aws-sdk-ecr 1.65.0 → 1.66.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1f863825db35a3bd49713e0ed95d6efb7ef4691e8ef033736111adfc7d1bc120
-  data.tar.gz: c9ec4a77969ae4f365c04a8977a48ffae8bd6aaad3d4318f52b109988238bfe1
+  metadata.gz: 4b1573eb5bbc39c596ad572882cd6f1180a1d85c0b23c6b70fcb64a467d3d5ce
+  data.tar.gz: 1f0744084dd68fdc6d65782e095735822954c7529cc1e6dd973b2ef603737e32
 SHA512:
-  metadata.gz: f74e70d02b521259aba86f35f671c222d3d23ed2957ccf9245a05cf4439b2b8fd523a3a3530f93c0f5d508cfb8e0c5256eeab8a3cd02060b51cfc0604b3241ad
-  data.tar.gz: b5601b2aca2ba2a3e2a6dd7a386f8bc727b39b02c0db687ca431dcbda19b87b052b68a4cd34b3ca17e5784f432a933001066aa536685f48d0b391797b84ab670
+  metadata.gz: 37f6e4d46efde86839c345e8f78f6ec41052a662007b37cc600be7065712f6ab76a3c659860e2929c5458e4009551d75ece8c8779212dfb25e8c94d06f7bf892
+  data.tar.gz: 9674d7235db234ffd62605b56121e99958b66a36e20022cd8d77cc006f45bb32ab294f978ea389152c43c61b2b4503338aaaf0021df2626186b2ebaa13514f47

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.66.0 (2023-11-17)
+------------------
+
+* Feature - Documentation and operational updates for Amazon ECR, adding support for pull through cache rules for upstream registries that require authentication.
+
 1.65.0 (2023-09-27)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.65.0
+1.66.0

data/lib/aws-sdk-ecr/client.rb

@@ -532,7 +532,7 @@ module Aws::ECR
     #   resp.failures #=> Array
     #   resp.failures[0].image_id.image_digest #=> String
     #   resp.failures[0].image_id.image_tag #=> String
-    #   resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError"
+    #   resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError", "UpstreamAccessDenied", "UpstreamTooManyRequests", "UpstreamUnavailable"
     #   resp.failures[0].failure_reason #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchDeleteImage AWS API Documentation
@@ -633,7 +633,7 @@ module Aws::ECR
     #   resp.failures #=> Array
     #   resp.failures[0].image_id.image_digest #=> String
     #   resp.failures[0].image_id.image_tag #=> String
-    #   resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError"
+    #   resp.failures[0].failure_code #=> String, one of "InvalidImageDigest", "InvalidImageTag", "ImageTagDoesNotMatchDigest", "ImageNotFound", "MissingDigestAndTag", "ImageReferencedByManifestList", "KmsError", "UpstreamAccessDenied", "UpstreamTooManyRequests", "UpstreamUnavailable"
     #   resp.failures[0].failure_reason #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/BatchGetImage AWS API Documentation
@@ -747,8 +747,13 @@ module Aws::ECR
     end
 
     # Creates a pull through cache rule. A pull through cache rule provides
-    # a way to cache images from an external public registry in your Amazon
-    # ECR private registry.
+    # a way to cache images from an upstream registry source in your Amazon
+    # ECR private registry. For more information, see [Using pull through
+    # cache rules][1] in the *Amazon Elastic Container Registry User Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html
     #
     # @option params [required, String] :ecr_repository_prefix
     #   The repository name prefix to use when caching images from the source
@@ -756,19 +761,43 @@ module Aws::ECR
     #
     # @option params [required, String] :upstream_registry_url
     #   The registry URL of the upstream public registry to use as the source
-    #   for the pull through cache rule.
+    #   for the pull through cache rule. The following is the syntax to use
+    #   for each supported upstream registry.
+    #
+    #   * Amazon ECR Public (`ecr-public`) - `public.ecr.aws`
+    #
+    #   * Docker Hub (`docker-hub`) - `registry-1.docker.io`
+    #
+    #   * Quay (`quay`) - `quay.io`
+    #
+    #   * Kubernetes (`k8s`) - `registry.k8s.io`
+    #
+    #   * GitHub Container Registry (`github-container-registry`) - `ghcr.io`
+    #
+    #   * Microsoft Azure Container Registry (`azure-container-registry`) -
+    #     `<custom>.azurecr.io`
     #
     # @option params [String] :registry_id
     #   The Amazon Web Services account ID associated with the registry to
     #   create the pull through cache rule for. If you do not specify a
     #   registry, the default registry is assumed.
     #
+    # @option params [String] :upstream_registry
+    #   The name of the upstream registry.
+    #
+    # @option params [String] :credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret that identifies the credentials to authenticate to the
+    #   upstream registry.
+    #
     # @return [Types::CreatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String
     #   * {Types::CreatePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String
     #   * {Types::CreatePullThroughCacheRuleResponse#created_at #created_at} => Time
     #   * {Types::CreatePullThroughCacheRuleResponse#registry_id #registry_id} => String
+    #   * {Types::CreatePullThroughCacheRuleResponse#upstream_registry #upstream_registry} => String
+    #   * {Types::CreatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -776,6 +805,8 @@ module Aws::ECR
     #     ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required
     #     upstream_registry_url: "Url", # required
     #     registry_id: "RegistryId",
+    #     upstream_registry: "ecr-public", # accepts ecr-public, quay, k8s, docker-hub, github-container-registry, azure-container-registry
+    #     credential_arn: "CredentialArn",
     #   })
     #
     # @example Response structure
@@ -784,6 +815,8 @@ module Aws::ECR
     #   resp.upstream_registry_url #=> String
     #   resp.created_at #=> Time
     #   resp.registry_id #=> String
+    #   resp.upstream_registry #=> String, one of "ecr-public", "quay", "k8s", "docker-hub", "github-container-registry", "azure-container-registry"
+    #   resp.credential_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRule AWS API Documentation
     #
@@ -961,6 +994,7 @@ module Aws::ECR
     #   * {Types::DeletePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String
     #   * {Types::DeletePullThroughCacheRuleResponse#created_at #created_at} => Time
     #   * {Types::DeletePullThroughCacheRuleResponse#registry_id #registry_id} => String
+    #   * {Types::DeletePullThroughCacheRuleResponse#credential_arn #credential_arn} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -975,6 +1009,7 @@ module Aws::ECR
     #   resp.upstream_registry_url #=> String
     #   resp.created_at #=> Time
     #   resp.registry_id #=> String
+    #   resp.credential_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeletePullThroughCacheRule AWS API Documentation
     #
@@ -1006,9 +1041,10 @@ module Aws::ECR
       req.send_request(options)
     end
 
-    # Deletes a repository. If the repository contains images, you must
-    # either delete all images in the repository or use the `force` option
-    # to delete the repository.
+    # Deletes a repository. If the repository isn't empty, you must either
+    # delete the contents of the repository or use the `force` option to
+    # delete the repository and have Amazon ECR delete all of its contents
+    # on your behalf.
     #
     # @option params [String] :registry_id
     #   The Amazon Web Services account ID associated with the registry that
@@ -1019,7 +1055,9 @@ module Aws::ECR
     #   The name of the repository to delete.
     #
     # @option params [Boolean] :force
-    #   If a repository contains images, forces the deletion.
+    #   If true, deleting the repository force deletes the contents of the
+    #   repository. If false, the repository must be empty before attempting
+    #   to delete it.
     #
     # @return [Types::DeleteRepositoryResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1486,6 +1524,9 @@ module Aws::ECR
     #   resp.pull_through_cache_rules[0].upstream_registry_url #=> String
     #   resp.pull_through_cache_rules[0].created_at #=> Time
     #   resp.pull_through_cache_rules[0].registry_id #=> String
+    #   resp.pull_through_cache_rules[0].credential_arn #=> String
+    #   resp.pull_through_cache_rules[0].upstream_registry #=> String, one of "ecr-public", "quay", "k8s", "docker-hub", "github-container-registry", "azure-container-registry"
+    #   resp.pull_through_cache_rules[0].updated_at #=> Time
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DescribePullThroughCacheRules AWS API Documentation
@@ -2792,6 +2833,53 @@ module Aws::ECR
       req.send_request(options)
     end
 
+    # Updates an existing pull through cache rule.
+    #
+    # @option params [String] :registry_id
+    #   The Amazon Web Services account ID associated with the registry
+    #   associated with the pull through cache rule. If you do not specify a
+    #   registry, the default registry is assumed.
+    #
+    # @option params [required, String] :ecr_repository_prefix
+    #   The repository name prefix to use when caching images from the source
+    #   registry.
+    #
+    # @option params [required, String] :credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret that identifies the credentials to authenticate to the
+    #   upstream registry.
+    #
+    # @return [Types::UpdatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String
+    #   * {Types::UpdatePullThroughCacheRuleResponse#registry_id #registry_id} => String
+    #   * {Types::UpdatePullThroughCacheRuleResponse#updated_at #updated_at} => Time
+    #   * {Types::UpdatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_pull_through_cache_rule({
+    #     registry_id: "RegistryId",
+    #     ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required
+    #     credential_arn: "CredentialArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.ecr_repository_prefix #=> String
+    #   resp.registry_id #=> String
+    #   resp.updated_at #=> Time
+    #   resp.credential_arn #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UpdatePullThroughCacheRule AWS API Documentation
+    #
+    # @overload update_pull_through_cache_rule(params = {})
+    # @param [Hash] params ({})
+    def update_pull_through_cache_rule(params = {}, options = {})
+      req = build_request(:update_pull_through_cache_rule, params)
+      req.send_request(options)
+    end
+
     # Uploads an image layer part to Amazon ECR.
     #
     # When an image is pushed, each new image layer is uploaded in parts.
@@ -2862,6 +2950,54 @@ module Aws::ECR
       req.send_request(options)
     end
 
+    # Validates an existing pull through cache rule for an upstream registry
+    # that requires authentication. This will retrieve the contents of the
+    # Amazon Web Services Secrets Manager secret, verify the syntax, and
+    # then validate that authentication to the upstream registry is
+    # successful.
+    #
+    # @option params [required, String] :ecr_repository_prefix
+    #   The repository name prefix associated with the pull through cache
+    #   rule.
+    #
+    # @option params [String] :registry_id
+    #   The registry ID associated with the pull through cache rule. If you do
+    #   not specify a registry, the default registry is assumed.
+    #
+    # @return [Types::ValidatePullThroughCacheRuleResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ValidatePullThroughCacheRuleResponse#ecr_repository_prefix #ecr_repository_prefix} => String
+    #   * {Types::ValidatePullThroughCacheRuleResponse#registry_id #registry_id} => String
+    #   * {Types::ValidatePullThroughCacheRuleResponse#upstream_registry_url #upstream_registry_url} => String
+    #   * {Types::ValidatePullThroughCacheRuleResponse#credential_arn #credential_arn} => String
+    #   * {Types::ValidatePullThroughCacheRuleResponse#is_valid #is_valid} => Boolean
+    #   * {Types::ValidatePullThroughCacheRuleResponse#failure #failure} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.validate_pull_through_cache_rule({
+    #     ecr_repository_prefix: "PullThroughCacheRuleRepositoryPrefix", # required
+    #     registry_id: "RegistryId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.ecr_repository_prefix #=> String
+    #   resp.registry_id #=> String
+    #   resp.upstream_registry_url #=> String
+    #   resp.credential_arn #=> String
+    #   resp.is_valid #=> Boolean
+    #   resp.failure #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ValidatePullThroughCacheRule AWS API Documentation
+    #
+    # @overload validate_pull_through_cache_rule(params = {})
+    # @param [Hash] params ({})
+    def validate_pull_through_cache_rule(params = {}, options = {})
+      req = build_request(:validate_pull_through_cache_rule, params)
+      req.send_request(options)
+    end
+
     # @!endgroup
 
     # @param params ({})
@@ -2875,7 +3011,7 @@ module Aws::ECR
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-ecr'
-      context[:gem_version] = '1.65.0'
+      context[:gem_version] = '1.66.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-ecr/client_api.rb

@@ -42,6 +42,7 @@ module Aws::ECR
     CreateRepositoryRequest = Shapes::StructureShape.new(name: 'CreateRepositoryRequest')
     CreateRepositoryResponse = Shapes::StructureShape.new(name: 'CreateRepositoryResponse')
     CreationTimestamp = Shapes::TimestampShape.new(name: 'CreationTimestamp')
+    CredentialArn = Shapes::StringShape.new(name: 'CredentialArn')
     CvssScore = Shapes::StructureShape.new(name: 'CvssScore')
     CvssScoreAdjustment = Shapes::StructureShape.new(name: 'CvssScoreAdjustment')
     CvssScoreAdjustmentList = Shapes::ListShape.new(name: 'CvssScoreAdjustmentList')
@@ -139,6 +140,7 @@ module Aws::ECR
     InvalidLayerPartException = Shapes::StructureShape.new(name: 'InvalidLayerPartException')
     InvalidParameterException = Shapes::StructureShape.new(name: 'InvalidParameterException')
     InvalidTagParameterException = Shapes::StructureShape.new(name: 'InvalidTagParameterException')
+    IsPTCRuleValid = Shapes::BooleanShape.new(name: 'IsPTCRuleValid')
     KmsError = Shapes::StringShape.new(name: 'KmsError')
     KmsException = Shapes::StructureShape.new(name: 'KmsException')
     KmsKey = Shapes::StringShape.new(name: 'KmsKey')
@@ -180,6 +182,7 @@ module Aws::ECR
     MediaTypeList = Shapes::ListShape.new(name: 'MediaTypeList')
     Metric = Shapes::StringShape.new(name: 'Metric')
     NextToken = Shapes::StringShape.new(name: 'NextToken')
+    PTCValidateFailure = Shapes::StringShape.new(name: 'PTCValidateFailure')
     PackageManager = Shapes::StringShape.new(name: 'PackageManager')
     PackageVulnerabilityDetails = Shapes::StructureShape.new(name: 'PackageVulnerabilityDetails')
     PartSize = Shapes::IntegerShape.new(name: 'PartSize')
@@ -268,6 +271,7 @@ module Aws::ECR
     Score = Shapes::FloatShape.new(name: 'Score')
     ScoreDetails = Shapes::StructureShape.new(name: 'ScoreDetails')
     ScoringVector = Shapes::StringShape.new(name: 'ScoringVector')
+    SecretNotFoundException = Shapes::StructureShape.new(name: 'SecretNotFoundException')
     ServerException = Shapes::StructureShape.new(name: 'ServerException')
     SetRepositoryPolicyRequest = Shapes::StructureShape.new(name: 'SetRepositoryPolicyRequest')
     SetRepositoryPolicyResponse = Shapes::StructureShape.new(name: 'SetRepositoryPolicyResponse')
@@ -292,15 +296,25 @@ module Aws::ECR
     Title = Shapes::StringShape.new(name: 'Title')
     TooManyTagsException = Shapes::StructureShape.new(name: 'TooManyTagsException')
     Type = Shapes::StringShape.new(name: 'Type')
+    UnableToAccessSecretException = Shapes::StructureShape.new(name: 'UnableToAccessSecretException')
+    UnableToDecryptSecretValueException = Shapes::StructureShape.new(name: 'UnableToDecryptSecretValueException')
+    UnableToGetUpstreamImageException = Shapes::StructureShape.new(name: 'UnableToGetUpstreamImageException')
+    UnableToGetUpstreamLayerException = Shapes::StructureShape.new(name: 'UnableToGetUpstreamLayerException')
     UnsupportedImageTypeException = Shapes::StructureShape.new(name: 'UnsupportedImageTypeException')
     UnsupportedUpstreamRegistryException = Shapes::StructureShape.new(name: 'UnsupportedUpstreamRegistryException')
     UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
     UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
+    UpdatePullThroughCacheRuleRequest = Shapes::StructureShape.new(name: 'UpdatePullThroughCacheRuleRequest')
+    UpdatePullThroughCacheRuleResponse = Shapes::StructureShape.new(name: 'UpdatePullThroughCacheRuleResponse')
+    UpdatedTimestamp = Shapes::TimestampShape.new(name: 'UpdatedTimestamp')
     UploadId = Shapes::StringShape.new(name: 'UploadId')
     UploadLayerPartRequest = Shapes::StructureShape.new(name: 'UploadLayerPartRequest')
     UploadLayerPartResponse = Shapes::StructureShape.new(name: 'UploadLayerPartResponse')
     UploadNotFoundException = Shapes::StructureShape.new(name: 'UploadNotFoundException')
+    UpstreamRegistry = Shapes::StringShape.new(name: 'UpstreamRegistry')
     Url = Shapes::StringShape.new(name: 'Url')
+    ValidatePullThroughCacheRuleRequest = Shapes::StructureShape.new(name: 'ValidatePullThroughCacheRuleRequest')
+    ValidatePullThroughCacheRuleResponse = Shapes::StructureShape.new(name: 'ValidatePullThroughCacheRuleResponse')
     ValidationException = Shapes::StructureShape.new(name: 'ValidationException')
     Version = Shapes::StringShape.new(name: 'Version')
     VulnerabilityId = Shapes::StringShape.new(name: 'VulnerabilityId')
@@ -384,12 +398,16 @@ module Aws::ECR
     CreatePullThroughCacheRuleRequest.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, required: true, location_name: "ecrRepositoryPrefix"))
     CreatePullThroughCacheRuleRequest.add_member(:upstream_registry_url, Shapes::ShapeRef.new(shape: Url, required: true, location_name: "upstreamRegistryUrl"))
     CreatePullThroughCacheRuleRequest.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    CreatePullThroughCacheRuleRequest.add_member(:upstream_registry, Shapes::ShapeRef.new(shape: UpstreamRegistry, location_name: "upstreamRegistry"))
+    CreatePullThroughCacheRuleRequest.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
     CreatePullThroughCacheRuleRequest.struct_class = Types::CreatePullThroughCacheRuleRequest
 
     CreatePullThroughCacheRuleResponse.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, location_name: "ecrRepositoryPrefix"))
     CreatePullThroughCacheRuleResponse.add_member(:upstream_registry_url, Shapes::ShapeRef.new(shape: Url, location_name: "upstreamRegistryUrl"))
     CreatePullThroughCacheRuleResponse.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "createdAt"))
     CreatePullThroughCacheRuleResponse.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    CreatePullThroughCacheRuleResponse.add_member(:upstream_registry, Shapes::ShapeRef.new(shape: UpstreamRegistry, location_name: "upstreamRegistry"))
+    CreatePullThroughCacheRuleResponse.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
     CreatePullThroughCacheRuleResponse.struct_class = Types::CreatePullThroughCacheRuleResponse
 
     CreateRepositoryRequest.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
@@ -442,6 +460,7 @@ module Aws::ECR
     DeletePullThroughCacheRuleResponse.add_member(:upstream_registry_url, Shapes::ShapeRef.new(shape: Url, location_name: "upstreamRegistryUrl"))
     DeletePullThroughCacheRuleResponse.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "createdAt"))
     DeletePullThroughCacheRuleResponse.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    DeletePullThroughCacheRuleResponse.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
     DeletePullThroughCacheRuleResponse.struct_class = Types::DeletePullThroughCacheRuleResponse
 
     DeleteRegistryPolicyRequest.struct_class = Types::DeleteRegistryPolicyRequest
@@ -841,6 +860,9 @@ module Aws::ECR
     PullThroughCacheRule.add_member(:upstream_registry_url, Shapes::ShapeRef.new(shape: Url, location_name: "upstreamRegistryUrl"))
     PullThroughCacheRule.add_member(:created_at, Shapes::ShapeRef.new(shape: CreationTimestamp, location_name: "createdAt"))
     PullThroughCacheRule.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    PullThroughCacheRule.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
+    PullThroughCacheRule.add_member(:upstream_registry, Shapes::ShapeRef.new(shape: UpstreamRegistry, location_name: "upstreamRegistry"))
+    PullThroughCacheRule.add_member(:updated_at, Shapes::ShapeRef.new(shape: UpdatedTimestamp, location_name: "updatedAt"))
     PullThroughCacheRule.struct_class = Types::PullThroughCacheRule
 
     PullThroughCacheRuleAlreadyExistsException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
@@ -1029,6 +1051,9 @@ module Aws::ECR
     ScoreDetails.add_member(:cvss, Shapes::ShapeRef.new(shape: CvssScoreDetails, location_name: "cvss"))
     ScoreDetails.struct_class = Types::ScoreDetails
 
+    SecretNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
+    SecretNotFoundException.struct_class = Types::SecretNotFoundException
+
     ServerException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
     ServerException.struct_class = Types::ServerException
 
@@ -1085,6 +1110,18 @@ module Aws::ECR
     TooManyTagsException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
     TooManyTagsException.struct_class = Types::TooManyTagsException
 
+    UnableToAccessSecretException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
+    UnableToAccessSecretException.struct_class = Types::UnableToAccessSecretException
+
+    UnableToDecryptSecretValueException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
+    UnableToDecryptSecretValueException.struct_class = Types::UnableToDecryptSecretValueException
+
+    UnableToGetUpstreamImageException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
+    UnableToGetUpstreamImageException.struct_class = Types::UnableToGetUpstreamImageException
+
+    UnableToGetUpstreamLayerException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
+    UnableToGetUpstreamLayerException.struct_class = Types::UnableToGetUpstreamLayerException
+
     UnsupportedImageTypeException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
     UnsupportedImageTypeException.struct_class = Types::UnsupportedImageTypeException
 
@@ -1097,6 +1134,17 @@ module Aws::ECR
 
     UntagResourceResponse.struct_class = Types::UntagResourceResponse
 
+    UpdatePullThroughCacheRuleRequest.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    UpdatePullThroughCacheRuleRequest.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, required: true, location_name: "ecrRepositoryPrefix"))
+    UpdatePullThroughCacheRuleRequest.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, required: true, location_name: "credentialArn"))
+    UpdatePullThroughCacheRuleRequest.struct_class = Types::UpdatePullThroughCacheRuleRequest
+
+    UpdatePullThroughCacheRuleResponse.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, location_name: "ecrRepositoryPrefix"))
+    UpdatePullThroughCacheRuleResponse.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    UpdatePullThroughCacheRuleResponse.add_member(:updated_at, Shapes::ShapeRef.new(shape: UpdatedTimestamp, location_name: "updatedAt"))
+    UpdatePullThroughCacheRuleResponse.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
+    UpdatePullThroughCacheRuleResponse.struct_class = Types::UpdatePullThroughCacheRuleResponse
+
     UploadLayerPartRequest.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
     UploadLayerPartRequest.add_member(:repository_name, Shapes::ShapeRef.new(shape: RepositoryName, required: true, location_name: "repositoryName"))
     UploadLayerPartRequest.add_member(:upload_id, Shapes::ShapeRef.new(shape: UploadId, required: true, location_name: "uploadId"))
@@ -1114,6 +1162,18 @@ module Aws::ECR
     UploadNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
     UploadNotFoundException.struct_class = Types::UploadNotFoundException
 
+    ValidatePullThroughCacheRuleRequest.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, required: true, location_name: "ecrRepositoryPrefix"))
+    ValidatePullThroughCacheRuleRequest.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    ValidatePullThroughCacheRuleRequest.struct_class = Types::ValidatePullThroughCacheRuleRequest
+
+    ValidatePullThroughCacheRuleResponse.add_member(:ecr_repository_prefix, Shapes::ShapeRef.new(shape: PullThroughCacheRuleRepositoryPrefix, location_name: "ecrRepositoryPrefix"))
+    ValidatePullThroughCacheRuleResponse.add_member(:registry_id, Shapes::ShapeRef.new(shape: RegistryId, location_name: "registryId"))
+    ValidatePullThroughCacheRuleResponse.add_member(:upstream_registry_url, Shapes::ShapeRef.new(shape: Url, location_name: "upstreamRegistryUrl"))
+    ValidatePullThroughCacheRuleResponse.add_member(:credential_arn, Shapes::ShapeRef.new(shape: CredentialArn, location_name: "credentialArn"))
+    ValidatePullThroughCacheRuleResponse.add_member(:is_valid, Shapes::ShapeRef.new(shape: IsPTCRuleValid, location_name: "isValid"))
+    ValidatePullThroughCacheRuleResponse.add_member(:failure, Shapes::ShapeRef.new(shape: PTCValidateFailure, location_name: "failure"))
+    ValidatePullThroughCacheRuleResponse.struct_class = Types::ValidatePullThroughCacheRuleResponse
+
     ValidationException.add_member(:message, Shapes::ShapeRef.new(shape: ExceptionMessage, location_name: "message"))
     ValidationException.struct_class = Types::ValidationException
 
@@ -1180,6 +1240,8 @@ module Aws::ECR
         o.errors << Shapes::ShapeRef.new(shape: ServerException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
         o.errors << Shapes::ShapeRef.new(shape: RepositoryNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToGetUpstreamImageException)
       end)
 
       api.add_operation(:batch_get_repository_scanning_configuration, Seahorse::Model::Operation.new.tap do |o|
@@ -1223,6 +1285,9 @@ module Aws::ECR
         o.errors << Shapes::ShapeRef.new(shape: PullThroughCacheRuleAlreadyExistsException)
         o.errors << Shapes::ShapeRef.new(shape: UnsupportedUpstreamRegistryException)
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToAccessSecretException)
+        o.errors << Shapes::ShapeRef.new(shape: SecretNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToDecryptSecretValueException)
       end)
 
       api.add_operation(:create_repository, Seahorse::Model::Operation.new.tap do |o|
@@ -1420,6 +1485,7 @@ module Aws::ECR
         o.errors << Shapes::ShapeRef.new(shape: LayersNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: LayerInaccessibleException)
         o.errors << Shapes::ShapeRef.new(shape: RepositoryNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToGetUpstreamLayerException)
       end)
 
       api.add_operation(:get_lifecycle_policy, Seahorse::Model::Operation.new.tap do |o|
@@ -1681,6 +1747,21 @@ module Aws::ECR
         o.errors << Shapes::ShapeRef.new(shape: ServerException)
       end)
 
+      api.add_operation(:update_pull_through_cache_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "UpdatePullThroughCacheRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: UpdatePullThroughCacheRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: UpdatePullThroughCacheRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServerException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToAccessSecretException)
+        o.errors << Shapes::ShapeRef.new(shape: PullThroughCacheRuleNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: SecretNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: UnableToDecryptSecretValueException)
+      end)
+
       api.add_operation(:upload_layer_part, Seahorse::Model::Operation.new.tap do |o|
         o.name = "UploadLayerPart"
         o.http_method = "POST"
@@ -1695,6 +1776,18 @@ module Aws::ECR
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
         o.errors << Shapes::ShapeRef.new(shape: KmsException)
       end)
+
+      api.add_operation(:validate_pull_through_cache_rule, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ValidatePullThroughCacheRule"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ValidatePullThroughCacheRuleRequest)
+        o.output = Shapes::ShapeRef.new(shape: ValidatePullThroughCacheRuleResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServerException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: PullThroughCacheRuleNotFoundException)
+      end)
     end
 
   end

data/lib/aws-sdk-ecr/endpoint_provider.rb

@@ -32,11 +32,11 @@ module Aws::ECR
             raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
           end
           if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
-              if Aws::Endpoints::Matchers.string_equals?("aws", Aws::Endpoints::Matchers.attr(partition_result, "name"))
+            if Aws::Endpoints::Matchers.boolean_equals?(Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"), true)
+              if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws")
                 return Aws::Endpoints::Endpoint.new(url: "https://ecr-fips.#{region}.amazonaws.com", headers: {}, properties: {})
               end
-              if Aws::Endpoints::Matchers.string_equals?("aws-us-gov", Aws::Endpoints::Matchers.attr(partition_result, "name"))
+              if Aws::Endpoints::Matchers.string_equals?(Aws::Endpoints::Matchers.attr(partition_result, "name"), "aws-us-gov")
                 return Aws::Endpoints::Endpoint.new(url: "https://ecr-fips.#{region}.amazonaws.com", headers: {}, properties: {})
               end
               return Aws::Endpoints::Endpoint.new(url: "https://api.ecr-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})

data/lib/aws-sdk-ecr/endpoints.rb

@@ -572,6 +572,20 @@ module Aws::ECR
       end
     end
 
+    class UpdatePullThroughCacheRule
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ECR::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class UploadLayerPart
       def self.build(context)
         unless context.config.regional_endpoint
@@ -586,5 +600,19 @@ module Aws::ECR
       end
     end
 
+    class ValidatePullThroughCacheRule
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::ECR::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
   end
 end

data/lib/aws-sdk-ecr/errors.rb

@@ -54,8 +54,13 @@ module Aws::ECR
   # * {RepositoryNotFoundException}
   # * {RepositoryPolicyNotFoundException}
   # * {ScanNotFoundException}
+  # * {SecretNotFoundException}
   # * {ServerException}
   # * {TooManyTagsException}
+  # * {UnableToAccessSecretException}
+  # * {UnableToDecryptSecretValueException}
+  # * {UnableToGetUpstreamImageException}
+  # * {UnableToGetUpstreamLayerException}
   # * {UnsupportedImageTypeException}
   # * {UnsupportedUpstreamRegistryException}
   # * {UploadNotFoundException}
@@ -497,6 +502,21 @@ module Aws::ECR
       end
     end
 
+    class SecretNotFoundException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ECR::Types::SecretNotFoundException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class ServerException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context
@@ -527,6 +547,66 @@ module Aws::ECR
       end
     end
 
+    class UnableToAccessSecretException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ECR::Types::UnableToAccessSecretException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class UnableToDecryptSecretValueException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ECR::Types::UnableToDecryptSecretValueException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class UnableToGetUpstreamImageException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ECR::Types::UnableToGetUpstreamImageException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
+    class UnableToGetUpstreamLayerException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::ECR::Types::UnableToGetUpstreamLayerException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class UnsupportedImageTypeException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-ecr/plugins/endpoints.rb

@@ -136,8 +136,12 @@ module Aws::ECR
             Aws::ECR::Endpoints::TagResource.build(context)
           when :untag_resource
             Aws::ECR::Endpoints::UntagResource.build(context)
+          when :update_pull_through_cache_rule
+            Aws::ECR::Endpoints::UpdatePullThroughCacheRule.build(context)
           when :upload_layer_part
             Aws::ECR::Endpoints::UploadLayerPart.build(context)
+          when :validate_pull_through_cache_rule
+            Aws::ECR::Endpoints::ValidatePullThroughCacheRule.build(context)
           end
         end
       end

data/lib/aws-sdk-ecr/types.rb

@@ -345,7 +345,22 @@ module Aws::ECR
     #
     # @!attribute [rw] upstream_registry_url
     #   The registry URL of the upstream public registry to use as the
-    #   source for the pull through cache rule.
+    #   source for the pull through cache rule. The following is the syntax
+    #   to use for each supported upstream registry.
+    #
+    #   * Amazon ECR Public (`ecr-public`) - `public.ecr.aws`
+    #
+    #   * Docker Hub (`docker-hub`) - `registry-1.docker.io`
+    #
+    #   * Quay (`quay`) - `quay.io`
+    #
+    #   * Kubernetes (`k8s`) - `registry.k8s.io`
+    #
+    #   * GitHub Container Registry (`github-container-registry`) -
+    #     `ghcr.io`
+    #
+    #   * Microsoft Azure Container Registry (`azure-container-registry`) -
+    #     `<custom>.azurecr.io`
     #   @return [String]
     #
     # @!attribute [rw] registry_id
@@ -354,12 +369,24 @@ module Aws::ECR
     #   registry, the default registry is assumed.
     #   @return [String]
     #
+    # @!attribute [rw] upstream_registry
+    #   The name of the upstream registry.
+    #   @return [String]
+    #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret that identifies the credentials to authenticate to
+    #   the upstream registry.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRuleRequest AWS API Documentation
     #
     class CreatePullThroughCacheRuleRequest < Struct.new(
       :ecr_repository_prefix,
       :upstream_registry_url,
-      :registry_id)
+      :registry_id,
+      :upstream_registry,
+      :credential_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -383,13 +410,25 @@ module Aws::ECR
     #   The registry ID associated with the request.
     #   @return [String]
     #
+    # @!attribute [rw] upstream_registry
+    #   The name of the upstream registry associated with the pull through
+    #   cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret associated with the pull through cache rule.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/CreatePullThroughCacheRuleResponse AWS API Documentation
     #
     class CreatePullThroughCacheRuleResponse < Struct.new(
       :ecr_repository_prefix,
       :upstream_registry_url,
       :created_at,
-      :registry_id)
+      :registry_id,
+      :upstream_registry,
+      :credential_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -630,13 +669,19 @@ module Aws::ECR
     #   The registry ID associated with the request.
     #   @return [String]
     #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret associated with the pull through cache rule.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeletePullThroughCacheRuleResponse AWS API Documentation
     #
     class DeletePullThroughCacheRuleResponse < Struct.new(
       :ecr_repository_prefix,
       :upstream_registry_url,
       :created_at,
-      :registry_id)
+      :registry_id,
+      :credential_arn)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -717,7 +762,9 @@ module Aws::ECR
     #   @return [String]
     #
     # @!attribute [rw] force
-    #   If a repository contains images, forces the deletion.
+    #   If true, deleting the repository force deletes the contents of the
+    #   repository. If false, the repository must be empty before attempting
+    #   to delete it.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/DeleteRepositoryRequest AWS API Documentation
@@ -2575,13 +2622,31 @@ module Aws::ECR
     #   pull through cache rule is associated with.
     #   @return [String]
     #
+    # @!attribute [rw] credential_arn
+    #   The ARN of the Secrets Manager secret associated with the pull
+    #   through cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] upstream_registry
+    #   The name of the upstream source registry associated with the pull
+    #   through cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] updated_at
+    #   The date and time, in JavaScript date format, when the pull through
+    #   cache rule was last updated.
+    #   @return [Time]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/PullThroughCacheRule AWS API Documentation
     #
     class PullThroughCacheRule < Struct.new(
       :ecr_repository_prefix,
       :upstream_registry_url,
       :created_at,
-      :registry_id)
+      :registry_id,
+      :credential_arn,
+      :upstream_registry,
+      :updated_at)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3388,6 +3453,21 @@ module Aws::ECR
       include Aws::Structure
     end
 
+    # The ARN of the secret specified in the pull through cache rule was not
+    # found. Update the pull through cache rule with a valid secret ARN and
+    # try again.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/SecretNotFoundException AWS API Documentation
+    #
+    class SecretNotFoundException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # These errors are usually caused by a server-side issue.
     #
     # @!attribute [rw] message
@@ -3632,6 +3712,64 @@ module Aws::ECR
       include Aws::Structure
     end
 
+    # The secret is unable to be accessed. Verify the resource permissions
+    # for the secret and try again.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UnableToAccessSecretException AWS API Documentation
+    #
+    class UnableToAccessSecretException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The secret is accessible but is unable to be decrypted. Verify the
+    # resource permisisons and try again.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UnableToDecryptSecretValueException AWS API Documentation
+    #
+    class UnableToDecryptSecretValueException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The image or images were unable to be pulled using the pull through
+    # cache rule. This is usually caused because of an issue with the
+    # Secrets Manager secret containing the credentials for the upstream
+    # registry.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UnableToGetUpstreamImageException AWS API Documentation
+    #
+    class UnableToGetUpstreamImageException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # There was an issue getting the upstream layer matching the pull
+    # through cache rule.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UnableToGetUpstreamLayerException AWS API Documentation
+    #
+    class UnableToGetUpstreamLayerException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The image is of a type that cannot be scanned.
     #
     # @!attribute [rw] message
@@ -3681,6 +3819,63 @@ module Aws::ECR
     #
     class UntagResourceResponse < Aws::EmptyStructure; end
 
+    # @!attribute [rw] registry_id
+    #   The Amazon Web Services account ID associated with the registry
+    #   associated with the pull through cache rule. If you do not specify a
+    #   registry, the default registry is assumed.
+    #   @return [String]
+    #
+    # @!attribute [rw] ecr_repository_prefix
+    #   The repository name prefix to use when caching images from the
+    #   source registry.
+    #   @return [String]
+    #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret that identifies the credentials to authenticate to
+    #   the upstream registry.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UpdatePullThroughCacheRuleRequest AWS API Documentation
+    #
+    class UpdatePullThroughCacheRuleRequest < Struct.new(
+      :registry_id,
+      :ecr_repository_prefix,
+      :credential_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] ecr_repository_prefix
+    #   The Amazon ECR repository prefix associated with the pull through
+    #   cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] registry_id
+    #   The registry ID associated with the request.
+    #   @return [String]
+    #
+    # @!attribute [rw] updated_at
+    #   The date and time, in JavaScript date format, when the pull through
+    #   cache rule was updated.
+    #   @return [Time]
+    #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret associated with the pull through cache rule.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/UpdatePullThroughCacheRuleResponse AWS API Documentation
+    #
+    class UpdatePullThroughCacheRuleResponse < Struct.new(
+      :ecr_repository_prefix,
+      :registry_id,
+      :updated_at,
+      :credential_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] registry_id
     #   The Amazon Web Services account ID associated with the registry to
     #   which you are uploading layer parts. If you do not specify a
@@ -3765,6 +3960,74 @@ module Aws::ECR
       include Aws::Structure
     end
 
+    # @!attribute [rw] ecr_repository_prefix
+    #   The repository name prefix associated with the pull through cache
+    #   rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] registry_id
+    #   The registry ID associated with the pull through cache rule. If you
+    #   do not specify a registry, the default registry is assumed.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ValidatePullThroughCacheRuleRequest AWS API Documentation
+    #
+    class ValidatePullThroughCacheRuleRequest < Struct.new(
+      :ecr_repository_prefix,
+      :registry_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] ecr_repository_prefix
+    #   The Amazon ECR repository prefix associated with the pull through
+    #   cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] registry_id
+    #   The registry ID associated with the request.
+    #   @return [String]
+    #
+    # @!attribute [rw] upstream_registry_url
+    #   The upstream registry URL associated with the pull through cache
+    #   rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] credential_arn
+    #   The Amazon Resource Name (ARN) of the Amazon Web Services Secrets
+    #   Manager secret associated with the pull through cache rule.
+    #   @return [String]
+    #
+    # @!attribute [rw] is_valid
+    #   Whether or not the pull through cache rule was validated. If `true`,
+    #   Amazon ECR was able to reach the upstream registry and
+    #   authentication was successful. If `false`, there was an issue and
+    #   validation failed. The `failure` reason indicates the cause.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] failure
+    #   The reason the validation failed. For more details about possible
+    #   causes and how to address them, see [Using pull through cache
+    #   rules][1] in the *Amazon Elastic Container Registry User Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/AmazonECR/latest/userguide/pull-through-cache.html
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/ecr-2015-09-21/ValidatePullThroughCacheRuleResponse AWS API Documentation
+    #
+    class ValidatePullThroughCacheRuleResponse < Struct.new(
+      :ecr_repository_prefix,
+      :registry_id,
+      :upstream_registry_url,
+      :credential_arn,
+      :is_valid,
+      :failure)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # There was an exception validating this request.
     #
     # @!attribute [rw] message

data/lib/aws-sdk-ecr.rb

@@ -53,6 +53,6 @@ require_relative 'aws-sdk-ecr/customizations'
 # @!group service
 module Aws::ECR
 
-  GEM_VERSION = '1.65.0'
+  GEM_VERSION = '1.66.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-ecr
 version: !ruby/object:Gem::Version
-  version: 1.65.0
+  version: 1.66.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-09-27 00:00:00.000000000 Z
+date: 2023-11-17 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core