aws-sdk-firehose 1.23.0 → 1.28.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: b93c8ef6587ad17d0422c4b02a0a6892390444ad
-  data.tar.gz: 57b5878899010b16d8b8fbff6b30e9b461d4e68c
+SHA256:
+  metadata.gz: 5fe2646635a79bf2458e4454be0d70aaefae05715601e531f4f325b8fa9765ec
+  data.tar.gz: 18bca3eb1abeada3d0ae5be06e69c7d615f7bfee4658b90a18bf9a45ce35467d
 SHA512:
-  metadata.gz: e8d831801e5ea5ede0bc3b4620b91db80664b90b1d35847b1a1d8c5284ccb2da328fbce5d12bea34ef17e4f9b410baa2af110d689c4f2f23fb37e1838d574e62
-  data.tar.gz: e519f1e609b0a74c6cf74e6da8e5da222ea9e4f4b1be61d2af91d888db71023421deb833cc90cf7b82b60e5789771974027213bb07d7f003da424b759f4964f0
+  metadata.gz: aa417e2202d0953d4e829f4b705a7747a8227168d05be0472421394342c34f810fdca5622f153ad8de0136890a3c672a7f1cda1a879b3262987aab444c9c739d
+  data.tar.gz: 239006a576e45ce76ed83ebd3c9fc260b316db3b44f32fc552043dc3e25925ca55b2708e8da3a9657c650e60e4f54334b192b078135b917f006a59810fbe89c6

data/lib/aws-sdk-firehose.rb

@@ -24,17 +24,20 @@ require_relative 'aws-sdk-firehose/customizations'
 # methods each accept a hash of request parameters and return a response
 # structure.
 #
+#     firehose = Aws::Firehose::Client.new
+#     resp = firehose.create_delivery_stream(params)
+#
 # See {Client} for more information.
 #
 # # Errors
 #
-# Errors returned from Amazon Kinesis Firehose all
-# extend {Errors::ServiceError}.
+# Errors returned from Amazon Kinesis Firehose are defined in the
+# {Errors} module and all extend {Errors::ServiceError}.
 #
 #     begin
 #       # do stuff
 #     rescue Aws::Firehose::Errors::ServiceError
-#       # rescues all service API errors
+#       # rescues all Amazon Kinesis Firehose API errors
 #     end
 #
 # See {Errors} for more information.
@@ -42,6 +45,6 @@ require_relative 'aws-sdk-firehose/customizations'
 # @service
 module Aws::Firehose
 
-  GEM_VERSION = '1.23.0'
+  GEM_VERSION = '1.28.0'
 
 end

data/lib/aws-sdk-firehose/client.rb

@@ -30,6 +30,18 @@ require 'aws-sdk-core/plugins/protocols/json_rpc.rb'
 Aws::Plugins::GlobalConfiguration.add_identifier(:firehose)
 
 module Aws::Firehose
+  # An API client for Firehose.  To construct a client, you need to configure a `:region` and `:credentials`.
+  #
+  #     client = Aws::Firehose::Client.new(
+  #       region: region_name,
+  #       credentials: credentials,
+  #       # ...
+  #     )
+  #
+  # For details on configuring region and credentials see
+  # the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).
+  #
+  # See {#initialize} for a full list of supported configuration options.
   class Client < Seahorse::Client::Base
 
     include Aws::ClientStubs
@@ -93,7 +105,7 @@ module Aws::Firehose
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
     #     used to determine the service `:endpoint`. When not passed,
-    #     a default `:region` is search for in the following locations:
+    #     a default `:region` is searched for in the following locations:
     #
     #     * `Aws.config[:region]`
     #     * `ENV['AWS_REGION']`
@@ -108,6 +120,12 @@ module Aws::Firehose
     #     When set to `true`, a thread polling for endpoints will be running in
     #     the background every 60 secs (default). Defaults to `false`.
     #
+    #   @option options [Boolean] :adaptive_retry_wait_to_fill (true)
+    #     Used only in `adaptive` retry mode.  When true, the request will sleep
+    #     until there is sufficent client side capacity to retry the request.
+    #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
+    #     not retry instead of sleeping.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -132,6 +150,10 @@ module Aws::Firehose
     #     When `true`, an attempt is made to coerce request parameters into
     #     the required types.
     #
+    #   @option options [Boolean] :correct_clock_skew (true)
+    #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
+    #     a clock skew correction and retry requests with skewed client clocks.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
@@ -139,7 +161,7 @@ module Aws::Firehose
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
-    #     to test endpoints. This should be avalid HTTP(S) URI.
+    #     to test endpoints. This should be a valid HTTP(S) URI.
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -154,7 +176,7 @@ module Aws::Firehose
     #     requests fetching endpoints information. Defaults to 60 sec.
     #
     #   @option options [Boolean] :endpoint_discovery (false)
-    #     When set to `true`, endpoint discovery will be enabled for operations when available. Defaults to `false`.
+    #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
@@ -166,15 +188,29 @@ module Aws::Firehose
     #     The Logger instance to send log messages to.  If this option
     #     is not set, logging will be disabled.
     #
+    #   @option options [Integer] :max_attempts (3)
+    #     An integer representing the maximum number attempts that will be made for
+    #     a single request, including the initial attempt.  For example,
+    #     setting this value to 5 will result in a request being retried up to
+    #     4 times. Used in `standard` and `adaptive` retry modes.
+    #
     #   @option options [String] :profile ("default")
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Proc] :retry_backoff
+    #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
+    #     This option is only used in the `legacy` retry mode.
+    #
     #   @option options [Float] :retry_base_delay (0.3)
-    #     The base delay in seconds used by the default backoff function.
+    #     The base delay in seconds used by the default backoff function. This option
+    #     is only used in the `legacy` retry mode.
     #
     #   @option options [Symbol] :retry_jitter (:none)
-    #     A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number.
+    #     A delay randomiser function used by the default backoff function.
+    #     Some predefined functions can be referenced by name - :none, :equal, :full,
+    #     otherwise a Proc that takes and returns a number. This option is only used
+    #     in the `legacy` retry mode.
     #
     #     @see https://www.awsarchitectureblog.com/2015/03/backoff.html
     #
@@ -182,11 +218,30 @@ module Aws::Firehose
     #     The maximum number of times to retry failed requests.  Only
     #     ~ 500 level server errors and certain ~ 400 level client errors
     #     are retried.  Generally, these are throttling errors, data
-    #     checksum errors, networking errors, timeout errors and auth
-    #     errors from expired credentials.
+    #     checksum errors, networking errors, timeout errors, auth errors,
+    #     endpoint discovery, and errors from expired credentials.
+    #     This option is only used in the `legacy` retry mode.
     #
     #   @option options [Integer] :retry_max_delay (0)
-    #     The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function.
+    #     The maximum number of seconds to delay between retries (0 for no limit)
+    #     used by the default backoff function. This option is only used in the
+    #     `legacy` retry mode.
+    #
+    #   @option options [String] :retry_mode ("legacy")
+    #     Specifies which retry algorithm to use. Values are:
+    #
+    #     * `legacy` - The pre-existing retry behavior.  This is default value if
+    #       no retry mode is provided.
+    #
+    #     * `standard` - A standardized set of retry rules across the AWS SDKs.
+    #       This includes support for retry quotas, which limit the number of
+    #       unsuccessful retries a client can make.
+    #
+    #     * `adaptive` - An experimental retry mode that includes all the
+    #       functionality of `standard` mode along with automatic client side
+    #       throttling.  This is a provisional mode that may change behavior
+    #       in the future.
+    #
     #
     #   @option options [String] :secret_access_key
     #
@@ -219,16 +274,15 @@ module Aws::Firehose
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
     #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before rasing a
+    #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
     #   @option options [Integer] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
-    #     safely be set
-    #     per-request on the session yeidled by {#session_for}.
+    #     safely be set per-request on the session.
     #
     #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idble before it is
+    #     seconds a connection is allowed to sit idle before it is
     #     considered stale.  Stale connections are closed and removed
     #     from the pool before making a request.
     #
@@ -237,7 +291,7 @@ module Aws::Firehose
     #     request body.  This option has no effect unless the request has
     #     "Expect" header set to "100-continue".  Defaults to `nil` which
     #     disables this behaviour.  This value can safely be set per
-    #     request on the session yeidled by {#session_for}.
+    #     request on the session.
     #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
@@ -271,9 +325,15 @@ module Aws::Firehose
     # This is an asynchronous operation that immediately returns. The
     # initial status of the delivery stream is `CREATING`. After the
     # delivery stream is created, its status is `ACTIVE` and it now accepts
-    # data. Attempts to send data to a delivery stream that is not in the
-    # `ACTIVE` state cause an exception. To check the state of a delivery
-    # stream, use DescribeDeliveryStream.
+    # data. If the delivery stream creation fails, the status transitions to
+    # `CREATING_FAILED`. Attempts to send data to a delivery stream that is
+    # not in the `ACTIVE` state cause an exception. To check the state of a
+    # delivery stream, use DescribeDeliveryStream.
+    #
+    # If the status of a delivery stream is `CREATING_FAILED`, this status
+    # doesn't change, and you can't invoke `CreateDeliveryStream` again on
+    # it. However, you can invoke the DeleteDeliveryStream operation to
+    # delete it.
     #
     # A Kinesis Data Firehose delivery stream can be configured to receive
     # records directly from providers using PutRecord or PutRecordBatch, or
@@ -283,6 +343,12 @@ module Aws::Firehose
     # the Kinesis stream Amazon Resource Name (ARN) and role ARN in the
     # `KinesisStreamSourceConfiguration` parameter.
     #
+    # To create a delivery stream with server-side encryption (SSE) enabled,
+    # include DeliveryStreamEncryptionConfigurationInput in your request.
+    # This is optional. You can also invoke StartDeliveryStreamEncryption to
+    # turn on SSE for an existing delivery stream that doesn't have SSE
+    # enabled.
+    #
     # A delivery stream is configured with a single destination: Amazon S3,
     # Amazon ES, Amazon Redshift, or Splunk. You must specify only one of
     # the following destination configuration parameters:
@@ -354,6 +420,10 @@ module Aws::Firehose
     #   stream Amazon Resource Name (ARN) and the role ARN for the source
     #   stream.
     #
+    # @option params [Types::DeliveryStreamEncryptionConfigurationInput] :delivery_stream_encryption_configuration_input
+    #   Used to specify the type and Amazon Resource Name (ARN) of the KMS key
+    #   needed for Server-Side Encryption (SSE).
+    #
     # @option params [Types::S3DestinationConfiguration] :s3_destination_configuration
     #   \[Deprecated\] The destination in Amazon S3. You can specify only one
     #   destination.
@@ -398,6 +468,10 @@ module Aws::Firehose
     #       kinesis_stream_arn: "KinesisStreamARN", # required
     #       role_arn: "RoleARN", # required
     #     },
+    #     delivery_stream_encryption_configuration_input: {
+    #       key_arn: "AWSKMSKeyARN",
+    #       key_type: "AWS_OWNED_CMK", # required, accepts AWS_OWNED_CMK, CUSTOMER_MANAGED_CMK
+    #     },
     #     s3_destination_configuration: {
     #       role_arn: "RoleARN", # required
     #       bucket_arn: "BucketARN", # required
@@ -407,7 +481,7 @@ module Aws::Firehose
     #         size_in_m_bs: 1,
     #         interval_in_seconds: 1,
     #       },
-    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #       encryption_configuration: {
     #         no_encryption_config: "NoEncryption", # accepts NoEncryption
     #         kms_encryption_config: {
@@ -429,7 +503,7 @@ module Aws::Firehose
     #         size_in_m_bs: 1,
     #         interval_in_seconds: 1,
     #       },
-    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #       encryption_configuration: {
     #         no_encryption_config: "NoEncryption", # accepts NoEncryption
     #         kms_encryption_config: {
@@ -465,7 +539,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -550,7 +624,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -587,7 +661,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -630,7 +704,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -662,6 +736,11 @@ module Aws::Firehose
     #         log_group_name: "LogGroupName",
     #         log_stream_name: "LogStreamName",
     #       },
+    #       vpc_configuration: {
+    #         subnet_ids: ["NonEmptyStringWithoutWhitespace"], # required
+    #         role_arn: "RoleARN", # required
+    #         security_group_ids: ["NonEmptyStringWithoutWhitespace"], # required
+    #       },
     #     },
     #     splunk_destination_configuration: {
     #       hec_endpoint: "HECEndpoint", # required
@@ -681,7 +760,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -737,27 +816,45 @@ module Aws::Firehose
 
     # Deletes a delivery stream and its data.
     #
-    # You can delete a delivery stream only if it is in `ACTIVE` or
-    # `DELETING` state, and not in the `CREATING` state. While the deletion
-    # request is in process, the delivery stream is in the `DELETING` state.
-    #
     # To check the state of a delivery stream, use DescribeDeliveryStream.
-    #
-    # While the delivery stream is `DELETING` state, the service might
-    # continue to accept the records, but it doesn't make any guarantees
+    # You can delete a delivery stream only if it is in one of the following
+    # states: `ACTIVE`, `DELETING`, `CREATING_FAILED`, or `DELETING_FAILED`.
+    # You can't delete a delivery stream that is in the `CREATING` state.
+    # While the deletion request is in process, the delivery stream is in
+    # the `DELETING` state.
+    #
+    # While the delivery stream is in the `DELETING` state, the service
+    # might continue to accept records, but it doesn't make any guarantees
     # with respect to delivering the data. Therefore, as a best practice,
-    # you should first stop any applications that are sending records before
-    # deleting a delivery stream.
+    # first stop any applications that are sending records before you delete
+    # a delivery stream.
     #
     # @option params [required, String] :delivery_stream_name
     #   The name of the delivery stream.
     #
+    # @option params [Boolean] :allow_force_delete
+    #   Set this to true if you want to delete the delivery stream even if
+    #   Kinesis Data Firehose is unable to retire the grant for the CMK.
+    #   Kinesis Data Firehose might be unable to retire the grant due to a
+    #   customer error, such as when the CMK or the grant are in an invalid
+    #   state. If you force deletion, you can then use the [RevokeGrant][1]
+    #   operation to revoke the grant you gave to Kinesis Data Firehose. If a
+    #   failure to retire the grant happens due to an AWS KMS issue, Kinesis
+    #   Data Firehose keeps retrying the delete operation.
+    #
+    #   The default value is false.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/APIReference/API_RevokeGrant.html
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.delete_delivery_stream({
     #     delivery_stream_name: "DeliveryStreamName", # required
+    #     allow_force_delete: false,
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/firehose-2015-08-04/DeleteDeliveryStream AWS API Documentation
@@ -769,10 +866,17 @@ module Aws::Firehose
       req.send_request(options)
     end
 
-    # Describes the specified delivery stream and gets the status. For
-    # example, after your delivery stream is created, call
-    # `DescribeDeliveryStream` to see whether the delivery stream is
-    # `ACTIVE` and therefore ready for data to be sent to it.
+    # Describes the specified delivery stream and its status. For example,
+    # after your delivery stream is created, call `DescribeDeliveryStream`
+    # to see whether the delivery stream is `ACTIVE` and therefore ready for
+    # data to be sent to it.
+    #
+    # If the status of a delivery stream is `CREATING_FAILED`, this status
+    # doesn't change, and you can't invoke CreateDeliveryStream again on
+    # it. However, you can invoke the DeleteDeliveryStream operation to
+    # delete it. If the status is `DELETING_FAILED`, you can force deletion
+    # by invoking DeleteDeliveryStream again but with
+    # DeleteDeliveryStreamInput$AllowForceDelete set to true.
     #
     # @option params [required, String] :delivery_stream_name
     #   The name of the delivery stream.
@@ -802,8 +906,14 @@ module Aws::Firehose
     #
     #   resp.delivery_stream_description.delivery_stream_name #=> String
     #   resp.delivery_stream_description.delivery_stream_arn #=> String
-    #   resp.delivery_stream_description.delivery_stream_status #=> String, one of "CREATING", "DELETING", "ACTIVE"
-    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.status #=> String, one of "ENABLED", "ENABLING", "DISABLED", "DISABLING"
+    #   resp.delivery_stream_description.delivery_stream_status #=> String, one of "CREATING", "CREATING_FAILED", "DELETING", "DELETING_FAILED", "ACTIVE"
+    #   resp.delivery_stream_description.failure_description.type #=> String, one of "RETIRE_KMS_GRANT_FAILED", "CREATE_KMS_GRANT_FAILED", "KMS_ACCESS_DENIED", "DISABLED_KMS_KEY", "INVALID_KMS_KEY", "KMS_KEY_NOT_FOUND", "KMS_OPT_IN_REQUIRED", "CREATE_ENI_FAILED", "DELETE_ENI_FAILED", "SUBNET_NOT_FOUND", "SECURITY_GROUP_NOT_FOUND", "ENI_ACCESS_DENIED", "SUBNET_ACCESS_DENIED", "SECURITY_GROUP_ACCESS_DENIED", "UNKNOWN_ERROR"
+    #   resp.delivery_stream_description.failure_description.details #=> String
+    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.key_arn #=> String
+    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.key_type #=> String, one of "AWS_OWNED_CMK", "CUSTOMER_MANAGED_CMK"
+    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.status #=> String, one of "ENABLED", "ENABLING", "ENABLING_FAILED", "DISABLED", "DISABLING", "DISABLING_FAILED"
+    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.failure_description.type #=> String, one of "RETIRE_KMS_GRANT_FAILED", "CREATE_KMS_GRANT_FAILED", "KMS_ACCESS_DENIED", "DISABLED_KMS_KEY", "INVALID_KMS_KEY", "KMS_KEY_NOT_FOUND", "KMS_OPT_IN_REQUIRED", "CREATE_ENI_FAILED", "DELETE_ENI_FAILED", "SUBNET_NOT_FOUND", "SECURITY_GROUP_NOT_FOUND", "ENI_ACCESS_DENIED", "SUBNET_ACCESS_DENIED", "SECURITY_GROUP_ACCESS_DENIED", "UNKNOWN_ERROR"
+    #   resp.delivery_stream_description.delivery_stream_encryption_configuration.failure_description.details #=> String
     #   resp.delivery_stream_description.delivery_stream_type #=> String, one of "DirectPut", "KinesisStreamAsSource"
     #   resp.delivery_stream_description.version_id #=> String
     #   resp.delivery_stream_description.create_timestamp #=> Time
@@ -819,7 +929,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].s3_destination_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -831,7 +941,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -850,7 +960,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].extended_s3_destination_description.s3_backup_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -899,7 +1009,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_destination_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -918,7 +1028,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].redshift_destination_description.s3_backup_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -943,7 +1053,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.s3_destination_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -958,6 +1068,12 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.cloud_watch_logging_options.enabled #=> Boolean
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.cloud_watch_logging_options.log_group_name #=> String
     #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.cloud_watch_logging_options.log_stream_name #=> String
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.subnet_ids #=> Array
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.subnet_ids[0] #=> String
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.role_arn #=> String
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.security_group_ids #=> Array
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.security_group_ids[0] #=> String
+    #   resp.delivery_stream_description.destinations[0].elasticsearch_destination_description.vpc_configuration_description.vpc_id #=> String
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.hec_endpoint #=> String
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.hec_endpoint_type #=> String, one of "Raw", "Event"
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.hec_token #=> String
@@ -970,7 +1086,7 @@ module Aws::Firehose
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.error_output_prefix #=> String
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.buffering_hints.size_in_m_bs #=> Integer
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.buffering_hints.interval_in_seconds #=> Integer
-    #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy"
+    #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.compression_format #=> String, one of "UNCOMPRESSED", "GZIP", "ZIP", "Snappy", "HADOOP_SNAPPY"
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.encryption_configuration.no_encryption_config #=> String, one of "NoEncryption"
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.encryption_configuration.kms_encryption_config.awskms_key_arn #=> String
     #   resp.delivery_stream_description.destinations[0].splunk_destination_description.s3_destination_description.cloud_watch_logging_options.enabled #=> Boolean
@@ -1302,21 +1418,44 @@ module Aws::Firehose
     # Enables server-side encryption (SSE) for the delivery stream.
     #
     # This operation is asynchronous. It returns immediately. When you
-    # invoke it, Kinesis Data Firehose first sets the status of the stream
-    # to `ENABLING`, and then to `ENABLED`. You can continue to read and
-    # write data to your stream while its status is `ENABLING`, but the data
-    # is not encrypted. It can take up to 5 seconds after the encryption
-    # status changes to `ENABLED` before all records written to the delivery
-    # stream are encrypted. To find out whether a record or a batch of
-    # records was encrypted, check the response elements
-    # PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted,
-    # respectively.
-    #
-    # To check the encryption state of a delivery stream, use
+    # invoke it, Kinesis Data Firehose first sets the encryption status of
+    # the stream to `ENABLING`, and then to `ENABLED`. The encryption status
+    # of a delivery stream is the `Status` property in
+    # DeliveryStreamEncryptionConfiguration. If the operation fails, the
+    # encryption status changes to `ENABLING_FAILED`. You can continue to
+    # read and write data to your delivery stream while the encryption
+    # status is `ENABLING`, but the data is not encrypted. It can take up to
+    # 5 seconds after the encryption status changes to `ENABLED` before all
+    # records written to the delivery stream are encrypted. To find out
+    # whether a record or a batch of records was encrypted, check the
+    # response elements PutRecordOutput$Encrypted and
+    # PutRecordBatchOutput$Encrypted, respectively.
+    #
+    # To check the encryption status of a delivery stream, use
     # DescribeDeliveryStream.
     #
-    # You can only enable SSE for a delivery stream that uses `DirectPut` as
-    # its source.
+    # Even if encryption is currently enabled for a delivery stream, you can
+    # still invoke this operation on it to change the ARN of the CMK or both
+    # its type and ARN. If you invoke this method to change the CMK, and the
+    # old CMK is of type `CUSTOMER_MANAGED_CMK`, Kinesis Data Firehose
+    # schedules the grant it had on the old CMK for retirement. If the new
+    # CMK is of type `CUSTOMER_MANAGED_CMK`, Kinesis Data Firehose creates a
+    # grant that enables it to use the new CMK to encrypt and decrypt data
+    # and to manage the grant.
+    #
+    # If a delivery stream already has encryption enabled and then you
+    # invoke this operation to change the ARN of the CMK or both its type
+    # and ARN and you get `ENABLING_FAILED`, this only means that the
+    # attempt to change the CMK failed. In this case, encryption remains
+    # enabled with the old CMK.
+    #
+    # If the encryption status of your delivery stream is `ENABLING_FAILED`,
+    # you can invoke this operation again with a valid CMK. The CMK must be
+    # enabled and the key policy mustn't explicitly deny the permission for
+    # Kinesis Data Firehose to invoke KMS encrypt and decrypt operations.
+    #
+    # You can enable SSE for a delivery stream only if it's a delivery
+    # stream that uses `DirectPut` as its source.
     #
     # The `StartDeliveryStreamEncryption` and `StopDeliveryStreamEncryption`
     # operations have a combined limit of 25 calls per delivery stream per
@@ -1329,12 +1468,20 @@ module Aws::Firehose
     #   The name of the delivery stream for which you want to enable
     #   server-side encryption (SSE).
     #
+    # @option params [Types::DeliveryStreamEncryptionConfigurationInput] :delivery_stream_encryption_configuration_input
+    #   Used to specify the type and Amazon Resource Name (ARN) of the KMS key
+    #   needed for Server-Side Encryption (SSE).
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.start_delivery_stream_encryption({
     #     delivery_stream_name: "DeliveryStreamName", # required
+    #     delivery_stream_encryption_configuration_input: {
+    #       key_arn: "AWSKMSKeyARN",
+    #       key_type: "AWS_OWNED_CMK", # required, accepts AWS_OWNED_CMK, CUSTOMER_MANAGED_CMK
+    #     },
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/firehose-2015-08-04/StartDeliveryStreamEncryption AWS API Documentation
@@ -1349,19 +1496,24 @@ module Aws::Firehose
     # Disables server-side encryption (SSE) for the delivery stream.
     #
     # This operation is asynchronous. It returns immediately. When you
-    # invoke it, Kinesis Data Firehose first sets the status of the stream
-    # to `DISABLING`, and then to `DISABLED`. You can continue to read and
-    # write data to your stream while its status is `DISABLING`. It can take
-    # up to 5 seconds after the encryption status changes to `DISABLED`
-    # before all records written to the delivery stream are no longer
-    # subject to encryption. To find out whether a record or a batch of
-    # records was encrypted, check the response elements
+    # invoke it, Kinesis Data Firehose first sets the encryption status of
+    # the stream to `DISABLING`, and then to `DISABLED`. You can continue to
+    # read and write data to your stream while its status is `DISABLING`. It
+    # can take up to 5 seconds after the encryption status changes to
+    # `DISABLED` before all records written to the delivery stream are no
+    # longer subject to encryption. To find out whether a record or a batch
+    # of records was encrypted, check the response elements
     # PutRecordOutput$Encrypted and PutRecordBatchOutput$Encrypted,
     # respectively.
     #
     # To check the encryption state of a delivery stream, use
     # DescribeDeliveryStream.
     #
+    # If SSE is enabled using a customer managed CMK and then you invoke
+    # `StopDeliveryStreamEncryption`, Kinesis Data Firehose schedules the
+    # related KMS grant for retirement and then retires it after it ensures
+    # that it is finished delivering records to the destination.
+    #
     # The `StartDeliveryStreamEncryption` and `StopDeliveryStreamEncryption`
     # operations have a combined limit of 25 calls per delivery stream per
     # 24 hours. For example, you reach the limit if you call
@@ -1554,7 +1706,7 @@ module Aws::Firehose
     #         size_in_m_bs: 1,
     #         interval_in_seconds: 1,
     #       },
-    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #       encryption_configuration: {
     #         no_encryption_config: "NoEncryption", # accepts NoEncryption
     #         kms_encryption_config: {
@@ -1576,7 +1728,7 @@ module Aws::Firehose
     #         size_in_m_bs: 1,
     #         interval_in_seconds: 1,
     #       },
-    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #       compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #       encryption_configuration: {
     #         no_encryption_config: "NoEncryption", # accepts NoEncryption
     #         kms_encryption_config: {
@@ -1612,7 +1764,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -1697,7 +1849,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -1734,7 +1886,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -1776,7 +1928,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -1827,7 +1979,7 @@ module Aws::Firehose
     #           size_in_m_bs: 1,
     #           interval_in_seconds: 1,
     #         },
-    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy
+    #         compression_format: "UNCOMPRESSED", # accepts UNCOMPRESSED, GZIP, ZIP, Snappy, HADOOP_SNAPPY
     #         encryption_configuration: {
     #           no_encryption_config: "NoEncryption", # accepts NoEncryption
     #           kms_encryption_config: {
@@ -1884,7 +2036,7 @@ module Aws::Firehose
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-firehose'
-      context[:gem_version] = '1.23.0'
+      context[:gem_version] = '1.28.0'
       Seahorse::Client::Request.new(handlers, context)
     end