aws-sdk-elasticloadbalancingv2 1.9.0 → 1.10.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: c8194340e3d62d5019e95b118a98010c90098fe7
-  data.tar.gz: ca90d30662c659054beb918ac56b06ff141e5c0f
+  metadata.gz: a4557292c43d995a53f3558315252e1fcb908db8
+  data.tar.gz: 05cd83c5689de2c4a894877271da710b5943435f
 SHA512:
-  metadata.gz: 78d91b127faf2edc672462abc254e1d531ccf606bd5c04193a67e8bf4b4a6bda333e51066e6acff72508054e4b7aec04e155f676d1dff13c92cb6549cdd11cb4
-  data.tar.gz: e5e5a7873547cdb2ffaf40bfe9314565b17f395cc2db360697e7f35facc9280662d781462574d65087a576b373d69a2771d5d2c6e570fb29cf6b6d380c5127e6
+  metadata.gz: d6785cac659abb20c781717c51d0a719ed13a6533ce62f46792ceb91a98479591b018850612f76c3401af0b0e940e84b8bd00eccff582a13228fdc79b9af8ab1
+  data.tar.gz: ce3f7215b6ab025d6d32550e4373127654d361e37a7f6c670c367d9d8b8a85f3d4014befeaafcdbe86db0fb097184fbc1bce31dba216ebf2fde1196527546b7c

data/lib/aws-sdk-elasticloadbalancingv2.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-elasticloadbalancingv2/customizations'
 # @service
 module Aws::ElasticLoadBalancingV2
 
-  GEM_VERSION = '1.9.0'
+  GEM_VERSION = '1.10.0'
 
 end

data/lib/aws-sdk-elasticloadbalancingv2/client.rb

@@ -290,14 +290,24 @@ module Aws::ElasticLoadBalancingV2
     #   security policy.
     #
     # @option params [Array<Types::Certificate>] :certificates
-    #   \[HTTPS listeners\] The SSL server certificate. You must provide
-    #   exactly one certificate.
+    #   \[HTTPS listeners\] The default SSL server certificate. You must
+    #   provide exactly one certificate. To create a certificate list, use
+    #   AddListenerCertificates.
     #
     # @option params [required, Array<Types::Action>] :default_actions
-    #   The default action for the listener. For Application Load Balancers,
-    #   the protocol of the specified target group must be HTTP or HTTPS. For
-    #   Network Load Balancers, the protocol of the specified target group
-    #   must be TCP.
+    #   The actions for the default rule. The rule must include one forward
+    #   action.
+    #
+    #   If the action type is `forward`, you can specify a single target
+    #   group. The protocol of the target group must be HTTP or HTTPS for an
+    #   Application Load Balancer or TCP for a Network Load Balancer.
+    #
+    #   If the action type is `authenticate-oidc`, you can use an identity
+    #   provider that is OpenID Connect (OIDC) compliant to authenticate users
+    #   as they access your application.
+    #
+    #   If the action type is `authenticate-cognito`, you can use Amazon
+    #   Cognito to authenticate users as they access your application.
     #
     # @return [Types::CreateListenerOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -403,8 +413,36 @@ module Aws::ElasticLoadBalancingV2
     #     ],
     #     default_actions: [ # required
     #       {
-    #         type: "forward", # required, accepts forward
-    #         target_group_arn: "TargetGroupArn", # required
+    #         type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito
+    #         target_group_arn: "TargetGroupArn",
+    #         authenticate_oidc_config: {
+    #           issuer: "AuthenticateOidcActionIssuer", # required
+    #           authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required
+    #           token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required
+    #           user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required
+    #           client_id: "AuthenticateOidcActionClientId", # required
+    #           client_secret: "AuthenticateOidcActionClientSecret", # required
+    #           session_cookie_name: "AuthenticateOidcActionSessionCookieName",
+    #           scope: "AuthenticateOidcActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         authenticate_cognito_config: {
+    #           user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required
+    #           user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required
+    #           user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required
+    #           session_cookie_name: "AuthenticateCognitoActionSessionCookieName",
+    #           scope: "AuthenticateCognitoActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         order: 1,
     #       },
     #     ],
     #   })
@@ -421,8 +459,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.listeners[0].certificates[0].is_default #=> Boolean
     #   resp.listeners[0].ssl_policy #=> String
     #   resp.listeners[0].default_actions #=> Array
-    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward"
+    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.listeners[0].default_actions[0].target_group_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].order #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateListener AWS API Documentation
     #
@@ -679,10 +739,10 @@ module Aws::ElasticLoadBalancingV2
     # associated with an Application Load Balancer.
     #
     # Rules are evaluated in priority order, from the lowest value to the
-    # highest value. When the condition for a rule is met, the specified
-    # action is taken. If no conditions are met, the action for the default
-    # rule is taken. For more information, see [Listener Rules][1] in the
-    # *Application Load Balancers Guide*.
+    # highest value. When the conditions for a rule are met, its actions are
+    # performed. If the conditions for no rules are met, the actions for the
+    # default rule are performed. For more information, see [Listener
+    # Rules][1] in the *Application Load Balancers Guide*.
     #
     # To view your current rules, use DescribeRules. To update a rule, use
     # ModifyRule. To set the priorities of your rules, use
@@ -728,13 +788,22 @@ module Aws::ElasticLoadBalancingV2
     #   * ? (matches exactly 1 character)
     #
     # @option params [required, Integer] :priority
-    #   The priority for the rule. A listener can't have multiple rules with
-    #   the same priority.
+    #   The rule priority. A listener can't have multiple rules with the same
+    #   priority.
     #
     # @option params [required, Array<Types::Action>] :actions
-    #   An action. Each action has the type `forward` and specifies a target
+    #   The actions. Each rule must include one forward action.
+    #
+    #   If the action type is `forward`, you can specify a single target
     #   group.
     #
+    #   If the action type is `authenticate-oidc`, you can use an identity
+    #   provider that is OpenID Connect (OIDC) compliant to authenticate users
+    #   as they access your application.
+    #
+    #   If the action type is `authenticate-cognito`, you can use Amazon
+    #   Cognito to authenticate users as they access your application.
+    #
     # @return [Types::CreateRuleOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateRuleOutput#rules #rules} => Array&lt;Types::Rule&gt;
@@ -802,8 +871,36 @@ module Aws::ElasticLoadBalancingV2
     #     priority: 1, # required
     #     actions: [ # required
     #       {
-    #         type: "forward", # required, accepts forward
-    #         target_group_arn: "TargetGroupArn", # required
+    #         type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito
+    #         target_group_arn: "TargetGroupArn",
+    #         authenticate_oidc_config: {
+    #           issuer: "AuthenticateOidcActionIssuer", # required
+    #           authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required
+    #           token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required
+    #           user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required
+    #           client_id: "AuthenticateOidcActionClientId", # required
+    #           client_secret: "AuthenticateOidcActionClientSecret", # required
+    #           session_cookie_name: "AuthenticateOidcActionSessionCookieName",
+    #           scope: "AuthenticateOidcActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         authenticate_cognito_config: {
+    #           user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required
+    #           user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required
+    #           user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required
+    #           session_cookie_name: "AuthenticateCognitoActionSessionCookieName",
+    #           scope: "AuthenticateCognitoActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         order: 1,
     #       },
     #     ],
     #   })
@@ -818,8 +915,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.rules[0].conditions[0].values #=> Array
     #   resp.rules[0].conditions[0].values[0] #=> String
     #   resp.rules[0].actions #=> Array
-    #   resp.rules[0].actions[0].type #=> String, one of "forward"
+    #   resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.rules[0].actions[0].target_group_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].order #=> Integer
     #   resp.rules[0].is_default #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateRule AWS API Documentation
@@ -1372,8 +1491,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.listeners[0].certificates[0].is_default #=> Boolean
     #   resp.listeners[0].ssl_policy #=> String
     #   resp.listeners[0].default_actions #=> Array
-    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward"
+    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.listeners[0].default_actions[0].target_group_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].order #=> Integer
     #   resp.next_marker #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/DescribeListeners AWS API Documentation
@@ -1646,8 +1787,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.rules[0].conditions[0].values #=> Array
     #   resp.rules[0].conditions[0].values[0] #=> String
     #   resp.rules[0].actions #=> Array
-    #   resp.rules[0].actions[0].type #=> String, one of "forward"
+    #   resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.rules[0].actions[0].target_group_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].order #=> Integer
     #   resp.rules[0].is_default #=> Boolean
     #   resp.next_marker #=> String
     #
@@ -2190,21 +2353,33 @@ module Aws::ElasticLoadBalancingV2
     #   Balancers support TCP.
     #
     # @option params [String] :ssl_policy
-    #   The security policy that defines which protocols and ciphers are
-    #   supported. For more information, see [Security Policies][1] in the
-    #   *Application Load Balancers Guide*.
+    #   \[HTTPS listeners\] The security policy that defines which protocols
+    #   and ciphers are supported. For more information, see [Security
+    #   Policies][1] in the *Application Load Balancers Guide*.
     #
     #
     #
     #   [1]: http://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies
     #
     # @option params [Array<Types::Certificate>] :certificates
-    #   The default SSL server certificate.
+    #   \[HTTPS listeners\] The default SSL server certificate. You must
+    #   provide exactly one certificate. To create a certificate list, use
+    #   AddListenerCertificates.
     #
     # @option params [Array<Types::Action>] :default_actions
-    #   The default action. For Application Load Balancers, the protocol of
-    #   the specified target group must be HTTP or HTTPS. For Network Load
-    #   Balancers, the protocol of the specified target group must be TCP.
+    #   The actions for the default rule. The rule must include one forward
+    #   action.
+    #
+    #   If the action type is `forward`, you can specify a single target
+    #   group. The protocol of the target group must be HTTP or HTTPS for an
+    #   Application Load Balancer or TCP for a Network Load Balancer.
+    #
+    #   If the action type is `authenticate-oidc`, you can use an identity
+    #   provider that is OpenID Connect (OIDC) compliant to authenticate users
+    #   as they access your application.
+    #
+    #   If the action type is `authenticate-cognito`, you can use Amazon
+    #   Cognito to authenticate users as they access your application.
     #
     # @return [Types::ModifyListenerOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2295,8 +2470,36 @@ module Aws::ElasticLoadBalancingV2
     #     ],
     #     default_actions: [
     #       {
-    #         type: "forward", # required, accepts forward
-    #         target_group_arn: "TargetGroupArn", # required
+    #         type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito
+    #         target_group_arn: "TargetGroupArn",
+    #         authenticate_oidc_config: {
+    #           issuer: "AuthenticateOidcActionIssuer", # required
+    #           authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required
+    #           token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required
+    #           user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required
+    #           client_id: "AuthenticateOidcActionClientId", # required
+    #           client_secret: "AuthenticateOidcActionClientSecret", # required
+    #           session_cookie_name: "AuthenticateOidcActionSessionCookieName",
+    #           scope: "AuthenticateOidcActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         authenticate_cognito_config: {
+    #           user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required
+    #           user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required
+    #           user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required
+    #           session_cookie_name: "AuthenticateCognitoActionSessionCookieName",
+    #           scope: "AuthenticateCognitoActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         order: 1,
     #       },
     #     ],
     #   })
@@ -2313,8 +2516,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.listeners[0].certificates[0].is_default #=> Boolean
     #   resp.listeners[0].ssl_policy #=> String
     #   resp.listeners[0].default_actions #=> Array
-    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward"
+    #   resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.listeners[0].default_actions[0].target_group_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.listeners[0].default_actions[0].order #=> Integer
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyListener AWS API Documentation
     #
@@ -2504,16 +2729,55 @@ module Aws::ElasticLoadBalancingV2
     # Any existing properties that you do not modify retain their current
     # values.
     #
-    # To modify the default action, use ModifyListener.
+    # To modify the actions for the default rule, use ModifyListener.
     #
     # @option params [required, String] :rule_arn
     #   The Amazon Resource Name (ARN) of the rule.
     #
     # @option params [Array<Types::RuleCondition>] :conditions
-    #   The conditions.
+    #   The conditions. Each condition specifies a field name and a single
+    #   value.
+    #
+    #   If the field name is `host-header`, you can specify a single host name
+    #   (for example, my.example.com). A host name is case insensitive, can be
+    #   up to 128 characters in length, and can contain any of the following
+    #   characters. Note that you can include up to three wildcard characters.
+    #
+    #   * A-Z, a-z, 0-9
+    #
+    #   * \- .
+    #
+    #   * * (matches 0 or more characters)
+    #
+    #   * ? (matches exactly 1 character)
+    #
+    #   If the field name is `path-pattern`, you can specify a single path
+    #   pattern. A path pattern is case sensitive, can be up to 128 characters
+    #   in length, and can contain any of the following characters. Note that
+    #   you can include up to three wildcard characters.
+    #
+    #   * A-Z, a-z, 0-9
+    #
+    #   * \_ - . $ / ~ " ' @ : +
+    #
+    #   * &amp; (using &amp;amp;)
+    #
+    #   * * (matches 0 or more characters)
+    #
+    #   * ? (matches exactly 1 character)
     #
     # @option params [Array<Types::Action>] :actions
-    #   The actions. The target group must use the HTTP or HTTPS protocol.
+    #   The actions.
+    #
+    #   If the action type is `forward`, you can specify a single target
+    #   group.
+    #
+    #   If the action type is `authenticate-oidc`, you can use an identity
+    #   provider that is OpenID Connect (OIDC) compliant to authenticate users
+    #   as they access your application.
+    #
+    #   If the action type is `authenticate-cognito`, you can use Amazon
+    #   Cognito to authenticate users as they access your application.
     #
     # @return [Types::ModifyRuleOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2573,8 +2837,36 @@ module Aws::ElasticLoadBalancingV2
     #     ],
     #     actions: [
     #       {
-    #         type: "forward", # required, accepts forward
-    #         target_group_arn: "TargetGroupArn", # required
+    #         type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito
+    #         target_group_arn: "TargetGroupArn",
+    #         authenticate_oidc_config: {
+    #           issuer: "AuthenticateOidcActionIssuer", # required
+    #           authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required
+    #           token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required
+    #           user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required
+    #           client_id: "AuthenticateOidcActionClientId", # required
+    #           client_secret: "AuthenticateOidcActionClientSecret", # required
+    #           session_cookie_name: "AuthenticateOidcActionSessionCookieName",
+    #           scope: "AuthenticateOidcActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         authenticate_cognito_config: {
+    #           user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required
+    #           user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required
+    #           user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required
+    #           session_cookie_name: "AuthenticateCognitoActionSessionCookieName",
+    #           scope: "AuthenticateCognitoActionScope",
+    #           session_timeout: 1,
+    #           authentication_request_extra_params: {
+    #             "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue",
+    #           },
+    #           on_unauthenticated_request: "deny", # accepts deny, allow, authenticate
+    #         },
+    #         order: 1,
     #       },
     #     ],
     #   })
@@ -2589,8 +2881,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.rules[0].conditions[0].values #=> Array
     #   resp.rules[0].conditions[0].values[0] #=> String
     #   resp.rules[0].actions #=> Array
-    #   resp.rules[0].actions[0].type #=> String, one of "forward"
+    #   resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.rules[0].actions[0].target_group_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].order #=> Integer
     #   resp.rules[0].is_default #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyRule AWS API Documentation
@@ -3084,8 +3398,30 @@ module Aws::ElasticLoadBalancingV2
     #   resp.rules[0].conditions[0].values #=> Array
     #   resp.rules[0].conditions[0].values[0] #=> String
     #   resp.rules[0].actions #=> Array
-    #   resp.rules[0].actions[0].type #=> String, one of "forward"
+    #   resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito"
     #   resp.rules[0].actions[0].target_group_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash
+    #   resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String
+    #   resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate"
+    #   resp.rules[0].actions[0].order #=> Integer
     #   resp.rules[0].is_default #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/SetRulePriorities AWS API Documentation
@@ -3163,7 +3499,7 @@ module Aws::ElasticLoadBalancingV2
     # @option params [required, String] :load_balancer_arn
     #   The Amazon Resource Name (ARN) of the load balancer.
     #
-    # @option params [required, Array<String>] :subnets
+    # @option params [Array<String>] :subnets
     #   The IDs of the public subnets. You must specify subnets from at least
     #   two Availability Zones. You can specify only one subnet per
     #   Availability Zone. You must specify either subnets or subnet mappings.
@@ -3210,7 +3546,7 @@ module Aws::ElasticLoadBalancingV2
     #
     #   resp = client.set_subnets({
     #     load_balancer_arn: "LoadBalancerArn", # required
-    #     subnets: ["SubnetId"], # required
+    #     subnets: ["SubnetId"],
     #     subnet_mappings: [
     #       {
     #         subnet_id: "SubnetId",
@@ -3250,7 +3586,7 @@ module Aws::ElasticLoadBalancingV2
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-elasticloadbalancingv2'
-      context[:gem_version] = '1.9.0'
+      context[:gem_version] = '1.10.0'
       Seahorse::Client::Request.new(handlers, context)
     end