aws-sdk-ec2 1.63.0 → 1.64.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -771,6 +771,9 @@ module Aws::EC2
771
771
  # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
772
772
  # @option options [required, Array<String>] :resources
773
773
  # The IDs of one or more resources, separated by spaces.
774
+ #
775
+ # Constraints: Up to 1000 resource IDs. We recommend breaking up this
776
+ # request into smaller batches.
774
777
  # @option options [required, Array<Types::Tag>] :tags
775
778
  # One or more tags. The `value` parameter is required, but if you don't
776
779
  # want the tag to have a value, specify the parameter with no value, and
@@ -824,9 +827,9 @@ module Aws::EC2
824
827
  # [1]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html
825
828
  # @option options [Integer] :iops
826
829
  # The number of I/O operations per second (IOPS) to provision for the
827
- # volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to
828
- # 64,000IOPS for volumes in most regions. Maximum IOPS of 64,000 is
829
- # guaranteed only on [Nitro-based
830
+ # volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000
831
+ # IOPS for volumes in most regions. Maximum IOPS of 64,000 is guaranteed
832
+ # only on [Nitro-based
830
833
  # instances](AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
831
834
  # Other instance families guarantee performance up to 32,000 IOPS. For
832
835
  # more information, see [Amazon EBS Volume Types][1] in the *Amazon
@@ -523,6 +523,58 @@ module Aws::EC2
523
523
  include Aws::Structure
524
524
  end
525
525
 
526
+ # @note When making an API call, you may pass ApplySecurityGroupsToClientVpnTargetNetworkRequest
527
+ # data as a hash:
528
+ #
529
+ # {
530
+ # client_vpn_endpoint_id: "String", # required
531
+ # vpc_id: "String", # required
532
+ # security_group_ids: ["String"], # required
533
+ # dry_run: false,
534
+ # }
535
+ #
536
+ # @!attribute [rw] client_vpn_endpoint_id
537
+ # The ID of the Client VPN endpoint.
538
+ # @return [String]
539
+ #
540
+ # @!attribute [rw] vpc_id
541
+ # The ID of the VPC in which the associated target network is located.
542
+ # @return [String]
543
+ #
544
+ # @!attribute [rw] security_group_ids
545
+ # The IDs of the security groups to apply to the associated target
546
+ # network. Up to 5 security groups can be applied to an associated
547
+ # target network.
548
+ # @return [Array<String>]
549
+ #
550
+ # @!attribute [rw] dry_run
551
+ # Checks whether you have the required permissions for the action,
552
+ # without actually making the request, and provides an error response.
553
+ # If you have the required permissions, the error response is
554
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
555
+ # @return [Boolean]
556
+ #
557
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ApplySecurityGroupsToClientVpnTargetNetworkRequest AWS API Documentation
558
+ #
559
+ class ApplySecurityGroupsToClientVpnTargetNetworkRequest < Struct.new(
560
+ :client_vpn_endpoint_id,
561
+ :vpc_id,
562
+ :security_group_ids,
563
+ :dry_run)
564
+ include Aws::Structure
565
+ end
566
+
567
+ # @!attribute [rw] security_group_ids
568
+ # The IDs of the applied security groups.
569
+ # @return [Array<String>]
570
+ #
571
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ApplySecurityGroupsToClientVpnTargetNetworkResult AWS API Documentation
572
+ #
573
+ class ApplySecurityGroupsToClientVpnTargetNetworkResult < Struct.new(
574
+ :security_group_ids)
575
+ include Aws::Structure
576
+ end
577
+
526
578
  # @note When making an API call, you may pass AssignIpv6AddressesRequest
527
579
  # data as a hash:
528
580
  #
@@ -704,6 +756,55 @@ module Aws::EC2
704
756
  include Aws::Structure
705
757
  end
706
758
 
759
+ # @note When making an API call, you may pass AssociateClientVpnTargetNetworkRequest
760
+ # data as a hash:
761
+ #
762
+ # {
763
+ # client_vpn_endpoint_id: "String", # required
764
+ # subnet_id: "String", # required
765
+ # dry_run: false,
766
+ # }
767
+ #
768
+ # @!attribute [rw] client_vpn_endpoint_id
769
+ # The ID of the Client VPN endpoint.
770
+ # @return [String]
771
+ #
772
+ # @!attribute [rw] subnet_id
773
+ # The ID of the subnet to associate with the Client VPN endpoint.
774
+ # @return [String]
775
+ #
776
+ # @!attribute [rw] dry_run
777
+ # Checks whether you have the required permissions for the action,
778
+ # without actually making the request, and provides an error response.
779
+ # If you have the required permissions, the error response is
780
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
781
+ # @return [Boolean]
782
+ #
783
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateClientVpnTargetNetworkRequest AWS API Documentation
784
+ #
785
+ class AssociateClientVpnTargetNetworkRequest < Struct.new(
786
+ :client_vpn_endpoint_id,
787
+ :subnet_id,
788
+ :dry_run)
789
+ include Aws::Structure
790
+ end
791
+
792
+ # @!attribute [rw] association_id
793
+ # The unique ID of the target network association.
794
+ # @return [String]
795
+ #
796
+ # @!attribute [rw] status
797
+ # The current state of the target network association.
798
+ # @return [Types::AssociationStatus]
799
+ #
800
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateClientVpnTargetNetworkResult AWS API Documentation
801
+ #
802
+ class AssociateClientVpnTargetNetworkResult < Struct.new(
803
+ :association_id,
804
+ :status)
805
+ include Aws::Structure
806
+ end
807
+
707
808
  # @note When making an API call, you may pass AssociateDhcpOptionsRequest
708
809
  # data as a hash:
709
810
  #
@@ -959,6 +1060,44 @@ module Aws::EC2
959
1060
  include Aws::Structure
960
1061
  end
961
1062
 
1063
+ # Describes a target network that is associated with a Client VPN
1064
+ # endpoint. A target network is a subnet in a VPC.
1065
+ #
1066
+ # @!attribute [rw] network_id
1067
+ # **The ID of the subnet.**
1068
+ # @return [String]
1069
+ #
1070
+ # @!attribute [rw] network_type
1071
+ # **The target network type.**
1072
+ # @return [String]
1073
+ #
1074
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociatedTargetNetwork AWS API Documentation
1075
+ #
1076
+ class AssociatedTargetNetwork < Struct.new(
1077
+ :network_id,
1078
+ :network_type)
1079
+ include Aws::Structure
1080
+ end
1081
+
1082
+ # Describes the state of a target network association.
1083
+ #
1084
+ # @!attribute [rw] code
1085
+ # The state of the target network association.
1086
+ # @return [String]
1087
+ #
1088
+ # @!attribute [rw] message
1089
+ # A message about the status of the target network association, if
1090
+ # applicable.
1091
+ # @return [String]
1092
+ #
1093
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociationStatus AWS API Documentation
1094
+ #
1095
+ class AssociationStatus < Struct.new(
1096
+ :code,
1097
+ :message)
1098
+ include Aws::Structure
1099
+ end
1100
+
962
1101
  # @note When making an API call, you may pass AttachClassicLinkVpcRequest
963
1102
  # data as a hash:
964
1103
  #
@@ -1229,6 +1368,113 @@ module Aws::EC2
1229
1368
  include Aws::Structure
1230
1369
  end
1231
1370
 
1371
+ # **Information about an authorization rule.**
1372
+ #
1373
+ # @!attribute [rw] client_vpn_endpoint_id
1374
+ # The ID of the Client VPN endpoint with which the authorization rule
1375
+ # is associated.
1376
+ # @return [String]
1377
+ #
1378
+ # @!attribute [rw] description
1379
+ # A brief description of the authorization rule.
1380
+ # @return [String]
1381
+ #
1382
+ # @!attribute [rw] group_id
1383
+ # The ID of the Active Directory group to which the authorization rule
1384
+ # grants access.
1385
+ # @return [String]
1386
+ #
1387
+ # @!attribute [rw] access_all
1388
+ # Indicates whether the authorization rule grants access to all
1389
+ # clients.
1390
+ # @return [Boolean]
1391
+ #
1392
+ # @!attribute [rw] destination_cidr
1393
+ # The IPv4 address range, in CIDR notation, of the network to which
1394
+ # the authorization rule applies.
1395
+ # @return [String]
1396
+ #
1397
+ # @!attribute [rw] status
1398
+ # The current state of the authorization rule.
1399
+ # @return [Types::ClientVpnAuthorizationRuleStatus]
1400
+ #
1401
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AuthorizationRule AWS API Documentation
1402
+ #
1403
+ class AuthorizationRule < Struct.new(
1404
+ :client_vpn_endpoint_id,
1405
+ :description,
1406
+ :group_id,
1407
+ :access_all,
1408
+ :destination_cidr,
1409
+ :status)
1410
+ include Aws::Structure
1411
+ end
1412
+
1413
+ # @note When making an API call, you may pass AuthorizeClientVpnIngressRequest
1414
+ # data as a hash:
1415
+ #
1416
+ # {
1417
+ # client_vpn_endpoint_id: "String", # required
1418
+ # target_network_cidr: "String", # required
1419
+ # access_group_id: "String",
1420
+ # authorize_all_groups: false,
1421
+ # description: "String",
1422
+ # dry_run: false,
1423
+ # }
1424
+ #
1425
+ # @!attribute [rw] client_vpn_endpoint_id
1426
+ # The ID of the Client VPN endpoint.
1427
+ # @return [String]
1428
+ #
1429
+ # @!attribute [rw] target_network_cidr
1430
+ # The IPv4 address range, in CIDR notation, of the network for which
1431
+ # access is being authorized.
1432
+ # @return [String]
1433
+ #
1434
+ # @!attribute [rw] access_group_id
1435
+ # The ID of the Active Directory group to grant access.
1436
+ # @return [String]
1437
+ #
1438
+ # @!attribute [rw] authorize_all_groups
1439
+ # Indicates whether to grant access to all clients. Use `true` to
1440
+ # grant all clients who successfully establish a VPN connection access
1441
+ # to the network.
1442
+ # @return [Boolean]
1443
+ #
1444
+ # @!attribute [rw] description
1445
+ # A brief description of the authorization rule.
1446
+ # @return [String]
1447
+ #
1448
+ # @!attribute [rw] dry_run
1449
+ # Checks whether you have the required permissions for the action,
1450
+ # without actually making the request, and provides an error response.
1451
+ # If you have the required permissions, the error response is
1452
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
1453
+ # @return [Boolean]
1454
+ #
1455
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AuthorizeClientVpnIngressRequest AWS API Documentation
1456
+ #
1457
+ class AuthorizeClientVpnIngressRequest < Struct.new(
1458
+ :client_vpn_endpoint_id,
1459
+ :target_network_cidr,
1460
+ :access_group_id,
1461
+ :authorize_all_groups,
1462
+ :description,
1463
+ :dry_run)
1464
+ include Aws::Structure
1465
+ end
1466
+
1467
+ # @!attribute [rw] status
1468
+ # The current state of the authorization rule.
1469
+ # @return [Types::ClientVpnAuthorizationRuleStatus]
1470
+ #
1471
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AuthorizeClientVpnIngressResult AWS API Documentation
1472
+ #
1473
+ class AuthorizeClientVpnIngressResult < Struct.new(
1474
+ :status)
1475
+ include Aws::Structure
1476
+ end
1477
+
1232
1478
  # @note When making an API call, you may pass AuthorizeSecurityGroupEgressRequest
1233
1479
  # data as a hash:
1234
1480
  #
@@ -2443,6 +2689,42 @@ module Aws::EC2
2443
2689
  include Aws::Structure
2444
2690
  end
2445
2691
 
2692
+ # **Information about the client certificate used for authentication.**
2693
+ #
2694
+ # @!attribute [rw] client_root_certificate_chain
2695
+ # <b>The ARN of the client certificate. </b>
2696
+ # @return [String]
2697
+ #
2698
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CertificateAuthentication AWS API Documentation
2699
+ #
2700
+ class CertificateAuthentication < Struct.new(
2701
+ :client_root_certificate_chain)
2702
+ include Aws::Structure
2703
+ end
2704
+
2705
+ # **Information about the client certificate to be used for
2706
+ # authentication.**
2707
+ #
2708
+ # @note When making an API call, you may pass CertificateAuthenticationRequest
2709
+ # data as a hash:
2710
+ #
2711
+ # {
2712
+ # client_root_certificate_chain_arn: "String",
2713
+ # }
2714
+ #
2715
+ # @!attribute [rw] client_root_certificate_chain_arn
2716
+ # **The ARN of the client certificate. The certificate must be signed
2717
+ # by a certificate authority (CA) and it must be provisioned in AWS
2718
+ # Certificate Manager (ACM).**
2719
+ # @return [String]
2720
+ #
2721
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CertificateAuthenticationRequest AWS API Documentation
2722
+ #
2723
+ class CertificateAuthenticationRequest < Struct.new(
2724
+ :client_root_certificate_chain_arn)
2725
+ include Aws::Structure
2726
+ end
2727
+
2446
2728
  # Provides authorization for Amazon to bring a specific IP address range
2447
2729
  # to a specific AWS account using bring your own IP addresses (BYOIP).
2448
2730
  #
@@ -2535,7 +2817,7 @@ module Aws::EC2
2535
2817
  # data as a hash:
2536
2818
  #
2537
2819
  # {
2538
- # name: "String", # required
2820
+ # name: "String",
2539
2821
  # }
2540
2822
  #
2541
2823
  # @!attribute [rw] name
@@ -2557,9 +2839,9 @@ module Aws::EC2
2557
2839
  # data as a hash:
2558
2840
  #
2559
2841
  # {
2560
- # classic_load_balancers: [ # required
2842
+ # classic_load_balancers: [
2561
2843
  # {
2562
- # name: "String", # required
2844
+ # name: "String",
2563
2845
  # },
2564
2846
  # ],
2565
2847
  # }
@@ -2575,6 +2857,25 @@ module Aws::EC2
2575
2857
  include Aws::Structure
2576
2858
  end
2577
2859
 
2860
+ # Describes the state of a client certificate revocation list.
2861
+ #
2862
+ # @!attribute [rw] code
2863
+ # The state of the client certificate revocation list.
2864
+ # @return [String]
2865
+ #
2866
+ # @!attribute [rw] message
2867
+ # A message about the status of the client certificate revocation
2868
+ # list, if applicable.
2869
+ # @return [String]
2870
+ #
2871
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientCertificateRevocationListStatus AWS API Documentation
2872
+ #
2873
+ class ClientCertificateRevocationListStatus < Struct.new(
2874
+ :code,
2875
+ :message)
2876
+ include Aws::Structure
2877
+ end
2878
+
2578
2879
  # Describes the client-specific data.
2579
2880
  #
2580
2881
  # @note When making an API call, you may pass ClientData
@@ -2613,6 +2914,376 @@ module Aws::EC2
2613
2914
  include Aws::Structure
2614
2915
  end
2615
2916
 
2917
+ # Describes the authentication methods used by a Client VPN endpoint.
2918
+ # Client VPN supports Active Directory and mutual authentication. For
2919
+ # more information, see
2920
+ # [Authentication](vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication)
2921
+ # in the *AWS Client VPN Admin Guide*.
2922
+ #
2923
+ # @!attribute [rw] type
2924
+ # The authentication type used.
2925
+ # @return [String]
2926
+ #
2927
+ # @!attribute [rw] active_directory
2928
+ # Information about the Active Directory, if applicable.
2929
+ # @return [Types::DirectoryServiceAuthentication]
2930
+ #
2931
+ # @!attribute [rw] mutual_authentication
2932
+ # Information about the authentication certificates, if applicable.
2933
+ # @return [Types::CertificateAuthentication]
2934
+ #
2935
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnAuthentication AWS API Documentation
2936
+ #
2937
+ class ClientVpnAuthentication < Struct.new(
2938
+ :type,
2939
+ :active_directory,
2940
+ :mutual_authentication)
2941
+ include Aws::Structure
2942
+ end
2943
+
2944
+ # Describes the authentication method to be used by a Client VPN
2945
+ # endpoint. Client VPN supports Active Directory and mutual
2946
+ # authentication. For more information, see
2947
+ # [Athentication](vpn/latest/clientvpn-admin/authentication-authrization.html#client-authentication)
2948
+ # in the *AWS Client VPN Admin Guide*.
2949
+ #
2950
+ # @note When making an API call, you may pass ClientVpnAuthenticationRequest
2951
+ # data as a hash:
2952
+ #
2953
+ # {
2954
+ # type: "certificate-authentication", # accepts certificate-authentication, directory-service-authentication
2955
+ # active_directory: {
2956
+ # directory_id: "String",
2957
+ # },
2958
+ # mutual_authentication: {
2959
+ # client_root_certificate_chain_arn: "String",
2960
+ # },
2961
+ # }
2962
+ #
2963
+ # @!attribute [rw] type
2964
+ # The type of client authentication to be used. Specify
2965
+ # `certificate-authentication` to use certificate-based
2966
+ # authentication, or `directory-service-authentication` to use Active
2967
+ # Directory authentication.
2968
+ # @return [String]
2969
+ #
2970
+ # @!attribute [rw] active_directory
2971
+ # Information about the Active Directory to be used, if applicable.
2972
+ # You must provide this information if **Type** is
2973
+ # `directory-service-authentication`.
2974
+ # @return [Types::DirectoryServiceAuthenticationRequest]
2975
+ #
2976
+ # @!attribute [rw] mutual_authentication
2977
+ # Information about the authentication certificates to be used, if
2978
+ # applicable. You must provide this information if **Type** is
2979
+ # `certificate-authentication`.
2980
+ # @return [Types::CertificateAuthenticationRequest]
2981
+ #
2982
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnAuthenticationRequest AWS API Documentation
2983
+ #
2984
+ class ClientVpnAuthenticationRequest < Struct.new(
2985
+ :type,
2986
+ :active_directory,
2987
+ :mutual_authentication)
2988
+ include Aws::Structure
2989
+ end
2990
+
2991
+ # Describes the state of an authorization rule.
2992
+ #
2993
+ # @!attribute [rw] code
2994
+ # The state of the authorization rule.
2995
+ # @return [String]
2996
+ #
2997
+ # @!attribute [rw] message
2998
+ # A message about the status of the authorization rule, if applicable.
2999
+ # @return [String]
3000
+ #
3001
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnAuthorizationRuleStatus AWS API Documentation
3002
+ #
3003
+ class ClientVpnAuthorizationRuleStatus < Struct.new(
3004
+ :code,
3005
+ :message)
3006
+ include Aws::Structure
3007
+ end
3008
+
3009
+ # Describes a client connection.
3010
+ #
3011
+ # @!attribute [rw] client_vpn_endpoint_id
3012
+ # The ID of the Client VPN endpoint to which the client is connected.
3013
+ # @return [String]
3014
+ #
3015
+ # @!attribute [rw] timestamp
3016
+ # **The current date and time.**
3017
+ # @return [String]
3018
+ #
3019
+ # @!attribute [rw] connection_id
3020
+ # The ID of the client connection.
3021
+ # @return [String]
3022
+ #
3023
+ # @!attribute [rw] username
3024
+ # The username of the client who established the client connection.
3025
+ # This information is only provided if Active Directory client
3026
+ # authentication is used.
3027
+ # @return [String]
3028
+ #
3029
+ # @!attribute [rw] connection_established_time
3030
+ # The date and time the client connection was established.
3031
+ # @return [String]
3032
+ #
3033
+ # @!attribute [rw] ingress_bytes
3034
+ # The number of bytes sent by the client.
3035
+ # @return [String]
3036
+ #
3037
+ # @!attribute [rw] egress_bytes
3038
+ # The number of bytes received by the client.
3039
+ # @return [String]
3040
+ #
3041
+ # @!attribute [rw] ingress_packets
3042
+ # The number of packets sent by the client.
3043
+ # @return [String]
3044
+ #
3045
+ # @!attribute [rw] egress_packets
3046
+ # The number of packets received by the client.
3047
+ # @return [String]
3048
+ #
3049
+ # @!attribute [rw] client_ip
3050
+ # The IP address of the client.
3051
+ # @return [String]
3052
+ #
3053
+ # @!attribute [rw] common_name
3054
+ # **The common name associated with the client. This is either the
3055
+ # name of the client certificate, or the Active Directory user name.**
3056
+ # @return [String]
3057
+ #
3058
+ # @!attribute [rw] status
3059
+ # The current state of the client connection.
3060
+ # @return [Types::ClientVpnConnectionStatus]
3061
+ #
3062
+ # @!attribute [rw] connection_end_time
3063
+ # The date and time the client connection was terminated.
3064
+ # @return [String]
3065
+ #
3066
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnConnection AWS API Documentation
3067
+ #
3068
+ class ClientVpnConnection < Struct.new(
3069
+ :client_vpn_endpoint_id,
3070
+ :timestamp,
3071
+ :connection_id,
3072
+ :username,
3073
+ :connection_established_time,
3074
+ :ingress_bytes,
3075
+ :egress_bytes,
3076
+ :ingress_packets,
3077
+ :egress_packets,
3078
+ :client_ip,
3079
+ :common_name,
3080
+ :status,
3081
+ :connection_end_time)
3082
+ include Aws::Structure
3083
+ end
3084
+
3085
+ # Describes the status of a client connection.
3086
+ #
3087
+ # @!attribute [rw] code
3088
+ # The state of the client connection.
3089
+ # @return [String]
3090
+ #
3091
+ # @!attribute [rw] message
3092
+ # A message about the status of the client connection, if applicable.
3093
+ # @return [String]
3094
+ #
3095
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnConnectionStatus AWS API Documentation
3096
+ #
3097
+ class ClientVpnConnectionStatus < Struct.new(
3098
+ :code,
3099
+ :message)
3100
+ include Aws::Structure
3101
+ end
3102
+
3103
+ # Describes a Client VPN endpoint.
3104
+ #
3105
+ # @!attribute [rw] client_vpn_endpoint_id
3106
+ # The ID of the Client VPN endpoint.
3107
+ # @return [String]
3108
+ #
3109
+ # @!attribute [rw] description
3110
+ # A brief description of the endpoint.
3111
+ # @return [String]
3112
+ #
3113
+ # @!attribute [rw] status
3114
+ # The current state of the Client VPN endpoint.
3115
+ # @return [Types::ClientVpnEndpointStatus]
3116
+ #
3117
+ # @!attribute [rw] creation_time
3118
+ # The date and time the Client VPN endpoint was created.
3119
+ # @return [String]
3120
+ #
3121
+ # @!attribute [rw] deletion_time
3122
+ # The date and time the Client VPN endpoint was deleted, if
3123
+ # applicable. Information about deleted Client VPN endpoints is
3124
+ # retained for 24 hours, unless a new Client VPN is created with the
3125
+ # same name.
3126
+ # @return [String]
3127
+ #
3128
+ # @!attribute [rw] dns_name
3129
+ # The DNS name to be used by clients when establishing a connection.
3130
+ # @return [String]
3131
+ #
3132
+ # @!attribute [rw] client_cidr_block
3133
+ # The IPv4 address range, in CIDR notation, from which client IP
3134
+ # addresses are assigned.
3135
+ # @return [String]
3136
+ #
3137
+ # @!attribute [rw] split_tunnel
3138
+ # **Indicates whether VPN split tunneling is supported.**
3139
+ # @return [Boolean]
3140
+ #
3141
+ # @!attribute [rw] vpn_protocol
3142
+ # The protocol used by the VPN session.
3143
+ # @return [String]
3144
+ #
3145
+ # @!attribute [rw] transport_protocol
3146
+ # **The transport protocol used by the Client VPN endpoint.**
3147
+ # @return [String]
3148
+ #
3149
+ # @!attribute [rw] associated_target_networks
3150
+ # Information about the associated target networks. A target network
3151
+ # is a subnet in a VPC.
3152
+ # @return [Array<Types::AssociatedTargetNetwork>]
3153
+ #
3154
+ # @!attribute [rw] server_certificate_arn
3155
+ # The ARN of the server certificate.
3156
+ # @return [String]
3157
+ #
3158
+ # @!attribute [rw] authentication_options
3159
+ # Information about the authentication method used by the Client VPN
3160
+ # endpoint.
3161
+ # @return [Array<Types::ClientVpnAuthentication>]
3162
+ #
3163
+ # @!attribute [rw] connection_log_options
3164
+ # Information about the client connection logging options for the
3165
+ # Client VPN endpoint.
3166
+ # @return [Types::ConnectionLogResponseOptions]
3167
+ #
3168
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnEndpoint AWS API Documentation
3169
+ #
3170
+ class ClientVpnEndpoint < Struct.new(
3171
+ :client_vpn_endpoint_id,
3172
+ :description,
3173
+ :status,
3174
+ :creation_time,
3175
+ :deletion_time,
3176
+ :dns_name,
3177
+ :client_cidr_block,
3178
+ :split_tunnel,
3179
+ :vpn_protocol,
3180
+ :transport_protocol,
3181
+ :associated_target_networks,
3182
+ :server_certificate_arn,
3183
+ :authentication_options,
3184
+ :connection_log_options)
3185
+ include Aws::Structure
3186
+ end
3187
+
3188
+ # Describes the state of a Client VPN endpoint.
3189
+ #
3190
+ # @!attribute [rw] code
3191
+ # The state of the Client VPN endpoint. Possible states include:
3192
+ #
3193
+ # * `pending-associate` - The Client VPN endpoint has been created but
3194
+ # no target networks have been associated. The Client VPN endpoint
3195
+ # cannot accept connections.
3196
+ #
3197
+ # * `available` - The Client VPN endpoint has been created and a
3198
+ # target network has been associated. The Client VPN endpoint can
3199
+ # accept connections.
3200
+ #
3201
+ # * `deleting` - The Client VPN endpoint is being deleted. The Client
3202
+ # VPN endpoint cannot accept connections.
3203
+ #
3204
+ # * `deleted` - The Client VPN endpoint has been deleted. The Client
3205
+ # VPN endpoint cannot accept connections.
3206
+ # @return [String]
3207
+ #
3208
+ # @!attribute [rw] message
3209
+ # A message about the status of the Client VPN endpoint.
3210
+ # @return [String]
3211
+ #
3212
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnEndpointStatus AWS API Documentation
3213
+ #
3214
+ class ClientVpnEndpointStatus < Struct.new(
3215
+ :code,
3216
+ :message)
3217
+ include Aws::Structure
3218
+ end
3219
+
3220
+ # **Information about a Client VPN endpoint route.**
3221
+ #
3222
+ # @!attribute [rw] client_vpn_endpoint_id
3223
+ # The ID of the Client VPN endpoint with which the route is
3224
+ # associated.
3225
+ # @return [String]
3226
+ #
3227
+ # @!attribute [rw] destination_cidr
3228
+ # The IPv4 address range, in CIDR notation, of the route destination.
3229
+ # @return [String]
3230
+ #
3231
+ # @!attribute [rw] target_subnet
3232
+ # The ID of the subnet through which traffic is routed.
3233
+ # @return [String]
3234
+ #
3235
+ # @!attribute [rw] type
3236
+ # **The route type.**
3237
+ # @return [String]
3238
+ #
3239
+ # @!attribute [rw] origin
3240
+ # Indicates how the route was associated with the Client VPN endpoint.
3241
+ # `associate` indicates that the route was automatically added when
3242
+ # the target network was associated with the Client VPN endpoint.
3243
+ # `add-route` indicates that the route was manually added using the
3244
+ # **CreateClientVpnRoute** action.
3245
+ # @return [String]
3246
+ #
3247
+ # @!attribute [rw] status
3248
+ # The current state of the route.
3249
+ # @return [Types::ClientVpnRouteStatus]
3250
+ #
3251
+ # @!attribute [rw] description
3252
+ # A brief description of the route.
3253
+ # @return [String]
3254
+ #
3255
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnRoute AWS API Documentation
3256
+ #
3257
+ class ClientVpnRoute < Struct.new(
3258
+ :client_vpn_endpoint_id,
3259
+ :destination_cidr,
3260
+ :target_subnet,
3261
+ :type,
3262
+ :origin,
3263
+ :status,
3264
+ :description)
3265
+ include Aws::Structure
3266
+ end
3267
+
3268
+ # Describes the state of a Client VPN endpoint route.
3269
+ #
3270
+ # @!attribute [rw] code
3271
+ # The state of the Client VPN endpoint route.
3272
+ # @return [String]
3273
+ #
3274
+ # @!attribute [rw] message
3275
+ # A message about the status of the Client VPN endpoint route, if
3276
+ # applicable.
3277
+ # @return [String]
3278
+ #
3279
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ClientVpnRouteStatus AWS API Documentation
3280
+ #
3281
+ class ClientVpnRouteStatus < Struct.new(
3282
+ :code,
3283
+ :message)
3284
+ include Aws::Structure
3285
+ end
3286
+
2616
3287
  # @note When making an API call, you may pass ConfirmProductInstanceRequest
2617
3288
  # data as a hash:
2618
3289
  #
@@ -2665,6 +3336,67 @@ module Aws::EC2
2665
3336
  include Aws::Structure
2666
3337
  end
2667
3338
 
3339
+ # Describes the client connection logging options for the Client VPN
3340
+ # endpoint.
3341
+ #
3342
+ # @note When making an API call, you may pass ConnectionLogOptions
3343
+ # data as a hash:
3344
+ #
3345
+ # {
3346
+ # enabled: false,
3347
+ # cloudwatch_log_group: "String",
3348
+ # cloudwatch_log_stream: "String",
3349
+ # }
3350
+ #
3351
+ # @!attribute [rw] enabled
3352
+ # Indicates whether connection logging is enabled.
3353
+ # @return [Boolean]
3354
+ #
3355
+ # @!attribute [rw] cloudwatch_log_group
3356
+ # The name of the CloudWatch Logs log group.
3357
+ # @return [String]
3358
+ #
3359
+ # @!attribute [rw] cloudwatch_log_stream
3360
+ # The name of the CloudWatch Logs log stream to which the connection
3361
+ # data is published.
3362
+ # @return [String]
3363
+ #
3364
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ConnectionLogOptions AWS API Documentation
3365
+ #
3366
+ class ConnectionLogOptions < Struct.new(
3367
+ :enabled,
3368
+ :cloudwatch_log_group,
3369
+ :cloudwatch_log_stream)
3370
+ include Aws::Structure
3371
+ end
3372
+
3373
+ # Information about the client connection logging options for a Client
3374
+ # VPN endpoint.
3375
+ #
3376
+ # @!attribute [rw] enabled
3377
+ # Indicates whether client connection logging is enabled for the
3378
+ # Client VPN endpoint.
3379
+ # @return [Boolean]
3380
+ #
3381
+ # @!attribute [rw] cloudwatch_log_group
3382
+ # The name of the Amazon CloudWatch Logs log group to which connection
3383
+ # logging data is published.
3384
+ # @return [String]
3385
+ #
3386
+ # @!attribute [rw] cloudwatch_log_stream
3387
+ # The name of the Amazon CloudWatch Logs log stream to which
3388
+ # connection logging data is published.
3389
+ # @return [String]
3390
+ #
3391
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ConnectionLogResponseOptions AWS API Documentation
3392
+ #
3393
+ class ConnectionLogResponseOptions < Struct.new(
3394
+ :enabled,
3395
+ :cloudwatch_log_group,
3396
+ :cloudwatch_log_stream)
3397
+ include Aws::Structure
3398
+ end
3399
+
2668
3400
  # Describes a connection notification for a VPC endpoint or VPC endpoint
2669
3401
  # service.
2670
3402
  #
@@ -3311,6 +4043,215 @@ module Aws::EC2
3311
4043
  include Aws::Structure
3312
4044
  end
3313
4045
 
4046
+ # @note When making an API call, you may pass CreateClientVpnEndpointRequest
4047
+ # data as a hash:
4048
+ #
4049
+ # {
4050
+ # client_cidr_block: "String", # required
4051
+ # server_certificate_arn: "String", # required
4052
+ # authentication_options: [ # required
4053
+ # {
4054
+ # type: "certificate-authentication", # accepts certificate-authentication, directory-service-authentication
4055
+ # active_directory: {
4056
+ # directory_id: "String",
4057
+ # },
4058
+ # mutual_authentication: {
4059
+ # client_root_certificate_chain_arn: "String",
4060
+ # },
4061
+ # },
4062
+ # ],
4063
+ # connection_log_options: { # required
4064
+ # enabled: false,
4065
+ # cloudwatch_log_group: "String",
4066
+ # cloudwatch_log_stream: "String",
4067
+ # },
4068
+ # dns_servers: ["String"],
4069
+ # transport_protocol: "tcp", # accepts tcp, udp
4070
+ # description: "String",
4071
+ # dry_run: false,
4072
+ # client_token: "String",
4073
+ # }
4074
+ #
4075
+ # @!attribute [rw] client_cidr_block
4076
+ # The IPv4 address range, in CIDR notation, from which to assign
4077
+ # client IP addresses. The address range cannot overlap with the local
4078
+ # CIDR of the VPC in which the associated subnet is located, or the
4079
+ # routes that you add manually. The address range cannot be changed
4080
+ # after the Client VPN endpoint has been created. The CIDR block
4081
+ # should be /22 or greater.
4082
+ # @return [String]
4083
+ #
4084
+ # @!attribute [rw] server_certificate_arn
4085
+ # The ARN of the server certificate. For more information, see the
4086
+ # [AWS Certificate Manager User
4087
+ # Guide](acm/latest/userguide/acm-overview.html) .
4088
+ # @return [String]
4089
+ #
4090
+ # @!attribute [rw] authentication_options
4091
+ # Information about the authentication method to be used to
4092
+ # authenticate clients.
4093
+ # @return [Array<Types::ClientVpnAuthenticationRequest>]
4094
+ #
4095
+ # @!attribute [rw] connection_log_options
4096
+ # Information about the client connection logging options.
4097
+ #
4098
+ # If you enable client connection logging, data about client
4099
+ # connections is sent to a Cloudwatch Logs log stream. The following
4100
+ # information is logged:
4101
+ #
4102
+ # * Client connection requests
4103
+ #
4104
+ # * Client connection results (successful and unsuccessful)
4105
+ #
4106
+ # * Reasons for unsuccessful client connection requests
4107
+ #
4108
+ # * Client connection termination time
4109
+ # @return [Types::ConnectionLogOptions]
4110
+ #
4111
+ # @!attribute [rw] dns_servers
4112
+ # Information about the DNS servers to be used for DNS resolution. A
4113
+ # Client VPN endpoint can have up to two DNS servers. If no DNS server
4114
+ # is specified, the DNS address of the VPC that is to be associated
4115
+ # with Client VPN endpoint is used as the DNS server.
4116
+ # @return [Array<String>]
4117
+ #
4118
+ # @!attribute [rw] transport_protocol
4119
+ # The transport protocol to be used by the VPN session.
4120
+ #
4121
+ # Default value: `udp`
4122
+ # @return [String]
4123
+ #
4124
+ # @!attribute [rw] description
4125
+ # A brief description of the Client VPN endpoint.
4126
+ # @return [String]
4127
+ #
4128
+ # @!attribute [rw] dry_run
4129
+ # Checks whether you have the required permissions for the action,
4130
+ # without actually making the request, and provides an error response.
4131
+ # If you have the required permissions, the error response is
4132
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
4133
+ # @return [Boolean]
4134
+ #
4135
+ # @!attribute [rw] client_token
4136
+ # Unique, case-sensitive identifier you provide to ensure the
4137
+ # idempotency of the request. For more information, see [ How to
4138
+ # Ensure Idempotency][1].
4139
+ #
4140
+ # **A suitable default value is auto-generated.** You should normally
4141
+ # not need to pass this option.
4142
+ #
4143
+ #
4144
+ #
4145
+ # [1]: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html
4146
+ # @return [String]
4147
+ #
4148
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateClientVpnEndpointRequest AWS API Documentation
4149
+ #
4150
+ class CreateClientVpnEndpointRequest < Struct.new(
4151
+ :client_cidr_block,
4152
+ :server_certificate_arn,
4153
+ :authentication_options,
4154
+ :connection_log_options,
4155
+ :dns_servers,
4156
+ :transport_protocol,
4157
+ :description,
4158
+ :dry_run,
4159
+ :client_token)
4160
+ include Aws::Structure
4161
+ end
4162
+
4163
+ # @!attribute [rw] client_vpn_endpoint_id
4164
+ # The ID of the Client VPN endpoint.
4165
+ # @return [String]
4166
+ #
4167
+ # @!attribute [rw] status
4168
+ # The current state of the Client VPN endpoint.
4169
+ # @return [Types::ClientVpnEndpointStatus]
4170
+ #
4171
+ # @!attribute [rw] dns_name
4172
+ # The DNS name to be used by clients when establishing their VPN
4173
+ # session.
4174
+ # @return [String]
4175
+ #
4176
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateClientVpnEndpointResult AWS API Documentation
4177
+ #
4178
+ class CreateClientVpnEndpointResult < Struct.new(
4179
+ :client_vpn_endpoint_id,
4180
+ :status,
4181
+ :dns_name)
4182
+ include Aws::Structure
4183
+ end
4184
+
4185
+ # @note When making an API call, you may pass CreateClientVpnRouteRequest
4186
+ # data as a hash:
4187
+ #
4188
+ # {
4189
+ # client_vpn_endpoint_id: "String", # required
4190
+ # destination_cidr_block: "String", # required
4191
+ # target_vpc_subnet_id: "String", # required
4192
+ # description: "String",
4193
+ # dry_run: false,
4194
+ # }
4195
+ #
4196
+ # @!attribute [rw] client_vpn_endpoint_id
4197
+ # The ID of the Client VPN endpoint to which to add the route.
4198
+ # @return [String]
4199
+ #
4200
+ # @!attribute [rw] destination_cidr_block
4201
+ # The IPv4 address range, in CIDR notation, of the route destination.
4202
+ # For example:
4203
+ #
4204
+ # * To add a route for Internet access, enter `0.0.0.0/0`
4205
+ #
4206
+ # * To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR
4207
+ # range
4208
+ #
4209
+ # * To add a route for an on-premises network, enter the AWS
4210
+ # Site-to-Site VPN connection's IPv4 CIDR range
4211
+ #
4212
+ # Route address ranges cannot overlap with the CIDR range specified
4213
+ # for client allocation.
4214
+ # @return [String]
4215
+ #
4216
+ # @!attribute [rw] target_vpc_subnet_id
4217
+ # The ID of the subnet through which you want to route traffic. The
4218
+ # specified subnet must be an existing target network of the Client
4219
+ # VPN endpoint.
4220
+ # @return [String]
4221
+ #
4222
+ # @!attribute [rw] description
4223
+ # A brief description of the route.
4224
+ # @return [String]
4225
+ #
4226
+ # @!attribute [rw] dry_run
4227
+ # Checks whether you have the required permissions for the action,
4228
+ # without actually making the request, and provides an error response.
4229
+ # If you have the required permissions, the error response is
4230
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
4231
+ # @return [Boolean]
4232
+ #
4233
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateClientVpnRouteRequest AWS API Documentation
4234
+ #
4235
+ class CreateClientVpnRouteRequest < Struct.new(
4236
+ :client_vpn_endpoint_id,
4237
+ :destination_cidr_block,
4238
+ :target_vpc_subnet_id,
4239
+ :description,
4240
+ :dry_run)
4241
+ include Aws::Structure
4242
+ end
4243
+
4244
+ # @!attribute [rw] status
4245
+ # The current state of the route.
4246
+ # @return [Types::ClientVpnRouteStatus]
4247
+ #
4248
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateClientVpnRouteResult AWS API Documentation
4249
+ #
4250
+ class CreateClientVpnRouteResult < Struct.new(
4251
+ :status)
4252
+ include Aws::Structure
4253
+ end
4254
+
3314
4255
  # Contains the parameters for CreateCustomerGateway.
3315
4256
  #
3316
4257
  # @note When making an API call, you may pass CreateCustomerGatewayRequest
@@ -5480,6 +6421,9 @@ module Aws::EC2
5480
6421
  #
5481
6422
  # @!attribute [rw] resources
5482
6423
  # The IDs of one or more resources, separated by spaces.
6424
+ #
6425
+ # Constraints: Up to 1000 resource IDs. We recommend breaking up this
6426
+ # request into smaller batches.
5483
6427
  # @return [Array<String>]
5484
6428
  #
5485
6429
  # @!attribute [rw] tags
@@ -5896,8 +6840,8 @@ module Aws::EC2
5896
6840
  #
5897
6841
  # @!attribute [rw] iops
5898
6842
  # The number of I/O operations per second (IOPS) to provision for the
5899
- # volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to
5900
- # 64,000IOPS for volumes in most regions. Maximum IOPS of 64,000 is
6843
+ # volume, with a maximum ratio of 50 IOPS/GiB. Range is 100 to 64,000
6844
+ # IOPS for volumes in most regions. Maximum IOPS of 64,000 is
5901
6845
  # guaranteed only on [Nitro-based
5902
6846
  # instances](AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
5903
6847
  # Other instance families guarantee performance up to 32,000 IOPS. For
@@ -6623,6 +7567,96 @@ module Aws::EC2
6623
7567
  include Aws::Structure
6624
7568
  end
6625
7569
 
7570
+ # @note When making an API call, you may pass DeleteClientVpnEndpointRequest
7571
+ # data as a hash:
7572
+ #
7573
+ # {
7574
+ # client_vpn_endpoint_id: "String", # required
7575
+ # dry_run: false,
7576
+ # }
7577
+ #
7578
+ # @!attribute [rw] client_vpn_endpoint_id
7579
+ # The ID of the Client VPN to be deleted.
7580
+ # @return [String]
7581
+ #
7582
+ # @!attribute [rw] dry_run
7583
+ # Checks whether you have the required permissions for the action,
7584
+ # without actually making the request, and provides an error response.
7585
+ # If you have the required permissions, the error response is
7586
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
7587
+ # @return [Boolean]
7588
+ #
7589
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteClientVpnEndpointRequest AWS API Documentation
7590
+ #
7591
+ class DeleteClientVpnEndpointRequest < Struct.new(
7592
+ :client_vpn_endpoint_id,
7593
+ :dry_run)
7594
+ include Aws::Structure
7595
+ end
7596
+
7597
+ # @!attribute [rw] status
7598
+ # The current state of the Client VPN endpoint.
7599
+ # @return [Types::ClientVpnEndpointStatus]
7600
+ #
7601
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteClientVpnEndpointResult AWS API Documentation
7602
+ #
7603
+ class DeleteClientVpnEndpointResult < Struct.new(
7604
+ :status)
7605
+ include Aws::Structure
7606
+ end
7607
+
7608
+ # @note When making an API call, you may pass DeleteClientVpnRouteRequest
7609
+ # data as a hash:
7610
+ #
7611
+ # {
7612
+ # client_vpn_endpoint_id: "String", # required
7613
+ # target_vpc_subnet_id: "String",
7614
+ # destination_cidr_block: "String", # required
7615
+ # dry_run: false,
7616
+ # }
7617
+ #
7618
+ # @!attribute [rw] client_vpn_endpoint_id
7619
+ # The ID of the Client VPN endpoint from which the route is to be
7620
+ # deleted.
7621
+ # @return [String]
7622
+ #
7623
+ # @!attribute [rw] target_vpc_subnet_id
7624
+ # The ID of the target subnet used by the route.
7625
+ # @return [String]
7626
+ #
7627
+ # @!attribute [rw] destination_cidr_block
7628
+ # The IPv4 address range, in CIDR notation, of the route to be
7629
+ # deleted.
7630
+ # @return [String]
7631
+ #
7632
+ # @!attribute [rw] dry_run
7633
+ # Checks whether you have the required permissions for the action,
7634
+ # without actually making the request, and provides an error response.
7635
+ # If you have the required permissions, the error response is
7636
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
7637
+ # @return [Boolean]
7638
+ #
7639
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteClientVpnRouteRequest AWS API Documentation
7640
+ #
7641
+ class DeleteClientVpnRouteRequest < Struct.new(
7642
+ :client_vpn_endpoint_id,
7643
+ :target_vpc_subnet_id,
7644
+ :destination_cidr_block,
7645
+ :dry_run)
7646
+ include Aws::Structure
7647
+ end
7648
+
7649
+ # @!attribute [rw] status
7650
+ # The current state of the route.
7651
+ # @return [Types::ClientVpnRouteStatus]
7652
+ #
7653
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteClientVpnRouteResult AWS API Documentation
7654
+ #
7655
+ class DeleteClientVpnRouteResult < Struct.new(
7656
+ :status)
7657
+ include Aws::Structure
7658
+ end
7659
+
6626
7660
  # Contains the parameters for DeleteCustomerGateway.
6627
7661
  #
6628
7662
  # @note When making an API call, you may pass DeleteCustomerGatewayRequest
@@ -7519,6 +8553,9 @@ module Aws::EC2
7519
8553
  #
7520
8554
  # @!attribute [rw] resources
7521
8555
  # The IDs of one or more resources, separated by spaces.
8556
+ #
8557
+ # Constraints: Up to 1000 resource IDs. We recommend breaking up this
8558
+ # request into smaller batches.
7522
8559
  # @return [Array<String>]
7523
8560
  #
7524
8561
  # @!attribute [rw] tags
@@ -8601,6 +9638,357 @@ module Aws::EC2
8601
9638
  include Aws::Structure
8602
9639
  end
8603
9640
 
9641
+ # @note When making an API call, you may pass DescribeClientVpnAuthorizationRulesRequest
9642
+ # data as a hash:
9643
+ #
9644
+ # {
9645
+ # client_vpn_endpoint_id: "String", # required
9646
+ # dry_run: false,
9647
+ # next_token: "NextToken",
9648
+ # filters: [
9649
+ # {
9650
+ # name: "String",
9651
+ # values: ["String"],
9652
+ # },
9653
+ # ],
9654
+ # max_results: 1,
9655
+ # }
9656
+ #
9657
+ # @!attribute [rw] client_vpn_endpoint_id
9658
+ # The ID of the Client VPN endpoint.
9659
+ # @return [String]
9660
+ #
9661
+ # @!attribute [rw] dry_run
9662
+ # Checks whether you have the required permissions for the action,
9663
+ # without actually making the request, and provides an error response.
9664
+ # If you have the required permissions, the error response is
9665
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
9666
+ # @return [Boolean]
9667
+ #
9668
+ # @!attribute [rw] next_token
9669
+ # The token to retrieve the next page of results.
9670
+ # @return [String]
9671
+ #
9672
+ # @!attribute [rw] filters
9673
+ # One or more filters. Filter names and values are case-sensitive.
9674
+ # @return [Array<Types::Filter>]
9675
+ #
9676
+ # @!attribute [rw] max_results
9677
+ # The maximum number of results to return for the request in a single
9678
+ # page. The remaining results can be seen by sending another request
9679
+ # with the nextToken value.
9680
+ # @return [Integer]
9681
+ #
9682
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnAuthorizationRulesRequest AWS API Documentation
9683
+ #
9684
+ class DescribeClientVpnAuthorizationRulesRequest < Struct.new(
9685
+ :client_vpn_endpoint_id,
9686
+ :dry_run,
9687
+ :next_token,
9688
+ :filters,
9689
+ :max_results)
9690
+ include Aws::Structure
9691
+ end
9692
+
9693
+ # @!attribute [rw] authorization_rules
9694
+ # Information about the authorization rules.
9695
+ # @return [Array<Types::AuthorizationRule>]
9696
+ #
9697
+ # @!attribute [rw] next_token
9698
+ # The token to use to retrieve the next page of results. This value is
9699
+ # `null` when there are no more results to return.
9700
+ # @return [String]
9701
+ #
9702
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnAuthorizationRulesResult AWS API Documentation
9703
+ #
9704
+ class DescribeClientVpnAuthorizationRulesResult < Struct.new(
9705
+ :authorization_rules,
9706
+ :next_token)
9707
+ include Aws::Structure
9708
+ end
9709
+
9710
+ # @note When making an API call, you may pass DescribeClientVpnConnectionsRequest
9711
+ # data as a hash:
9712
+ #
9713
+ # {
9714
+ # client_vpn_endpoint_id: "String", # required
9715
+ # filters: [
9716
+ # {
9717
+ # name: "String",
9718
+ # values: ["String"],
9719
+ # },
9720
+ # ],
9721
+ # next_token: "NextToken",
9722
+ # max_results: 1,
9723
+ # dry_run: false,
9724
+ # }
9725
+ #
9726
+ # @!attribute [rw] client_vpn_endpoint_id
9727
+ # The ID of the Client VPN endpoint.
9728
+ # @return [String]
9729
+ #
9730
+ # @!attribute [rw] filters
9731
+ # One or more filters. Filter names and values are case-sensitive.
9732
+ # @return [Array<Types::Filter>]
9733
+ #
9734
+ # @!attribute [rw] next_token
9735
+ # The token to retrieve the next page of results.
9736
+ # @return [String]
9737
+ #
9738
+ # @!attribute [rw] max_results
9739
+ # The maximum number of results to return for the request in a single
9740
+ # page. The remaining results can be seen by sending another request
9741
+ # with the nextToken value.
9742
+ # @return [Integer]
9743
+ #
9744
+ # @!attribute [rw] dry_run
9745
+ # Checks whether you have the required permissions for the action,
9746
+ # without actually making the request, and provides an error response.
9747
+ # If you have the required permissions, the error response is
9748
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
9749
+ # @return [Boolean]
9750
+ #
9751
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnConnectionsRequest AWS API Documentation
9752
+ #
9753
+ class DescribeClientVpnConnectionsRequest < Struct.new(
9754
+ :client_vpn_endpoint_id,
9755
+ :filters,
9756
+ :next_token,
9757
+ :max_results,
9758
+ :dry_run)
9759
+ include Aws::Structure
9760
+ end
9761
+
9762
+ # @!attribute [rw] connections
9763
+ # Information about the active and terminated client connections.
9764
+ # @return [Array<Types::ClientVpnConnection>]
9765
+ #
9766
+ # @!attribute [rw] next_token
9767
+ # The token to use to retrieve the next page of results. This value is
9768
+ # `null` when there are no more results to return.
9769
+ # @return [String]
9770
+ #
9771
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnConnectionsResult AWS API Documentation
9772
+ #
9773
+ class DescribeClientVpnConnectionsResult < Struct.new(
9774
+ :connections,
9775
+ :next_token)
9776
+ include Aws::Structure
9777
+ end
9778
+
9779
+ # @note When making an API call, you may pass DescribeClientVpnEndpointsRequest
9780
+ # data as a hash:
9781
+ #
9782
+ # {
9783
+ # client_vpn_endpoint_ids: ["String"],
9784
+ # max_results: 1,
9785
+ # next_token: "NextToken",
9786
+ # filters: [
9787
+ # {
9788
+ # name: "String",
9789
+ # values: ["String"],
9790
+ # },
9791
+ # ],
9792
+ # dry_run: false,
9793
+ # }
9794
+ #
9795
+ # @!attribute [rw] client_vpn_endpoint_ids
9796
+ # The ID of the Client VPN endpoint.
9797
+ # @return [Array<String>]
9798
+ #
9799
+ # @!attribute [rw] max_results
9800
+ # The maximum number of results to return for the request in a single
9801
+ # page. The remaining results can be seen by sending another request
9802
+ # with the nextToken value.
9803
+ # @return [Integer]
9804
+ #
9805
+ # @!attribute [rw] next_token
9806
+ # The token to retrieve the next page of results.
9807
+ # @return [String]
9808
+ #
9809
+ # @!attribute [rw] filters
9810
+ # One or more filters. Filter names and values are case-sensitive.
9811
+ # @return [Array<Types::Filter>]
9812
+ #
9813
+ # @!attribute [rw] dry_run
9814
+ # Checks whether you have the required permissions for the action,
9815
+ # without actually making the request, and provides an error response.
9816
+ # If you have the required permissions, the error response is
9817
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
9818
+ # @return [Boolean]
9819
+ #
9820
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnEndpointsRequest AWS API Documentation
9821
+ #
9822
+ class DescribeClientVpnEndpointsRequest < Struct.new(
9823
+ :client_vpn_endpoint_ids,
9824
+ :max_results,
9825
+ :next_token,
9826
+ :filters,
9827
+ :dry_run)
9828
+ include Aws::Structure
9829
+ end
9830
+
9831
+ # @!attribute [rw] client_vpn_endpoints
9832
+ # Information about the Client VPN endpoints.
9833
+ # @return [Array<Types::ClientVpnEndpoint>]
9834
+ #
9835
+ # @!attribute [rw] next_token
9836
+ # The token to use to retrieve the next page of results. This value is
9837
+ # `null` when there are no more results to return.
9838
+ # @return [String]
9839
+ #
9840
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnEndpointsResult AWS API Documentation
9841
+ #
9842
+ class DescribeClientVpnEndpointsResult < Struct.new(
9843
+ :client_vpn_endpoints,
9844
+ :next_token)
9845
+ include Aws::Structure
9846
+ end
9847
+
9848
+ # @note When making an API call, you may pass DescribeClientVpnRoutesRequest
9849
+ # data as a hash:
9850
+ #
9851
+ # {
9852
+ # client_vpn_endpoint_id: "String", # required
9853
+ # filters: [
9854
+ # {
9855
+ # name: "String",
9856
+ # values: ["String"],
9857
+ # },
9858
+ # ],
9859
+ # max_results: 1,
9860
+ # next_token: "NextToken",
9861
+ # dry_run: false,
9862
+ # }
9863
+ #
9864
+ # @!attribute [rw] client_vpn_endpoint_id
9865
+ # The ID of the Client VPN endpoint.
9866
+ # @return [String]
9867
+ #
9868
+ # @!attribute [rw] filters
9869
+ # One or more filters. Filter names and values are case-sensitive.
9870
+ # @return [Array<Types::Filter>]
9871
+ #
9872
+ # @!attribute [rw] max_results
9873
+ # The maximum number of results to return for the request in a single
9874
+ # page. The remaining results can be seen by sending another request
9875
+ # with the nextToken value.
9876
+ # @return [Integer]
9877
+ #
9878
+ # @!attribute [rw] next_token
9879
+ # The token to retrieve the next page of results.
9880
+ # @return [String]
9881
+ #
9882
+ # @!attribute [rw] dry_run
9883
+ # Checks whether you have the required permissions for the action,
9884
+ # without actually making the request, and provides an error response.
9885
+ # If you have the required permissions, the error response is
9886
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
9887
+ # @return [Boolean]
9888
+ #
9889
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnRoutesRequest AWS API Documentation
9890
+ #
9891
+ class DescribeClientVpnRoutesRequest < Struct.new(
9892
+ :client_vpn_endpoint_id,
9893
+ :filters,
9894
+ :max_results,
9895
+ :next_token,
9896
+ :dry_run)
9897
+ include Aws::Structure
9898
+ end
9899
+
9900
+ # @!attribute [rw] routes
9901
+ # Information about the Client VPN endpoint routes.
9902
+ # @return [Array<Types::ClientVpnRoute>]
9903
+ #
9904
+ # @!attribute [rw] next_token
9905
+ # The token to use to retrieve the next page of results. This value is
9906
+ # `null` when there are no more results to return.
9907
+ # @return [String]
9908
+ #
9909
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnRoutesResult AWS API Documentation
9910
+ #
9911
+ class DescribeClientVpnRoutesResult < Struct.new(
9912
+ :routes,
9913
+ :next_token)
9914
+ include Aws::Structure
9915
+ end
9916
+
9917
+ # @note When making an API call, you may pass DescribeClientVpnTargetNetworksRequest
9918
+ # data as a hash:
9919
+ #
9920
+ # {
9921
+ # client_vpn_endpoint_id: "String", # required
9922
+ # association_ids: ["String"],
9923
+ # max_results: 1,
9924
+ # next_token: "NextToken",
9925
+ # filters: [
9926
+ # {
9927
+ # name: "String",
9928
+ # values: ["String"],
9929
+ # },
9930
+ # ],
9931
+ # dry_run: false,
9932
+ # }
9933
+ #
9934
+ # @!attribute [rw] client_vpn_endpoint_id
9935
+ # The ID of the Client VPN endpoint.
9936
+ # @return [String]
9937
+ #
9938
+ # @!attribute [rw] association_ids
9939
+ # The IDs of the target network associations.
9940
+ # @return [Array<String>]
9941
+ #
9942
+ # @!attribute [rw] max_results
9943
+ # The maximum number of results to return for the request in a single
9944
+ # page. The remaining results can be seen by sending another request
9945
+ # with the nextToken value.
9946
+ # @return [Integer]
9947
+ #
9948
+ # @!attribute [rw] next_token
9949
+ # The token to retrieve the next page of results.
9950
+ # @return [String]
9951
+ #
9952
+ # @!attribute [rw] filters
9953
+ # One or more filters. Filter names and values are case-sensitive.
9954
+ # @return [Array<Types::Filter>]
9955
+ #
9956
+ # @!attribute [rw] dry_run
9957
+ # Checks whether you have the required permissions for the action,
9958
+ # without actually making the request, and provides an error response.
9959
+ # If you have the required permissions, the error response is
9960
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
9961
+ # @return [Boolean]
9962
+ #
9963
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnTargetNetworksRequest AWS API Documentation
9964
+ #
9965
+ class DescribeClientVpnTargetNetworksRequest < Struct.new(
9966
+ :client_vpn_endpoint_id,
9967
+ :association_ids,
9968
+ :max_results,
9969
+ :next_token,
9970
+ :filters,
9971
+ :dry_run)
9972
+ include Aws::Structure
9973
+ end
9974
+
9975
+ # @!attribute [rw] client_vpn_target_networks
9976
+ # Information about the associated target networks.
9977
+ # @return [Array<Types::TargetNetwork>]
9978
+ #
9979
+ # @!attribute [rw] next_token
9980
+ # The token to use to retrieve the next page of results. This value is
9981
+ # `null` when there are no more results to return.
9982
+ # @return [String]
9983
+ #
9984
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeClientVpnTargetNetworksResult AWS API Documentation
9985
+ #
9986
+ class DescribeClientVpnTargetNetworksResult < Struct.new(
9987
+ :client_vpn_target_networks,
9988
+ :next_token)
9989
+ include Aws::Structure
9990
+ end
9991
+
8604
9992
  # Contains the parameters for DescribeConversionTasks.
8605
9993
  #
8606
9994
  # @note When making an API call, you may pass DescribeConversionTasksRequest
@@ -16122,6 +17510,39 @@ module Aws::EC2
16122
17510
  include Aws::Structure
16123
17511
  end
16124
17512
 
17513
+ # Describes an Active Directory.
17514
+ #
17515
+ # @!attribute [rw] directory_id
17516
+ # The ID of the Active Directory used for authentication.
17517
+ # @return [String]
17518
+ #
17519
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DirectoryServiceAuthentication AWS API Documentation
17520
+ #
17521
+ class DirectoryServiceAuthentication < Struct.new(
17522
+ :directory_id)
17523
+ include Aws::Structure
17524
+ end
17525
+
17526
+ # Describes the Active Directory to be used for client authentication.
17527
+ #
17528
+ # @note When making an API call, you may pass DirectoryServiceAuthenticationRequest
17529
+ # data as a hash:
17530
+ #
17531
+ # {
17532
+ # directory_id: "String",
17533
+ # }
17534
+ #
17535
+ # @!attribute [rw] directory_id
17536
+ # The ID of the Active Directory to be used for authentication.
17537
+ # @return [String]
17538
+ #
17539
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DirectoryServiceAuthenticationRequest AWS API Documentation
17540
+ #
17541
+ class DirectoryServiceAuthenticationRequest < Struct.new(
17542
+ :directory_id)
17543
+ include Aws::Structure
17544
+ end
17545
+
16125
17546
  # @note When making an API call, you may pass DisableTransitGatewayRouteTablePropagationRequest
16126
17547
  # data as a hash:
16127
17548
  #
@@ -16294,6 +17715,56 @@ module Aws::EC2
16294
17715
  include Aws::Structure
16295
17716
  end
16296
17717
 
17718
+ # @note When making an API call, you may pass DisassociateClientVpnTargetNetworkRequest
17719
+ # data as a hash:
17720
+ #
17721
+ # {
17722
+ # client_vpn_endpoint_id: "String", # required
17723
+ # association_id: "String", # required
17724
+ # dry_run: false,
17725
+ # }
17726
+ #
17727
+ # @!attribute [rw] client_vpn_endpoint_id
17728
+ # The ID of the Client VPN endpoint from which to disassociate the
17729
+ # target network.
17730
+ # @return [String]
17731
+ #
17732
+ # @!attribute [rw] association_id
17733
+ # The ID of the target network association.
17734
+ # @return [String]
17735
+ #
17736
+ # @!attribute [rw] dry_run
17737
+ # Checks whether you have the required permissions for the action,
17738
+ # without actually making the request, and provides an error response.
17739
+ # If you have the required permissions, the error response is
17740
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
17741
+ # @return [Boolean]
17742
+ #
17743
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateClientVpnTargetNetworkRequest AWS API Documentation
17744
+ #
17745
+ class DisassociateClientVpnTargetNetworkRequest < Struct.new(
17746
+ :client_vpn_endpoint_id,
17747
+ :association_id,
17748
+ :dry_run)
17749
+ include Aws::Structure
17750
+ end
17751
+
17752
+ # @!attribute [rw] association_id
17753
+ # The ID of the target network association.
17754
+ # @return [String]
17755
+ #
17756
+ # @!attribute [rw] status
17757
+ # The current state of the target network association.
17758
+ # @return [Types::AssociationStatus]
17759
+ #
17760
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateClientVpnTargetNetworkResult AWS API Documentation
17761
+ #
17762
+ class DisassociateClientVpnTargetNetworkResult < Struct.new(
17763
+ :association_id,
17764
+ :status)
17765
+ include Aws::Structure
17766
+ end
17767
+
16297
17768
  # @note When making an API call, you may pass DisassociateIamInstanceProfileRequest
16298
17769
  # data as a hash:
16299
17770
  #
@@ -16627,6 +18098,36 @@ module Aws::EC2
16627
18098
  include Aws::Structure
16628
18099
  end
16629
18100
 
18101
+ # Information about the DNS server to be used.
18102
+ #
18103
+ # @note When making an API call, you may pass DnsServersOptionsModifyStructure
18104
+ # data as a hash:
18105
+ #
18106
+ # {
18107
+ # custom_dns_servers: ["String"],
18108
+ # enabled: false,
18109
+ # }
18110
+ #
18111
+ # @!attribute [rw] custom_dns_servers
18112
+ # The IPv4 address range, in CIDR notation, of the DNS servers to be
18113
+ # used. You can specify up to two DNS servers. Ensure that the DNS
18114
+ # servers can be reached by the clients. The specified values
18115
+ # overwrite the existing values.
18116
+ # @return [Array<String>]
18117
+ #
18118
+ # @!attribute [rw] enabled
18119
+ # Indicates whether DNS servers should be used. Specify `False` to
18120
+ # delete the existing DNS servers.
18121
+ # @return [Boolean]
18122
+ #
18123
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DnsServersOptionsModifyStructure AWS API Documentation
18124
+ #
18125
+ class DnsServersOptionsModifyStructure < Struct.new(
18126
+ :custom_dns_servers,
18127
+ :enabled)
18128
+ include Aws::Structure
18129
+ end
18130
+
16630
18131
  # Describes a block device for an EBS volume.
16631
18132
  #
16632
18133
  # @note When making an API call, you may pass EbsBlockDevice
@@ -16656,8 +18157,8 @@ module Aws::EC2
16656
18157
  # see [Amazon EBS Volume Types][1] in the *Amazon Elastic Compute
16657
18158
  # Cloud User Guide*.
16658
18159
  #
16659
- # Constraints: Range is 100-10,000 IOPS for `gp2` volumes and 100 to
16660
- # 64,000IOPS for `io1` volumes in most regions. Maximum `io1`IOPS of
18160
+ # Constraints: Range is 100-16,000 IOPS for `gp2` volumes and 100 to
18161
+ # 64,000IOPS for `io1` volumes in most Regions. Maximum `io1`IOPS of
16661
18162
  # 64,000 is guaranteed only on [Nitro-based
16662
18163
  # instances](AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
16663
18164
  # Other instance families guarantee performance up to 32,000 IOPS. For
@@ -17236,6 +18737,87 @@ module Aws::EC2
17236
18737
  include Aws::Structure
17237
18738
  end
17238
18739
 
18740
+ # @note When making an API call, you may pass ExportClientVpnClientCertificateRevocationListRequest
18741
+ # data as a hash:
18742
+ #
18743
+ # {
18744
+ # client_vpn_endpoint_id: "String", # required
18745
+ # dry_run: false,
18746
+ # }
18747
+ #
18748
+ # @!attribute [rw] client_vpn_endpoint_id
18749
+ # The ID of the Client VPN endpoint.
18750
+ # @return [String]
18751
+ #
18752
+ # @!attribute [rw] dry_run
18753
+ # Checks whether you have the required permissions for the action,
18754
+ # without actually making the request, and provides an error response.
18755
+ # If you have the required permissions, the error response is
18756
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
18757
+ # @return [Boolean]
18758
+ #
18759
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportClientVpnClientCertificateRevocationListRequest AWS API Documentation
18760
+ #
18761
+ class ExportClientVpnClientCertificateRevocationListRequest < Struct.new(
18762
+ :client_vpn_endpoint_id,
18763
+ :dry_run)
18764
+ include Aws::Structure
18765
+ end
18766
+
18767
+ # @!attribute [rw] certificate_revocation_list
18768
+ # Information about the client certificate revocation list.
18769
+ # @return [String]
18770
+ #
18771
+ # @!attribute [rw] status
18772
+ # The current state of the client certificate revocation list.
18773
+ # @return [Types::ClientCertificateRevocationListStatus]
18774
+ #
18775
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportClientVpnClientCertificateRevocationListResult AWS API Documentation
18776
+ #
18777
+ class ExportClientVpnClientCertificateRevocationListResult < Struct.new(
18778
+ :certificate_revocation_list,
18779
+ :status)
18780
+ include Aws::Structure
18781
+ end
18782
+
18783
+ # @note When making an API call, you may pass ExportClientVpnClientConfigurationRequest
18784
+ # data as a hash:
18785
+ #
18786
+ # {
18787
+ # client_vpn_endpoint_id: "String", # required
18788
+ # dry_run: false,
18789
+ # }
18790
+ #
18791
+ # @!attribute [rw] client_vpn_endpoint_id
18792
+ # The ID of the Client VPN endpoint.
18793
+ # @return [String]
18794
+ #
18795
+ # @!attribute [rw] dry_run
18796
+ # Checks whether you have the required permissions for the action,
18797
+ # without actually making the request, and provides an error response.
18798
+ # If you have the required permissions, the error response is
18799
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
18800
+ # @return [Boolean]
18801
+ #
18802
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportClientVpnClientConfigurationRequest AWS API Documentation
18803
+ #
18804
+ class ExportClientVpnClientConfigurationRequest < Struct.new(
18805
+ :client_vpn_endpoint_id,
18806
+ :dry_run)
18807
+ include Aws::Structure
18808
+ end
18809
+
18810
+ # @!attribute [rw] client_configuration
18811
+ # the contents of the client configuration file.
18812
+ # @return [String]
18813
+ #
18814
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ExportClientVpnClientConfigurationResult AWS API Documentation
18815
+ #
18816
+ class ExportClientVpnClientConfigurationResult < Struct.new(
18817
+ :client_configuration)
18818
+ include Aws::Structure
18819
+ end
18820
+
17239
18821
  # Describes an instance export task.
17240
18822
  #
17241
18823
  # @!attribute [rw] description
@@ -19414,6 +20996,55 @@ module Aws::EC2
19414
20996
  include Aws::Structure
19415
20997
  end
19416
20998
 
20999
+ # @note When making an API call, you may pass ImportClientVpnClientCertificateRevocationListRequest
21000
+ # data as a hash:
21001
+ #
21002
+ # {
21003
+ # client_vpn_endpoint_id: "String", # required
21004
+ # certificate_revocation_list: "String", # required
21005
+ # dry_run: false,
21006
+ # }
21007
+ #
21008
+ # @!attribute [rw] client_vpn_endpoint_id
21009
+ # The ID of the Client VPN endpoint to which the client certificate
21010
+ # revocation list applies.
21011
+ # @return [String]
21012
+ #
21013
+ # @!attribute [rw] certificate_revocation_list
21014
+ # The client certificate revocation list file. For more information,
21015
+ # see [Generate a Client Certificate Revocation
21016
+ # List](vpn/latest/clientvpn-admin/cvpn-working-certificates.html#cvpn-working-certificates-generate)
21017
+ # in the *AWS Client VPN Admin Guide*.
21018
+ # @return [String]
21019
+ #
21020
+ # @!attribute [rw] dry_run
21021
+ # Checks whether you have the required permissions for the action,
21022
+ # without actually making the request, and provides an error response.
21023
+ # If you have the required permissions, the error response is
21024
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
21025
+ # @return [Boolean]
21026
+ #
21027
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImportClientVpnClientCertificateRevocationListRequest AWS API Documentation
21028
+ #
21029
+ class ImportClientVpnClientCertificateRevocationListRequest < Struct.new(
21030
+ :client_vpn_endpoint_id,
21031
+ :certificate_revocation_list,
21032
+ :dry_run)
21033
+ include Aws::Structure
21034
+ end
21035
+
21036
+ # @!attribute [rw] return
21037
+ # Returns `true` if the request succeeds; otherwise, it returns an
21038
+ # error.
21039
+ # @return [Boolean]
21040
+ #
21041
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ImportClientVpnClientCertificateRevocationListResult AWS API Documentation
21042
+ #
21043
+ class ImportClientVpnClientCertificateRevocationListResult < Struct.new(
21044
+ :return)
21045
+ include Aws::Structure
21046
+ end
21047
+
19417
21048
  # Contains the parameters for ImportImage.
19418
21049
  #
19419
21050
  # @note When making an API call, you may pass ImportImageRequest
@@ -23066,16 +24697,16 @@ module Aws::EC2
23066
24697
  #
23067
24698
  # {
23068
24699
  # classic_load_balancers_config: {
23069
- # classic_load_balancers: [ # required
24700
+ # classic_load_balancers: [
23070
24701
  # {
23071
- # name: "String", # required
24702
+ # name: "String",
23072
24703
  # },
23073
24704
  # ],
23074
24705
  # },
23075
24706
  # target_groups_config: {
23076
- # target_groups: [ # required
24707
+ # target_groups: [
23077
24708
  # {
23078
- # arn: "String", # required
24709
+ # arn: "String",
23079
24710
  # },
23080
24711
  # ],
23081
24712
  # },
@@ -23255,6 +24886,90 @@ module Aws::EC2
23255
24886
  include Aws::Structure
23256
24887
  end
23257
24888
 
24889
+ # @note When making an API call, you may pass ModifyClientVpnEndpointRequest
24890
+ # data as a hash:
24891
+ #
24892
+ # {
24893
+ # client_vpn_endpoint_id: "String", # required
24894
+ # server_certificate_arn: "String",
24895
+ # connection_log_options: {
24896
+ # enabled: false,
24897
+ # cloudwatch_log_group: "String",
24898
+ # cloudwatch_log_stream: "String",
24899
+ # },
24900
+ # dns_servers: {
24901
+ # custom_dns_servers: ["String"],
24902
+ # enabled: false,
24903
+ # },
24904
+ # description: "String",
24905
+ # dry_run: false,
24906
+ # }
24907
+ #
24908
+ # @!attribute [rw] client_vpn_endpoint_id
24909
+ # The ID of the Client VPN endpoint to modify.
24910
+ # @return [String]
24911
+ #
24912
+ # @!attribute [rw] server_certificate_arn
24913
+ # The ARN of the server certificate to be used. The server certificate
24914
+ # must be provisioned in AWS Certificate Manager (ACM).
24915
+ # @return [String]
24916
+ #
24917
+ # @!attribute [rw] connection_log_options
24918
+ # Information about the client connection logging options.
24919
+ #
24920
+ # If you enable client connection logging, data about client
24921
+ # connections is sent to a Cloudwatch Logs log stream. The following
24922
+ # information is logged:
24923
+ #
24924
+ # * Client connection requests
24925
+ #
24926
+ # * Client connection results (successful and unsuccessful)
24927
+ #
24928
+ # * Reasons for unsuccessful client connection requests
24929
+ #
24930
+ # * Client connection termination time
24931
+ # @return [Types::ConnectionLogOptions]
24932
+ #
24933
+ # @!attribute [rw] dns_servers
24934
+ # Information about the DNS servers to be used by Client VPN
24935
+ # connections. A Client VPN endpoint can have up to two DNS servers.
24936
+ # @return [Types::DnsServersOptionsModifyStructure]
24937
+ #
24938
+ # @!attribute [rw] description
24939
+ # A brief description of the Client VPN endpoint.
24940
+ # @return [String]
24941
+ #
24942
+ # @!attribute [rw] dry_run
24943
+ # Checks whether you have the required permissions for the action,
24944
+ # without actually making the request, and provides an error response.
24945
+ # If you have the required permissions, the error response is
24946
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
24947
+ # @return [Boolean]
24948
+ #
24949
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyClientVpnEndpointRequest AWS API Documentation
24950
+ #
24951
+ class ModifyClientVpnEndpointRequest < Struct.new(
24952
+ :client_vpn_endpoint_id,
24953
+ :server_certificate_arn,
24954
+ :connection_log_options,
24955
+ :dns_servers,
24956
+ :description,
24957
+ :dry_run)
24958
+ include Aws::Structure
24959
+ end
24960
+
24961
+ # @!attribute [rw] return
24962
+ # Returns `true` if the request succeeds; otherwise, it returns an
24963
+ # error.
24964
+ # @return [Boolean]
24965
+ #
24966
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyClientVpnEndpointResult AWS API Documentation
24967
+ #
24968
+ class ModifyClientVpnEndpointResult < Struct.new(
24969
+ :return)
24970
+ include Aws::Structure
24971
+ end
24972
+
23258
24973
  # @note When making an API call, you may pass ModifyFleetRequest
23259
24974
  # data as a hash:
23260
24975
  #
@@ -27995,16 +29710,16 @@ module Aws::EC2
27995
29710
  # instance_interruption_behavior: "hibernate", # accepts hibernate, stop, terminate
27996
29711
  # load_balancers_config: {
27997
29712
  # classic_load_balancers_config: {
27998
- # classic_load_balancers: [ # required
29713
+ # classic_load_balancers: [
27999
29714
  # {
28000
- # name: "String", # required
29715
+ # name: "String",
28001
29716
  # },
28002
29717
  # ],
28003
29718
  # },
28004
29719
  # target_groups_config: {
28005
- # target_groups: [ # required
29720
+ # target_groups: [
28006
29721
  # {
28007
- # arn: "String", # required
29722
+ # arn: "String",
28008
29723
  # },
28009
29724
  # ],
28010
29725
  # },
@@ -29347,6 +31062,64 @@ module Aws::EC2
29347
31062
  include Aws::Structure
29348
31063
  end
29349
31064
 
31065
+ # @note When making an API call, you may pass RevokeClientVpnIngressRequest
31066
+ # data as a hash:
31067
+ #
31068
+ # {
31069
+ # client_vpn_endpoint_id: "String", # required
31070
+ # target_network_cidr: "String", # required
31071
+ # access_group_id: "String",
31072
+ # revoke_all_groups: false,
31073
+ # dry_run: false,
31074
+ # }
31075
+ #
31076
+ # @!attribute [rw] client_vpn_endpoint_id
31077
+ # The ID of the Client VPN endpoint with which the authorization rule
31078
+ # is associated.
31079
+ # @return [String]
31080
+ #
31081
+ # @!attribute [rw] target_network_cidr
31082
+ # The IPv4 address range, in CIDR notation, of the network for which
31083
+ # access is being removed.
31084
+ # @return [String]
31085
+ #
31086
+ # @!attribute [rw] access_group_id
31087
+ # The ID of the Active Directory group for which to revoke access.
31088
+ # @return [String]
31089
+ #
31090
+ # @!attribute [rw] revoke_all_groups
31091
+ # Indicates whether access should be revoked for all clients.
31092
+ # @return [Boolean]
31093
+ #
31094
+ # @!attribute [rw] dry_run
31095
+ # Checks whether you have the required permissions for the action,
31096
+ # without actually making the request, and provides an error response.
31097
+ # If you have the required permissions, the error response is
31098
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
31099
+ # @return [Boolean]
31100
+ #
31101
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RevokeClientVpnIngressRequest AWS API Documentation
31102
+ #
31103
+ class RevokeClientVpnIngressRequest < Struct.new(
31104
+ :client_vpn_endpoint_id,
31105
+ :target_network_cidr,
31106
+ :access_group_id,
31107
+ :revoke_all_groups,
31108
+ :dry_run)
31109
+ include Aws::Structure
31110
+ end
31111
+
31112
+ # @!attribute [rw] status
31113
+ # The current state of the authorization rule.
31114
+ # @return [Types::ClientVpnAuthorizationRuleStatus]
31115
+ #
31116
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/RevokeClientVpnIngressResult AWS API Documentation
31117
+ #
31118
+ class RevokeClientVpnIngressResult < Struct.new(
31119
+ :status)
31120
+ include Aws::Structure
31121
+ end
31122
+
29350
31123
  # @note When making an API call, you may pass RevokeSecurityGroupEgressRequest
29351
31124
  # data as a hash:
29352
31125
  #
@@ -32229,16 +34002,16 @@ module Aws::EC2
32229
34002
  # instance_interruption_behavior: "hibernate", # accepts hibernate, stop, terminate
32230
34003
  # load_balancers_config: {
32231
34004
  # classic_load_balancers_config: {
32232
- # classic_load_balancers: [ # required
34005
+ # classic_load_balancers: [
32233
34006
  # {
32234
- # name: "String", # required
34007
+ # name: "String",
32235
34008
  # },
32236
34009
  # ],
32237
34010
  # },
32238
34011
  # target_groups_config: {
32239
- # target_groups: [ # required
34012
+ # target_groups: [
32240
34013
  # {
32241
- # arn: "String", # required
34014
+ # arn: "String",
32242
34015
  # },
32243
34016
  # ],
32244
34017
  # },
@@ -33505,7 +35278,7 @@ module Aws::EC2
33505
35278
  # data as a hash:
33506
35279
  #
33507
35280
  # {
33508
- # arn: "String", # required
35281
+ # arn: "String",
33509
35282
  # }
33510
35283
  #
33511
35284
  # @!attribute [rw] arn
@@ -33526,9 +35299,9 @@ module Aws::EC2
33526
35299
  # data as a hash:
33527
35300
  #
33528
35301
  # {
33529
- # target_groups: [ # required
35302
+ # target_groups: [
33530
35303
  # {
33531
- # arn: "String", # required
35304
+ # arn: "String",
33532
35305
  # },
33533
35306
  # ],
33534
35307
  # }
@@ -33544,6 +35317,46 @@ module Aws::EC2
33544
35317
  include Aws::Structure
33545
35318
  end
33546
35319
 
35320
+ # Describes a target network associated with a Client VPN endpoint.
35321
+ #
35322
+ # @!attribute [rw] association_id
35323
+ # The ID of the association.
35324
+ # @return [String]
35325
+ #
35326
+ # @!attribute [rw] vpc_id
35327
+ # The ID of the VPC in which the target network (subnet) is located.
35328
+ # @return [String]
35329
+ #
35330
+ # @!attribute [rw] target_network_id
35331
+ # The ID of the subnet specified as the target network.
35332
+ # @return [String]
35333
+ #
35334
+ # @!attribute [rw] client_vpn_endpoint_id
35335
+ # The ID of the Client VPN endpoint with which the target network is
35336
+ # associated.
35337
+ # @return [String]
35338
+ #
35339
+ # @!attribute [rw] status
35340
+ # The current state of the target network association.
35341
+ # @return [Types::AssociationStatus]
35342
+ #
35343
+ # @!attribute [rw] security_groups
35344
+ # The IDs of the security groups applied to the target network
35345
+ # association.
35346
+ # @return [Array<String>]
35347
+ #
35348
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/TargetNetwork AWS API Documentation
35349
+ #
35350
+ class TargetNetwork < Struct.new(
35351
+ :association_id,
35352
+ :vpc_id,
35353
+ :target_network_id,
35354
+ :client_vpn_endpoint_id,
35355
+ :status,
35356
+ :security_groups)
35357
+ include Aws::Structure
35358
+ end
35359
+
33547
35360
  # The total value of the new Convertible Reserved Instances.
33548
35361
  #
33549
35362
  # @!attribute [rw] reservation_value
@@ -33565,6 +35378,92 @@ module Aws::EC2
33565
35378
  include Aws::Structure
33566
35379
  end
33567
35380
 
35381
+ # @note When making an API call, you may pass TerminateClientVpnConnectionsRequest
35382
+ # data as a hash:
35383
+ #
35384
+ # {
35385
+ # client_vpn_endpoint_id: "String", # required
35386
+ # connection_id: "String",
35387
+ # username: "String",
35388
+ # dry_run: false,
35389
+ # }
35390
+ #
35391
+ # @!attribute [rw] client_vpn_endpoint_id
35392
+ # The ID of the Client VPN endpoint to which the client is connected.
35393
+ # @return [String]
35394
+ #
35395
+ # @!attribute [rw] connection_id
35396
+ # The ID of the client connection to be terminated.
35397
+ # @return [String]
35398
+ #
35399
+ # @!attribute [rw] username
35400
+ # The name of the user who initiated the connection. Use this option
35401
+ # to terminate all active connections for the specified user. This
35402
+ # option can only be used if the user has established up to five
35403
+ # connections.
35404
+ # @return [String]
35405
+ #
35406
+ # @!attribute [rw] dry_run
35407
+ # Checks whether you have the required permissions for the action,
35408
+ # without actually making the request, and provides an error response.
35409
+ # If you have the required permissions, the error response is
35410
+ # `DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.
35411
+ # @return [Boolean]
35412
+ #
35413
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/TerminateClientVpnConnectionsRequest AWS API Documentation
35414
+ #
35415
+ class TerminateClientVpnConnectionsRequest < Struct.new(
35416
+ :client_vpn_endpoint_id,
35417
+ :connection_id,
35418
+ :username,
35419
+ :dry_run)
35420
+ include Aws::Structure
35421
+ end
35422
+
35423
+ # @!attribute [rw] client_vpn_endpoint_id
35424
+ # The ID of the Client VPN endpoint.
35425
+ # @return [String]
35426
+ #
35427
+ # @!attribute [rw] username
35428
+ # The user who established the terminated client connections.
35429
+ # @return [String]
35430
+ #
35431
+ # @!attribute [rw] connection_statuses
35432
+ # The current state of the client connections.
35433
+ # @return [Array<Types::TerminateConnectionStatus>]
35434
+ #
35435
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/TerminateClientVpnConnectionsResult AWS API Documentation
35436
+ #
35437
+ class TerminateClientVpnConnectionsResult < Struct.new(
35438
+ :client_vpn_endpoint_id,
35439
+ :username,
35440
+ :connection_statuses)
35441
+ include Aws::Structure
35442
+ end
35443
+
35444
+ # Information about a terminated Client VPN endpoint client connection.
35445
+ #
35446
+ # @!attribute [rw] connection_id
35447
+ # The ID of the client connection.
35448
+ # @return [String]
35449
+ #
35450
+ # @!attribute [rw] previous_status
35451
+ # The state of the client connection.
35452
+ # @return [Types::ClientVpnConnectionStatus]
35453
+ #
35454
+ # @!attribute [rw] current_status
35455
+ # A message about the status of the client connection, if applicable.
35456
+ # @return [Types::ClientVpnConnectionStatus]
35457
+ #
35458
+ # @see http://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/TerminateConnectionStatus AWS API Documentation
35459
+ #
35460
+ class TerminateConnectionStatus < Struct.new(
35461
+ :connection_id,
35462
+ :previous_status,
35463
+ :current_status)
35464
+ include Aws::Structure
35465
+ end
35466
+
33568
35467
  # @note When making an API call, you may pass TerminateInstancesRequest
33569
35468
  # data as a hash:
33570
35469
  #
@@ -34734,7 +36633,7 @@ module Aws::EC2
34734
36633
  # performance, I/O credits, and bursting, see [Amazon EBS Volume
34735
36634
  # Types][1] in the *Amazon Elastic Compute Cloud User Guide*.
34736
36635
  #
34737
- # Constraints: Range is 100-10,000 IOPS for `gp2` volumes and 100 to
36636
+ # Constraints: Range is 100-16,000 IOPS for `gp2` volumes and 100 to
34738
36637
  # 64,000IOPS for `io1` volumes in most regions. Maximum `io1`IOPS of
34739
36638
  # 64,000 is guaranteed only on [Nitro-based
34740
36639
  # instances](AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).