aws-sdk-ec2 1.514.0 → 1.516.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '085bf8e31f23783ee78ca642487e03ddb16d32c265a08411b809887501780d9b'
-  data.tar.gz: f61d965d7c097e43d6550125bd90717c6787c39e802af045a2b00b114739af43
+  metadata.gz: 668a55cb6c253c445bc938e04fabc6e18b9d1e5e886451a6c038f91a52eebc74
+  data.tar.gz: a9b6b9f89cc21726efd63f940b3e3f1c9f5354c76a91f04d39c6481b18b91a57
 SHA512:
-  metadata.gz: dec4e9c09ac778e2e4b40e90542ebf400274a5fe4e515065ed9c25356be3deb667b5179ac2dd20a055c0e564098de390dec735aaeef380825b5d708323844a1d
-  data.tar.gz: a4e2f7394cc91fa531a9726b8476bcbb5f0c7f5d5d59f012aa87948928aed9adde84f5d9e8f7c1df324ed0f3fb8e0e397effaec58c578112726f00a0ba98d241
+  metadata.gz: 4fd3ab1d73e8121d66b5ca69606eb542556a4389fcc22de99a4096a539bb51681bd234f6f041728b7e5ea0cbeb45921be1e84d9d556cb3a3f767a510ec7be9e4
+  data.tar.gz: f86d2cd04454ce525d0d99d518e40fdb2fd1477dcd81d9db4df89bb5714b0c1eafbb5a68860bd3368ce3281ec41b8416a2729e76dfc403a66ec66273868e92c7

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.516.0 (2025-04-22)
+------------------
+
+* Feature - Added support for  ClientRouteEnforcementOptions flag in CreateClientVpnEndpoint and ModifyClientVpnEndpoint requests and DescribeClientVpnEndpoints responses
+
+1.515.0 (2025-04-04)
+------------------
+
+* Feature - Doc-only updates for Amazon EC2
+
 1.514.0 (2025-03-31)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.514.0
+1.516.0

data/lib/aws-sdk-ec2/client.rb

@@ -2425,15 +2425,14 @@ module Aws::EC2
     # Associates a route server with a VPC to enable dynamic route updates.
     #
     # A route server association is the connection established between a
-    # route server and a VPC. This is a fundamental configuration step that
-    # enables the route server to work with appliances in your VPC.
+    # route server and a VPC.
     #
     # For more information see [Dynamic routing in your VPC with VPC Route
     # Server][1] in the *Amazon VPC User Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The unique identifier for the route server to be associated.
@@ -6091,6 +6090,19 @@ module Aws::EC2
     #   on Amazon Web Services provided clients when a VPN session is
     #   established.
     #
+    # @option params [Types::ClientRouteEnforcementOptions] :client_route_enforcement_options
+    #   Client route enforcement is a feature of the Client VPN service that
+    #   helps enforce administrator defined routes on devices connected
+    #   through the VPN. T his feature helps improve your security posture by
+    #   ensuring that network traffic originating from a connected client is
+    #   not inadvertently sent outside the VPN tunnel.
+    #
+    #   Client route enforcement works by monitoring the route table of a
+    #   connected device for routing policy changes to the VPN connection. If
+    #   the feature detects any VPN routing policy modifications, it will
+    #   automatically force an update to the route table, reverting it back to
+    #   the expected route configurations.
+    #
     # @option params [Boolean] :disconnect_on_session_timeout
     #   Indicates whether the client VPN session is disconnected after the
     #   maximum timeout specified in `SessionTimeoutHours` is reached. If
@@ -6158,6 +6170,9 @@ module Aws::EC2
     #       enabled: false,
     #       banner_text: "String",
     #     },
+    #     client_route_enforcement_options: {
+    #       enforced: false,
+    #     },
     #     disconnect_on_session_timeout: false,
     #   })
     #
@@ -12120,15 +12135,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -12144,7 +12159,7 @@ module Aws::EC2
     #
     #
     # [1]: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
-    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, Integer] :amazon_side_asn
     #   The private Autonomous System Number (ASN) for the Amazon side of the
@@ -12241,9 +12256,16 @@ module Aws::EC2
     # Creates a new endpoint for a route server in a specified subnet.
     #
     # A route server endpoint is an Amazon Web Services-managed component
-    # inside a subnet that facilitates BGP (Border Gateway Protocol)
-    # connections between your route server and your BGP peers. Create two
-    # endpoints per subnet for redundancy.
+    # inside a subnet that facilitates [BGP (Border Gateway Protocol)][1]
+    # connections between your route server and your BGP peers.
+    #
+    # For more information see [Dynamic routing in your VPC with VPC Route
+    # Server][2] in the *Amazon VPC User Guide*.
+    #
+    #
+    #
+    # [1]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server for which to create an endpoint.
@@ -12316,9 +12338,10 @@ module Aws::EC2
 
     # Creates a new BGP peer for a specified route server endpoint.
     #
-    # A route server peer is a network appliance or function deployed in
-    # Amazon Web Services, such as firewall appliances and other network
-    # security functions, that meet these requirements:
+    # A route server peer is a session between a route server endpoint and
+    # the device deployed in Amazon Web Services (such as a firewall
+    # appliance or other network security function running on an EC2
+    # instance). The device must meet these requirements:
     #
     # * Have an elastic network interface in the VPC
     #
@@ -12326,11 +12349,18 @@ module Aws::EC2
     #
     # * Can initiate BGP sessions
     #
+    # For more information see [Dynamic routing in your VPC with VPC Route
+    # Server][1] in the *Amazon VPC User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
+    #
     # @option params [required, String] :route_server_endpoint_id
     #   The ID of the route server endpoint for which to create a peer.
     #
     # @option params [required, String] :peer_address
-    #   The IPv4 address of the peer.
+    #   The IPv4 address of the peer device.
     #
     # @option params [required, Types::RouteServerBgpOptionsRequest] :bgp_options
     #   The BGP options for the peer, including ASN (Autonomous System Number)
@@ -18885,15 +18915,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -18909,7 +18939,7 @@ module Aws::EC2
     #
     #
     # [1]: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
-    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server to delete.
@@ -18956,9 +18986,12 @@ module Aws::EC2
     # Deletes the specified route server endpoint.
     #
     # A route server endpoint is an Amazon Web Services-managed component
-    # inside a subnet that facilitates BGP (Border Gateway Protocol)
-    # connections between your route server and your BGP peers. Create two
-    # endpoints per subnet for redundancy.
+    # inside a subnet that facilitates [BGP (Border Gateway Protocol)][1]
+    # connections between your route server and your BGP peers.
+    #
+    #
+    #
+    # [1]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
     #
     # @option params [required, String] :route_server_endpoint_id
     #   The ID of the route server endpoint to delete.
@@ -19005,9 +19038,10 @@ module Aws::EC2
 
     # Deletes the specified BGP peer from a route server.
     #
-    # A route server peer is a network appliance or function deployed in
-    # Amazon Web Services, such as firewall appliances and other network
-    # security functions, that meet these requirements:
+    # A route server peer is a session between a route server endpoint and
+    # the device deployed in Amazon Web Services (such as a firewall
+    # appliance or other network security function running on an EC2
+    # instance). The device must meet these requirements:
     #
     # * Have an elastic network interface in the VPC
     #
@@ -21021,27 +21055,35 @@ module Aws::EC2
       req.send_request(options)
     end
 
-    # Deregisters the specified AMI. After you deregister an AMI, it can't
-    # be used to launch new instances.
+    # Deregisters the specified AMI. A deregistered AMI can't be used to
+    # launch new instances.
     #
-    # If you deregister an AMI that matches a Recycle Bin retention rule,
-    # the AMI is retained in the Recycle Bin for the specified retention
-    # period. For more information, see [Recycle Bin][1] in the *Amazon EC2
-    # User Guide*.
+    # If a deregistered EBS-backed AMI matches a Recycle Bin retention rule,
+    # it moves to the Recycle Bin for the specified retention period. It can
+    # be restored before its retention period expires, after which it is
+    # permanently deleted. If the deregistered AMI doesn't match a
+    # retention rule, it is permanently deleted immediately. For more
+    # information, see [Recycle Bin][1] in the *Amazon EBS User Guide*.
+    #
+    # Deregistering an AMI does not delete the following:
     #
-    # When you deregister an AMI, it doesn't affect any instances that
-    # you've already launched from the AMI. You'll continue to incur usage
-    # costs for those instances until you terminate them.
+    # * Instances already launched from the AMI. You'll continue to incur
+    #   usage costs for the instances until you terminate them.
     #
-    # When you deregister an Amazon EBS-backed AMI, it doesn't affect the
-    # snapshot that was created for the root volume of the instance during
-    # the AMI creation process. When you deregister an instance store-backed
-    # AMI, it doesn't affect the files that you uploaded to Amazon S3 when
-    # you created the AMI.
+    # * For EBS-backed AMIs: The snapshots that were created of the root and
+    #   data volumes of the instance during AMI creation. You'll continue
+    #   to incur snapshot storage costs.
+    #
+    # * For instance store-backed AMIs: The files uploaded to Amazon S3
+    #   during AMI creation. You'll continue to incur S3 storage costs.
+    #
+    # For more information, see [Deregister an Amazon EC2 AMI][2] in the
+    # *Amazon EC2 User Guide*.
     #
     #
     #
     # [1]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin.html
+    # [2]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/deregister-ami.html
     #
     # @option params [required, String] :image_id
     #   The ID of the AMI.
@@ -21552,7 +21594,7 @@ module Aws::EC2
     #   resp.addresses[0].customer_owned_ip #=> String
     #   resp.addresses[0].customer_owned_ipv_4_pool #=> String
     #   resp.addresses[0].carrier_ip #=> String
-    #   resp.addresses[0].service_managed #=> String, one of "alb", "nlb"
+    #   resp.addresses[0].service_managed #=> String, one of "alb", "nlb", "rnat"
     #   resp.addresses[0].instance_id #=> String
     #   resp.addresses[0].public_ip #=> String
     #
@@ -23129,6 +23171,7 @@ module Aws::EC2
     #   resp.client_vpn_endpoints[0].session_timeout_hours #=> Integer
     #   resp.client_vpn_endpoints[0].client_login_banner_options.enabled #=> Boolean
     #   resp.client_vpn_endpoints[0].client_login_banner_options.banner_text #=> String
+    #   resp.client_vpn_endpoints[0].client_route_enforcement_options.enforced #=> Boolean
     #   resp.client_vpn_endpoints[0].disconnect_on_session_timeout #=> Boolean
     #   resp.next_token #=> String
     #
@@ -27375,6 +27418,9 @@ module Aws::EC2
     #     latest generation instance type of an instance family (`true` \|
     #     `false`).
     #
+    #   * `dedicated-hosts-supported` - Indicates whether the instance type
+    #     supports Dedicated Hosts. (`true` \| `false`)
+    #
     #   * `ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps` - The
     #     baseline bandwidth performance for an EBS-optimized instance type,
     #     in Mbps.
@@ -33821,16 +33867,16 @@ module Aws::EC2
     # Describes one or more route server endpoints.
     #
     # A route server endpoint is an Amazon Web Services-managed component
-    # inside a subnet that facilitates BGP (Border Gateway Protocol)
-    # connections between your route server and your BGP peers. Create two
-    # endpoints per subnet for redundancy.
+    # inside a subnet that facilitates [BGP (Border Gateway Protocol)][1]
+    # connections between your route server and your BGP peers.
     #
     # For more information see [Dynamic routing in your VPC with VPC Route
-    # Server][1] in the *Amazon VPC User Guide*.
+    # Server][2] in the *Amazon VPC User Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [Array<String>] :route_server_endpoint_ids
     #   The IDs of the route server endpoints to describe.
@@ -33899,9 +33945,10 @@ module Aws::EC2
 
     # Describes one or more route server peers.
     #
-    # A route server peer is a network appliance or function deployed in
-    # Amazon Web Services, such as firewall appliances and other network
-    # security functions, that meet these requirements:
+    # A route server peer is a session between a route server endpoint and
+    # the device deployed in Amazon Web Services (such as a firewall
+    # appliance or other network security function running on an EC2
+    # instance). The device must meet these requirements:
     #
     # * Have an elastic network interface in the VPC
     #
@@ -33914,7 +33961,7 @@ module Aws::EC2
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [Array<String>] :route_server_peer_ids
     #   The IDs of the route server peers to describe.
@@ -33992,15 +34039,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -34016,7 +34063,7 @@ module Aws::EC2
     #
     #
     # [1]: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
-    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [Array<String>] :route_server_ids
     #   The IDs of the route servers to describe.
@@ -40268,7 +40315,8 @@ module Aws::EC2
     end
 
     # Describes the principals (service consumers) that are permitted to
-    # discover your VPC endpoint service.
+    # discover your VPC endpoint service. Principal ARNs with path
+    # components aren't supported.
     #
     # @option params [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
@@ -42153,15 +42201,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -42177,7 +42225,7 @@ module Aws::EC2
     #
     #
     # [1]: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
-    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server for which to disable propagation.
@@ -42976,15 +43024,14 @@ module Aws::EC2
     # Disassociates a route server from a VPC.
     #
     # A route server association is the connection established between a
-    # route server and a VPC. This is a fundamental configuration step that
-    # enables the route server to work with appliances in your VPC.
+    # route server and a VPC.
     #
     # For more information see [Dynamic routing in your VPC with VPC Route
     # Server][1] in the *Amazon VPC User Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server to disassociate.
@@ -44083,7 +44130,7 @@ module Aws::EC2
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server for which to enable propagation.
@@ -47599,15 +47646,14 @@ module Aws::EC2
     # server.
     #
     # A route server association is the connection established between a
-    # route server and a VPC. This is a fundamental configuration step that
-    # enables the route server to work with appliances in your VPC.
+    # route server and a VPC.
     #
     # For more information see [Dynamic routing in your VPC with VPC Route
     # Server][1] in the *Amazon VPC User Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [1]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server for which to get association information.
@@ -47655,15 +47701,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -47729,15 +47775,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -50454,6 +50500,19 @@ module Aws::EC2
     #   on Amazon Web Services provided clients when a VPN session is
     #   established.
     #
+    # @option params [Types::ClientRouteEnforcementOptions] :client_route_enforcement_options
+    #   Client route enforcement is a feature of the Client VPN service that
+    #   helps enforce administrator defined routes on devices connected
+    #   through the VPN. T his feature helps improve your security posture by
+    #   ensuring that network traffic originating from a connected client is
+    #   not inadvertently sent outside the VPN tunnel.
+    #
+    #   Client route enforcement works by monitoring the route table of a
+    #   connected device for routing policy changes to the VPN connection. If
+    #   the feature detects any VPN routing policy modifications, it will
+    #   automatically force an update to the route table, reverting it back to
+    #   the expected route configurations.
+    #
     # @option params [Boolean] :disconnect_on_session_timeout
     #   Indicates whether the client VPN session is disconnected after the
     #   maximum timeout specified in `sessionTimeoutHours` is reached. If
@@ -50494,6 +50553,9 @@ module Aws::EC2
     #       enabled: false,
     #       banner_text: "String",
     #     },
+    #     client_route_enforcement_options: {
+    #       enforced: false,
+    #     },
     #     disconnect_on_session_timeout: false,
     #   })
     #
@@ -51391,6 +51453,14 @@ module Aws::EC2
     # @option params [String] :attribute
     #   The name of the attribute to modify.
     #
+    #   <note markdown="1"> When changing the instance type: If the original instance type is
+    #   configured for configurable bandwidth, and the desired instance type
+    #   doesn't support configurable bandwidth, first set the existing
+    #   bandwidth configuration to `default` using the
+    #   ModifyInstanceNetworkPerformanceOptions operation.
+    #
+    #    </note>
+    #
     #   You can modify the following attributes only: `disableApiTermination`
     #   \| `instanceType` \| `kernel` \| `ramdisk` \|
     #   `instanceInitiatedShutdownBehavior` \| `blockDeviceMapping` \|
@@ -53359,15 +53429,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -53383,7 +53453,7 @@ module Aws::EC2
     #
     #
     # [1]: https://docs.aws.amazon.com/vpc/latest/tgw/tgw-connect.html
-    # [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access.html
+    # [2]: https://docs.aws.amazon.com/vpc/latest/userguide/dynamic-routing-route-server.html
     #
     # @option params [required, String] :route_server_id
     #   The ID of the route server to modify.
@@ -55887,6 +55957,7 @@ module Aws::EC2
     # Modifies the permissions for your VPC endpoint service. You can add or
     # remove permissions for service consumers (Amazon Web Services
     # accounts, users, and IAM roles) to connect to your endpoint service.
+    # Principal ARNs with path components aren't supported.
     #
     # If you grant permissions to all principals, the service is public. Any
     # users who know the name of a public service can send a request to
@@ -64703,7 +64774,7 @@ module Aws::EC2
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-ec2'
-      context[:gem_version] = '1.514.0'
+      context[:gem_version] = '1.516.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-ec2/client_api.rb

@@ -367,6 +367,8 @@ module Aws::EC2
     ClientData = Shapes::StructureShape.new(name: 'ClientData')
     ClientLoginBannerOptions = Shapes::StructureShape.new(name: 'ClientLoginBannerOptions')
     ClientLoginBannerResponseOptions = Shapes::StructureShape.new(name: 'ClientLoginBannerResponseOptions')
+    ClientRouteEnforcementOptions = Shapes::StructureShape.new(name: 'ClientRouteEnforcementOptions')
+    ClientRouteEnforcementResponseOptions = Shapes::StructureShape.new(name: 'ClientRouteEnforcementResponseOptions')
     ClientSecretType = Shapes::StringShape.new(name: 'ClientSecretType')
     ClientVpnAuthentication = Shapes::StructureShape.new(name: 'ClientVpnAuthentication')
     ClientVpnAuthenticationList = Shapes::ListShape.new(name: 'ClientVpnAuthenticationList')
@@ -4695,6 +4697,12 @@ module Aws::EC2
     ClientLoginBannerResponseOptions.add_member(:banner_text, Shapes::ShapeRef.new(shape: String, location_name: "bannerText"))
     ClientLoginBannerResponseOptions.struct_class = Types::ClientLoginBannerResponseOptions
 
+    ClientRouteEnforcementOptions.add_member(:enforced, Shapes::ShapeRef.new(shape: Boolean, location_name: "Enforced"))
+    ClientRouteEnforcementOptions.struct_class = Types::ClientRouteEnforcementOptions
+
+    ClientRouteEnforcementResponseOptions.add_member(:enforced, Shapes::ShapeRef.new(shape: Boolean, location_name: "enforced"))
+    ClientRouteEnforcementResponseOptions.struct_class = Types::ClientRouteEnforcementResponseOptions
+
     ClientVpnAuthentication.add_member(:type, Shapes::ShapeRef.new(shape: ClientVpnAuthenticationType, location_name: "type"))
     ClientVpnAuthentication.add_member(:active_directory, Shapes::ShapeRef.new(shape: DirectoryServiceAuthentication, location_name: "activeDirectory"))
     ClientVpnAuthentication.add_member(:mutual_authentication, Shapes::ShapeRef.new(shape: CertificateAuthentication, location_name: "mutualAuthentication"))
@@ -4760,6 +4768,7 @@ module Aws::EC2
     ClientVpnEndpoint.add_member(:client_connect_options, Shapes::ShapeRef.new(shape: ClientConnectResponseOptions, location_name: "clientConnectOptions"))
     ClientVpnEndpoint.add_member(:session_timeout_hours, Shapes::ShapeRef.new(shape: Integer, location_name: "sessionTimeoutHours"))
     ClientVpnEndpoint.add_member(:client_login_banner_options, Shapes::ShapeRef.new(shape: ClientLoginBannerResponseOptions, location_name: "clientLoginBannerOptions"))
+    ClientVpnEndpoint.add_member(:client_route_enforcement_options, Shapes::ShapeRef.new(shape: ClientRouteEnforcementResponseOptions, location_name: "clientRouteEnforcementOptions"))
     ClientVpnEndpoint.add_member(:disconnect_on_session_timeout, Shapes::ShapeRef.new(shape: Boolean, location_name: "disconnectOnSessionTimeout"))
     ClientVpnEndpoint.struct_class = Types::ClientVpnEndpoint
 
@@ -5040,6 +5049,7 @@ module Aws::EC2
     CreateClientVpnEndpointRequest.add_member(:client_connect_options, Shapes::ShapeRef.new(shape: ClientConnectOptions, location_name: "ClientConnectOptions"))
     CreateClientVpnEndpointRequest.add_member(:session_timeout_hours, Shapes::ShapeRef.new(shape: Integer, location_name: "SessionTimeoutHours"))
     CreateClientVpnEndpointRequest.add_member(:client_login_banner_options, Shapes::ShapeRef.new(shape: ClientLoginBannerOptions, location_name: "ClientLoginBannerOptions"))
+    CreateClientVpnEndpointRequest.add_member(:client_route_enforcement_options, Shapes::ShapeRef.new(shape: ClientRouteEnforcementOptions, location_name: "ClientRouteEnforcementOptions"))
     CreateClientVpnEndpointRequest.add_member(:disconnect_on_session_timeout, Shapes::ShapeRef.new(shape: Boolean, location_name: "DisconnectOnSessionTimeout"))
     CreateClientVpnEndpointRequest.struct_class = Types::CreateClientVpnEndpointRequest
 
@@ -12441,6 +12451,7 @@ module Aws::EC2
     ModifyClientVpnEndpointRequest.add_member(:client_connect_options, Shapes::ShapeRef.new(shape: ClientConnectOptions, location_name: "ClientConnectOptions"))
     ModifyClientVpnEndpointRequest.add_member(:session_timeout_hours, Shapes::ShapeRef.new(shape: Integer, location_name: "SessionTimeoutHours"))
     ModifyClientVpnEndpointRequest.add_member(:client_login_banner_options, Shapes::ShapeRef.new(shape: ClientLoginBannerOptions, location_name: "ClientLoginBannerOptions"))
+    ModifyClientVpnEndpointRequest.add_member(:client_route_enforcement_options, Shapes::ShapeRef.new(shape: ClientRouteEnforcementOptions, location_name: "ClientRouteEnforcementOptions"))
     ModifyClientVpnEndpointRequest.add_member(:disconnect_on_session_timeout, Shapes::ShapeRef.new(shape: Boolean, location_name: "DisconnectOnSessionTimeout"))
     ModifyClientVpnEndpointRequest.struct_class = Types::ModifyClientVpnEndpointRequest
 

data/lib/aws-sdk-ec2/instance.rb

@@ -1115,6 +1115,14 @@ module Aws::EC2
     # @option options [String] :attribute
     #   The name of the attribute to modify.
     #
+    #   <note markdown="1"> When changing the instance type: If the original instance type is
+    #   configured for configurable bandwidth, and the desired instance type
+    #   doesn't support configurable bandwidth, first set the existing
+    #   bandwidth configuration to `default` using the
+    #   ModifyInstanceNetworkPerformanceOptions operation.
+    #
+    #    </note>
+    #
     #   You can modify the following attributes only: `disableApiTermination`
     #   \| `instanceType` \| `kernel` \| `ramdisk` \|
     #   `instanceInitiatedShutdownBehavior` \| `blockDeviceMapping` \|

data/lib/aws-sdk-ec2/types.rb

@@ -6092,6 +6092,53 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Client route enforcement is a feature of the Client VPN service that
+    # helps enforce administrator defined routes on devices connected
+    # through the VPN. T his feature helps improve your security posture by
+    # ensuring that network traffic originating from a connected client is
+    # not inadvertently sent outside the VPN tunnel.
+    #
+    # Client route enforcement works by monitoring the route table of a
+    # connected device for routing policy changes to the VPN connection. If
+    # the feature detects any VPN routing policy modifications, it will
+    # automatically force an update to the route table, reverting it back to
+    # the expected route configurations.
+    #
+    # @!attribute [rw] enforced
+    #   Enable or disable the client route enforcement feature.
+    #
+    #   Valid values: `true | false`
+    #
+    #   Default value: `false`
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientRouteEnforcementOptions AWS API Documentation
+    #
+    class ClientRouteEnforcementOptions < Struct.new(
+      :enforced)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The current status of client route enforcement. The state will either
+    # be `true` (enabled) or `false` (disabled).
+    #
+    # @!attribute [rw] enforced
+    #   Status of the client route enforcement feature.
+    #
+    #   Valid values: `true | false`
+    #
+    #   Default value: `false`
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientRouteEnforcementResponseOptions AWS API Documentation
+    #
+    class ClientRouteEnforcementResponseOptions < Struct.new(
+      :enforced)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Describes the authentication methods used by a Client VPN endpoint.
     # For more information, see [Authentication][1] in the *Client VPN
     # Administrator Guide*.
@@ -6404,6 +6451,20 @@ module Aws::EC2
     #   is established.
     #   @return [Types::ClientLoginBannerResponseOptions]
     #
+    # @!attribute [rw] client_route_enforcement_options
+    #   Client route enforcement is a feature of the Client VPN service that
+    #   helps enforce administrator defined routes on devices connected
+    #   through the VPN. T his feature helps improve your security posture
+    #   by ensuring that network traffic originating from a connected client
+    #   is not inadvertently sent outside the VPN tunnel.
+    #
+    #   Client route enforcement works by monitoring the route table of a
+    #   connected device for routing policy changes to the VPN connection.
+    #   If the feature detects any VPN routing policy modifications, it will
+    #   automatically force an update to the route table, reverting it back
+    #   to the expected route configurations.
+    #   @return [Types::ClientRouteEnforcementResponseOptions]
+    #
     # @!attribute [rw] disconnect_on_session_timeout
     #   Indicates whether the client VPN session is disconnected after the
     #   maximum `sessionTimeoutHours` is reached. If `true`, users are
@@ -6437,6 +6498,7 @@ module Aws::EC2
       :client_connect_options,
       :session_timeout_hours,
       :client_login_banner_options,
+      :client_route_enforcement_options,
       :disconnect_on_session_timeout)
       SENSITIVE = []
       include Aws::Structure
@@ -8253,6 +8315,20 @@ module Aws::EC2
     #   is established.
     #   @return [Types::ClientLoginBannerOptions]
     #
+    # @!attribute [rw] client_route_enforcement_options
+    #   Client route enforcement is a feature of the Client VPN service that
+    #   helps enforce administrator defined routes on devices connected
+    #   through the VPN. T his feature helps improve your security posture
+    #   by ensuring that network traffic originating from a connected client
+    #   is not inadvertently sent outside the VPN tunnel.
+    #
+    #   Client route enforcement works by monitoring the route table of a
+    #   connected device for routing policy changes to the VPN connection.
+    #   If the feature detects any VPN routing policy modifications, it will
+    #   automatically force an update to the route table, reverting it back
+    #   to the expected route configurations.
+    #   @return [Types::ClientRouteEnforcementOptions]
+    #
     # @!attribute [rw] disconnect_on_session_timeout
     #   Indicates whether the client VPN session is disconnected after the
     #   maximum timeout specified in `SessionTimeoutHours` is reached. If
@@ -8282,6 +8358,7 @@ module Aws::EC2
       :client_connect_options,
       :session_timeout_hours,
       :client_login_banner_options,
+      :client_route_enforcement_options,
       :disconnect_on_session_timeout)
       SENSITIVE = []
       include Aws::Structure
@@ -11594,7 +11671,7 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] peer_address
-    #   The IPv4 address of the peer.
+    #   The IPv4 address of the peer device.
     #   @return [String]
     #
     # @!attribute [rw] bgp_options
@@ -22451,6 +22528,9 @@ module Aws::EC2
     #     latest generation instance type of an instance family (`true` \|
     #     `false`).
     #
+    #   * `dedicated-hosts-supported` - Indicates whether the instance type
+    #     supports Dedicated Hosts. (`true` \| `false`)
+    #
     #   * `ebs-info.ebs-optimized-info.baseline-bandwidth-in-mbps` - The
     #     baseline bandwidth performance for an EBS-optimized instance type,
     #     in Mbps.
@@ -49658,11 +49738,13 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] device_index
-    #   The device index for the network interface attachment. Each network
-    #   interface requires a device index. If you create a launch template
-    #   that includes secondary network interfaces but not a primary network
-    #   interface, then you must add a primary network interface as a launch
-    #   parameter when you launch an instance from the template.
+    #   The device index for the network interface attachment. The primary
+    #   network interface has a device index of 0. Each network interface is
+    #   of type `interface`, you must specify a device index. If you create
+    #   a launch template that includes secondary network interfaces but not
+    #   a primary network interface, then you must add a primary network
+    #   interface as a launch parameter when you launch an instance from the
+    #   template.
     #   @return [Integer]
     #
     # @!attribute [rw] groups
@@ -51880,6 +51962,20 @@ module Aws::EC2
     #   is established.
     #   @return [Types::ClientLoginBannerOptions]
     #
+    # @!attribute [rw] client_route_enforcement_options
+    #   Client route enforcement is a feature of the Client VPN service that
+    #   helps enforce administrator defined routes on devices connected
+    #   through the VPN. T his feature helps improve your security posture
+    #   by ensuring that network traffic originating from a connected client
+    #   is not inadvertently sent outside the VPN tunnel.
+    #
+    #   Client route enforcement works by monitoring the route table of a
+    #   connected device for routing policy changes to the VPN connection.
+    #   If the feature detects any VPN routing policy modifications, it will
+    #   automatically force an update to the route table, reverting it back
+    #   to the expected route configurations.
+    #   @return [Types::ClientRouteEnforcementOptions]
+    #
     # @!attribute [rw] disconnect_on_session_timeout
     #   Indicates whether the client VPN session is disconnected after the
     #   maximum timeout specified in `sessionTimeoutHours` is reached. If
@@ -51905,6 +52001,7 @@ module Aws::EC2
       :client_connect_options,
       :session_timeout_hours,
       :client_login_banner_options,
+      :client_route_enforcement_options,
       :disconnect_on_session_timeout)
       SENSITIVE = []
       include Aws::Structure
@@ -52435,6 +52532,14 @@ module Aws::EC2
     # @!attribute [rw] attribute
     #   The name of the attribute to modify.
     #
+    #   <note markdown="1"> When changing the instance type: If the original instance type is
+    #   configured for configurable bandwidth, and the desired instance type
+    #   doesn't support configurable bandwidth, first set the existing
+    #   bandwidth configuration to `default` using the
+    #   ModifyInstanceNetworkPerformanceOptions operation.
+    #
+    #    </note>
+    #
     #   You can modify the following attributes only:
     #   `disableApiTermination` \| `instanceType` \| `kernel` \| `ramdisk`
     #   \| `instanceInitiatedShutdownBehavior` \| `blockDeviceMapping` \|
@@ -64537,15 +64642,15 @@ module Aws::EC2
     # Amazon VPC Route Server simplifies routing for traffic between
     # workloads that are deployed within a VPC and its internet gateways.
     # With this feature, VPC Route Server dynamically updates VPC and
-    # gateway route tables with your preferred IPv4 or IPv6 routes to
-    # achieve routing fault tolerance for those workloads. This enables you
-    # to automatically reroute traffic within a VPC, which increases the
+    # internet gateway route tables with your preferred IPv4 or IPv6 routes
+    # to achieve routing fault tolerance for those workloads. This enables
+    # you to automatically reroute traffic within a VPC, which increases the
     # manageability of VPC routing and interoperability with third-party
     # workloads.
     #
     # Route server supports the follow route table types:
     #
-    # * VPC route tables
+    # * VPC route tables not associated with subnets
     #
     # * Subnet route tables
     #
@@ -64626,8 +64731,7 @@ module Aws::EC2
     # Describes the association between a route server and a VPC.
     #
     # A route server association is the connection established between a
-    # route server and a VPC. This is a fundamental configuration step that
-    # enables the route server to work with appliances in your VPC.
+    # route server and a VPC.
     #
     # @!attribute [rw] route_server_id
     #   The ID of the associated route server.
@@ -64761,9 +64865,12 @@ module Aws::EC2
     # Describes a route server endpoint and its properties.
     #
     # A route server endpoint is an Amazon Web Services-managed component
-    # inside a subnet that facilitates BGP (Border Gateway Protocol)
-    # connections between your route server and your BGP peers. Create two
-    # endpoints per subnet for redundancy.
+    # inside a subnet that facilitates [BGP (Border Gateway Protocol)][1]
+    # connections between your route server and your BGP peers.
+    #
+    #
+    #
+    # [1]: https://en.wikipedia.org/wiki/Border_Gateway_Protocol
     #
     # @!attribute [rw] route_server_id
     #   The ID of the route server associated with this endpoint.
@@ -64819,9 +64926,10 @@ module Aws::EC2
 
     # Describes a BGP peer configuration for a route server endpoint.
     #
-    # A route server peer is a network appliance or function deployed in
-    # Amazon Web Services, such as firewall appliances and other network
-    # security functions, that meet these requirements:
+    # A route server peer is a session between a route server endpoint and
+    # the device deployed in Amazon Web Services (such as a firewall
+    # appliance or other network security function running on an EC2
+    # instance). The device must meet these requirements:
     #
     # * Have an elastic network interface in the VPC
     #
@@ -64868,7 +64976,7 @@ module Aws::EC2
     #   @return [String]
     #
     # @!attribute [rw] peer_address
-    #   The IPv4 address of the peer.
+    #   The IPv4 address of the peer device.
     #   @return [String]
     #
     # @!attribute [rw] bgp_options
@@ -64969,8 +65077,8 @@ module Aws::EC2
     #   The [Forwarding Information Base (FIB)][2] serves as a forwarding
     #   table for what route server has determined are the best-path routes
     #   in the RIB after evaluating all available routing information and
-    #   policies. The FIB routes that are installed on the route tables. The
-    #   FIB is recomputed whenever there are changes to the RIB.
+    #   policies. The FIB routes are installed on the route tables. The FIB
+    #   is recomputed whenever there are changes to the RIB.
     #
     #
     #
@@ -71692,7 +71800,10 @@ module Aws::EC2
     #
     # @!attribute [rw] default_route_table_association
     #   Indicates whether resource attachments are automatically associated
-    #   with the default association route table.
+    #   with the default association route table. Enabled by default. If
+    #   `defaultRouteTableAssociation` is set to `enable`, Amazon Web
+    #   Services Transit Gateway will create the default transit gateway
+    #   route table.
     #   @return [String]
     #
     # @!attribute [rw] association_default_route_table_id
@@ -71701,7 +71812,10 @@ module Aws::EC2
     #
     # @!attribute [rw] default_route_table_propagation
     #   Indicates whether resource attachments automatically propagate
-    #   routes to the default propagation route table.
+    #   routes to the default propagation route table. Enabled by default.
+    #   If `defaultRouteTablePropagation` is set to `enable`, Amazon Web
+    #   Services Transit Gateway will create the default transit gateway
+    #   route table.
     #   @return [String]
     #
     # @!attribute [rw] propagation_default_route_table_id

data/lib/aws-sdk-ec2.rb

@@ -78,7 +78,7 @@ module Aws::EC2
   autoload :VpcPeeringConnection, 'aws-sdk-ec2/vpc_peering_connection'
   autoload :VpcAddress, 'aws-sdk-ec2/vpc_address'
 
-  GEM_VERSION = '1.514.0'
+  GEM_VERSION = '1.516.0'
 
 end
 

data/sig/classic_address.rbs

@@ -54,7 +54,7 @@ module Aws
       def carrier_ip: () -> ::String
 
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/EC2/ClassicAddress.html#service_managed-instance_method
-      def service_managed: () -> ("alb" | "nlb")
+      def service_managed: () -> ("alb" | "nlb" | "rnat")
 
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/EC2/ClassicAddress.html#instance_id-instance_method
       def instance_id: () -> ::String

data/sig/client.rbs

@@ -1273,6 +1273,9 @@ module Aws
                                           enabled: bool?,
                                           banner_text: ::String?
                                         },
+                                        ?client_route_enforcement_options: {
+                                          enforced: bool?
+                                        },
                                         ?disconnect_on_session_timeout: bool
                                       ) -> _CreateClientVpnEndpointResponseSuccess
                                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateClientVpnEndpointResponseSuccess
@@ -10594,6 +10597,9 @@ module Aws
                                           enabled: bool?,
                                           banner_text: ::String?
                                         },
+                                        ?client_route_enforcement_options: {
+                                          enforced: bool?
+                                        },
                                         ?disconnect_on_session_timeout: bool
                                       ) -> _ModifyClientVpnEndpointResponseSuccess
                                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ModifyClientVpnEndpointResponseSuccess

data/sig/types.rbs

@@ -215,7 +215,7 @@ module Aws::EC2
       attr_accessor customer_owned_ip: ::String
       attr_accessor customer_owned_ipv_4_pool: ::String
       attr_accessor carrier_ip: ::String
-      attr_accessor service_managed: ("alb" | "nlb")
+      attr_accessor service_managed: ("alb" | "nlb" | "rnat")
       attr_accessor instance_id: ::String
       attr_accessor public_ip: ::String
       SENSITIVE: []
@@ -1458,6 +1458,16 @@ module Aws::EC2
       SENSITIVE: []
     end
 
+    class ClientRouteEnforcementOptions
+      attr_accessor enforced: bool
+      SENSITIVE: []
+    end
+
+    class ClientRouteEnforcementResponseOptions
+      attr_accessor enforced: bool
+      SENSITIVE: []
+    end
+
     class ClientVpnAuthentication
       attr_accessor type: ("certificate-authentication" | "directory-service-authentication" | "federated-authentication")
       attr_accessor active_directory: Types::DirectoryServiceAuthentication
@@ -1528,6 +1538,7 @@ module Aws::EC2
       attr_accessor client_connect_options: Types::ClientConnectResponseOptions
       attr_accessor session_timeout_hours: ::Integer
       attr_accessor client_login_banner_options: Types::ClientLoginBannerResponseOptions
+      attr_accessor client_route_enforcement_options: Types::ClientRouteEnforcementResponseOptions
       attr_accessor disconnect_on_session_timeout: bool
       SENSITIVE: []
     end
@@ -1862,6 +1873,7 @@ module Aws::EC2
       attr_accessor client_connect_options: Types::ClientConnectOptions
       attr_accessor session_timeout_hours: ::Integer
       attr_accessor client_login_banner_options: Types::ClientLoginBannerOptions
+      attr_accessor client_route_enforcement_options: Types::ClientRouteEnforcementOptions
       attr_accessor disconnect_on_session_timeout: bool
       SENSITIVE: []
     end
@@ -11264,6 +11276,7 @@ module Aws::EC2
       attr_accessor client_connect_options: Types::ClientConnectOptions
       attr_accessor session_timeout_hours: ::Integer
       attr_accessor client_login_banner_options: Types::ClientLoginBannerOptions
+      attr_accessor client_route_enforcement_options: Types::ClientRouteEnforcementOptions
       attr_accessor disconnect_on_session_timeout: bool
       SENSITIVE: []
     end

data/sig/vpc_address.rbs

@@ -51,7 +51,7 @@ module Aws
       def carrier_ip: () -> ::String
 
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/EC2/VpcAddress.html#service_managed-instance_method
-      def service_managed: () -> ("alb" | "nlb")
+      def service_managed: () -> ("alb" | "nlb" | "rnat")
 
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/EC2/VpcAddress.html#instance_id-instance_method
       def instance_id: () -> ::String

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-ec2
 version: !ruby/object:Gem::Version
-  version: 1.514.0
+  version: 1.516.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2025-03-31 00:00:00.000000000 Z
+date: 2025-04-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core