3294
+ SENSITIVE = []
3295
+ include Aws::Structure
3296
+ end
3297
+
3261
3298
  # Describes a value for a resource attribute that is a String.
3262
3299
  #
3263
3300
  # @!attribute [rw] value
@@ -4281,6 +4318,38 @@ module Aws::EC2
4281
4318
  include Aws::Structure
4282
4319
  end
4283
4320
 
4321
+ # @!attribute [rw] dry_run
4322
+ # Checks whether you have the required permissions for the action,
4323
+ # without actually making the request, and provides an error response.
4324
+ # If you have the required permissions, the error response is
4325
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
4326
+ # @return [Boolean]
4327
+ #
4328
+ # @!attribute [rw] report_id
4329
+ # The ID of the report.
4330
+ # @return [String]
4331
+ #
4332
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CancelDeclarativePoliciesReportRequest AWS API Documentation
4333
+ #
4334
+ class CancelDeclarativePoliciesReportRequest < Struct.new(
4335
+ :dry_run,
4336
+ :report_id)
4337
+ SENSITIVE = []
4338
+ include Aws::Structure
4339
+ end
4340
+
4341
+ # @!attribute [rw] return
4342
+ # Is `true` if the request succeeds, and an error otherwise.
4343
+ # @return [Boolean]
4344
+ #
4345
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CancelDeclarativePoliciesReportResult AWS API Documentation
4346
+ #
4347
+ class CancelDeclarativePoliciesReportResult < Struct.new(
4348
+ :return)
4349
+ SENSITIVE = []
4350
+ include Aws::Structure
4351
+ end
4352
+
4284
4353
  # @!attribute [rw] export_task_id
4285
4354
  # The ID of the export task. This is the ID returned by the
4286
4355
  # `CreateInstanceExportTask` and `ExportImage` operations.
@@ -12844,6 +12913,35 @@ module Aws::EC2
12844
12913
  include Aws::Structure
12845
12914
  end
12846
12915
 
12916
+ # Describes the CIDR options for a Verified Access endpoint.
12917
+ #
12918
+ # @!attribute [rw] protocol
12919
+ # The protocol.
12920
+ # @return [String]
12921
+ #
12922
+ # @!attribute [rw] subnet_ids
12923
+ # The IDs of the subnets.
12924
+ # @return [Array<String>]
12925
+ #
12926
+ # @!attribute [rw] cidr
12927
+ # The CIDR.
12928
+ # @return [String]
12929
+ #
12930
+ # @!attribute [rw] port_ranges
12931
+ # The port ranges.
12932
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12933
+ #
12934
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointCidrOptions AWS API Documentation
12935
+ #
12936
+ class CreateVerifiedAccessEndpointCidrOptions < Struct.new(
12937
+ :protocol,
12938
+ :subnet_ids,
12939
+ :cidr,
12940
+ :port_ranges)
12941
+ SENSITIVE = []
12942
+ include Aws::Structure
12943
+ end
12944
+
12847
12945
  # Describes the network interface options when creating an Amazon Web
12848
12946
  # Services Verified Access endpoint using the `network-interface` type.
12849
12947
  #
@@ -12859,12 +12957,17 @@ module Aws::EC2
12859
12957
  # The IP port number.
12860
12958
  # @return [Integer]
12861
12959
  #
12960
+ # @!attribute [rw] port_ranges
12961
+ # The port ranges.
12962
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12963
+ #
12862
12964
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointEniOptions AWS API Documentation
12863
12965
  #
12864
12966
  class CreateVerifiedAccessEndpointEniOptions < Struct.new(
12865
12967
  :network_interface_id,
12866
12968
  :protocol,
12867
- :port)
12969
+ :port,
12970
+ :port_ranges)
12868
12971
  SENSITIVE = []
12869
12972
  include Aws::Structure
12870
12973
  end
@@ -12888,12 +12991,80 @@ module Aws::EC2
12888
12991
  # The IDs of the subnets.
12889
12992
  # @return [Array<String>]
12890
12993
  #
12994
+ # @!attribute [rw] port_ranges
12995
+ # The port ranges.
12996
+ # @return [Array<Types::CreateVerifiedAccessEndpointPortRange>]
12997
+ #
12891
12998
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
12892
12999
  #
12893
13000
  class CreateVerifiedAccessEndpointLoadBalancerOptions < Struct.new(
12894
13001
  :protocol,
12895
13002
  :port,
12896
13003
  :load_balancer_arn,
13004
+ :subnet_ids,
13005
+ :port_ranges)
13006
+ SENSITIVE = []
13007
+ include Aws::Structure
13008
+ end
13009
+
13010
+ # Describes the port range for a Verified Access endpoint.
13011
+ #
13012
+ # @!attribute [rw] from_port
13013
+ # The start of the port range.
13014
+ # @return [Integer]
13015
+ #
13016
+ # @!attribute [rw] to_port
13017
+ # The end of the port range.
13018
+ # @return [Integer]
13019
+ #
13020
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointPortRange AWS API Documentation
13021
+ #
13022
+ class CreateVerifiedAccessEndpointPortRange < Struct.new(
13023
+ :from_port,
13024
+ :to_port)
13025
+ SENSITIVE = []
13026
+ include Aws::Structure
13027
+ end
13028
+
13029
+ # Describes the RDS options for a Verified Access endpoint.
13030
+ #
13031
+ # @!attribute [rw] protocol
13032
+ # The protocol.
13033
+ # @return [String]
13034
+ #
13035
+ # @!attribute [rw] port
13036
+ # The port.
13037
+ # @return [Integer]
13038
+ #
13039
+ # @!attribute [rw] rds_db_instance_arn
13040
+ # The ARN of the RDS instance.
13041
+ # @return [String]
13042
+ #
13043
+ # @!attribute [rw] rds_db_cluster_arn
13044
+ # The ARN of the DB cluster.
13045
+ # @return [String]
13046
+ #
13047
+ # @!attribute [rw] rds_db_proxy_arn
13048
+ # The ARN of the RDS proxy.
13049
+ # @return [String]
13050
+ #
13051
+ # @!attribute [rw] rds_endpoint
13052
+ # The RDS endpoint.
13053
+ # @return [String]
13054
+ #
13055
+ # @!attribute [rw] subnet_ids
13056
+ # The IDs of the subnets.
13057
+ # @return [Array<String>]
13058
+ #
13059
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointRdsOptions AWS API Documentation
13060
+ #
13061
+ class CreateVerifiedAccessEndpointRdsOptions < Struct.new(
13062
+ :protocol,
13063
+ :port,
13064
+ :rds_db_instance_arn,
13065
+ :rds_db_cluster_arn,
13066
+ :rds_db_proxy_arn,
13067
+ :rds_endpoint,
12897
13068
  :subnet_ids)
12898
13069
  SENSITIVE = []
12899
13070
  include Aws::Structure
@@ -12978,6 +13149,16 @@ module Aws::EC2
12978
13149
  # The options for server side encryption.
12979
13150
  # @return [Types::VerifiedAccessSseSpecificationRequest]
12980
13151
  #
13152
+ # @!attribute [rw] rds_options
13153
+ # The RDS details. This parameter is required if the endpoint type is
13154
+ # `rds`.
13155
+ # @return [Types::CreateVerifiedAccessEndpointRdsOptions]
13156
+ #
13157
+ # @!attribute [rw] cidr_options
13158
+ # The CIDR options. This parameter is required if the endpoint type is
13159
+ # `cidr`.
13160
+ # @return [Types::CreateVerifiedAccessEndpointCidrOptions]
13161
+ #
12981
13162
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessEndpointRequest AWS API Documentation
12982
13163
  #
12983
13164
  class CreateVerifiedAccessEndpointRequest < Struct.new(
@@ -12995,7 +13176,9 @@ module Aws::EC2
12995
13176
  :tag_specifications,
12996
13177
  :client_token,
12997
13178
  :dry_run,
12998
- :sse_specification)
13179
+ :sse_specification,
13180
+ :rds_options,
13181
+ :cidr_options)
12999
13182
  SENSITIVE = []
13000
13183
  include Aws::Structure
13001
13184
  end
@@ -13111,6 +13294,10 @@ module Aws::EC2
13111
13294
  # Standards (FIPS) on the instance.
13112
13295
  # @return [Boolean]
13113
13296
  #
13297
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
13298
+ # The custom subdomain.
13299
+ # @return [String]
13300
+ #
13114
13301
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessInstanceRequest AWS API Documentation
13115
13302
  #
13116
13303
  class CreateVerifiedAccessInstanceRequest < Struct.new(
@@ -13118,7 +13305,8 @@ module Aws::EC2
13118
13305
  :tag_specifications,
13119
13306
  :client_token,
13120
13307
  :dry_run,
13121
- :fips_enabled)
13308
+ :fips_enabled,
13309
+ :cidr_endpoints_custom_sub_domain)
13122
13310
  SENSITIVE = []
13123
13311
  include Aws::Structure
13124
13312
  end
@@ -13135,6 +13323,55 @@ module Aws::EC2
13135
13323
  include Aws::Structure
13136
13324
  end
13137
13325
 
13326
+ # Describes the OpenID Connect (OIDC) options.
13327
+ #
13328
+ # @!attribute [rw] public_signing_key_endpoint
13329
+ # The public signing key endpoint.
13330
+ # @return [String]
13331
+ #
13332
+ # @!attribute [rw] issuer
13333
+ # The OIDC issuer identifier of the IdP.
13334
+ # @return [String]
13335
+ #
13336
+ # @!attribute [rw] authorization_endpoint
13337
+ # The authorization endpoint of the IdP.
13338
+ # @return [String]
13339
+ #
13340
+ # @!attribute [rw] token_endpoint
13341
+ # The token endpoint of the IdP.
13342
+ # @return [String]
13343
+ #
13344
+ # @!attribute [rw] user_info_endpoint
13345
+ # The user info endpoint of the IdP.
13346
+ # @return [String]
13347
+ #
13348
+ # @!attribute [rw] client_id
13349
+ # The OAuth 2.0 client identifier.
13350
+ # @return [String]
13351
+ #
13352
+ # @!attribute [rw] client_secret
13353
+ # The OAuth 2.0 client secret.
13354
+ # @return [String]
13355
+ #
13356
+ # @!attribute [rw] scope
13357
+ # The set of user claims to be requested from the IdP.
13358
+ # @return [String]
13359
+ #
13360
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessNativeApplicationOidcOptions AWS API Documentation
13361
+ #
13362
+ class CreateVerifiedAccessNativeApplicationOidcOptions < Struct.new(
13363
+ :public_signing_key_endpoint,
13364
+ :issuer,
13365
+ :authorization_endpoint,
13366
+ :token_endpoint,
13367
+ :user_info_endpoint,
13368
+ :client_id,
13369
+ :client_secret,
13370
+ :scope)
13371
+ SENSITIVE = [:client_secret]
13372
+ include Aws::Structure
13373
+ end
13374
+
13138
13375
  # Describes the options when creating an Amazon Web Services Verified
13139
13376
  # Access trust provider using the `device` type.
13140
13377
  #
@@ -13264,6 +13501,10 @@ module Aws::EC2
13264
13501
  # The options for server side encryption.
13265
13502
  # @return [Types::VerifiedAccessSseSpecificationRequest]
13266
13503
  #
13504
+ # @!attribute [rw] native_application_oidc_options
13505
+ # The OpenID Connect (OIDC) options.
13506
+ # @return [Types::CreateVerifiedAccessNativeApplicationOidcOptions]
13507
+ #
13267
13508
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateVerifiedAccessTrustProviderRequest AWS API Documentation
13268
13509
  #
13269
13510
  class CreateVerifiedAccessTrustProviderRequest < Struct.new(
@@ -13277,7 +13518,8 @@ module Aws::EC2
13277
13518
  :tag_specifications,
13278
13519
  :client_token,
13279
13520
  :dry_run,
13280
- :sse_specification)
13521
+ :sse_specification,
13522
+ :native_application_oidc_options)
13281
13523
  SENSITIVE = []
13282
13524
  include Aws::Structure
13283
13525
  end
@@ -13753,6 +13995,16 @@ module Aws::EC2
13753
13995
  # The subnet configurations for the endpoint.
13754
13996
  # @return [Array<Types::SubnetConfiguration>]
13755
13997
  #
13998
+ # @!attribute [rw] service_network_arn
13999
+ # The Amazon Resource Name (ARN) of a service network that will be
14000
+ # associated with the VPC endpoint of type service-network.
14001
+ # @return [String]
14002
+ #
14003
+ # @!attribute [rw] resource_configuration_arn
14004
+ # The Amazon Resource Name (ARN) of a resource configuration that will
14005
+ # be associated with the VPC endpoint of type resource.
14006
+ # @return [String]
14007
+ #
13756
14008
  # @!attribute [rw] service_region
13757
14009
  # The Region where the service is hosted. The default is the current
13758
14010
  # Region.
@@ -13775,6 +14027,8 @@ module Aws::EC2
13775
14027
  :private_dns_enabled,
13776
14028
  :tag_specifications,
13777
14029
  :subnet_configurations,
14030
+ :service_network_arn,
14031
+ :resource_configuration_arn,
13778
14032
  :service_region)
13779
14033
  SENSITIVE = []
13780
14034
  include Aws::Structure
@@ -14405,6 +14659,63 @@ module Aws::EC2
14405
14659
  include Aws::Structure
14406
14660
  end
14407
14661
 
14662
+ # Describes the metadata of the account status report.
14663
+ #
14664
+ # @!attribute [rw] report_id
14665
+ # The ID of the report.
14666
+ # @return [String]
14667
+ #
14668
+ # @!attribute [rw] s3_bucket
14669
+ # The name of the Amazon S3 bucket where the report is located.
14670
+ # @return [String]
14671
+ #
14672
+ # @!attribute [rw] s3_prefix
14673
+ # The prefix for your S3 object.
14674
+ # @return [String]
14675
+ #
14676
+ # @!attribute [rw] target_id
14677
+ # The root ID, organizational unit ID, or account ID.
14678
+ #
14679
+ # Format:
14680
+ #
14681
+ # * For root: `r-ab12`
14682
+ #
14683
+ # * For OU: `ou-ab12-cdef1234`
14684
+ #
14685
+ # * For account: `123456789012`
14686
+ # @return [String]
14687
+ #
14688
+ # @!attribute [rw] start_time
14689
+ # The time when the report generation started.
14690
+ # @return [Time]
14691
+ #
14692
+ # @!attribute [rw] end_time
14693
+ # The time when the report generation ended.
14694
+ # @return [Time]
14695
+ #
14696
+ # @!attribute [rw] status
14697
+ # The current status of the report.
14698
+ # @return [String]
14699
+ #
14700
+ # @!attribute [rw] tags
14701
+ # Any tags assigned to the report.
14702
+ # @return [Array<Types::Tag>]
14703
+ #
14704
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeclarativePoliciesReport AWS API Documentation
14705
+ #
14706
+ class DeclarativePoliciesReport < Struct.new(
14707
+ :report_id,
14708
+ :s3_bucket,
14709
+ :s3_prefix,
14710
+ :target_id,
14711
+ :start_time,
14712
+ :end_time,
14713
+ :status,
14714
+ :tags)
14715
+ SENSITIVE = []
14716
+ include Aws::Structure
14717
+ end
14718
+
14408
14719
  # @!attribute [rw] carrier_gateway_id
14409
14720
  # The ID of the carrier gateway.
14410
14721
  # @return [String]
@@ -18992,6 +19303,62 @@ module Aws::EC2
18992
19303
  include Aws::Structure
18993
19304
  end
18994
19305
 
19306
+ # @!attribute [rw] dry_run
19307
+ # Checks whether you have the required permissions for the action,
19308
+ # without actually making the request, and provides an error response.
19309
+ # If you have the required permissions, the error response is
19310
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
19311
+ # @return [Boolean]
19312
+ #
19313
+ # @!attribute [rw] next_token
19314
+ # The token returned from a previous paginated request. Pagination
19315
+ # continues from the end of the items returned by the previous
19316
+ # request.
19317
+ # @return [String]
19318
+ #
19319
+ # @!attribute [rw] max_results
19320
+ # The maximum number of items to return for this request. To get the
19321
+ # next page of items, make another request with the token returned in
19322
+ # the output. For more information, see [Pagination][1].
19323
+ #
19324
+ #
19325
+ #
19326
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination
19327
+ # @return [Integer]
19328
+ #
19329
+ # @!attribute [rw] report_ids
19330
+ # One or more report IDs.
19331
+ # @return [Array<String>]
19332
+ #
19333
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeDeclarativePoliciesReportsRequest AWS API Documentation
19334
+ #
19335
+ class DescribeDeclarativePoliciesReportsRequest < Struct.new(
19336
+ :dry_run,
19337
+ :next_token,
19338
+ :max_results,
19339
+ :report_ids)
19340
+ SENSITIVE = []
19341
+ include Aws::Structure
19342
+ end
19343
+
19344
+ # @!attribute [rw] next_token
19345
+ # The token to include in another request to get the next page of
19346
+ # items. This value is `null` when there are no more items to return.
19347
+ # @return [String]
19348
+ #
19349
+ # @!attribute [rw] reports
19350
+ # The report metadata.
19351
+ # @return [Array<Types::DeclarativePoliciesReport>]
19352
+ #
19353
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeDeclarativePoliciesReportsResult AWS API Documentation
19354
+ #
19355
+ class DescribeDeclarativePoliciesReportsResult < Struct.new(
19356
+ :next_token,
19357
+ :reports)
19358
+ SENSITIVE = []
19359
+ include Aws::Structure
19360
+ end
19361
+
18995
19362
  # @!attribute [rw] dhcp_options_ids
18996
19363
  # The IDs of DHCP option sets.
18997
19364
  # @return [Array<String>]
@@ -20614,6 +20981,9 @@ module Aws::EC2
20614
20981
  #
20615
20982
  # * `hypervisor` - The hypervisor type (`ovm` \| `xen`).
20616
20983
  #
20984
+ # * `image-allowed` - A Boolean that indicates whether the image meets
20985
+ # the criteria specified for Allowed AMIs.
20986
+ #
20617
20987
  # * `image-id` - The ID of the image.
20618
20988
  #
20619
20989
  # * `image-type` - The image type (`machine` \| `kernel` \|
@@ -20654,6 +21024,11 @@ module Aws::EC2
20654
21024
  # * `root-device-type` - The type of the root device volume (`ebs` \|
20655
21025
  # `instance-store`).
20656
21026
  #
21027
+ # * `source-image-id` - The ID of the source AMI from which the AMI
21028
+ # was created.
21029
+ #
21030
+ # * `source-image-region` - The Region of the source AMI.
21031
+ #
20657
21032
  # * `source-instance-id` - The ID of the instance that the AMI was
20658
21033
  # created from if the AMI was created using CreateImage. This filter
20659
21034
  # is applicable only if the AMI was created using [CreateImage][1].
@@ -21145,6 +21520,9 @@ module Aws::EC2
21145
21520
  #
21146
21521
  # * `instance-id` - The ID of the instance.
21147
21522
  #
21523
+ # * `image-allowed` - A Boolean that indicates whether the image meets
21524
+ # the criteria specified for Allowed AMIs.
21525
+ #
21148
21526
  # * `instance-state-name` - The state of the instance (`pending` \|
21149
21527
  # `running` \| `shutting-down` \| `terminated` \| `stopping` \|
21150
21528
  # `stopped`).
@@ -21156,6 +21534,16 @@ module Aws::EC2
21156
21534
  # for example, `2023-09-29T11:04:43.305Z`. You can use a wildcard
21157
21535
  # (`*`), for example, `2023-09-29T*`, which matches an entire day.
21158
21536
  #
21537
+ # * `owner-alias` - The owner alias (`amazon` \| `aws-marketplace` \|
21538
+ # `aws-backup-vault`). The valid aliases are defined in an
21539
+ # Amazon-maintained list. This is not the Amazon Web Services
21540
+ # account alias that can be set using the IAM console. We recommend
21541
+ # that you use the `Owner` request parameter instead of this filter.
21542
+ #
21543
+ # * `owner-id` - The Amazon Web Services account ID of the owner. We
21544
+ # recommend that you use the `Owner` request parameter instead of
21545
+ # this filter.
21546
+ #
21159
21547
  # * `tag:<key>` - The key/value combination of a tag assigned to the
21160
21548
  # resource. Use the tag key in the filter name and the tag value as
21161
21549
  # the filter value. For example, to find all resources that have a
@@ -21639,6 +22027,10 @@ module Aws::EC2
21639
22027
  #
21640
22028
  # * `memory-info.size-in-mib` - The memory size.
21641
22029
  #
22030
+ # * `network-info.bandwidth-weightings` - For instances that support
22031
+ # bandwidth weighting to boost performance (`default`, `vpc-1`,
22032
+ # `ebs-1`).
22033
+ #
21642
22034
  # * `network-info.efa-info.maximum-efa-interfaces` - The maximum
21643
22035
  # number of Elastic Fabric Adapters (EFAs) per instance.
21644
22036
  #
@@ -22094,6 +22486,10 @@ module Aws::EC2
22094
22486
  # * `network-interface.vpc-id` - The ID of the VPC for the network
22095
22487
  # interface.
22096
22488
  #
22489
+ # * `network-performance-options.bandwidth-weighting` - Where the
22490
+ # performance boost is applied, if applicable. Valid values:
22491
+ # `default`, `vpc-1`, `ebs-1`.
22492
+ #
22097
22493
  # * `operator.managed` - A Boolean that indicates whether this is a
22098
22494
  # managed instance.
22099
22495
  #
@@ -24529,13 +24925,6 @@ module Aws::EC2
24529
24925
  #
24530
24926
  # * `network-interface-id` - The ID of the network interface.
24531
24927
  #
24532
- # * `operator.managed` - A Boolean that indicates whether this is a
24533
- # managed network interface.
24534
- #
24535
- # * `operator.principal` - The principal that manages the network
24536
- # interface. Only valid for managed network interfaces, where
24537
- # `managed` is `true`.
24538
- #
24539
24928
  # * `owner-id` - The Amazon Web Services account ID of the network
24540
24929
  # interface owner.
24541
24930
  #
@@ -26194,6 +26583,9 @@ module Aws::EC2
26194
26583
  # * `storage-tier` - The storage tier of the snapshot (`archive` \|
26195
26584
  # `standard`).
26196
26585
  #
26586
+ # * `transfer-type` - The type of operation used to create the
26587
+ # snapshot (`time-based` \| `standard`).
26588
+ #
26197
26589
  # * `tag`:&lt;key&gt; - The key/value combination of a tag assigned to
26198
26590
  # the resource. Use the tag key in the filter name and the tag value
26199
26591
  # as the filter value. For example, to find all resources that have
@@ -29096,6 +29488,79 @@ module Aws::EC2
29096
29488
  include Aws::Structure
29097
29489
  end
29098
29490
 
29491
+ # @!attribute [rw] dry_run
29492
+ # Checks whether you have the required permissions for the action,
29493
+ # without actually making the request, and provides an error response.
29494
+ # If you have the required permissions, the error response is
29495
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
29496
+ # @return [Boolean]
29497
+ #
29498
+ # @!attribute [rw] vpc_endpoint_ids
29499
+ # The IDs of the VPC endpoints.
29500
+ # @return [Array<String>]
29501
+ #
29502
+ # @!attribute [rw] filters
29503
+ # The filters.
29504
+ #
29505
+ # * `vpc-endpoint-id` - The ID of the VPC endpoint.
29506
+ #
29507
+ # * `associated-resource-accessibility` - The association state. When
29508
+ # the state is `accessible`, it returns `AVAILABLE`. When the state
29509
+ # is `inaccessible`, it returns `PENDING` or `FAILED`.
29510
+ #
29511
+ # * `association-id` - The ID of the VPC endpoint association.
29512
+ #
29513
+ # * `associated-resource-id` - The ID of the associated resource
29514
+ # configuration.
29515
+ #
29516
+ # * `service-network-arn` - The Amazon Resource Name (ARN) of the
29517
+ # associated service network. Only VPC endpoints of type service
29518
+ # network will be returned.
29519
+ #
29520
+ # * `resource-configuration-group-arn` - The Amazon Resource Name
29521
+ # (ARN) of the resource configuration of type GROUP.
29522
+ #
29523
+ # * `service-network-resource-association-id` - The ID of the
29524
+ # association.
29525
+ # @return [Array<Types::Filter>]
29526
+ #
29527
+ # @!attribute [rw] max_results
29528
+ # The maximum page size.
29529
+ # @return [Integer]
29530
+ #
29531
+ # @!attribute [rw] next_token
29532
+ # The pagination token.
29533
+ # @return [String]
29534
+ #
29535
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointAssociationsRequest AWS API Documentation
29536
+ #
29537
+ class DescribeVpcEndpointAssociationsRequest < Struct.new(
29538
+ :dry_run,
29539
+ :vpc_endpoint_ids,
29540
+ :filters,
29541
+ :max_results,
29542
+ :next_token)
29543
+ SENSITIVE = []
29544
+ include Aws::Structure
29545
+ end
29546
+
29547
+ # @!attribute [rw] vpc_endpoint_associations
29548
+ # Details of the endpoint associations.
29549
+ # @return [Array<Types::VpcEndpointAssociation>]
29550
+ #
29551
+ # @!attribute [rw] next_token
29552
+ # The pagination token.
29553
+ # @return [String]
29554
+ #
29555
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeVpcEndpointAssociationsResult AWS API Documentation
29556
+ #
29557
+ class DescribeVpcEndpointAssociationsResult < Struct.new(
29558
+ :vpc_endpoint_associations,
29559
+ :next_token)
29560
+ SENSITIVE = []
29561
+ include Aws::Structure
29562
+ end
29563
+
29099
29564
  # @!attribute [rw] dry_run
29100
29565
  # Checks whether you have the required permissions for the action,
29101
29566
  # without actually making the request, and provides an error response.
@@ -30334,6 +30799,34 @@ module Aws::EC2
30334
30799
  include Aws::Structure
30335
30800
  end
30336
30801
 
30802
+ # @!attribute [rw] dry_run
30803
+ # Checks whether you have the required permissions for the action,
30804
+ # without actually making the request, and provides an error response.
30805
+ # If you have the required permissions, the error response is
30806
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
30807
+ # @return [Boolean]
30808
+ #
30809
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableAllowedImagesSettingsRequest AWS API Documentation
30810
+ #
30811
+ class DisableAllowedImagesSettingsRequest < Struct.new(
30812
+ :dry_run)
30813
+ SENSITIVE = []
30814
+ include Aws::Structure
30815
+ end
30816
+
30817
+ # @!attribute [rw] allowed_images_settings_state
30818
+ # Returns `disabled` if the request succeeds; otherwise, it returns an
30819
+ # error.
30820
+ # @return [String]
30821
+ #
30822
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableAllowedImagesSettingsResult AWS API Documentation
30823
+ #
30824
+ class DisableAllowedImagesSettingsResult < Struct.new(
30825
+ :allowed_images_settings_state)
30826
+ SENSITIVE = []
30827
+ include Aws::Structure
30828
+ end
30829
+
30337
30830
  # @!attribute [rw] source
30338
30831
  # The source Region or Availability Zone that the metric subscription
30339
30832
  # is disabled for. For example, `us-east-1`.
@@ -32114,7 +32607,7 @@ module Aws::EC2
32114
32607
  # @return [String]
32115
32608
  #
32116
32609
  # @!attribute [rw] operator
32117
- # The entity that manages the EBS volume.
32610
+ # The service provider that manages the EBS volume.
32118
32611
  # @return [Types::OperatorResponse]
32119
32612
  #
32120
32613
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EbsInstanceBlockDevice AWS API Documentation
@@ -32720,6 +33213,41 @@ module Aws::EC2
32720
33213
  include Aws::Structure
32721
33214
  end
32722
33215
 
33216
+ # @!attribute [rw] allowed_images_settings_state
33217
+ # Specify `enabled` to apply the image criteria specified by the
33218
+ # Allowed AMIs settings. Specify `audit-mode` so that you can check
33219
+ # which AMIs will be allowed or not allowed by the image criteria.
33220
+ # @return [String]
33221
+ #
33222
+ # @!attribute [rw] dry_run
33223
+ # Checks whether you have the required permissions for the action,
33224
+ # without actually making the request, and provides an error response.
33225
+ # If you have the required permissions, the error response is
33226
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
33227
+ # @return [Boolean]
33228
+ #
33229
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableAllowedImagesSettingsRequest AWS API Documentation
33230
+ #
33231
+ class EnableAllowedImagesSettingsRequest < Struct.new(
33232
+ :allowed_images_settings_state,
33233
+ :dry_run)
33234
+ SENSITIVE = []
33235
+ include Aws::Structure
33236
+ end
33237
+
33238
+ # @!attribute [rw] allowed_images_settings_state
33239
+ # Returns `enabled` or `audit-mode` if the request succeeds;
33240
+ # otherwise, it returns an error.
33241
+ # @return [String]
33242
+ #
33243
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableAllowedImagesSettingsResult AWS API Documentation
33244
+ #
33245
+ class EnableAllowedImagesSettingsResult < Struct.new(
33246
+ :allowed_images_settings_state)
33247
+ SENSITIVE = []
33248
+ include Aws::Structure
33249
+ end
33250
+
32723
33251
  # @!attribute [rw] source
32724
33252
  # The source Region (like `us-east-1`) or Availability Zone ID (like
32725
33253
  # `use1-az1`) that the metric subscription is enabled for. If you use
@@ -34432,6 +34960,63 @@ module Aws::EC2
34432
34960
  include Aws::Structure
34433
34961
  end
34434
34962
 
34963
+ # @!attribute [rw] verified_access_instance_id
34964
+ # The ID of the Verified Access instance.
34965
+ # @return [String]
34966
+ #
34967
+ # @!attribute [rw] dry_run
34968
+ # Checks whether you have the required permissions for the action,
34969
+ # without actually making the request, and provides an error response.
34970
+ # If you have the required permissions, the error response is
34971
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
34972
+ # @return [Boolean]
34973
+ #
34974
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportVerifiedAccessInstanceClientConfigurationRequest AWS API Documentation
34975
+ #
34976
+ class ExportVerifiedAccessInstanceClientConfigurationRequest < Struct.new(
34977
+ :verified_access_instance_id,
34978
+ :dry_run)
34979
+ SENSITIVE = []
34980
+ include Aws::Structure
34981
+ end
34982
+
34983
+ # @!attribute [rw] version
34984
+ # The version.
34985
+ # @return [String]
34986
+ #
34987
+ # @!attribute [rw] verified_access_instance_id
34988
+ # The ID of the Verified Access instance.
34989
+ # @return [String]
34990
+ #
34991
+ # @!attribute [rw] region
34992
+ # The Region.
34993
+ # @return [String]
34994
+ #
34995
+ # @!attribute [rw] device_trust_providers
34996
+ # The device trust providers.
34997
+ # @return [Array<String>]
34998
+ #
34999
+ # @!attribute [rw] user_trust_provider
35000
+ # The user identity trust provider.
35001
+ # @return [Types::VerifiedAccessInstanceUserTrustProviderClientConfiguration]
35002
+ #
35003
+ # @!attribute [rw] open_vpn_configurations
35004
+ # The Open VPN configuration.
35005
+ # @return [Array<Types::VerifiedAccessInstanceOpenVpnClientConfiguration>]
35006
+ #
35007
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportVerifiedAccessInstanceClientConfigurationResult AWS API Documentation
35008
+ #
35009
+ class ExportVerifiedAccessInstanceClientConfigurationResult < Struct.new(
35010
+ :version,
35011
+ :verified_access_instance_id,
35012
+ :region,
35013
+ :device_trust_providers,
35014
+ :user_trust_provider,
35015
+ :open_vpn_configurations)
35016
+ SENSITIVE = []
35017
+ include Aws::Structure
35018
+ end
35019
+
34435
35020
  # Describes a Capacity Reservation Fleet that could not be cancelled.
34436
35021
  #
34437
35022
  # @!attribute [rw] capacity_reservation_fleet_id
@@ -35880,6 +36465,62 @@ module Aws::EC2
35880
36465
  include Aws::Structure
35881
36466
  end
35882
36467
 
36468
+ # @!attribute [rw] dry_run
36469
+ # Checks whether you have the required permissions for the action,
36470
+ # without actually making the request, and provides an error response.
36471
+ # If you have the required permissions, the error response is
36472
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
36473
+ # @return [Boolean]
36474
+ #
36475
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAllowedImagesSettingsRequest AWS API Documentation
36476
+ #
36477
+ class GetAllowedImagesSettingsRequest < Struct.new(
36478
+ :dry_run)
36479
+ SENSITIVE = []
36480
+ include Aws::Structure
36481
+ end
36482
+
36483
+ # @!attribute [rw] state
36484
+ # The current state of the Allowed AMIs setting at the account level
36485
+ # in the specified Amazon Web Services Region.
36486
+ #
36487
+ # Possible values:
36488
+ #
36489
+ # * `disabled`: All AMIs are allowed.
36490
+ #
36491
+ # * `audit-mode`: All AMIs are allowed, but the `ImageAllowed` field
36492
+ # is set to `true` if the AMI would be allowed with the current list
36493
+ # of criteria if allowed AMIs was enabled.
36494
+ #
36495
+ # * `enabled`: Only AMIs matching the image criteria are discoverable
36496
+ # and available for use.
36497
+ # @return [String]
36498
+ #
36499
+ # @!attribute [rw] image_criteria
36500
+ # The list of criteria for images that are discoverable and usable in
36501
+ # the account in the specified Amazon Web Services Region.
36502
+ # @return [Array<Types::ImageCriterion>]
36503
+ #
36504
+ # @!attribute [rw] managed_by
36505
+ # The entity that manages the Allowed AMIs settings. Possible values
36506
+ # include:
36507
+ #
36508
+ # * `account` - The Allowed AMIs settings is managed by the account.
36509
+ #
36510
+ # * `declarative-policy` - The Allowed AMIs settings is managed by a
36511
+ # declarative policy and can't be modified by the account.
36512
+ # @return [String]
36513
+ #
36514
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetAllowedImagesSettingsResult AWS API Documentation
36515
+ #
36516
+ class GetAllowedImagesSettingsResult < Struct.new(
36517
+ :state,
36518
+ :image_criteria,
36519
+ :managed_by)
36520
+ SENSITIVE = []
36521
+ include Aws::Structure
36522
+ end
36523
+
35883
36524
  # @!attribute [rw] certificate_arn
35884
36525
  # The ARN of the ACM certificate for which to view the associated IAM
35885
36526
  # roles, encryption keys, and Amazon S3 object information.
@@ -36315,6 +36956,88 @@ module Aws::EC2
36315
36956
  include Aws::Structure
36316
36957
  end
36317
36958
 
36959
+ # @!attribute [rw] dry_run
36960
+ # Checks whether you have the required permissions for the action,
36961
+ # without actually making the request, and provides an error response.
36962
+ # If you have the required permissions, the error response is
36963
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
36964
+ # @return [Boolean]
36965
+ #
36966
+ # @!attribute [rw] report_id
36967
+ # The ID of the report.
36968
+ # @return [String]
36969
+ #
36970
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDeclarativePoliciesReportSummaryRequest AWS API Documentation
36971
+ #
36972
+ class GetDeclarativePoliciesReportSummaryRequest < Struct.new(
36973
+ :dry_run,
36974
+ :report_id)
36975
+ SENSITIVE = []
36976
+ include Aws::Structure
36977
+ end
36978
+
36979
+ # @!attribute [rw] report_id
36980
+ # The ID of the report.
36981
+ # @return [String]
36982
+ #
36983
+ # @!attribute [rw] s3_bucket
36984
+ # The name of the Amazon S3 bucket where the report is located.
36985
+ # @return [String]
36986
+ #
36987
+ # @!attribute [rw] s3_prefix
36988
+ # The prefix for your S3 object.
36989
+ # @return [String]
36990
+ #
36991
+ # @!attribute [rw] target_id
36992
+ # The root ID, organizational unit ID, or account ID.
36993
+ #
36994
+ # Format:
36995
+ #
36996
+ # * For root: `r-ab12`
36997
+ #
36998
+ # * For OU: `ou-ab12-cdef1234`
36999
+ #
37000
+ # * For account: `123456789012`
37001
+ # @return [String]
37002
+ #
37003
+ # @!attribute [rw] start_time
37004
+ # The time when the report generation started.
37005
+ # @return [Time]
37006
+ #
37007
+ # @!attribute [rw] end_time
37008
+ # The time when the report generation ended.
37009
+ # @return [Time]
37010
+ #
37011
+ # @!attribute [rw] number_of_accounts
37012
+ # The total number of accounts associated with the specified
37013
+ # `targetId`.
37014
+ # @return [Integer]
37015
+ #
37016
+ # @!attribute [rw] number_of_failed_accounts
37017
+ # The number of accounts where attributes could not be retrieved in
37018
+ # any Region.
37019
+ # @return [Integer]
37020
+ #
37021
+ # @!attribute [rw] attribute_summaries
37022
+ # The attributes described in the report.
37023
+ # @return [Array<Types::AttributeSummary>]
37024
+ #
37025
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetDeclarativePoliciesReportSummaryResult AWS API Documentation
37026
+ #
37027
+ class GetDeclarativePoliciesReportSummaryResult < Struct.new(
37028
+ :report_id,
37029
+ :s3_bucket,
37030
+ :s3_prefix,
37031
+ :target_id,
37032
+ :start_time,
37033
+ :end_time,
37034
+ :number_of_accounts,
37035
+ :number_of_failed_accounts,
37036
+ :attribute_summaries)
37037
+ SENSITIVE = []
37038
+ include Aws::Structure
37039
+ end
37040
+
36318
37041
  # @!attribute [rw] dry_run
36319
37042
  # Checks whether you have the required permissions for the operation,
36320
37043
  # without actually making the request, and provides an error response.
@@ -36583,10 +37306,21 @@ module Aws::EC2
36583
37306
  # shared.
36584
37307
  # @return [String]
36585
37308
  #
37309
+ # @!attribute [rw] managed_by
37310
+ # The entity that manages the state for block public access for AMIs.
37311
+ # Possible values include:
37312
+ #
37313
+ # * `account` - The state is managed by the account.
37314
+ #
37315
+ # * `declarative-policy` - The state is managed by a declarative
37316
+ # policy and can't be modified by the account.
37317
+ # @return [String]
37318
+ #
36586
37319
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessStateResult AWS API Documentation
36587
37320
  #
36588
37321
  class GetImageBlockPublicAccessStateResult < Struct.new(
36589
- :image_block_public_access_state)
37322
+ :image_block_public_access_state,
37323
+ :managed_by)
36590
37324
  SENSITIVE = []
36591
37325
  include Aws::Structure
36592
37326
  end
@@ -37696,10 +38430,21 @@ module Aws::EC2
37696
38430
  # console of all instances is disabled for your account.
37697
38431
  # @return [Boolean]
37698
38432
  #
38433
+ # @!attribute [rw] managed_by
38434
+ # The entity that manages access to the serial console. Possible
38435
+ # values include:
38436
+ #
38437
+ # * `account` - Access is managed by the account.
38438
+ #
38439
+ # * `declarative-policy` - Access is managed by a declarative policy
38440
+ # and can't be modified by the account.
38441
+ # @return [String]
38442
+ #
37699
38443
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSerialConsoleAccessStatusResult AWS API Documentation
37700
38444
  #
37701
38445
  class GetSerialConsoleAccessStatusResult < Struct.new(
37702
- :serial_console_access_enabled)
38446
+ :serial_console_access_enabled,
38447
+ :managed_by)
37703
38448
  SENSITIVE = []
37704
38449
  include Aws::Structure
37705
38450
  end
@@ -37737,10 +38482,21 @@ module Aws::EC2
37737
38482
  # share snapshots.
37738
38483
  # @return [String]
37739
38484
  #
38485
+ # @!attribute [rw] managed_by
38486
+ # The entity that manages the state for block public access for
38487
+ # snapshots. Possible values include:
38488
+ #
38489
+ # * `account` - The state is managed by the account.
38490
+ #
38491
+ # * `declarative-policy` - The state is managed by a declarative
38492
+ # policy and can't be modified by the account.
38493
+ # @return [String]
38494
+ #
37740
38495
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessStateResult AWS API Documentation
37741
38496
  #
37742
38497
  class GetSnapshotBlockPublicAccessStateResult < Struct.new(
37743
- :state)
38498
+ :state,
38499
+ :managed_by)
37744
38500
  SENSITIVE = []
37745
38501
  include Aws::Structure
37746
38502
  end
@@ -38409,6 +39165,56 @@ module Aws::EC2
38409
39165
  include Aws::Structure
38410
39166
  end
38411
39167
 
39168
+ # @!attribute [rw] verified_access_endpoint_id
39169
+ # The ID of the network CIDR endpoint.
39170
+ # @return [String]
39171
+ #
39172
+ # @!attribute [rw] max_results
39173
+ # The maximum number of results to return with a single call. To
39174
+ # retrieve the remaining results, make another call with the returned
39175
+ # `nextToken` value.
39176
+ # @return [Integer]
39177
+ #
39178
+ # @!attribute [rw] next_token
39179
+ # The token for the next page of results.
39180
+ # @return [String]
39181
+ #
39182
+ # @!attribute [rw] dry_run
39183
+ # Checks whether you have the required permissions for the action,
39184
+ # without actually making the request, and provides an error response.
39185
+ # If you have the required permissions, the error response is
39186
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
39187
+ # @return [Boolean]
39188
+ #
39189
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVerifiedAccessEndpointTargetsRequest AWS API Documentation
39190
+ #
39191
+ class GetVerifiedAccessEndpointTargetsRequest < Struct.new(
39192
+ :verified_access_endpoint_id,
39193
+ :max_results,
39194
+ :next_token,
39195
+ :dry_run)
39196
+ SENSITIVE = []
39197
+ include Aws::Structure
39198
+ end
39199
+
39200
+ # @!attribute [rw] verified_access_endpoint_targets
39201
+ # The Verified Access targets.
39202
+ # @return [Array<Types::VerifiedAccessEndpointTarget>]
39203
+ #
39204
+ # @!attribute [rw] next_token
39205
+ # The token to use to retrieve the next page of results. This value is
39206
+ # `null` when there are no more results to return.
39207
+ # @return [String]
39208
+ #
39209
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVerifiedAccessEndpointTargetsResult AWS API Documentation
39210
+ #
39211
+ class GetVerifiedAccessEndpointTargetsResult < Struct.new(
39212
+ :verified_access_endpoint_targets,
39213
+ :next_token)
39214
+ SENSITIVE = []
39215
+ include Aws::Structure
39216
+ end
39217
+
38412
39218
  # @!attribute [rw] verified_access_group_id
38413
39219
  # The ID of the Verified Access group.
38414
39220
  # @return [String]
@@ -39438,6 +40244,21 @@ module Aws::EC2
39438
40244
  # [1]: http://www.iso.org/iso/iso8601
39439
40245
  # @return [String]
39440
40246
  #
40247
+ # @!attribute [rw] image_allowed
40248
+ # If `true`, the AMI satisfies the criteria for Allowed AMIs and can
40249
+ # be discovered and used in the account. If `false` and Allowed AMIs
40250
+ # is set to `enabled`, the AMI can't be discovered or used in the
40251
+ # account. If `false` and Allowed AMIs is set to `audit-mode`, the AMI
40252
+ # can be discovered and used in the account.
40253
+ #
40254
+ # For more information, see [Control the discovery and use of AMIs in
40255
+ # Amazon EC2 with Allowed AMIs][1] in *Amazon EC2 User Guide*.
40256
+ #
40257
+ #
40258
+ #
40259
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html
40260
+ # @return [Boolean]
40261
+ #
39441
40262
  # @!attribute [rw] source_image_id
39442
40263
  # The ID of the source AMI from which the AMI was created.
39443
40264
  #
@@ -39546,6 +40367,7 @@ module Aws::EC2
39546
40367
  :source_instance_id,
39547
40368
  :deregistration_protection,
39548
40369
  :last_launched_time,
40370
+ :image_allowed,
39549
40371
  :source_image_id,
39550
40372
  :source_image_region,
39551
40373
  :image_id,
@@ -39676,6 +40498,91 @@ module Aws::EC2
39676
40498
  include Aws::Structure
39677
40499
  end
39678
40500
 
40501
+ # The list of criteria that are evaluated to determine whch AMIs are
40502
+ # discoverable and usable in the account in the specified Amazon Web
40503
+ # Services Region. Currently, the only criteria that can be specified
40504
+ # are AMI providers.
40505
+ #
40506
+ # Up to 10 `imageCriteria` objects can be specified, and up to a total
40507
+ # of 200 values for all `imageProviders`. For more information, see
40508
+ # [JSON configuration for the Allowed AMIs criteria][1] in the *Amazon
40509
+ # EC2 User Guide*.
40510
+ #
40511
+ #
40512
+ #
40513
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html#allowed-amis-json-configuration
40514
+ #
40515
+ # @!attribute [rw] image_providers
40516
+ # A list of AMI providers whose AMIs are discoverable and useable in
40517
+ # the account. Up to a total of 200 values can be specified.
40518
+ #
40519
+ # Possible values:
40520
+ #
40521
+ # `amazon`: Allow AMIs created by Amazon Web Services.
40522
+ #
40523
+ # `aws-marketplace`: Allow AMIs created by verified providers in the
40524
+ # Amazon Web Services Marketplace.
40525
+ #
40526
+ # `aws-backup-vault`: Allow AMIs created by Amazon Web Services
40527
+ # Backup.
40528
+ #
40529
+ # 12-digit account ID: Allow AMIs created by this account. One or more
40530
+ # account IDs can be specified.
40531
+ #
40532
+ # `none`: Allow AMIs created by your own account only.
40533
+ # @return [Array<String>]
40534
+ #
40535
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImageCriterion AWS API Documentation
40536
+ #
40537
+ class ImageCriterion < Struct.new(
40538
+ :image_providers)
40539
+ SENSITIVE = []
40540
+ include Aws::Structure
40541
+ end
40542
+
40543
+ # The list of criteria that are evaluated to determine whch AMIs are
40544
+ # discoverable and usable in the account in the specified Amazon Web
40545
+ # Services Region. Currently, the only criteria that can be specified
40546
+ # are AMI providers.
40547
+ #
40548
+ # Up to 10 `imageCriteria` objects can be specified, and up to a total
40549
+ # of 200 values for all `imageProviders`. For more information, see
40550
+ # [JSON configuration for the Allowed AMIs criteria][1] in the *Amazon
40551
+ # EC2 User Guide*.
40552
+ #
40553
+ #
40554
+ #
40555
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html#allowed-amis-json-configuration
40556
+ #
40557
+ # @!attribute [rw] image_providers
40558
+ # A list of image providers whose AMIs are discoverable and useable in
40559
+ # the account. Up to a total of 200 values can be specified.
40560
+ #
40561
+ # Possible values:
40562
+ #
40563
+ # `amazon`: Allow AMIs created by Amazon Web Services.
40564
+ #
40565
+ # `aws-marketplace`: Allow AMIs created by verified providers in the
40566
+ # Amazon Web Services Marketplace.
40567
+ #
40568
+ # `aws-backup-vault`: Allow AMIs created by Amazon Web Services
40569
+ # Backup.
40570
+ #
40571
+ # 12-digit account ID: Allow AMIs created by this account. One or more
40572
+ # account IDs can be specified.
40573
+ #
40574
+ # `none`: Allow AMIs created by your own account only. When `none` is
40575
+ # specified, no other values can be specified.
40576
+ # @return [Array<String>]
40577
+ #
40578
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImageCriterionRequest AWS API Documentation
40579
+ #
40580
+ class ImageCriterionRequest < Struct.new(
40581
+ :image_providers)
40582
+ SENSITIVE = []
40583
+ include Aws::Structure
40584
+ end
40585
+
39679
40586
  # Describes the disk container object for an import image task.
39680
40587
  #
39681
40588
  # @!attribute [rw] description
@@ -39752,6 +40659,19 @@ module Aws::EC2
39752
40659
  # format: *YYYY*-*MM*-*DD*T*HH*:*MM*:*SS*Z.
39753
40660
  # @return [String]
39754
40661
  #
40662
+ # @!attribute [rw] image_allowed
40663
+ # If `true`, the AMI satisfies the criteria for Allowed AMIs and can
40664
+ # be discovered and used in the account. If `false`, the AMI can't be
40665
+ # discovered or used in the account.
40666
+ #
40667
+ # For more information, see [Control the discovery and use of AMIs in
40668
+ # Amazon EC2 with Allowed AMIs][1] in *Amazon EC2 User Guide*.
40669
+ #
40670
+ #
40671
+ #
40672
+ # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-allowed-amis.html
40673
+ # @return [Boolean]
40674
+ #
39755
40675
  # @!attribute [rw] is_public
39756
40676
  # Indicates whether the AMI has public launch permissions. A value of
39757
40677
  # `true` means this AMI has public launch permissions, while `false`
@@ -39769,6 +40689,7 @@ module Aws::EC2
39769
40689
  :image_owner_alias,
39770
40690
  :creation_date,
39771
40691
  :deprecation_time,
40692
+ :image_allowed,
39772
40693
  :is_public)
39773
40694
  SENSITIVE = []
39774
40695
  include Aws::Structure
@@ -41019,8 +41940,13 @@ module Aws::EC2
41019
41940
  # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html
41020
41941
  # @return [String]
41021
41942
  #
41943
+ # @!attribute [rw] network_performance_options
41944
+ # Contains settings for the network performance options for your
41945
+ # instance.
41946
+ # @return [Types::InstanceNetworkPerformanceOptions]
41947
+ #
41022
41948
  # @!attribute [rw] operator
41023
- # The entity that manages the instance.
41949
+ # The service provider that manages the instance.
41024
41950
  # @return [Types::OperatorResponse]
41025
41951
  #
41026
41952
  # @!attribute [rw] instance_id
@@ -41165,6 +42091,7 @@ module Aws::EC2
41165
42091
  :tpm_support,
41166
42092
  :maintenance_options,
41167
42093
  :current_instance_boot_mode,
42094
+ :network_performance_options,
41168
42095
  :operator,
41169
42096
  :instance_id,
41170
42097
  :image_id,
@@ -41952,13 +42879,30 @@ module Aws::EC2
41952
42879
  # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS
41953
42880
  # @return [String]
41954
42881
  #
42882
+ # @!attribute [rw] managed_by
42883
+ # The entity that manages the IMDS default settings. Possible values
42884
+ # include:
42885
+ #
42886
+ # * `account` - The IMDS default settings are managed by the account.
42887
+ #
42888
+ # * `declarative-policy` - The IMDS default settings are managed by a
42889
+ # declarative policy and can't be modified by the account.
42890
+ # @return [String]
42891
+ #
42892
+ # @!attribute [rw] managed_exception_message
42893
+ # The customized exception message that is specified in the
42894
+ # declarative policy.
42895
+ # @return [String]
42896
+ #
41955
42897
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceMetadataDefaultsResponse AWS API Documentation
41956
42898
  #
41957
42899
  class InstanceMetadataDefaultsResponse < Struct.new(
41958
42900
  :http_tokens,
41959
42901
  :http_put_response_hop_limit,
41960
42902
  :http_endpoint,
41961
- :instance_metadata_tags)
42903
+ :instance_metadata_tags,
42904
+ :managed_by,
42905
+ :managed_exception_message)
41962
42906
  SENSITIVE = []
41963
42907
  include Aws::Structure
41964
42908
  end
@@ -42217,7 +43161,7 @@ module Aws::EC2
42217
43161
  # @return [Types::ConnectionTrackingSpecificationResponse]
42218
43162
  #
42219
43163
  # @!attribute [rw] operator
42220
- # The entity that manages the network interface.
43164
+ # The service provider that manages the network interface.
42221
43165
  # @return [Types::OperatorResponse]
42222
43166
  #
42223
43167
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceNetworkInterface AWS API Documentation
@@ -42553,6 +43497,58 @@ module Aws::EC2
42553
43497
  include Aws::Structure
42554
43498
  end
42555
43499
 
43500
+ # With network performance options, you can adjust your bandwidth
43501
+ # preferences to meet the needs of the workload that runs on your
43502
+ # instance.
43503
+ #
43504
+ # @!attribute [rw] bandwidth_weighting
43505
+ # When you configure network bandwidth weighting, you can boost your
43506
+ # baseline bandwidth for either networking or EBS by up to 25%. The
43507
+ # total available baseline bandwidth for your instance remains the
43508
+ # same. The default option uses the standard bandwidth configuration
43509
+ # for your instance type.
43510
+ # @return [String]
43511
+ #
43512
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceNetworkPerformanceOptions AWS API Documentation
43513
+ #
43514
+ class InstanceNetworkPerformanceOptions < Struct.new(
43515
+ :bandwidth_weighting)
43516
+ SENSITIVE = []
43517
+ include Aws::Structure
43518
+ end
43519
+
43520
+ # Configure network performance options for your instance that are
43521
+ # geared towards performance improvements based on the workload that it
43522
+ # runs.
43523
+ #
43524
+ # @!attribute [rw] bandwidth_weighting
43525
+ # Specify the bandwidth weighting option to boost the associated type
43526
+ # of baseline bandwidth, as follows:
43527
+ #
43528
+ # default
43529
+ #
43530
+ # : This option uses the standard bandwidth configuration for your
43531
+ # instance type.
43532
+ #
43533
+ # vpc-1
43534
+ #
43535
+ # : This option boosts your networking baseline bandwidth and reduces
43536
+ # your EBS baseline bandwidth.
43537
+ #
43538
+ # ebs-1
43539
+ #
43540
+ # : This option boosts your EBS baseline bandwidth and reduces your
43541
+ # networking baseline bandwidth.
43542
+ # @return [String]
43543
+ #
43544
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/InstanceNetworkPerformanceOptionsRequest AWS API Documentation
43545
+ #
43546
+ class InstanceNetworkPerformanceOptionsRequest < Struct.new(
43547
+ :bandwidth_weighting)
43548
+ SENSITIVE = []
43549
+ include Aws::Structure
43550
+ end
43551
+
42556
43552
  # Describes a private IPv4 address.
42557
43553
  #
42558
43554
  # @!attribute [rw] association
@@ -43695,7 +44691,7 @@ module Aws::EC2
43695
44691
  # @return [String]
43696
44692
  #
43697
44693
  # @!attribute [rw] operator
43698
- # The entity that manages the instance.
44694
+ # The service provider that manages the instance.
43699
44695
  # @return [Types::OperatorResponse]
43700
44696
  #
43701
44697
  # @!attribute [rw] events
@@ -47570,6 +48566,58 @@ module Aws::EC2
47570
48566
  include Aws::Structure
47571
48567
  end
47572
48568
 
48569
+ # With network performance options, you can adjust your bandwidth
48570
+ # preferences to meet the needs of the workload that runs on your
48571
+ # instance at launch.
48572
+ #
48573
+ # @!attribute [rw] bandwidth_weighting
48574
+ # When you configure network bandwidth weighting, you can boost
48575
+ # baseline bandwidth for either networking or EBS by up to 25%. The
48576
+ # total available baseline bandwidth for your instance remains the
48577
+ # same. The default option uses the standard bandwidth configuration
48578
+ # for your instance type.
48579
+ # @return [String]
48580
+ #
48581
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LaunchTemplateNetworkPerformanceOptions AWS API Documentation
48582
+ #
48583
+ class LaunchTemplateNetworkPerformanceOptions < Struct.new(
48584
+ :bandwidth_weighting)
48585
+ SENSITIVE = []
48586
+ include Aws::Structure
48587
+ end
48588
+
48589
+ # When you configure network performance options in your launch
48590
+ # template, your instance is geared for performance improvements based
48591
+ # on the workload that it runs as soon as it's available.
48592
+ #
48593
+ # @!attribute [rw] bandwidth_weighting
48594
+ # Specify the bandwidth weighting option to boost the associated type
48595
+ # of baseline bandwidth, as follows:
48596
+ #
48597
+ # default
48598
+ #
48599
+ # : This option uses the standard bandwidth configuration for your
48600
+ # instance type.
48601
+ #
48602
+ # vpc-1
48603
+ #
48604
+ # : This option boosts your networking baseline bandwidth and reduces
48605
+ # your EBS baseline bandwidth.
48606
+ #
48607
+ # ebs-1
48608
+ #
48609
+ # : This option boosts your EBS baseline bandwidth and reduces your
48610
+ # networking baseline bandwidth.
48611
+ # @return [String]
48612
+ #
48613
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LaunchTemplateNetworkPerformanceOptionsRequest AWS API Documentation
48614
+ #
48615
+ class LaunchTemplateNetworkPerformanceOptionsRequest < Struct.new(
48616
+ :bandwidth_weighting)
48617
+ SENSITIVE = []
48618
+ include Aws::Structure
48619
+ end
48620
+
47573
48621
  # Describes overrides for a launch template.
47574
48622
  #
47575
48623
  # @!attribute [rw] instance_type
@@ -50727,6 +51775,65 @@ module Aws::EC2
50727
51775
  include Aws::Structure
50728
51776
  end
50729
51777
 
51778
+ # @!attribute [rw] instance_id
51779
+ # The ID of the instance to update.
51780
+ # @return [String]
51781
+ #
51782
+ # @!attribute [rw] bandwidth_weighting
51783
+ # Specify the bandwidth weighting option to boost the associated type
51784
+ # of baseline bandwidth, as follows:
51785
+ #
51786
+ # default
51787
+ #
51788
+ # : This option uses the standard bandwidth configuration for your
51789
+ # instance type.
51790
+ #
51791
+ # vpc-1
51792
+ #
51793
+ # : This option boosts your networking baseline bandwidth and reduces
51794
+ # your EBS baseline bandwidth.
51795
+ #
51796
+ # ebs-1
51797
+ #
51798
+ # : This option boosts your EBS baseline bandwidth and reduces your
51799
+ # networking baseline bandwidth.
51800
+ # @return [String]
51801
+ #
51802
+ # @!attribute [rw] dry_run
51803
+ # Checks whether you have the required permissions for the operation,
51804
+ # without actually making the request, and provides an error response.
51805
+ # If you have the required permissions, the error response is
51806
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
51807
+ # @return [Boolean]
51808
+ #
51809
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceNetworkPerformanceRequest AWS API Documentation
51810
+ #
51811
+ class ModifyInstanceNetworkPerformanceRequest < Struct.new(
51812
+ :instance_id,
51813
+ :bandwidth_weighting,
51814
+ :dry_run)
51815
+ SENSITIVE = []
51816
+ include Aws::Structure
51817
+ end
51818
+
51819
+ # @!attribute [rw] instance_id
51820
+ # The instance ID that was updated.
51821
+ # @return [String]
51822
+ #
51823
+ # @!attribute [rw] bandwidth_weighting
51824
+ # Contains the updated configuration for bandwidth weighting on the
51825
+ # specified instance.
51826
+ # @return [String]
51827
+ #
51828
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyInstanceNetworkPerformanceResult AWS API Documentation
51829
+ #
51830
+ class ModifyInstanceNetworkPerformanceResult < Struct.new(
51831
+ :instance_id,
51832
+ :bandwidth_weighting)
51833
+ SENSITIVE = []
51834
+ include Aws::Structure
51835
+ end
51836
+
50730
51837
  # @!attribute [rw] group_name
50731
51838
  # The name of the placement group in which to place the instance. For
50732
51839
  # spread placement groups, the instance must have a tenancy of
@@ -52323,6 +53430,20 @@ module Aws::EC2
52323
53430
  include Aws::Structure
52324
53431
  end
52325
53432
 
53433
+ # The CIDR options for a Verified Access endpoint.
53434
+ #
53435
+ # @!attribute [rw] port_ranges
53436
+ # The port ranges.
53437
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53438
+ #
53439
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointCidrOptions AWS API Documentation
53440
+ #
53441
+ class ModifyVerifiedAccessEndpointCidrOptions < Struct.new(
53442
+ :port_ranges)
53443
+ SENSITIVE = []
53444
+ include Aws::Structure
53445
+ end
53446
+
52326
53447
  # Describes the options when modifying a Verified Access endpoint with
52327
53448
  # the `network-interface` type.
52328
53449
  #
@@ -52334,11 +53455,16 @@ module Aws::EC2
52334
53455
  # The IP port number.
52335
53456
  # @return [Integer]
52336
53457
  #
53458
+ # @!attribute [rw] port_ranges
53459
+ # The port ranges.
53460
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53461
+ #
52337
53462
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointEniOptions AWS API Documentation
52338
53463
  #
52339
53464
  class ModifyVerifiedAccessEndpointEniOptions < Struct.new(
52340
53465
  :protocol,
52341
- :port)
53466
+ :port,
53467
+ :port_ranges)
52342
53468
  SENSITIVE = []
52343
53469
  include Aws::Structure
52344
53470
  end
@@ -52358,12 +53484,17 @@ module Aws::EC2
52358
53484
  # The IP port number.
52359
53485
  # @return [Integer]
52360
53486
  #
53487
+ # @!attribute [rw] port_ranges
53488
+ # The port ranges.
53489
+ # @return [Array<Types::ModifyVerifiedAccessEndpointPortRange>]
53490
+ #
52361
53491
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
52362
53492
  #
52363
53493
  class ModifyVerifiedAccessEndpointLoadBalancerOptions < Struct.new(
52364
53494
  :subnet_ids,
52365
53495
  :protocol,
52366
- :port)
53496
+ :port,
53497
+ :port_ranges)
52367
53498
  SENSITIVE = []
52368
53499
  include Aws::Structure
52369
53500
  end
@@ -52439,6 +53570,49 @@ module Aws::EC2
52439
53570
  include Aws::Structure
52440
53571
  end
52441
53572
 
53573
+ # Describes the port range for a Verified Access endpoint.
53574
+ #
53575
+ # @!attribute [rw] from_port
53576
+ # The start of the port range.
53577
+ # @return [Integer]
53578
+ #
53579
+ # @!attribute [rw] to_port
53580
+ # The end of the port range.
53581
+ # @return [Integer]
53582
+ #
53583
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointPortRange AWS API Documentation
53584
+ #
53585
+ class ModifyVerifiedAccessEndpointPortRange < Struct.new(
53586
+ :from_port,
53587
+ :to_port)
53588
+ SENSITIVE = []
53589
+ include Aws::Structure
53590
+ end
53591
+
53592
+ # The RDS options for a Verified Access endpoint.
53593
+ #
53594
+ # @!attribute [rw] subnet_ids
53595
+ # The IDs of the subnets.
53596
+ # @return [Array<String>]
53597
+ #
53598
+ # @!attribute [rw] port
53599
+ # The port.
53600
+ # @return [Integer]
53601
+ #
53602
+ # @!attribute [rw] rds_endpoint
53603
+ # The RDS endpoint.
53604
+ # @return [String]
53605
+ #
53606
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointRdsOptions AWS API Documentation
53607
+ #
53608
+ class ModifyVerifiedAccessEndpointRdsOptions < Struct.new(
53609
+ :subnet_ids,
53610
+ :port,
53611
+ :rds_endpoint)
53612
+ SENSITIVE = []
53613
+ include Aws::Structure
53614
+ end
53615
+
52442
53616
  # @!attribute [rw] verified_access_endpoint_id
52443
53617
  # The ID of the Verified Access endpoint.
52444
53618
  # @return [String]
@@ -52480,6 +53654,14 @@ module Aws::EC2
52480
53654
  # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
52481
53655
  # @return [Boolean]
52482
53656
  #
53657
+ # @!attribute [rw] rds_options
53658
+ # The RDS options.
53659
+ # @return [Types::ModifyVerifiedAccessEndpointRdsOptions]
53660
+ #
53661
+ # @!attribute [rw] cidr_options
53662
+ # The CIDR options.
53663
+ # @return [Types::ModifyVerifiedAccessEndpointCidrOptions]
53664
+ #
52483
53665
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessEndpointRequest AWS API Documentation
52484
53666
  #
52485
53667
  class ModifyVerifiedAccessEndpointRequest < Struct.new(
@@ -52489,7 +53671,9 @@ module Aws::EC2
52489
53671
  :network_interface_options,
52490
53672
  :description,
52491
53673
  :client_token,
52492
- :dry_run)
53674
+ :dry_run,
53675
+ :rds_options,
53676
+ :cidr_options)
52493
53677
  SENSITIVE = []
52494
53678
  include Aws::Structure
52495
53679
  end
@@ -52712,13 +53896,18 @@ module Aws::EC2
52712
53896
  # [1]: https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html
52713
53897
  # @return [String]
52714
53898
  #
53899
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
53900
+ # The custom subdomain.
53901
+ # @return [String]
53902
+ #
52715
53903
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessInstanceRequest AWS API Documentation
52716
53904
  #
52717
53905
  class ModifyVerifiedAccessInstanceRequest < Struct.new(
52718
53906
  :verified_access_instance_id,
52719
53907
  :description,
52720
53908
  :dry_run,
52721
- :client_token)
53909
+ :client_token,
53910
+ :cidr_endpoints_custom_sub_domain)
52722
53911
  SENSITIVE = []
52723
53912
  include Aws::Structure
52724
53913
  end
@@ -52735,6 +53924,55 @@ module Aws::EC2
52735
53924
  include Aws::Structure
52736
53925
  end
52737
53926
 
53927
+ # Describes the OpenID Connect (OIDC) options.
53928
+ #
53929
+ # @!attribute [rw] public_signing_key_endpoint
53930
+ # The public signing key endpoint.
53931
+ # @return [String]
53932
+ #
53933
+ # @!attribute [rw] issuer
53934
+ # The OIDC issuer identifier of the IdP.
53935
+ # @return [String]
53936
+ #
53937
+ # @!attribute [rw] authorization_endpoint
53938
+ # The authorization endpoint of the IdP.
53939
+ # @return [String]
53940
+ #
53941
+ # @!attribute [rw] token_endpoint
53942
+ # The token endpoint of the IdP.
53943
+ # @return [String]
53944
+ #
53945
+ # @!attribute [rw] user_info_endpoint
53946
+ # The user info endpoint of the IdP.
53947
+ # @return [String]
53948
+ #
53949
+ # @!attribute [rw] client_id
53950
+ # The OAuth 2.0 client identifier.
53951
+ # @return [String]
53952
+ #
53953
+ # @!attribute [rw] client_secret
53954
+ # The OAuth 2.0 client secret.
53955
+ # @return [String]
53956
+ #
53957
+ # @!attribute [rw] scope
53958
+ # The set of user claims to be requested from the IdP.
53959
+ # @return [String]
53960
+ #
53961
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessNativeApplicationOidcOptions AWS API Documentation
53962
+ #
53963
+ class ModifyVerifiedAccessNativeApplicationOidcOptions < Struct.new(
53964
+ :public_signing_key_endpoint,
53965
+ :issuer,
53966
+ :authorization_endpoint,
53967
+ :token_endpoint,
53968
+ :user_info_endpoint,
53969
+ :client_id,
53970
+ :client_secret,
53971
+ :scope)
53972
+ SENSITIVE = [:client_secret]
53973
+ include Aws::Structure
53974
+ end
53975
+
52738
53976
  # Modifies the configuration of the specified device-based Amazon Web
52739
53977
  # Services Verified Access trust provider.
52740
53978
  #
@@ -52839,6 +54077,10 @@ module Aws::EC2
52839
54077
  # The options for server side encryption.
52840
54078
  # @return [Types::VerifiedAccessSseSpecificationRequest]
52841
54079
  #
54080
+ # @!attribute [rw] native_application_oidc_options
54081
+ # The OpenID Connect (OIDC) options.
54082
+ # @return [Types::ModifyVerifiedAccessNativeApplicationOidcOptions]
54083
+ #
52842
54084
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVerifiedAccessTrustProviderRequest AWS API Documentation
52843
54085
  #
52844
54086
  class ModifyVerifiedAccessTrustProviderRequest < Struct.new(
@@ -52848,7 +54090,8 @@ module Aws::EC2
52848
54090
  :description,
52849
54091
  :dry_run,
52850
54092
  :client_token,
52851
- :sse_specification)
54093
+ :sse_specification,
54094
+ :native_application_oidc_options)
52852
54095
  SENSITIVE = []
52853
54096
  include Aws::Structure
52854
54097
  end
@@ -54352,6 +55595,50 @@ module Aws::EC2
54352
55595
  include Aws::Structure
54353
55596
  end
54354
55597
 
55598
+ # Describes the OpenID Connect (OIDC) options.
55599
+ #
55600
+ # @!attribute [rw] public_signing_key_endpoint
55601
+ # The public signing key endpoint.
55602
+ # @return [String]
55603
+ #
55604
+ # @!attribute [rw] issuer
55605
+ # The OIDC issuer identifier of the IdP.
55606
+ # @return [String]
55607
+ #
55608
+ # @!attribute [rw] authorization_endpoint
55609
+ # The authorization endpoint of the IdP.
55610
+ # @return [String]
55611
+ #
55612
+ # @!attribute [rw] token_endpoint
55613
+ # The token endpoint of the IdP.
55614
+ # @return [String]
55615
+ #
55616
+ # @!attribute [rw] user_info_endpoint
55617
+ # The user info endpoint of the IdP.
55618
+ # @return [String]
55619
+ #
55620
+ # @!attribute [rw] client_id
55621
+ # The OAuth 2.0 client identifier.
55622
+ # @return [String]
55623
+ #
55624
+ # @!attribute [rw] scope
55625
+ # The set of user claims to be requested from the IdP.
55626
+ # @return [String]
55627
+ #
55628
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/NativeApplicationOidcOptions AWS API Documentation
55629
+ #
55630
+ class NativeApplicationOidcOptions < Struct.new(
55631
+ :public_signing_key_endpoint,
55632
+ :issuer,
55633
+ :authorization_endpoint,
55634
+ :token_endpoint,
55635
+ :user_info_endpoint,
55636
+ :client_id,
55637
+ :scope)
55638
+ SENSITIVE = []
55639
+ include Aws::Structure
55640
+ end
55641
+
54355
55642
  # Describes a network ACL.
54356
55643
  #
54357
55644
  # @!attribute [rw] associations
@@ -54635,6 +55922,11 @@ module Aws::EC2
54635
55922
  # minimize tail latency of network traffic between EC2 instances.
54636
55923
  # @return [Boolean]
54637
55924
  #
55925
+ # @!attribute [rw] bandwidth_weightings
55926
+ # A list of valid settings for configurable bandwidth weighting for
55927
+ # the instance type, if supported.
55928
+ # @return [Array<String>]
55929
+ #
54638
55930
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/NetworkInfo AWS API Documentation
54639
55931
  #
54640
55932
  class NetworkInfo < Struct.new(
@@ -54650,7 +55942,8 @@ module Aws::EC2
54650
55942
  :efa_supported,
54651
55943
  :efa_info,
54652
55944
  :encryption_in_transit_supported,
54653
- :ena_srd_supported)
55945
+ :ena_srd_supported,
55946
+ :bandwidth_weightings)
54654
55947
  SENSITIVE = []
54655
55948
  include Aws::Structure
54656
55949
  end
@@ -55082,7 +56375,7 @@ module Aws::EC2
55082
56375
  # @return [String]
55083
56376
  #
55084
56377
  # @!attribute [rw] operator
55085
- # The entity that manages the network interface.
56378
+ # The service provider that manages the network interface.
55086
56379
  # @return [Types::OperatorResponse]
55087
56380
  #
55088
56381
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/NetworkInterface AWS API Documentation
@@ -55724,10 +57017,10 @@ module Aws::EC2
55724
57017
  include Aws::Structure
55725
57018
  end
55726
57019
 
55727
- # The entity that manages the resource.
57020
+ # The service provider that manages the resource.
55728
57021
  #
55729
57022
  # @!attribute [rw] principal
55730
- # The entity that manages the resource.
57023
+ # The service provider that manages the resource.
55731
57024
  # @return [String]
55732
57025
  #
55733
57026
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/OperatorRequest AWS API Documentation
@@ -55738,16 +57031,16 @@ module Aws::EC2
55738
57031
  include Aws::Structure
55739
57032
  end
55740
57033
 
55741
- # Describes whether the resource is managed by an entity and, if so,
55742
- # describes the entity that manages it.
57034
+ # Describes whether the resource is managed by an service provider and,
57035
+ # if so, describes the service provider that manages it.
55743
57036
  #
55744
57037
  # @!attribute [rw] managed
55745
- # If `true`, the resource is managed by an entity.
57038
+ # If `true`, the resource is managed by an service provider.
55746
57039
  # @return [Boolean]
55747
57040
  #
55748
57041
  # @!attribute [rw] principal
55749
57042
  # If `managed` is `true`, then the principal is returned. The
55750
- # principal is the entity that manages the resource.
57043
+ # principal is the service provider that manages the resource.
55751
57044
  # @return [String]
55752
57045
  #
55753
57046
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/OperatorResponse AWS API Documentation
@@ -57989,6 +59282,32 @@ module Aws::EC2
57989
59282
  include Aws::Structure
57990
59283
  end
57991
59284
 
59285
+ # A summary report for the attribute for a Region.
59286
+ #
59287
+ # @!attribute [rw] region_name
59288
+ # The Amazon Web Services Region.
59289
+ # @return [String]
59290
+ #
59291
+ # @!attribute [rw] number_of_matched_accounts
59292
+ # The number of accounts in the Region with the same configuration
59293
+ # value for the attribute that is most frequently observed.
59294
+ # @return [Integer]
59295
+ #
59296
+ # @!attribute [rw] number_of_unmatched_accounts
59297
+ # The number of accounts in the Region with a configuration value
59298
+ # different from the most frequently observed value for the attribute.
59299
+ # @return [Integer]
59300
+ #
59301
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RegionalSummary AWS API Documentation
59302
+ #
59303
+ class RegionalSummary < Struct.new(
59304
+ :region_name,
59305
+ :number_of_matched_accounts,
59306
+ :number_of_unmatched_accounts)
59307
+ SENSITIVE = []
59308
+ include Aws::Structure
59309
+ end
59310
+
57992
59311
  # Contains the parameters for RegisterImage.
57993
59312
  #
57994
59313
  # @!attribute [rw] image_location
@@ -58792,6 +60111,41 @@ module Aws::EC2
58792
60111
  include Aws::Structure
58793
60112
  end
58794
60113
 
60114
+ # @!attribute [rw] image_criteria
60115
+ # The list of criteria that are evaluated to determine whether AMIs
60116
+ # are discoverable and usable in the account in the specified Amazon
60117
+ # Web Services Region.
60118
+ # @return [Array<Types::ImageCriterionRequest>]
60119
+ #
60120
+ # @!attribute [rw] dry_run
60121
+ # Checks whether you have the required permissions for the action,
60122
+ # without actually making the request, and provides an error response.
60123
+ # If you have the required permissions, the error response is
60124
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
60125
+ # @return [Boolean]
60126
+ #
60127
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceImageCriteriaInAllowedImagesSettingsRequest AWS API Documentation
60128
+ #
60129
+ class ReplaceImageCriteriaInAllowedImagesSettingsRequest < Struct.new(
60130
+ :image_criteria,
60131
+ :dry_run)
60132
+ SENSITIVE = []
60133
+ include Aws::Structure
60134
+ end
60135
+
60136
+ # @!attribute [rw] return_value
60137
+ # Returns `true` if the request succeeds; otherwise, it returns an
60138
+ # error.
60139
+ # @return [Boolean]
60140
+ #
60141
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceImageCriteriaInAllowedImagesSettingsResult AWS API Documentation
60142
+ #
60143
+ class ReplaceImageCriteriaInAllowedImagesSettingsResult < Struct.new(
60144
+ :return_value)
60145
+ SENSITIVE = []
60146
+ include Aws::Structure
60147
+ end
60148
+
58795
60149
  # @!attribute [rw] dry_run
58796
60150
  # Checks whether you have the required permissions for the action,
58797
60151
  # without actually making the request, and provides an error response.
@@ -59694,6 +61048,11 @@ module Aws::EC2
59694
61048
  # The entity that manages the launch template.
59695
61049
  # @return [Types::OperatorRequest]
59696
61050
  #
61051
+ # @!attribute [rw] network_performance_options
61052
+ # Contains launch template settings to boost network performance for
61053
+ # the type of workload that runs on your instance.
61054
+ # @return [Types::LaunchTemplateNetworkPerformanceOptionsRequest]
61055
+ #
59697
61056
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RequestLaunchTemplateData AWS API Documentation
59698
61057
  #
59699
61058
  class RequestLaunchTemplateData < Struct.new(
@@ -59728,7 +61087,8 @@ module Aws::EC2
59728
61087
  :private_dns_name_options,
59729
61088
  :maintenance_options,
59730
61089
  :disable_api_stop,
59731
- :operator)
61090
+ :operator,
61091
+ :network_performance_options)
59732
61092
  SENSITIVE = [:user_data]
59733
61093
  include Aws::Structure
59734
61094
  end
@@ -61094,6 +62454,11 @@ module Aws::EC2
61094
62454
  # The entity that manages the launch template.
61095
62455
  # @return [Types::OperatorResponse]
61096
62456
  #
62457
+ # @!attribute [rw] network_performance_options
62458
+ # Contains the launch template settings for network performance
62459
+ # options for your instance.
62460
+ # @return [Types::LaunchTemplateNetworkPerformanceOptions]
62461
+ #
61097
62462
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ResponseLaunchTemplateData AWS API Documentation
61098
62463
  #
61099
62464
  class ResponseLaunchTemplateData < Struct.new(
@@ -61128,7 +62493,8 @@ module Aws::EC2
61128
62493
  :private_dns_name_options,
61129
62494
  :maintenance_options,
61130
62495
  :disable_api_stop,
61131
- :operator)
62496
+ :operator,
62497
+ :network_performance_options)
61132
62498
  SENSITIVE = [:user_data]
61133
62499
  include Aws::Structure
61134
62500
  end
@@ -62332,6 +63698,11 @@ module Aws::EC2
62332
63698
  # ENI becomes the primary IPv6 address.
62333
63699
  # @return [Boolean]
62334
63700
  #
63701
+ # @!attribute [rw] network_performance_options
63702
+ # Contains settings for the network performance options for the
63703
+ # instance.
63704
+ # @return [Types::InstanceNetworkPerformanceOptionsRequest]
63705
+ #
62335
63706
  # @!attribute [rw] operator
62336
63707
  # Reserved for internal use.
62337
63708
  # @return [Types::OperatorRequest]
@@ -62457,6 +63828,7 @@ module Aws::EC2
62457
63828
  :maintenance_options,
62458
63829
  :disable_api_stop,
62459
63830
  :enable_primary_ipv_6,
63831
+ :network_performance_options,
62460
63832
  :operator,
62461
63833
  :dry_run,
62462
63834
  :disable_api_termination,
@@ -66110,6 +67482,61 @@ module Aws::EC2
66110
67482
  include Aws::Structure
66111
67483
  end
66112
67484
 
67485
+ # @!attribute [rw] dry_run
67486
+ # Checks whether you have the required permissions for the action,
67487
+ # without actually making the request, and provides an error response.
67488
+ # If you have the required permissions, the error response is
67489
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
67490
+ # @return [Boolean]
67491
+ #
67492
+ # @!attribute [rw] s3_bucket
67493
+ # The name of the S3 bucket where the report will be saved.
67494
+ # @return [String]
67495
+ #
67496
+ # @!attribute [rw] s3_prefix
67497
+ # The prefix for your S3 object.
67498
+ # @return [String]
67499
+ #
67500
+ # @!attribute [rw] target_id
67501
+ # The root ID, organizational unit ID, or account ID.
67502
+ #
67503
+ # Format:
67504
+ #
67505
+ # * For root: `r-ab12`
67506
+ #
67507
+ # * For OU: `ou-ab12-cdef1234`
67508
+ #
67509
+ # * For account: `123456789012`
67510
+ # @return [String]
67511
+ #
67512
+ # @!attribute [rw] tag_specifications
67513
+ # The tags to apply.
67514
+ # @return [Array<Types::TagSpecification>]
67515
+ #
67516
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartDeclarativePoliciesReportRequest AWS API Documentation
67517
+ #
67518
+ class StartDeclarativePoliciesReportRequest < Struct.new(
67519
+ :dry_run,
67520
+ :s3_bucket,
67521
+ :s3_prefix,
67522
+ :target_id,
67523
+ :tag_specifications)
67524
+ SENSITIVE = []
67525
+ include Aws::Structure
67526
+ end
67527
+
67528
+ # @!attribute [rw] report_id
67529
+ # The ID of the report.
67530
+ # @return [String]
67531
+ #
67532
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/StartDeclarativePoliciesReportResult AWS API Documentation
67533
+ #
67534
+ class StartDeclarativePoliciesReportResult < Struct.new(
67535
+ :report_id)
67536
+ SENSITIVE = []
67537
+ include Aws::Structure
67538
+ end
67539
+
66113
67540
  # @!attribute [rw] instance_ids
66114
67541
  # The IDs of the instances.
66115
67542
  # @return [Array<String>]
@@ -66753,6 +68180,25 @@ module Aws::EC2
66753
68180
  include Aws::Structure
66754
68181
  end
66755
68182
 
68183
+ # Prefixes of the subnet IP.
68184
+ #
68185
+ # @!attribute [rw] subnet_id
68186
+ # ID of the subnet.
68187
+ # @return [String]
68188
+ #
68189
+ # @!attribute [rw] ip_prefixes
68190
+ # Array of SubnetIpPrefixes objects.
68191
+ # @return [Array<String>]
68192
+ #
68193
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/SubnetIpPrefixes AWS API Documentation
68194
+ #
68195
+ class SubnetIpPrefixes < Struct.new(
68196
+ :subnet_id,
68197
+ :ip_prefixes)
68198
+ SENSITIVE = []
68199
+ include Aws::Structure
68200
+ end
68201
+
66756
68202
  # Describes an association between a subnet and an IPv6 CIDR block.
66757
68203
  #
66758
68204
  # @!attribute [rw] association_id
@@ -70079,6 +71525,14 @@ module Aws::EC2
70079
71525
  # The options in use for server side encryption.
70080
71526
  # @return [Types::VerifiedAccessSseSpecificationResponse]
70081
71527
  #
71528
+ # @!attribute [rw] rds_options
71529
+ # The options for an RDS endpoint.
71530
+ # @return [Types::VerifiedAccessEndpointRdsOptions]
71531
+ #
71532
+ # @!attribute [rw] cidr_options
71533
+ # The options for a CIDR endpoint.
71534
+ # @return [Types::VerifiedAccessEndpointCidrOptions]
71535
+ #
70082
71536
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpoint AWS API Documentation
70083
71537
  #
70084
71538
  class VerifiedAccessEndpoint < Struct.new(
@@ -70100,7 +71554,38 @@ module Aws::EC2
70100
71554
  :last_updated_time,
70101
71555
  :deletion_time,
70102
71556
  :tags,
70103
- :sse_specification)
71557
+ :sse_specification,
71558
+ :rds_options,
71559
+ :cidr_options)
71560
+ SENSITIVE = []
71561
+ include Aws::Structure
71562
+ end
71563
+
71564
+ # Describes the CIDR options for a Verified Access endpoint.
71565
+ #
71566
+ # @!attribute [rw] cidr
71567
+ # The CIDR.
71568
+ # @return [String]
71569
+ #
71570
+ # @!attribute [rw] port_ranges
71571
+ # The port ranges.
71572
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71573
+ #
71574
+ # @!attribute [rw] protocol
71575
+ # The protocol.
71576
+ # @return [String]
71577
+ #
71578
+ # @!attribute [rw] subnet_ids
71579
+ # The IDs of the subnets.
71580
+ # @return [Array<String>]
71581
+ #
71582
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointCidrOptions AWS API Documentation
71583
+ #
71584
+ class VerifiedAccessEndpointCidrOptions < Struct.new(
71585
+ :cidr,
71586
+ :port_ranges,
71587
+ :protocol,
71588
+ :subnet_ids)
70104
71589
  SENSITIVE = []
70105
71590
  include Aws::Structure
70106
71591
  end
@@ -70119,12 +71604,17 @@ module Aws::EC2
70119
71604
  # The IP port number.
70120
71605
  # @return [Integer]
70121
71606
  #
71607
+ # @!attribute [rw] port_ranges
71608
+ # The port ranges.
71609
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71610
+ #
70122
71611
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointEniOptions AWS API Documentation
70123
71612
  #
70124
71613
  class VerifiedAccessEndpointEniOptions < Struct.new(
70125
71614
  :network_interface_id,
70126
71615
  :protocol,
70127
- :port)
71616
+ :port,
71617
+ :port_ranges)
70128
71618
  SENSITIVE = []
70129
71619
  include Aws::Structure
70130
71620
  end
@@ -70148,12 +71638,80 @@ module Aws::EC2
70148
71638
  # The IDs of the subnets.
70149
71639
  # @return [Array<String>]
70150
71640
  #
71641
+ # @!attribute [rw] port_ranges
71642
+ # The port ranges.
71643
+ # @return [Array<Types::VerifiedAccessEndpointPortRange>]
71644
+ #
70151
71645
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointLoadBalancerOptions AWS API Documentation
70152
71646
  #
70153
71647
  class VerifiedAccessEndpointLoadBalancerOptions < Struct.new(
70154
71648
  :protocol,
70155
71649
  :port,
70156
71650
  :load_balancer_arn,
71651
+ :subnet_ids,
71652
+ :port_ranges)
71653
+ SENSITIVE = []
71654
+ include Aws::Structure
71655
+ end
71656
+
71657
+ # Describes a port range.
71658
+ #
71659
+ # @!attribute [rw] from_port
71660
+ # The start of the port range.
71661
+ # @return [Integer]
71662
+ #
71663
+ # @!attribute [rw] to_port
71664
+ # The end of the port range.
71665
+ # @return [Integer]
71666
+ #
71667
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointPortRange AWS API Documentation
71668
+ #
71669
+ class VerifiedAccessEndpointPortRange < Struct.new(
71670
+ :from_port,
71671
+ :to_port)
71672
+ SENSITIVE = []
71673
+ include Aws::Structure
71674
+ end
71675
+
71676
+ # Describes the RDS options for a Verified Access endpoint.
71677
+ #
71678
+ # @!attribute [rw] protocol
71679
+ # The protocol.
71680
+ # @return [String]
71681
+ #
71682
+ # @!attribute [rw] port
71683
+ # The port.
71684
+ # @return [Integer]
71685
+ #
71686
+ # @!attribute [rw] rds_db_instance_arn
71687
+ # The ARN of the RDS instance.
71688
+ # @return [String]
71689
+ #
71690
+ # @!attribute [rw] rds_db_cluster_arn
71691
+ # The ARN of the DB cluster.
71692
+ # @return [String]
71693
+ #
71694
+ # @!attribute [rw] rds_db_proxy_arn
71695
+ # The ARN of the RDS proxy.
71696
+ # @return [String]
71697
+ #
71698
+ # @!attribute [rw] rds_endpoint
71699
+ # The RDS endpoint.
71700
+ # @return [String]
71701
+ #
71702
+ # @!attribute [rw] subnet_ids
71703
+ # The IDs of the subnets.
71704
+ # @return [Array<String>]
71705
+ #
71706
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointRdsOptions AWS API Documentation
71707
+ #
71708
+ class VerifiedAccessEndpointRdsOptions < Struct.new(
71709
+ :protocol,
71710
+ :port,
71711
+ :rds_db_instance_arn,
71712
+ :rds_db_cluster_arn,
71713
+ :rds_db_proxy_arn,
71714
+ :rds_endpoint,
70157
71715
  :subnet_ids)
70158
71716
  SENSITIVE = []
70159
71717
  include Aws::Structure
@@ -70178,6 +71736,30 @@ module Aws::EC2
70178
71736
  include Aws::Structure
70179
71737
  end
70180
71738
 
71739
+ # Describes the targets for the specified Verified Access endpoint.
71740
+ #
71741
+ # @!attribute [rw] verified_access_endpoint_id
71742
+ # The ID of the Verified Access endpoint.
71743
+ # @return [String]
71744
+ #
71745
+ # @!attribute [rw] verified_access_endpoint_target_ip_address
71746
+ # The IP address of the target.
71747
+ # @return [String]
71748
+ #
71749
+ # @!attribute [rw] verified_access_endpoint_target_dns
71750
+ # The DNS name of the target.
71751
+ # @return [String]
71752
+ #
71753
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessEndpointTarget AWS API Documentation
71754
+ #
71755
+ class VerifiedAccessEndpointTarget < Struct.new(
71756
+ :verified_access_endpoint_id,
71757
+ :verified_access_endpoint_target_ip_address,
71758
+ :verified_access_endpoint_target_dns)
71759
+ SENSITIVE = []
71760
+ include Aws::Structure
71761
+ end
71762
+
70181
71763
  # Describes a Verified Access group.
70182
71764
  #
70183
71765
  # @!attribute [rw] verified_access_group_id
@@ -70268,6 +71850,10 @@ module Aws::EC2
70268
71850
  # Standards (FIPS) is enabled on the instance.
70269
71851
  # @return [Boolean]
70270
71852
  #
71853
+ # @!attribute [rw] cidr_endpoints_custom_sub_domain
71854
+ # The custom subdomain.
71855
+ # @return [Types::VerifiedAccessInstanceCustomSubDomain]
71856
+ #
70271
71857
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstance AWS API Documentation
70272
71858
  #
70273
71859
  class VerifiedAccessInstance < Struct.new(
@@ -70277,7 +71863,28 @@ module Aws::EC2
70277
71863
  :creation_time,
70278
71864
  :last_updated_time,
70279
71865
  :tags,
70280
- :fips_enabled)
71866
+ :fips_enabled,
71867
+ :cidr_endpoints_custom_sub_domain)
71868
+ SENSITIVE = []
71869
+ include Aws::Structure
71870
+ end
71871
+
71872
+ # Describes a custom subdomain for a network CIDR endpoint for Verified
71873
+ # Access.
71874
+ #
71875
+ # @!attribute [rw] sub_domain
71876
+ # The subdomain.
71877
+ # @return [String]
71878
+ #
71879
+ # @!attribute [rw] nameservers
71880
+ # The name servers.
71881
+ # @return [Array<String>]
71882
+ #
71883
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceCustomSubDomain AWS API Documentation
71884
+ #
71885
+ class VerifiedAccessInstanceCustomSubDomain < Struct.new(
71886
+ :sub_domain,
71887
+ :nameservers)
70281
71888
  SENSITIVE = []
70282
71889
  include Aws::Structure
70283
71890
  end
@@ -70302,6 +71909,98 @@ module Aws::EC2
70302
71909
  include Aws::Structure
70303
71910
  end
70304
71911
 
71912
+ # Describes a set of routes.
71913
+ #
71914
+ # @!attribute [rw] config
71915
+ # The base64-encoded Open VPN client configuration.
71916
+ # @return [String]
71917
+ #
71918
+ # @!attribute [rw] routes
71919
+ # The routes.
71920
+ # @return [Array<Types::VerifiedAccessInstanceOpenVpnClientConfigurationRoute>]
71921
+ #
71922
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceOpenVpnClientConfiguration AWS API Documentation
71923
+ #
71924
+ class VerifiedAccessInstanceOpenVpnClientConfiguration < Struct.new(
71925
+ :config,
71926
+ :routes)
71927
+ SENSITIVE = []
71928
+ include Aws::Structure
71929
+ end
71930
+
71931
+ # Describes a route.
71932
+ #
71933
+ # @!attribute [rw] cidr
71934
+ # The CIDR block.
71935
+ # @return [String]
71936
+ #
71937
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceOpenVpnClientConfigurationRoute AWS API Documentation
71938
+ #
71939
+ class VerifiedAccessInstanceOpenVpnClientConfigurationRoute < Struct.new(
71940
+ :cidr)
71941
+ SENSITIVE = []
71942
+ include Aws::Structure
71943
+ end
71944
+
71945
+ # Describes the trust provider.
71946
+ #
71947
+ # @!attribute [rw] type
71948
+ # The trust provider type.
71949
+ # @return [String]
71950
+ #
71951
+ # @!attribute [rw] scopes
71952
+ # The set of user claims to be requested from the IdP.
71953
+ # @return [String]
71954
+ #
71955
+ # @!attribute [rw] issuer
71956
+ # The OIDC issuer identifier of the IdP.
71957
+ # @return [String]
71958
+ #
71959
+ # @!attribute [rw] authorization_endpoint
71960
+ # The authorization endpoint of the IdP.
71961
+ # @return [String]
71962
+ #
71963
+ # @!attribute [rw] public_signing_key_endpoint
71964
+ # The public signing key endpoint.
71965
+ # @return [String]
71966
+ #
71967
+ # @!attribute [rw] token_endpoint
71968
+ # The token endpoint of the IdP.
71969
+ # @return [String]
71970
+ #
71971
+ # @!attribute [rw] user_info_endpoint
71972
+ # The user info endpoint of the IdP.
71973
+ # @return [String]
71974
+ #
71975
+ # @!attribute [rw] client_id
71976
+ # The OAuth 2.0 client identifier.
71977
+ # @return [String]
71978
+ #
71979
+ # @!attribute [rw] client_secret
71980
+ # The OAuth 2.0 client secret.
71981
+ # @return [String]
71982
+ #
71983
+ # @!attribute [rw] pkce_enabled
71984
+ # Indicates whether Proof of Key Code Exchange (PKCE) is enabled.
71985
+ # @return [Boolean]
71986
+ #
71987
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessInstanceUserTrustProviderClientConfiguration AWS API Documentation
71988
+ #
71989
+ class VerifiedAccessInstanceUserTrustProviderClientConfiguration < Struct.new(
71990
+ :type,
71991
+ :scopes,
71992
+ :issuer,
71993
+ :authorization_endpoint,
71994
+ :public_signing_key_endpoint,
71995
+ :token_endpoint,
71996
+ :user_info_endpoint,
71997
+ :client_id,
71998
+ :client_secret,
71999
+ :pkce_enabled)
72000
+ SENSITIVE = [:client_secret]
72001
+ include Aws::Structure
72002
+ end
72003
+
70305
72004
  # Options for CloudWatch Logs as a logging destination.
70306
72005
  #
70307
72006
  # @!attribute [rw] enabled
@@ -70641,6 +72340,10 @@ module Aws::EC2
70641
72340
  # The options in use for server side encryption.
70642
72341
  # @return [Types::VerifiedAccessSseSpecificationResponse]
70643
72342
  #
72343
+ # @!attribute [rw] native_application_oidc_options
72344
+ # The OpenID Connect (OIDC) options.
72345
+ # @return [Types::NativeApplicationOidcOptions]
72346
+ #
70644
72347
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VerifiedAccessTrustProvider AWS API Documentation
70645
72348
  #
70646
72349
  class VerifiedAccessTrustProvider < Struct.new(
@@ -70655,7 +72358,8 @@ module Aws::EC2
70655
72358
  :creation_time,
70656
72359
  :last_updated_time,
70657
72360
  :tags,
70658
- :sse_specification)
72361
+ :sse_specification,
72362
+ :native_application_oidc_options)
70659
72363
  SENSITIVE = []
70660
72364
  include Aws::Structure
70661
72365
  end
@@ -70785,7 +72489,7 @@ module Aws::EC2
70785
72489
  # @return [String]
70786
72490
  #
70787
72491
  # @!attribute [rw] operator
70788
- # The entity that manages the volume.
72492
+ # The service provider that manages the volume.
70789
72493
  # @return [Types::OperatorResponse]
70790
72494
  #
70791
72495
  # @!attribute [rw] volume_id
@@ -71393,6 +73097,26 @@ module Aws::EC2
71393
73097
  # The last time the VPC BPA mode was updated.
71394
73098
  # @return [Time]
71395
73099
  #
73100
+ # @!attribute [rw] managed_by
73101
+ # The entity that manages the state of VPC BPA. Possible values
73102
+ # include:
73103
+ #
73104
+ # * `account` - The state is managed by the account.
73105
+ #
73106
+ # * `declarative-policy` - The state is managed by a declarative
73107
+ # policy and can't be modified by the account.
73108
+ # @return [String]
73109
+ #
73110
+ # @!attribute [rw] exclusions_allowed
73111
+ # Determines if exclusions are allowed. If you have [enabled VPC BPA
73112
+ # at the Organization level][1], exclusions may be `not-allowed`.
73113
+ # Otherwise, they are `allowed`.
73114
+ #
73115
+ #
73116
+ #
73117
+ # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/security-vpc-bpa.html#security-vpc-bpa-exclusions-orgs
73118
+ # @return [String]
73119
+ #
71396
73120
  # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcBlockPublicAccessOptions AWS API Documentation
71397
73121
  #
71398
73122
  class VpcBlockPublicAccessOptions < Struct.new(
@@ -71401,7 +73125,9 @@ module Aws::EC2
71401
73125
  :state,
71402
73126
  :internet_gateway_block_mode,
71403
73127
  :reason,
71404
- :last_update_timestamp)
73128
+ :last_update_timestamp,
73129
+ :managed_by,
73130
+ :exclusions_allowed)
71405
73131
  SENSITIVE = []
71406
73132
  include Aws::Structure
71407
73133
  end
@@ -71558,6 +73284,26 @@ module Aws::EC2
71558
73284
  # The last error that occurred for endpoint.
71559
73285
  # @return [Types::LastError]
71560
73286
  #
73287
+ # @!attribute [rw] ipv_4_prefixes
73288
+ # Array of IPv4 prefixes.
73289
+ # @return [Array<Types::SubnetIpPrefixes>]
73290
+ #
73291
+ # @!attribute [rw] ipv_6_prefixes
73292
+ # Array of IPv6 prefixes.
73293
+ # @return [Array<Types::SubnetIpPrefixes>]
73294
+ #
73295
+ # @!attribute [rw] failure_reason
73296
+ # Reason for the failure.
73297
+ # @return [String]
73298
+ #
73299
+ # @!attribute [rw] service_network_arn
73300
+ # The Amazon Resource Name (ARN) of the service network.
73301
+ # @return [String]
73302
+ #
73303
+ # @!attribute [rw] resource_configuration_arn
73304
+ # The Amazon Resource Name (ARN) of the resource configuration.
73305
+ # @return [String]
73306
+ #
71561
73307
  # @!attribute [rw] service_region
71562
73308
  # The Region where the service is hosted.
71563
73309
  # @return [String]
@@ -71584,11 +73330,89 @@ module Aws::EC2
71584
73330
  :tags,
71585
73331
  :owner_id,
71586
73332
  :last_error,
73333
+ :ipv_4_prefixes,
73334
+ :ipv_6_prefixes,
73335
+ :failure_reason,
73336
+ :service_network_arn,
73337
+ :resource_configuration_arn,
71587
73338
  :service_region)
71588
73339
  SENSITIVE = []
71589
73340
  include Aws::Structure
71590
73341
  end
71591
73342
 
73343
+ # Describes the VPC resources, VPC endpoint services, Lattice services,
73344
+ # or service networks associated with the VPC endpoint.
73345
+ #
73346
+ # @!attribute [rw] id
73347
+ # The ID of the VPC endpoint association.
73348
+ # @return [String]
73349
+ #
73350
+ # @!attribute [rw] vpc_endpoint_id
73351
+ # The ID of the VPC endpoint.
73352
+ # @return [String]
73353
+ #
73354
+ # @!attribute [rw] service_network_arn
73355
+ # The Amazon Resource Name (ARN) of the service network.
73356
+ # @return [String]
73357
+ #
73358
+ # @!attribute [rw] service_network_name
73359
+ # The name of the service network.
73360
+ # @return [String]
73361
+ #
73362
+ # @!attribute [rw] associated_resource_accessibility
73363
+ # The connectivity status of the resources associated to a VPC
73364
+ # endpoint. The resource is accessible if the associated resource
73365
+ # configuration is `AVAILABLE`, otherwise the resource is
73366
+ # inaccessible.
73367
+ # @return [String]
73368
+ #
73369
+ # @!attribute [rw] failure_reason
73370
+ # A message related to why an VPC endpoint association failed.
73371
+ # @return [String]
73372
+ #
73373
+ # @!attribute [rw] failure_code
73374
+ # An error code related to why an VPC endpoint association failed.
73375
+ # @return [String]
73376
+ #
73377
+ # @!attribute [rw] dns_entry
73378
+ # The DNS entry of the VPC endpoint association.
73379
+ # @return [Types::DnsEntry]
73380
+ #
73381
+ # @!attribute [rw] private_dns_entry
73382
+ # The private DNS entry of the VPC endpoint association.
73383
+ # @return [Types::DnsEntry]
73384
+ #
73385
+ # @!attribute [rw] associated_resource_arn
73386
+ # The Amazon Resource Name (ARN) of the associated resource.
73387
+ # @return [String]
73388
+ #
73389
+ # @!attribute [rw] resource_configuration_group_arn
73390
+ # The Amazon Resource Name (ARN) of the resource configuration group.
73391
+ # @return [String]
73392
+ #
73393
+ # @!attribute [rw] tags
73394
+ # The tags to apply to the VPC endpoint association.
73395
+ # @return [Array<Types::Tag>]
73396
+ #
73397
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/VpcEndpointAssociation AWS API Documentation
73398
+ #
73399
+ class VpcEndpointAssociation < Struct.new(
73400
+ :id,
73401
+ :vpc_endpoint_id,
73402
+ :service_network_arn,
73403
+ :service_network_name,
73404
+ :associated_resource_accessibility,
73405
+ :failure_reason,
73406
+ :failure_code,
73407
+ :dns_entry,
73408
+ :private_dns_entry,
73409
+ :associated_resource_arn,
73410
+ :resource_configuration_group_arn,
73411
+ :tags)
73412
+ SENSITIVE = []
73413
+ include Aws::Structure
73414
+ end
73415
+
71592
73416
  # Describes a VPC endpoint connection to a service.
71593
73417
  #
71594
73418
  # @!attribute [rw] service_id