aws-sdk-emrcontainers 1.31.0 → 1.33.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e6bb644e186e1897a09eb4ed334e5b3cbc33ab07670fbd7657da70c8adfba2ec
-  data.tar.gz: 360ac06f14d3a17e9122ab9470cce92d53508bdb207793a26c69f956eb00ad41
+  metadata.gz: 38a25b77fe75ad14506eba32f857df5b8a3f0991b0671c8c69516d8788c38445
+  data.tar.gz: e9c1d0a20872c9fcfe24f706cd3238e8185652761a8c5e8a012b0f4fbebb8874
 SHA512:
-  metadata.gz: e8951bf208a45f8412a96bc75dbe93fa1df9fc22174fa31e13339eea40efa8ff80510e5cd032f2fd9d4d1765995fcdf903c99de84b053c358dbabfc13584c514
-  data.tar.gz: 4e361faa93ad2233b90615b00efb5f4f8de84631f71e474b5509f8711506042aecd59544826f958deba0068a4af5f36ce0d203c4d7e2e39d8e8165d97d8d377b
+  metadata.gz: 79bed2da7ed497e1e947d2ef9eaaa4979d93668bc03729848d38b7e9b34c7b4e17f44f84fcf91b0cb9d44065228b4023bf8537fb8b91359be248f85a178f695d
+  data.tar.gz: 40b94b0cb5e147f14be68037fad82a99ff9223f3c7edea9ec89c980eb3de20b7d6fe1f659dfdaae433b8bee6daedfaa241d928a0722f5471cf0e8b99a072b03f

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.33.0 (2024-04-24)
+------------------
+
+* Feature - EMRonEKS Service support for SecurityConfiguration enforcement for Spark Jobs.
+
+1.32.0 (2024-04-04)
+------------------
+
+* Feature - This release adds support for integration with EKS AccessEntry APIs to enable automatic Cluster Access for EMR on EKS.
+
 1.31.0 (2024-03-25)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.31.0
+1.33.0

data/lib/aws-sdk-emrcontainers/client.rb

@@ -629,6 +629,80 @@ module Aws::EMRContainers
       req.send_request(options)
     end
 
+    # Creates a security configuration. Security configurations in Amazon
+    # EMR on EKS are templates for different security setups. You can use
+    # security configurations to configure the Lake Formation integration
+    # setup. You can also create a security configuration to re-use a
+    # security setup each time you create a virtual cluster.
+    #
+    # @option params [required, String] :client_token
+    #   The client idempotency token to use when creating the security
+    #   configuration.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @option params [required, String] :name
+    #   The name of the security configuration.
+    #
+    # @option params [required, Types::SecurityConfigurationData] :security_configuration_data
+    #   Security configuration input for the request.
+    #
+    # @option params [Hash<String,String>] :tags
+    #   The tags to add to the security configuration.
+    #
+    # @return [Types::CreateSecurityConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateSecurityConfigurationResponse#id #id} => String
+    #   * {Types::CreateSecurityConfigurationResponse#name #name} => String
+    #   * {Types::CreateSecurityConfigurationResponse#arn #arn} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_security_configuration({
+    #     client_token: "ClientToken", # required
+    #     name: "ResourceNameString", # required
+    #     security_configuration_data: { # required
+    #       authorization_configuration: {
+    #         lake_formation_configuration: {
+    #           authorized_session_tag_value: "SessionTagValue",
+    #           secure_namespace_info: {
+    #             cluster_id: "ClusterId",
+    #             namespace: "KubernetesNamespace",
+    #           },
+    #           query_engine_role_arn: "IAMRoleArn",
+    #         },
+    #         encryption_configuration: {
+    #           in_transit_encryption_configuration: {
+    #             tls_certificate_configuration: {
+    #               certificate_provider_type: "PEM", # accepts PEM
+    #               public_certificate_secret_arn: "SecretsManagerArn",
+    #               private_certificate_secret_arn: "SecretsManagerArn",
+    #             },
+    #           },
+    #         },
+    #       },
+    #     },
+    #     tags: {
+    #       "String128" => "StringEmpty256",
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.id #=> String
+    #   resp.name #=> String
+    #   resp.arn #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/emr-containers-2020-10-01/CreateSecurityConfiguration AWS API Documentation
+    #
+    # @overload create_security_configuration(params = {})
+    # @param [Hash] params ({})
+    def create_security_configuration(params = {}, options = {})
+      req = build_request(:create_security_configuration, params)
+      req.send_request(options)
+    end
+
     # Creates a virtual cluster. Virtual cluster is a managed entity on
     # Amazon EMR on EKS. You can create, describe, list and delete virtual
     # clusters. They do not consume any additional resource in your system.
@@ -651,6 +725,9 @@ module Aws::EMRContainers
     # @option params [Hash<String,String>] :tags
     #   The tags assigned to the virtual cluster.
     #
+    # @option params [String] :security_configuration_id
+    #   The ID of the security configuration.
+    #
     # @return [Types::CreateVirtualClusterResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateVirtualClusterResponse#id #id} => String
@@ -674,6 +751,7 @@ module Aws::EMRContainers
     #     tags: {
     #       "String128" => "StringEmpty256",
     #     },
+    #     security_configuration_id: "ResourceIdString",
     #   })
     #
     # @example Response structure
@@ -985,6 +1063,52 @@ module Aws::EMRContainers
       req.send_request(options)
     end
 
+    # Displays detailed information about a specified security
+    # configuration. Security configurations in Amazon EMR on EKS are
+    # templates for different security setups. You can use security
+    # configurations to configure the Lake Formation integration setup. You
+    # can also create a security configuration to re-use a security setup
+    # each time you create a virtual cluster.
+    #
+    # @option params [required, String] :id
+    #   The ID of the security configuration.
+    #
+    # @return [Types::DescribeSecurityConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DescribeSecurityConfigurationResponse#security_configuration #security_configuration} => Types::SecurityConfiguration
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_security_configuration({
+    #     id: "ResourceIdString", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.security_configuration.id #=> String
+    #   resp.security_configuration.name #=> String
+    #   resp.security_configuration.arn #=> String
+    #   resp.security_configuration.created_at #=> Time
+    #   resp.security_configuration.created_by #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.lake_formation_configuration.authorized_session_tag_value #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.lake_formation_configuration.secure_namespace_info.cluster_id #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.lake_formation_configuration.secure_namespace_info.namespace #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.lake_formation_configuration.query_engine_role_arn #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.certificate_provider_type #=> String, one of "PEM"
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.public_certificate_secret_arn #=> String
+    #   resp.security_configuration.security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.private_certificate_secret_arn #=> String
+    #   resp.security_configuration.tags #=> Hash
+    #   resp.security_configuration.tags["String128"] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/emr-containers-2020-10-01/DescribeSecurityConfiguration AWS API Documentation
+    #
+    # @overload describe_security_configuration(params = {})
+    # @param [Hash] params ({})
+    def describe_security_configuration(params = {}, options = {})
+      req = build_request(:describe_security_configuration, params)
+      req.send_request(options)
+    end
+
     # Displays detailed information about a specified virtual cluster.
     # Virtual cluster is a managed entity on Amazon EMR on EKS. You can
     # create, describe, list and delete virtual clusters. They do not
@@ -1018,6 +1142,7 @@ module Aws::EMRContainers
     #   resp.virtual_cluster.created_at #=> Time
     #   resp.virtual_cluster.tags #=> Hash
     #   resp.virtual_cluster.tags["String128"] #=> String
+    #   resp.virtual_cluster.security_configuration_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/emr-containers-2020-10-01/DescribeVirtualCluster AWS API Documentation
     #
@@ -1351,6 +1476,69 @@ module Aws::EMRContainers
       req.send_request(options)
     end
 
+    # Lists security configurations based on a set of parameters. Security
+    # configurations in Amazon EMR on EKS are templates for different
+    # security setups. You can use security configurations to configure the
+    # Lake Formation integration setup. You can also create a security
+    # configuration to re-use a security setup each time you create a
+    # virtual cluster.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :created_after
+    #   The date and time after which the security configuration was created.
+    #
+    # @option params [Time,DateTime,Date,Integer,String] :created_before
+    #   The date and time before which the security configuration was created.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum number of security configurations the operation can list.
+    #
+    # @option params [String] :next_token
+    #   The token for the next set of security configurations to return.
+    #
+    # @return [Types::ListSecurityConfigurationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListSecurityConfigurationsResponse#security_configurations #security_configurations} => Array&lt;Types::SecurityConfiguration&gt;
+    #   * {Types::ListSecurityConfigurationsResponse#next_token #next_token} => String
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_security_configurations({
+    #     created_after: Time.now,
+    #     created_before: Time.now,
+    #     max_results: 1,
+    #     next_token: "NextToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.security_configurations #=> Array
+    #   resp.security_configurations[0].id #=> String
+    #   resp.security_configurations[0].name #=> String
+    #   resp.security_configurations[0].arn #=> String
+    #   resp.security_configurations[0].created_at #=> Time
+    #   resp.security_configurations[0].created_by #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.lake_formation_configuration.authorized_session_tag_value #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.lake_formation_configuration.secure_namespace_info.cluster_id #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.lake_formation_configuration.secure_namespace_info.namespace #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.lake_formation_configuration.query_engine_role_arn #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.certificate_provider_type #=> String, one of "PEM"
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.public_certificate_secret_arn #=> String
+    #   resp.security_configurations[0].security_configuration_data.authorization_configuration.encryption_configuration.in_transit_encryption_configuration.tls_certificate_configuration.private_certificate_secret_arn #=> String
+    #   resp.security_configurations[0].tags #=> Hash
+    #   resp.security_configurations[0].tags["String128"] #=> String
+    #   resp.next_token #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/emr-containers-2020-10-01/ListSecurityConfigurations AWS API Documentation
+    #
+    # @overload list_security_configurations(params = {})
+    # @param [Hash] params ({})
+    def list_security_configurations(params = {}, options = {})
+      req = build_request(:list_security_configurations, params)
+      req.send_request(options)
+    end
+
     # Lists the tags assigned to the resources.
     #
     # @option params [required, String] :resource_arn
@@ -1410,6 +1598,12 @@ module Aws::EMRContainers
     # @option params [String] :next_token
     #   The token for the next set of virtual clusters to return.
     #
+    # @option params [Boolean] :eks_access_entry_integrated
+    #   Optional Boolean that specifies whether the operation should return
+    #   the virtual clusters that have the access entry integration enabled or
+    #   disabled. If not specified, the operation returns all applicable
+    #   virtual clusters.
+    #
     # @return [Types::ListVirtualClustersResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ListVirtualClustersResponse#virtual_clusters #virtual_clusters} => Array&lt;Types::VirtualCluster&gt;
@@ -1427,6 +1621,7 @@ module Aws::EMRContainers
     #     states: ["RUNNING"], # accepts RUNNING, TERMINATING, TERMINATED, ARRESTED
     #     max_results: 1,
     #     next_token: "NextToken",
+    #     eks_access_entry_integrated: false,
     #   })
     #
     # @example Response structure
@@ -1442,6 +1637,7 @@ module Aws::EMRContainers
     #   resp.virtual_clusters[0].created_at #=> Time
     #   resp.virtual_clusters[0].tags #=> Hash
     #   resp.virtual_clusters[0].tags["String128"] #=> String
+    #   resp.virtual_clusters[0].security_configuration_id #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/emr-containers-2020-10-01/ListVirtualClusters AWS API Documentation
@@ -1651,7 +1847,7 @@ module Aws::EMRContainers
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-emrcontainers'
-      context[:gem_version] = '1.31.0'
+      context[:gem_version] = '1.33.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-emrcontainers/client_api.rb

@@ -14,10 +14,13 @@ module Aws::EMRContainers
     include Seahorse::Model
 
     ACMCertArn = Shapes::StringShape.new(name: 'ACMCertArn')
+    AuthorizationConfiguration = Shapes::StructureShape.new(name: 'AuthorizationConfiguration')
     Base64Encoded = Shapes::StringShape.new(name: 'Base64Encoded')
+    Boolean = Shapes::BooleanShape.new(name: 'Boolean')
     CancelJobRunRequest = Shapes::StructureShape.new(name: 'CancelJobRunRequest')
     CancelJobRunResponse = Shapes::StructureShape.new(name: 'CancelJobRunResponse')
     Certificate = Shapes::StructureShape.new(name: 'Certificate')
+    CertificateProviderType = Shapes::StringShape.new(name: 'CertificateProviderType')
     ClientToken = Shapes::StringShape.new(name: 'ClientToken')
     CloudWatchMonitoringConfiguration = Shapes::StructureShape.new(name: 'CloudWatchMonitoringConfiguration')
     ClusterId = Shapes::StringShape.new(name: 'ClusterId')
@@ -32,6 +35,8 @@ module Aws::EMRContainers
     CreateJobTemplateResponse = Shapes::StructureShape.new(name: 'CreateJobTemplateResponse')
     CreateManagedEndpointRequest = Shapes::StructureShape.new(name: 'CreateManagedEndpointRequest')
     CreateManagedEndpointResponse = Shapes::StructureShape.new(name: 'CreateManagedEndpointResponse')
+    CreateSecurityConfigurationRequest = Shapes::StructureShape.new(name: 'CreateSecurityConfigurationRequest')
+    CreateSecurityConfigurationResponse = Shapes::StructureShape.new(name: 'CreateSecurityConfigurationResponse')
     CreateVirtualClusterRequest = Shapes::StructureShape.new(name: 'CreateVirtualClusterRequest')
     CreateVirtualClusterResponse = Shapes::StructureShape.new(name: 'CreateVirtualClusterResponse')
     CredentialType = Shapes::StringShape.new(name: 'CredentialType')
@@ -49,9 +54,13 @@ module Aws::EMRContainers
     DescribeJobTemplateResponse = Shapes::StructureShape.new(name: 'DescribeJobTemplateResponse')
     DescribeManagedEndpointRequest = Shapes::StructureShape.new(name: 'DescribeManagedEndpointRequest')
     DescribeManagedEndpointResponse = Shapes::StructureShape.new(name: 'DescribeManagedEndpointResponse')
+    DescribeSecurityConfigurationRequest = Shapes::StructureShape.new(name: 'DescribeSecurityConfigurationRequest')
+    DescribeSecurityConfigurationResponse = Shapes::StructureShape.new(name: 'DescribeSecurityConfigurationResponse')
     DescribeVirtualClusterRequest = Shapes::StructureShape.new(name: 'DescribeVirtualClusterRequest')
     DescribeVirtualClusterResponse = Shapes::StructureShape.new(name: 'DescribeVirtualClusterResponse')
+    EKSRequestThrottledException = Shapes::StructureShape.new(name: 'EKSRequestThrottledException')
     EksInfo = Shapes::StructureShape.new(name: 'EksInfo')
+    EncryptionConfiguration = Shapes::StructureShape.new(name: 'EncryptionConfiguration')
     Endpoint = Shapes::StructureShape.new(name: 'Endpoint')
     EndpointArn = Shapes::StringShape.new(name: 'EndpointArn')
     EndpointState = Shapes::StringShape.new(name: 'EndpointState')
@@ -66,6 +75,7 @@ module Aws::EMRContainers
     GetManagedEndpointSessionCredentialsRequest = Shapes::StructureShape.new(name: 'GetManagedEndpointSessionCredentialsRequest')
     GetManagedEndpointSessionCredentialsResponse = Shapes::StructureShape.new(name: 'GetManagedEndpointSessionCredentialsResponse')
     IAMRoleArn = Shapes::StringShape.new(name: 'IAMRoleArn')
+    InTransitEncryptionConfiguration = Shapes::StructureShape.new(name: 'InTransitEncryptionConfiguration')
     InternalServerException = Shapes::StructureShape.new(name: 'InternalServerException')
     JavaInteger = Shapes::IntegerShape.new(name: 'JavaInteger')
     JobArn = Shapes::StringShape.new(name: 'JobArn')
@@ -80,12 +90,15 @@ module Aws::EMRContainers
     JobTemplates = Shapes::ListShape.new(name: 'JobTemplates')
     KmsKeyArn = Shapes::StringShape.new(name: 'KmsKeyArn')
     KubernetesNamespace = Shapes::StringShape.new(name: 'KubernetesNamespace')
+    LakeFormationConfiguration = Shapes::StructureShape.new(name: 'LakeFormationConfiguration')
     ListJobRunsRequest = Shapes::StructureShape.new(name: 'ListJobRunsRequest')
     ListJobRunsResponse = Shapes::StructureShape.new(name: 'ListJobRunsResponse')
     ListJobTemplatesRequest = Shapes::StructureShape.new(name: 'ListJobTemplatesRequest')
     ListJobTemplatesResponse = Shapes::StructureShape.new(name: 'ListJobTemplatesResponse')
     ListManagedEndpointsRequest = Shapes::StructureShape.new(name: 'ListManagedEndpointsRequest')
     ListManagedEndpointsResponse = Shapes::StructureShape.new(name: 'ListManagedEndpointsResponse')
+    ListSecurityConfigurationsRequest = Shapes::StructureShape.new(name: 'ListSecurityConfigurationsRequest')
+    ListSecurityConfigurationsResponse = Shapes::StructureShape.new(name: 'ListSecurityConfigurationsResponse')
     ListTagsForResourceRequest = Shapes::StructureShape.new(name: 'ListTagsForResourceRequest')
     ListTagsForResourceResponse = Shapes::StructureShape.new(name: 'ListTagsForResourceResponse')
     ListVirtualClustersRequest = Shapes::StructureShape.new(name: 'ListVirtualClustersRequest')
@@ -113,7 +126,14 @@ module Aws::EMRContainers
     RotationSize = Shapes::StringShape.new(name: 'RotationSize')
     RsiArn = Shapes::StringShape.new(name: 'RsiArn')
     S3MonitoringConfiguration = Shapes::StructureShape.new(name: 'S3MonitoringConfiguration')
+    SecretsManagerArn = Shapes::StringShape.new(name: 'SecretsManagerArn')
+    SecureNamespaceInfo = Shapes::StructureShape.new(name: 'SecureNamespaceInfo')
+    SecurityConfiguration = Shapes::StructureShape.new(name: 'SecurityConfiguration')
+    SecurityConfigurationArn = Shapes::StringShape.new(name: 'SecurityConfigurationArn')
+    SecurityConfigurationData = Shapes::StructureShape.new(name: 'SecurityConfigurationData')
+    SecurityConfigurations = Shapes::ListShape.new(name: 'SecurityConfigurations')
     SensitivePropertiesMap = Shapes::MapShape.new(name: 'SensitivePropertiesMap')
+    SessionTagValue = Shapes::StringShape.new(name: 'SessionTagValue')
     SparkSqlJobDriver = Shapes::StructureShape.new(name: 'SparkSqlJobDriver')
     SparkSqlParameters = Shapes::StringShape.new(name: 'SparkSqlParameters')
     SparkSubmitJobDriver = Shapes::StructureShape.new(name: 'SparkSubmitJobDriver')
@@ -126,6 +146,7 @@ module Aws::EMRContainers
     String256 = Shapes::StringShape.new(name: 'String256')
     StringEmpty256 = Shapes::StringShape.new(name: 'StringEmpty256')
     SubnetIds = Shapes::ListShape.new(name: 'SubnetIds')
+    TLSCertificateConfiguration = Shapes::StructureShape.new(name: 'TLSCertificateConfiguration')
     TagKeyList = Shapes::ListShape.new(name: 'TagKeyList')
     TagMap = Shapes::MapShape.new(name: 'TagMap')
     TagResourceRequest = Shapes::StructureShape.new(name: 'TagResourceRequest')
@@ -147,6 +168,10 @@ module Aws::EMRContainers
     VirtualClusterStates = Shapes::ListShape.new(name: 'VirtualClusterStates')
     VirtualClusters = Shapes::ListShape.new(name: 'VirtualClusters')
 
+    AuthorizationConfiguration.add_member(:lake_formation_configuration, Shapes::ShapeRef.new(shape: LakeFormationConfiguration, location_name: "lakeFormationConfiguration"))
+    AuthorizationConfiguration.add_member(:encryption_configuration, Shapes::ShapeRef.new(shape: EncryptionConfiguration, location_name: "encryptionConfiguration"))
+    AuthorizationConfiguration.struct_class = Types::AuthorizationConfiguration
+
     CancelJobRunRequest.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, required: true, location: "uri", location_name: "jobRunId"))
     CancelJobRunRequest.add_member(:virtual_cluster_id, Shapes::ShapeRef.new(shape: ResourceIdString, required: true, location: "uri", location_name: "virtualClusterId"))
     CancelJobRunRequest.struct_class = Types::CancelJobRunRequest
@@ -219,10 +244,22 @@ module Aws::EMRContainers
     CreateManagedEndpointResponse.add_member(:virtual_cluster_id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "virtualClusterId"))
     CreateManagedEndpointResponse.struct_class = Types::CreateManagedEndpointResponse
 
+    CreateSecurityConfigurationRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, required: true, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
+    CreateSecurityConfigurationRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceNameString, required: true, location_name: "name"))
+    CreateSecurityConfigurationRequest.add_member(:security_configuration_data, Shapes::ShapeRef.new(shape: SecurityConfigurationData, required: true, location_name: "securityConfigurationData"))
+    CreateSecurityConfigurationRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
+    CreateSecurityConfigurationRequest.struct_class = Types::CreateSecurityConfigurationRequest
+
+    CreateSecurityConfigurationResponse.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "id"))
+    CreateSecurityConfigurationResponse.add_member(:name, Shapes::ShapeRef.new(shape: ResourceNameString, location_name: "name"))
+    CreateSecurityConfigurationResponse.add_member(:arn, Shapes::ShapeRef.new(shape: SecurityConfigurationArn, location_name: "arn"))
+    CreateSecurityConfigurationResponse.struct_class = Types::CreateSecurityConfigurationResponse
+
     CreateVirtualClusterRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceNameString, required: true, location_name: "name"))
     CreateVirtualClusterRequest.add_member(:container_provider, Shapes::ShapeRef.new(shape: ContainerProvider, required: true, location_name: "containerProvider"))
     CreateVirtualClusterRequest.add_member(:client_token, Shapes::ShapeRef.new(shape: ClientToken, required: true, location_name: "clientToken", metadata: {"idempotencyToken"=>true}))
     CreateVirtualClusterRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
+    CreateVirtualClusterRequest.add_member(:security_configuration_id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "securityConfigurationId"))
     CreateVirtualClusterRequest.struct_class = Types::CreateVirtualClusterRequest
 
     CreateVirtualClusterResponse.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "id"))
@@ -276,15 +313,27 @@ module Aws::EMRContainers
     DescribeManagedEndpointResponse.add_member(:endpoint, Shapes::ShapeRef.new(shape: Endpoint, location_name: "endpoint"))
     DescribeManagedEndpointResponse.struct_class = Types::DescribeManagedEndpointResponse
 
+    DescribeSecurityConfigurationRequest.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, required: true, location: "uri", location_name: "securityConfigurationId"))
+    DescribeSecurityConfigurationRequest.struct_class = Types::DescribeSecurityConfigurationRequest
+
+    DescribeSecurityConfigurationResponse.add_member(:security_configuration, Shapes::ShapeRef.new(shape: SecurityConfiguration, location_name: "securityConfiguration"))
+    DescribeSecurityConfigurationResponse.struct_class = Types::DescribeSecurityConfigurationResponse
+
     DescribeVirtualClusterRequest.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, required: true, location: "uri", location_name: "virtualClusterId"))
     DescribeVirtualClusterRequest.struct_class = Types::DescribeVirtualClusterRequest
 
     DescribeVirtualClusterResponse.add_member(:virtual_cluster, Shapes::ShapeRef.new(shape: VirtualCluster, location_name: "virtualCluster"))
     DescribeVirtualClusterResponse.struct_class = Types::DescribeVirtualClusterResponse
 
+    EKSRequestThrottledException.add_member(:message, Shapes::ShapeRef.new(shape: String1024, location_name: "message"))
+    EKSRequestThrottledException.struct_class = Types::EKSRequestThrottledException
+
     EksInfo.add_member(:namespace, Shapes::ShapeRef.new(shape: KubernetesNamespace, location_name: "namespace"))
     EksInfo.struct_class = Types::EksInfo
 
+    EncryptionConfiguration.add_member(:in_transit_encryption_configuration, Shapes::ShapeRef.new(shape: InTransitEncryptionConfiguration, location_name: "inTransitEncryptionConfiguration"))
+    EncryptionConfiguration.struct_class = Types::EncryptionConfiguration
+
     Endpoint.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "id"))
     Endpoint.add_member(:name, Shapes::ShapeRef.new(shape: ResourceNameString, location_name: "name"))
     Endpoint.add_member(:arn, Shapes::ShapeRef.new(shape: EndpointArn, location_name: "arn"))
@@ -327,6 +376,9 @@ module Aws::EMRContainers
     GetManagedEndpointSessionCredentialsResponse.add_member(:expires_at, Shapes::ShapeRef.new(shape: Date, location_name: "expiresAt"))
     GetManagedEndpointSessionCredentialsResponse.struct_class = Types::GetManagedEndpointSessionCredentialsResponse
 
+    InTransitEncryptionConfiguration.add_member(:tls_certificate_configuration, Shapes::ShapeRef.new(shape: TLSCertificateConfiguration, location_name: "tlsCertificateConfiguration"))
+    InTransitEncryptionConfiguration.struct_class = Types::InTransitEncryptionConfiguration
+
     InternalServerException.add_member(:message, Shapes::ShapeRef.new(shape: String1024, location_name: "message"))
     InternalServerException.struct_class = Types::InternalServerException
 
@@ -379,6 +431,11 @@ module Aws::EMRContainers
 
     JobTemplates.member = Shapes::ShapeRef.new(shape: JobTemplate)
 
+    LakeFormationConfiguration.add_member(:authorized_session_tag_value, Shapes::ShapeRef.new(shape: SessionTagValue, location_name: "authorizedSessionTagValue"))
+    LakeFormationConfiguration.add_member(:secure_namespace_info, Shapes::ShapeRef.new(shape: SecureNamespaceInfo, location_name: "secureNamespaceInfo"))
+    LakeFormationConfiguration.add_member(:query_engine_role_arn, Shapes::ShapeRef.new(shape: IAMRoleArn, location_name: "queryEngineRoleArn"))
+    LakeFormationConfiguration.struct_class = Types::LakeFormationConfiguration
+
     ListJobRunsRequest.add_member(:virtual_cluster_id, Shapes::ShapeRef.new(shape: ResourceIdString, required: true, location: "uri", location_name: "virtualClusterId"))
     ListJobRunsRequest.add_member(:created_before, Shapes::ShapeRef.new(shape: Date, location: "querystring", location_name: "createdBefore"))
     ListJobRunsRequest.add_member(:created_after, Shapes::ShapeRef.new(shape: Date, location: "querystring", location_name: "createdAfter"))
@@ -415,6 +472,16 @@ module Aws::EMRContainers
     ListManagedEndpointsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "nextToken"))
     ListManagedEndpointsResponse.struct_class = Types::ListManagedEndpointsResponse
 
+    ListSecurityConfigurationsRequest.add_member(:created_after, Shapes::ShapeRef.new(shape: Date, location: "querystring", location_name: "createdAfter"))
+    ListSecurityConfigurationsRequest.add_member(:created_before, Shapes::ShapeRef.new(shape: Date, location: "querystring", location_name: "createdBefore"))
+    ListSecurityConfigurationsRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: JavaInteger, location: "querystring", location_name: "maxResults"))
+    ListSecurityConfigurationsRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "nextToken"))
+    ListSecurityConfigurationsRequest.struct_class = Types::ListSecurityConfigurationsRequest
+
+    ListSecurityConfigurationsResponse.add_member(:security_configurations, Shapes::ShapeRef.new(shape: SecurityConfigurations, location_name: "securityConfigurations"))
+    ListSecurityConfigurationsResponse.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location_name: "nextToken"))
+    ListSecurityConfigurationsResponse.struct_class = Types::ListSecurityConfigurationsResponse
+
     ListTagsForResourceRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: RsiArn, required: true, location: "uri", location_name: "resourceArn"))
     ListTagsForResourceRequest.struct_class = Types::ListTagsForResourceRequest
 
@@ -428,6 +495,7 @@ module Aws::EMRContainers
     ListVirtualClustersRequest.add_member(:states, Shapes::ShapeRef.new(shape: VirtualClusterStates, location: "querystring", location_name: "states"))
     ListVirtualClustersRequest.add_member(:max_results, Shapes::ShapeRef.new(shape: JavaInteger, location: "querystring", location_name: "maxResults"))
     ListVirtualClustersRequest.add_member(:next_token, Shapes::ShapeRef.new(shape: NextToken, location: "querystring", location_name: "nextToken"))
+    ListVirtualClustersRequest.add_member(:eks_access_entry_integrated, Shapes::ShapeRef.new(shape: Boolean, location: "querystring", location_name: "eksAccessEntryIntegrated"))
     ListVirtualClustersRequest.struct_class = Types::ListVirtualClustersRequest
 
     ListVirtualClustersResponse.add_member(:virtual_clusters, Shapes::ShapeRef.new(shape: VirtualClusters, location_name: "virtualClusters"))
@@ -471,6 +539,24 @@ module Aws::EMRContainers
     S3MonitoringConfiguration.add_member(:log_uri, Shapes::ShapeRef.new(shape: UriString, required: true, location_name: "logUri"))
     S3MonitoringConfiguration.struct_class = Types::S3MonitoringConfiguration
 
+    SecureNamespaceInfo.add_member(:cluster_id, Shapes::ShapeRef.new(shape: ClusterId, location_name: "clusterId"))
+    SecureNamespaceInfo.add_member(:namespace, Shapes::ShapeRef.new(shape: KubernetesNamespace, location_name: "namespace"))
+    SecureNamespaceInfo.struct_class = Types::SecureNamespaceInfo
+
+    SecurityConfiguration.add_member(:id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "id"))
+    SecurityConfiguration.add_member(:name, Shapes::ShapeRef.new(shape: ResourceNameString, location_name: "name"))
+    SecurityConfiguration.add_member(:arn, Shapes::ShapeRef.new(shape: SecurityConfigurationArn, location_name: "arn"))
+    SecurityConfiguration.add_member(:created_at, Shapes::ShapeRef.new(shape: Date, location_name: "createdAt"))
+    SecurityConfiguration.add_member(:created_by, Shapes::ShapeRef.new(shape: RequestIdentityUserArn, location_name: "createdBy"))
+    SecurityConfiguration.add_member(:security_configuration_data, Shapes::ShapeRef.new(shape: SecurityConfigurationData, location_name: "securityConfigurationData"))
+    SecurityConfiguration.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
+    SecurityConfiguration.struct_class = Types::SecurityConfiguration
+
+    SecurityConfigurationData.add_member(:authorization_configuration, Shapes::ShapeRef.new(shape: AuthorizationConfiguration, location_name: "authorizationConfiguration"))
+    SecurityConfigurationData.struct_class = Types::SecurityConfigurationData
+
+    SecurityConfigurations.member = Shapes::ShapeRef.new(shape: SecurityConfiguration)
+
     SensitivePropertiesMap.key = Shapes::ShapeRef.new(shape: String1024)
     SensitivePropertiesMap.value = Shapes::ShapeRef.new(shape: String1024)
 
@@ -504,6 +590,11 @@ module Aws::EMRContainers
 
     SubnetIds.member = Shapes::ShapeRef.new(shape: String256)
 
+    TLSCertificateConfiguration.add_member(:certificate_provider_type, Shapes::ShapeRef.new(shape: CertificateProviderType, location_name: "certificateProviderType"))
+    TLSCertificateConfiguration.add_member(:public_certificate_secret_arn, Shapes::ShapeRef.new(shape: SecretsManagerArn, location_name: "publicCertificateSecretArn"))
+    TLSCertificateConfiguration.add_member(:private_certificate_secret_arn, Shapes::ShapeRef.new(shape: SecretsManagerArn, location_name: "privateCertificateSecretArn"))
+    TLSCertificateConfiguration.struct_class = Types::TLSCertificateConfiguration
+
     TagKeyList.member = Shapes::ShapeRef.new(shape: String128)
 
     TagMap.key = Shapes::ShapeRef.new(shape: String128)
@@ -541,6 +632,7 @@ module Aws::EMRContainers
     VirtualCluster.add_member(:container_provider, Shapes::ShapeRef.new(shape: ContainerProvider, location_name: "containerProvider"))
     VirtualCluster.add_member(:created_at, Shapes::ShapeRef.new(shape: Date, location_name: "createdAt"))
     VirtualCluster.add_member(:tags, Shapes::ShapeRef.new(shape: TagMap, location_name: "tags"))
+    VirtualCluster.add_member(:security_configuration_id, Shapes::ShapeRef.new(shape: ResourceIdString, location_name: "securityConfigurationId"))
     VirtualCluster.struct_class = Types::VirtualCluster
 
     VirtualClusterStates.member = Shapes::ShapeRef.new(shape: VirtualClusterState)
@@ -597,6 +689,16 @@ module Aws::EMRContainers
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
       end)
 
+      api.add_operation(:create_security_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "CreateSecurityConfiguration"
+        o.http_method = "POST"
+        o.http_request_uri = "/securityconfigurations"
+        o.input = Shapes::ShapeRef.new(shape: CreateSecurityConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: CreateSecurityConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+      end)
+
       api.add_operation(:create_virtual_cluster, Seahorse::Model::Operation.new.tap do |o|
         o.name = "CreateVirtualCluster"
         o.http_method = "POST"
@@ -606,6 +708,7 @@ module Aws::EMRContainers
         o.errors << Shapes::ShapeRef.new(shape: ValidationException)
         o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o.errors << Shapes::ShapeRef.new(shape: EKSRequestThrottledException)
       end)
 
       api.add_operation(:delete_job_template, Seahorse::Model::Operation.new.tap do |o|
@@ -671,6 +774,17 @@ module Aws::EMRContainers
         o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
       end)
 
+      api.add_operation(:describe_security_configuration, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DescribeSecurityConfiguration"
+        o.http_method = "GET"
+        o.http_request_uri = "/securityconfigurations/{securityConfigurationId}"
+        o.input = Shapes::ShapeRef.new(shape: DescribeSecurityConfigurationRequest)
+        o.output = Shapes::ShapeRef.new(shape: DescribeSecurityConfigurationResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+      end)
+
       api.add_operation(:describe_virtual_cluster, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DescribeVirtualCluster"
         o.http_method = "GET"
@@ -742,6 +856,22 @@ module Aws::EMRContainers
         )
       end)
 
+      api.add_operation(:list_security_configurations, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListSecurityConfigurations"
+        o.http_method = "GET"
+        o.http_request_uri = "/securityconfigurations"
+        o.input = Shapes::ShapeRef.new(shape: ListSecurityConfigurationsRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListSecurityConfigurationsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: InternalServerException)
+        o[:pager] = Aws::Pager.new(
+          limit_key: "max_results",
+          tokens: {
+            "next_token" => "next_token"
+          }
+        )
+      end)
+
       api.add_operation(:list_tags_for_resource, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ListTagsForResource"
         o.http_method = "GET"