aws-sdk-ec2 1.527.0 → 1.528.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '05439bc2bd50c0089a9f2cd919c71c361443d70c045c6a99c52583313f65841a'
-  data.tar.gz: b26d8d235f51eea095e5af4d2680e6a9d23302d565c20d0bced717b8081fc315
+  metadata.gz: 5c318060a48f6e9ca23cc77f530c70e75bbdc61b10ed6c481b7d612108863a89
+  data.tar.gz: 85047b832e087aa94dc4ab1e271a374aaf148be440a48e3104431d870685d99e
 SHA512:
-  metadata.gz: 244028c31943d17da3c508a6f834b3cdf8ad2fc183d3c0bb78193c9cfdf1ae0f0ca3ebf69aade909d3172c0dac8692a2e50e73f5958f388791cfa21e709aaec3
-  data.tar.gz: 8adabcc5352bf8500c427372f094d7ec403d48d62308428d04de50dc34a950e5e5184df90f9f1240da4c8796ea6f155e2c1095a150cb59e18465e2e01e90410a
+  metadata.gz: 1ca671955ec3fedc23bf3fbe4d6b9c094cf5ba88d45739ad69da55f21c86557dbbcc02d6caf756a000777b282374f5968a3eb1563ad43a6080778fab22cd4591
+  data.tar.gz: 9331803d609362fa168288f11854e6f374ad1eaf15ec1e8f9382d6b2e6853fdf46d537d491339b8593d0ad22b6ed7b971ba64ea25b447bb3a660050fb735c75a

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.528.0 (2025-05-27)
+------------------
+
+* Feature - This release adds three features - option to store AWS Site-to-Site VPN pre-shared keys in AWS Secrets Manager, GetActiveVpnTunnelStatus API to check the in-use VPN algorithms, and SampleType option in GetVpnConnectionDeviceSampleConfiguration API to get recommended sample configs for VPN devices.
+
 1.527.0 (2025-05-23)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.527.0
+1.528.0

data/lib/aws-sdk-ec2/client.rb

@@ -17159,6 +17159,11 @@ module Aws::EC2
     # @option params [Array<Types::TagSpecification>] :tag_specifications
     #   The tags to apply to the VPN connection.
     #
+    # @option params [String] :pre_shared_key_storage
+    #   Specifies the storage mode for the pre-shared key (PSK). Valid values
+    #   are `Standard`" (stored in the Site-to-Site VPN service) or
+    #   `SecretsManager` (stored in Amazon Web Services Secrets Manager).
+    #
     # @option params [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -17190,6 +17195,7 @@ module Aws::EC2
     #         ],
     #       },
     #     ],
+    #     pre_shared_key_storage: "String",
     #     dry_run: false,
     #     options: {
     #       enable_acceleration: false,
@@ -17323,6 +17329,7 @@ module Aws::EC2
     #   resp.vpn_connection.vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connection.vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connection.vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connection.pre_shared_key_arn #=> String
     #   resp.vpn_connection.vpn_connection_id #=> String
     #   resp.vpn_connection.state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connection.customer_gateway_configuration #=> String
@@ -42160,6 +42167,7 @@ module Aws::EC2
     #   resp.vpn_connections[0].vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connections[0].vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connections[0].vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connections[0].pre_shared_key_arn #=> String
     #   resp.vpn_connections[0].vpn_connection_id #=> String
     #   resp.vpn_connections[0].state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connections[0].customer_gateway_configuration #=> String
@@ -45876,6 +45884,55 @@ module Aws::EC2
       req.send_request(options)
     end
 
+    # Returns the currently negotiated security parameters for an active VPN
+    # tunnel, including IKE version, DH groups, encryption algorithms, and
+    # integrity algorithms.
+    #
+    # @option params [required, String] :vpn_connection_id
+    #   The ID of the VPN connection for which to retrieve the active tunnel
+    #   status.
+    #
+    # @option params [required, String] :vpn_tunnel_outside_ip_address
+    #   The external IP address of the VPN tunnel for which to retrieve the
+    #   active status.
+    #
+    # @option params [Boolean] :dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request.
+    #
+    # @return [Types::GetActiveVpnTunnelStatusResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetActiveVpnTunnelStatusResult#active_vpn_tunnel_status #active_vpn_tunnel_status} => Types::ActiveVpnTunnelStatus
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_active_vpn_tunnel_status({
+    #     vpn_connection_id: "VpnConnectionId", # required
+    #     vpn_tunnel_outside_ip_address: "String", # required
+    #     dry_run: false,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.active_vpn_tunnel_status.phase_1_encryption_algorithm #=> String
+    #   resp.active_vpn_tunnel_status.phase_2_encryption_algorithm #=> String
+    #   resp.active_vpn_tunnel_status.phase_1_integrity_algorithm #=> String
+    #   resp.active_vpn_tunnel_status.phase_2_integrity_algorithm #=> String
+    #   resp.active_vpn_tunnel_status.phase_1_dh_group #=> Integer
+    #   resp.active_vpn_tunnel_status.phase_2_dh_group #=> Integer
+    #   resp.active_vpn_tunnel_status.ike_version #=> String
+    #   resp.active_vpn_tunnel_status.provisioning_status #=> String, one of "available", "pending", "failed"
+    #   resp.active_vpn_tunnel_status.provisioning_status_reason #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetActiveVpnTunnelStatus AWS API Documentation
+    #
+    # @overload get_active_vpn_tunnel_status(params = {})
+    # @param [Hash] params ({})
+    def get_active_vpn_tunnel_status(params = {}, options = {})
+      req = build_request(:get_active_vpn_tunnel_status, params)
+      req.send_request(options)
+    end
+
     # Gets the current state of the Allowed AMIs setting and the list of
     # Allowed AMIs criteria at the account level in the specified Region.
     #
@@ -49990,6 +50047,11 @@ module Aws::EC2
     #   customer gateway device. You can specify one of the following
     #   versions: `ikev1` or `ikev2`.
     #
+    # @option params [String] :sample_type
+    #   The type of sample configuration to generate. Valid values are
+    #   "compatibility" (includes IKEv1) or "recommended" (throws
+    #   UnsupportedOperationException for IKEv1).
+    #
     # @option params [Boolean] :dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -50006,6 +50068,7 @@ module Aws::EC2
     #     vpn_connection_id: "VpnConnectionId", # required
     #     vpn_connection_device_type_id: "VpnConnectionDeviceTypeId", # required
     #     internet_key_exchange_version: "String",
+    #     sample_type: "String",
     #     dry_run: false,
     #   })
     #
@@ -57453,6 +57516,7 @@ module Aws::EC2
     #   resp.vpn_connection.vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connection.vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connection.vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connection.pre_shared_key_arn #=> String
     #   resp.vpn_connection.vpn_connection_id #=> String
     #   resp.vpn_connection.state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connection.customer_gateway_configuration #=> String
@@ -57583,6 +57647,7 @@ module Aws::EC2
     #   resp.vpn_connection.vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connection.vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connection.vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connection.pre_shared_key_arn #=> String
     #   resp.vpn_connection.vpn_connection_id #=> String
     #   resp.vpn_connection.state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connection.customer_gateway_configuration #=> String
@@ -57686,6 +57751,7 @@ module Aws::EC2
     #   resp.vpn_connection.vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connection.vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connection.vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connection.pre_shared_key_arn #=> String
     #   resp.vpn_connection.vpn_connection_id #=> String
     #   resp.vpn_connection.state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connection.customer_gateway_configuration #=> String
@@ -57734,6 +57800,11 @@ module Aws::EC2
     #
     #   Valid values: `True` \| `False`
     #
+    # @option params [String] :pre_shared_key_storage
+    #   Specifies the storage mode for the pre-shared key (PSK). Valid values
+    #   are `Standard` (stored in Site-to-Site VPN service) or
+    #   `SecretsManager` (stored in Amazon Web Services Secrets Manager).
+    #
     # @return [Types::ModifyVpnTunnelOptionsResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ModifyVpnTunnelOptionsResult#vpn_connection #vpn_connection} => Types::VpnConnection
@@ -57801,6 +57872,7 @@ module Aws::EC2
     #     },
     #     dry_run: false,
     #     skip_tunnel_replacement: false,
+    #     pre_shared_key_storage: "String",
     #   })
     #
     # @example Response structure
@@ -57864,6 +57936,7 @@ module Aws::EC2
     #   resp.vpn_connection.vgw_telemetry[0].status #=> String, one of "UP", "DOWN"
     #   resp.vpn_connection.vgw_telemetry[0].status_message #=> String
     #   resp.vpn_connection.vgw_telemetry[0].certificate_arn #=> String
+    #   resp.vpn_connection.pre_shared_key_arn #=> String
     #   resp.vpn_connection.vpn_connection_id #=> String
     #   resp.vpn_connection.state #=> String, one of "pending", "available", "deleting", "deleted"
     #   resp.vpn_connection.customer_gateway_configuration #=> String
@@ -65975,7 +66048,7 @@ module Aws::EC2
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-ec2'
-      context[:gem_version] = '1.527.0'
+      context[:gem_version] = '1.528.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-ec2/client_api.rb

@@ -55,6 +55,7 @@ module Aws::EC2
     AccountID = Shapes::StringShape.new(name: 'AccountID')
     ActiveInstance = Shapes::StructureShape.new(name: 'ActiveInstance')
     ActiveInstanceSet = Shapes::ListShape.new(name: 'ActiveInstanceSet')
+    ActiveVpnTunnelStatus = Shapes::StructureShape.new(name: 'ActiveVpnTunnelStatus')
     ActivityStatus = Shapes::StringShape.new(name: 'ActivityStatus')
     AddIpamOperatingRegion = Shapes::StructureShape.new(name: 'AddIpamOperatingRegion')
     AddIpamOperatingRegionSet = Shapes::ListShape.new(name: 'AddIpamOperatingRegionSet')
@@ -1599,6 +1600,8 @@ module Aws::EC2
     GVCDMaxResults = Shapes::IntegerShape.new(name: 'GVCDMaxResults')
     GatewayAssociationState = Shapes::StringShape.new(name: 'GatewayAssociationState')
     GatewayType = Shapes::StringShape.new(name: 'GatewayType')
+    GetActiveVpnTunnelStatusRequest = Shapes::StructureShape.new(name: 'GetActiveVpnTunnelStatusRequest')
+    GetActiveVpnTunnelStatusResult = Shapes::StructureShape.new(name: 'GetActiveVpnTunnelStatusResult')
     GetAllowedImagesSettingsRequest = Shapes::StructureShape.new(name: 'GetAllowedImagesSettingsRequest')
     GetAllowedImagesSettingsResult = Shapes::StructureShape.new(name: 'GetAllowedImagesSettingsResult')
     GetAssociatedEnclaveCertificateIamRolesRequest = Shapes::StructureShape.new(name: 'GetAssociatedEnclaveCertificateIamRolesRequest')
@@ -3542,6 +3545,7 @@ module Aws::EC2
     VpnTunnelLogOptionsSpecification = Shapes::StructureShape.new(name: 'VpnTunnelLogOptionsSpecification')
     VpnTunnelOptionsSpecification = Shapes::StructureShape.new(name: 'VpnTunnelOptionsSpecification')
     VpnTunnelOptionsSpecificationsList = Shapes::ListShape.new(name: 'VpnTunnelOptionsSpecificationsList')
+    VpnTunnelProvisioningStatus = Shapes::StringShape.new(name: 'VpnTunnelProvisioningStatus')
     WeekDay = Shapes::StringShape.new(name: 'WeekDay')
     WithdrawByoipCidrRequest = Shapes::StructureShape.new(name: 'WithdrawByoipCidrRequest')
     WithdrawByoipCidrResult = Shapes::StructureShape.new(name: 'WithdrawByoipCidrResult')
@@ -3682,6 +3686,17 @@ module Aws::EC2
 
     ActiveInstanceSet.member = Shapes::ShapeRef.new(shape: ActiveInstance, location_name: "item")
 
+    ActiveVpnTunnelStatus.add_member(:phase_1_encryption_algorithm, Shapes::ShapeRef.new(shape: String, location_name: "phase1EncryptionAlgorithm"))
+    ActiveVpnTunnelStatus.add_member(:phase_2_encryption_algorithm, Shapes::ShapeRef.new(shape: String, location_name: "phase2EncryptionAlgorithm"))
+    ActiveVpnTunnelStatus.add_member(:phase_1_integrity_algorithm, Shapes::ShapeRef.new(shape: String, location_name: "phase1IntegrityAlgorithm"))
+    ActiveVpnTunnelStatus.add_member(:phase_2_integrity_algorithm, Shapes::ShapeRef.new(shape: String, location_name: "phase2IntegrityAlgorithm"))
+    ActiveVpnTunnelStatus.add_member(:phase_1_dh_group, Shapes::ShapeRef.new(shape: Integer, location_name: "phase1DHGroup"))
+    ActiveVpnTunnelStatus.add_member(:phase_2_dh_group, Shapes::ShapeRef.new(shape: Integer, location_name: "phase2DHGroup"))
+    ActiveVpnTunnelStatus.add_member(:ike_version, Shapes::ShapeRef.new(shape: String, location_name: "ikeVersion"))
+    ActiveVpnTunnelStatus.add_member(:provisioning_status, Shapes::ShapeRef.new(shape: VpnTunnelProvisioningStatus, location_name: "provisioningStatus"))
+    ActiveVpnTunnelStatus.add_member(:provisioning_status_reason, Shapes::ShapeRef.new(shape: String, location_name: "provisioningStatusReason"))
+    ActiveVpnTunnelStatus.struct_class = Types::ActiveVpnTunnelStatus
+
     AddIpamOperatingRegion.add_member(:region_name, Shapes::ShapeRef.new(shape: String, location_name: "RegionName"))
     AddIpamOperatingRegion.struct_class = Types::AddIpamOperatingRegion
 
@@ -6225,6 +6240,7 @@ module Aws::EC2
     CreateVpnConnectionRequest.add_member(:vpn_gateway_id, Shapes::ShapeRef.new(shape: VpnGatewayId, location_name: "VpnGatewayId"))
     CreateVpnConnectionRequest.add_member(:transit_gateway_id, Shapes::ShapeRef.new(shape: TransitGatewayId, location_name: "TransitGatewayId"))
     CreateVpnConnectionRequest.add_member(:tag_specifications, Shapes::ShapeRef.new(shape: TagSpecificationList, location_name: "TagSpecification"))
+    CreateVpnConnectionRequest.add_member(:pre_shared_key_storage, Shapes::ShapeRef.new(shape: String, location_name: "PreSharedKeyStorage"))
     CreateVpnConnectionRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "dryRun"))
     CreateVpnConnectionRequest.add_member(:options, Shapes::ShapeRef.new(shape: VpnConnectionOptionsSpecification, location_name: "options"))
     CreateVpnConnectionRequest.struct_class = Types::CreateVpnConnectionRequest
@@ -10011,6 +10027,14 @@ module Aws::EC2
     FpgaInfo.add_member(:total_fpga_memory_in_mi_b, Shapes::ShapeRef.new(shape: totalFpgaMemory, location_name: "totalFpgaMemoryInMiB"))
     FpgaInfo.struct_class = Types::FpgaInfo
 
+    GetActiveVpnTunnelStatusRequest.add_member(:vpn_connection_id, Shapes::ShapeRef.new(shape: VpnConnectionId, required: true, location_name: "VpnConnectionId"))
+    GetActiveVpnTunnelStatusRequest.add_member(:vpn_tunnel_outside_ip_address, Shapes::ShapeRef.new(shape: String, required: true, location_name: "VpnTunnelOutsideIpAddress"))
+    GetActiveVpnTunnelStatusRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
+    GetActiveVpnTunnelStatusRequest.struct_class = Types::GetActiveVpnTunnelStatusRequest
+
+    GetActiveVpnTunnelStatusResult.add_member(:active_vpn_tunnel_status, Shapes::ShapeRef.new(shape: ActiveVpnTunnelStatus, location_name: "activeVpnTunnelStatus"))
+    GetActiveVpnTunnelStatusResult.struct_class = Types::GetActiveVpnTunnelStatusResult
+
     GetAllowedImagesSettingsRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
     GetAllowedImagesSettingsRequest.struct_class = Types::GetAllowedImagesSettingsRequest
 
@@ -10550,6 +10574,7 @@ module Aws::EC2
     GetVpnConnectionDeviceSampleConfigurationRequest.add_member(:vpn_connection_id, Shapes::ShapeRef.new(shape: VpnConnectionId, required: true, location_name: "VpnConnectionId"))
     GetVpnConnectionDeviceSampleConfigurationRequest.add_member(:vpn_connection_device_type_id, Shapes::ShapeRef.new(shape: VpnConnectionDeviceTypeId, required: true, location_name: "VpnConnectionDeviceTypeId"))
     GetVpnConnectionDeviceSampleConfigurationRequest.add_member(:internet_key_exchange_version, Shapes::ShapeRef.new(shape: String, location_name: "InternetKeyExchangeVersion"))
+    GetVpnConnectionDeviceSampleConfigurationRequest.add_member(:sample_type, Shapes::ShapeRef.new(shape: String, location_name: "SampleType"))
     GetVpnConnectionDeviceSampleConfigurationRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
     GetVpnConnectionDeviceSampleConfigurationRequest.struct_class = Types::GetVpnConnectionDeviceSampleConfigurationRequest
 
@@ -13427,6 +13452,7 @@ module Aws::EC2
     ModifyVpnTunnelOptionsRequest.add_member(:tunnel_options, Shapes::ShapeRef.new(shape: ModifyVpnTunnelOptionsSpecification, required: true, location_name: "TunnelOptions"))
     ModifyVpnTunnelOptionsRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
     ModifyVpnTunnelOptionsRequest.add_member(:skip_tunnel_replacement, Shapes::ShapeRef.new(shape: Boolean, location_name: "SkipTunnelReplacement"))
+    ModifyVpnTunnelOptionsRequest.add_member(:pre_shared_key_storage, Shapes::ShapeRef.new(shape: String, location_name: "PreSharedKeyStorage"))
     ModifyVpnTunnelOptionsRequest.struct_class = Types::ModifyVpnTunnelOptionsRequest
 
     ModifyVpnTunnelOptionsResult.add_member(:vpn_connection, Shapes::ShapeRef.new(shape: VpnConnection, location_name: "vpnConnection"))
@@ -17378,6 +17404,7 @@ module Aws::EC2
     VpnConnection.add_member(:routes, Shapes::ShapeRef.new(shape: VpnStaticRouteList, location_name: "routes"))
     VpnConnection.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tagSet"))
     VpnConnection.add_member(:vgw_telemetry, Shapes::ShapeRef.new(shape: VgwTelemetryList, location_name: "vgwTelemetry"))
+    VpnConnection.add_member(:pre_shared_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "preSharedKeyArn"))
     VpnConnection.add_member(:vpn_connection_id, Shapes::ShapeRef.new(shape: String, location_name: "vpnConnectionId"))
     VpnConnection.add_member(:state, Shapes::ShapeRef.new(shape: VpnState, location_name: "state"))
     VpnConnection.add_member(:customer_gateway_configuration, Shapes::ShapeRef.new(shape: customerGatewayConfiguration, location_name: "customerGatewayConfiguration"))
@@ -22042,6 +22069,14 @@ module Aws::EC2
         o.output = Shapes::ShapeRef.new(shape: ExportVerifiedAccessInstanceClientConfigurationResult)
       end)
 
+      api.add_operation(:get_active_vpn_tunnel_status, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetActiveVpnTunnelStatus"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: GetActiveVpnTunnelStatusRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetActiveVpnTunnelStatusResult)
+      end)
+
       api.add_operation(:get_allowed_images_settings, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetAllowedImagesSettings"
         o.http_method = "POST"

data/lib/aws-sdk-ec2/types.rb

@@ -535,6 +535,63 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # Contains information about the current security configuration of an
+    # active VPN tunnel.
+    #
+    # @!attribute [rw] phase_1_encryption_algorithm
+    #   The encryption algorithm negotiated in Phase 1 IKE negotiations.
+    #   @return [String]
+    #
+    # @!attribute [rw] phase_2_encryption_algorithm
+    #   The encryption algorithm negotiated in Phase 2 IKE negotiations.
+    #   @return [String]
+    #
+    # @!attribute [rw] phase_1_integrity_algorithm
+    #   The integrity algorithm negotiated in Phase 1 IKE negotiations.
+    #   @return [String]
+    #
+    # @!attribute [rw] phase_2_integrity_algorithm
+    #   The integrity algorithm negotiated in Phase 2 IKE negotiations.
+    #   @return [String]
+    #
+    # @!attribute [rw] phase_1_dh_group
+    #   The Diffie-Hellman group number being used in Phase 1 IKE
+    #   negotiations.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] phase_2_dh_group
+    #   The Diffie-Hellman group number being used in Phase 2 IKE
+    #   negotiations.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] ike_version
+    #   The version of the Internet Key Exchange (IKE) protocol being used.
+    #   @return [String]
+    #
+    # @!attribute [rw] provisioning_status
+    #   The current provisioning status of the VPN tunnel.
+    #   @return [String]
+    #
+    # @!attribute [rw] provisioning_status_reason
+    #   The reason for the current provisioning status.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ActiveVpnTunnelStatus AWS API Documentation
+    #
+    class ActiveVpnTunnelStatus < Struct.new(
+      :phase_1_encryption_algorithm,
+      :phase_2_encryption_algorithm,
+      :phase_1_integrity_algorithm,
+      :phase_2_integrity_algorithm,
+      :phase_1_dh_group,
+      :phase_2_dh_group,
+      :ike_version,
+      :provisioning_status,
+      :provisioning_status_reason)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Add an operating Region to an IPAM. Operating Regions are Amazon Web
     # Services Regions where the IPAM is allowed to manage IP address CIDRs.
     # IPAM only discovers and monitors resources in the Amazon Web Services
@@ -15207,6 +15264,12 @@ module Aws::EC2
     #   The tags to apply to the VPN connection.
     #   @return [Array<Types::TagSpecification>]
     #
+    # @!attribute [rw] pre_shared_key_storage
+    #   Specifies the storage mode for the pre-shared key (PSK). Valid
+    #   values are `Standard`" (stored in the Site-to-Site VPN service) or
+    #   `SecretsManager` (stored in Amazon Web Services Secrets Manager).
+    #   @return [String]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -15226,6 +15289,7 @@ module Aws::EC2
       :vpn_gateway_id,
       :transit_gateway_id,
       :tag_specifications,
+      :pre_shared_key_storage,
       :dry_run,
       :options)
       SENSITIVE = []
@@ -38419,6 +38483,44 @@ module Aws::EC2
       include Aws::Structure
     end
 
+    # @!attribute [rw] vpn_connection_id
+    #   The ID of the VPN connection for which to retrieve the active tunnel
+    #   status.
+    #   @return [String]
+    #
+    # @!attribute [rw] vpn_tunnel_outside_ip_address
+    #   The external IP address of the VPN tunnel for which to retrieve the
+    #   active status.
+    #   @return [String]
+    #
+    # @!attribute [rw] dry_run
+    #   Checks whether you have the required permissions for the action,
+    #   without actually making the request.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetActiveVpnTunnelStatusRequest AWS API Documentation
+    #
+    class GetActiveVpnTunnelStatusRequest < Struct.new(
+      :vpn_connection_id,
+      :vpn_tunnel_outside_ip_address,
+      :dry_run)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] active_vpn_tunnel_status
+    #   Information about the current security configuration of the VPN
+    #   tunnel.
+    #   @return [Types::ActiveVpnTunnelStatus]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetActiveVpnTunnelStatusResult AWS API Documentation
+    #
+    class GetActiveVpnTunnelStatusResult < Struct.new(
+      :active_vpn_tunnel_status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -41357,6 +41459,12 @@ module Aws::EC2
     #   versions: `ikev1` or `ikev2`.
     #   @return [String]
     #
+    # @!attribute [rw] sample_type
+    #   The type of sample configuration to generate. Valid values are
+    #   "compatibility" (includes IKEv1) or "recommended" (throws
+    #   UnsupportedOperationException for IKEv1).
+    #   @return [String]
+    #
     # @!attribute [rw] dry_run
     #   Checks whether you have the required permissions for the action,
     #   without actually making the request, and provides an error response.
@@ -41370,6 +41478,7 @@ module Aws::EC2
       :vpn_connection_id,
       :vpn_connection_device_type_id,
       :internet_key_exchange_version,
+      :sample_type,
       :dry_run)
       SENSITIVE = []
       include Aws::Structure
@@ -57677,6 +57786,12 @@ module Aws::EC2
     #   Valid values: `True` \| `False`
     #   @return [Boolean]
     #
+    # @!attribute [rw] pre_shared_key_storage
+    #   Specifies the storage mode for the pre-shared key (PSK). Valid
+    #   values are `Standard` (stored in Site-to-Site VPN service) or
+    #   `SecretsManager` (stored in Amazon Web Services Secrets Manager).
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyVpnTunnelOptionsRequest AWS API Documentation
     #
     class ModifyVpnTunnelOptionsRequest < Struct.new(
@@ -57684,7 +57799,8 @@ module Aws::EC2
       :vpn_tunnel_outside_ip_address,
       :tunnel_options,
       :dry_run,
-      :skip_tunnel_replacement)
+      :skip_tunnel_replacement,
+      :pre_shared_key_storage)
       SENSITIVE = [:tunnel_options]
       include Aws::Structure
     end
@@ -77313,6 +77429,11 @@ module Aws::EC2
     #   Information about the VPN tunnel.
     #   @return [Array<Types::VgwTelemetry>]
     #
+    # @!attribute [rw] pre_shared_key_arn
+    #   The Amazon Resource Name (ARN) of the Secrets Manager secret storing
+    #   the pre-shared key(s) for the VPN connection.
+    #   @return [String]
+    #
     # @!attribute [rw] vpn_connection_id
     #   The ID of the VPN connection.
     #   @return [String]
@@ -77354,6 +77475,7 @@ module Aws::EC2
       :routes,
       :tags,
       :vgw_telemetry,
+      :pre_shared_key_arn,
       :vpn_connection_id,
       :state,
       :customer_gateway_configuration,

data/lib/aws-sdk-ec2.rb

@@ -78,7 +78,7 @@ module Aws::EC2
   autoload :VpcPeeringConnection, 'aws-sdk-ec2/vpc_peering_connection'
   autoload :VpcAddress, 'aws-sdk-ec2/vpc_address'
 
-  GEM_VERSION = '1.527.0'
+  GEM_VERSION = '1.528.0'
 
 end
 

data/sig/client.rbs

@@ -4341,6 +4341,7 @@ module Aws
                                        ]?
                                      },
                                    ],
+                                   ?pre_shared_key_storage: ::String,
                                    ?dry_run: bool,
                                    ?options: {
                                      enable_acceleration: bool?,
@@ -9416,6 +9417,18 @@ module Aws
                                                                 ) -> _ExportVerifiedAccessInstanceClientConfigurationResponseSuccess
                                                               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ExportVerifiedAccessInstanceClientConfigurationResponseSuccess
 
+      interface _GetActiveVpnTunnelStatusResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetActiveVpnTunnelStatusResult]
+        def active_vpn_tunnel_status: () -> Types::ActiveVpnTunnelStatus
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/EC2/Client.html#get_active_vpn_tunnel_status-instance_method
+      def get_active_vpn_tunnel_status: (
+                                          vpn_connection_id: ::String,
+                                          vpn_tunnel_outside_ip_address: ::String,
+                                          ?dry_run: bool
+                                        ) -> _GetActiveVpnTunnelStatusResponseSuccess
+                                      | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetActiveVpnTunnelStatusResponseSuccess
+
       interface _GetAllowedImagesSettingsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetAllowedImagesSettingsResult]
         def state: () -> ::String
@@ -10406,6 +10419,7 @@ module Aws
                                                             vpn_connection_id: ::String,
                                                             vpn_connection_device_type_id: ::String,
                                                             ?internet_key_exchange_version: ::String,
+                                                            ?sample_type: ::String,
                                                             ?dry_run: bool
                                                           ) -> _GetVpnConnectionDeviceSampleConfigurationResponseSuccess
                                                         | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetVpnConnectionDeviceSampleConfigurationResponseSuccess
@@ -12311,7 +12325,8 @@ module Aws
                                          enable_tunnel_lifecycle_control: bool?
                                        },
                                        ?dry_run: bool,
-                                       ?skip_tunnel_replacement: bool
+                                       ?skip_tunnel_replacement: bool,
+                                       ?pre_shared_key_storage: ::String
                                      ) -> _ModifyVpnTunnelOptionsResponseSuccess
                                    | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ModifyVpnTunnelOptionsResponseSuccess
 

data/sig/types.rbs

@@ -166,6 +166,19 @@ module Aws::EC2
       SENSITIVE: []
     end
 
+    class ActiveVpnTunnelStatus
+      attr_accessor phase_1_encryption_algorithm: ::String
+      attr_accessor phase_2_encryption_algorithm: ::String
+      attr_accessor phase_1_integrity_algorithm: ::String
+      attr_accessor phase_2_integrity_algorithm: ::String
+      attr_accessor phase_1_dh_group: ::Integer
+      attr_accessor phase_2_dh_group: ::Integer
+      attr_accessor ike_version: ::String
+      attr_accessor provisioning_status: ("available" | "pending" | "failed")
+      attr_accessor provisioning_status_reason: ::String
+      SENSITIVE: []
+    end
+
     class AddIpamOperatingRegion
       attr_accessor region_name: ::String
       SENSITIVE: []
@@ -3348,6 +3361,7 @@ module Aws::EC2
       attr_accessor vpn_gateway_id: ::String
       attr_accessor transit_gateway_id: ::String
       attr_accessor tag_specifications: ::Array[Types::TagSpecification]
+      attr_accessor pre_shared_key_storage: ::String
       attr_accessor dry_run: bool
       attr_accessor options: Types::VpnConnectionOptionsSpecification
       SENSITIVE: []
@@ -8444,6 +8458,18 @@ module Aws::EC2
       SENSITIVE: []
     end
 
+    class GetActiveVpnTunnelStatusRequest
+      attr_accessor vpn_connection_id: ::String
+      attr_accessor vpn_tunnel_outside_ip_address: ::String
+      attr_accessor dry_run: bool
+      SENSITIVE: []
+    end
+
+    class GetActiveVpnTunnelStatusResult
+      attr_accessor active_vpn_tunnel_status: Types::ActiveVpnTunnelStatus
+      SENSITIVE: []
+    end
+
     class GetAllowedImagesSettingsRequest
       attr_accessor dry_run: bool
       SENSITIVE: []
@@ -9192,6 +9218,7 @@ module Aws::EC2
       attr_accessor vpn_connection_id: ::String
       attr_accessor vpn_connection_device_type_id: ::String
       attr_accessor internet_key_exchange_version: ::String
+      attr_accessor sample_type: ::String
       attr_accessor dry_run: bool
       SENSITIVE: []
     end
@@ -12499,6 +12526,7 @@ module Aws::EC2
       attr_accessor tunnel_options: Types::ModifyVpnTunnelOptionsSpecification
       attr_accessor dry_run: bool
       attr_accessor skip_tunnel_replacement: bool
+      attr_accessor pre_shared_key_storage: ::String
       SENSITIVE: [:tunnel_options]
     end
 
@@ -16816,6 +16844,7 @@ module Aws::EC2
       attr_accessor routes: ::Array[Types::VpnStaticRoute]
       attr_accessor tags: ::Array[Types::Tag]
       attr_accessor vgw_telemetry: ::Array[Types::VgwTelemetry]
+      attr_accessor pre_shared_key_arn: ::String
       attr_accessor vpn_connection_id: ::String
       attr_accessor state: ("pending" | "available" | "deleting" | "deleted")
       attr_accessor customer_gateway_configuration: ::String

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-ec2
 version: !ruby/object:Gem::Version
-  version: 1.527.0
+  version: 1.528.0
 platform: ruby
 authors:
 - Amazon Web Services