aws-sdk-iot 1.135.0 → 1.137.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 13f1e0c610346aca94631fed4b71b275c8dd49b26699dc08cedec70085ba1127
-  data.tar.gz: eb0f525538a5cf0c71b4c0542f5ffe26f653516983fc1f185e9ac2fca6026025
+  metadata.gz: 5a51d136f0044d776ab3a569c7f2081ff6b70552e960907b44d18aec890bdd8f
+  data.tar.gz: 0f414843ab2f572753485b47e044661d4211402a6d0ecd901106c14efe106433
 SHA512:
-  metadata.gz: dc3be3c0b1a7022573597abac2026347171ad204a2d83cd9884adb49281acbd67913e397ec1228b2050741d86c2914fb3caa4b01475082d23386d7cd8ebd7abf
-  data.tar.gz: 1f5cf25bc98df8f9bdaa221049f38e62fa91e945cf9307aa5d5e1dd64d46d929f940feb7d4d09ca6a1cd50a09b09d8fd768e4e9750252ae75972251a10475bcf
+  metadata.gz: dd53f1465dfa49e61bd747d9d727edf7470fbd8cf735b09bdb4cfc55fd2494abafaa143147537d0983698c4d4a1aaf6e6b17bf64850eae9359b44d8e2c075625
+  data.tar.gz: f245069310058019821adaf690c61e2d6157ce633bccb0b1713e216cb718283bac61f9a5025d5159bc7e95254fb55b56fc283c91bc0dbce460a3e1b9d745c809

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.137.0 (2024-10-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.136.0 (2024-10-03)
+------------------
+
+* Feature - This release adds support for Custom Authentication with X.509 Client Certificates, support for Custom Client Certificate validation, and support for selecting application protocol and authentication type without requiring TLS ALPN for customer's AWS IoT Domain Configurations.
+
 1.135.0 (2024-09-24)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.135.0
+1.137.0

data/lib/aws-sdk-iot/client.rb

@@ -571,8 +571,8 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Associates a software bill of materials (SBOM) with a specific
-    # software package version.
+    # Associates the selected software bill of materials (SBOM) with a
+    # specific software package version.
     #
     # Requires permission to access the [AssociateSbomWithPackageVersion][1]
     # action.
@@ -588,8 +588,8 @@ module Aws::IoT
     #   The name of the new package version.
     #
     # @option params [required, Types::Sbom] :sbom
-    #   The Amazon S3 location for the software bill of materials associated
-    #   with a software package version.
+    #   A specific software bill of matrerials associated with a software
+    #   package version.
     #
     # @option params [String] :client_token
     #   A unique case-sensitive identifier that you can provide to ensure the
@@ -1298,7 +1298,10 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Creates a billing group.
+    # Creates a billing group. If this call is made multiple times using the
+    # same billing group name and configuration, the call will succeed. If
+    # this call is made with the same billing group name but different
+    # configuration a `ResourceAlreadyExistsException` is thrown.
     #
     # Requires permission to access the [CreateBillingGroup][1] action.
     #
@@ -1715,6 +1718,78 @@ module Aws::IoT
     # @option params [Types::ServerCertificateConfig] :server_certificate_config
     #   The server certificate configuration.
     #
+    # @option params [String] :authentication_type
+    #   An enumerated string that specifies the authentication type.
+    #
+    #   * `CUSTOM_AUTH_X509` - Use custom authentication and authorization
+    #     with additional details from the X.509 client certificate.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `CUSTOM_AUTH` - Use custom authentication and authorization. For
+    #     more information, see [Custom authentication and authorization][1].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `AWS_X509` - Use X.509 client certificates without custom
+    #     authentication and authorization. For more information, see [X.509
+    #     client certificates][2].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `AWS_SIGV4` - Use Amazon Web Services Signature Version 4. For more
+    #     information, see [IAM users, groups, and roles][1].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `DEFAULT` - Use a combination of port and Application Layer Protocol
+    #     Negotiation (ALPN) to specify authentication type. For more
+    #     information, see [Device communication protocols][3].
+    #
+    #   ^
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html
+    #   [2]: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html
+    #   [3]: https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
+    #
+    # @option params [String] :application_protocol
+    #   An enumerated string that specifies the application-layer protocol.
+    #
+    #   * `SECURE_MQTT` - MQTT over TLS.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `MQTT_WSS` - MQTT over WebSocket.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `HTTPS` - HTTP over TLS.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `DEFAULT` - Use a combination of port and Application Layer Protocol
+    #     Negotiation (ALPN) to specify application\_layer protocol. For more
+    #     information, see [Device communication protocols][1].
+    #
+    #   ^
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
+    #
+    # @option params [Types::ClientCertificateConfig] :client_certificate_config
+    #   An object that specifies the client certificate configuration for a
+    #   domain.
+    #
     # @return [Types::CreateDomainConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateDomainConfigurationResponse#domain_configuration_name #domain_configuration_name} => String
@@ -1744,6 +1819,11 @@ module Aws::IoT
     #     server_certificate_config: {
     #       enable_ocsp_check: false,
     #     },
+    #     authentication_type: "CUSTOM_AUTH_X509", # accepts CUSTOM_AUTH_X509, CUSTOM_AUTH, AWS_X509, AWS_SIGV4, DEFAULT
+    #     application_protocol: "SECURE_MQTT", # accepts SECURE_MQTT, MQTT_WSS, HTTPS, DEFAULT
+    #     client_certificate_config: {
+    #       client_certificate_callback_arn: "ClientCertificateCallbackArn",
+    #     },
     #   })
     #
     # @example Response structure
@@ -2693,7 +2773,7 @@ module Aws::IoT
     #
     # @option params [String] :recipe
     #   The inline job document associated with a software package version
-    #   used for a quick job deployment via IoT Jobs.
+    #   used for a quick job deployment.
     #
     # @option params [Hash<String,String>] :tags
     #   Metadata that can be used to manage the package version.
@@ -3073,9 +3153,17 @@ module Aws::IoT
     #
     # Requires permission to access the [CreateRoleAlias][1] action.
     #
+    # The value of [ `credentialDurationSeconds` ][2] must be less than or
+    # equal to the maximum session duration of the IAM role that the role
+    # alias references. For more information, see [ Modifying a role maximum
+    # session duration (Amazon Web Services API)][3] from the Amazon Web
+    # Services Identity and Access Management User Guide.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [2]: https://docs.aws.amazon.com/iot/latest/apireference/API_CreateRoleAlias.html#iot-CreateRoleAlias-request-credentialDurationSeconds
+    # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-managingrole-editing-api.html#roles-modify_max-session-duration-api
     #
     # @option params [required, String] :role_alias
     #   The role alias that points to a role ARN. This allows you to change
@@ -3543,7 +3631,10 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Creates a new thing type.
+    # Creates a new thing type. If this call is made multiple times using
+    # the same thing type name and configuration, the call will succeed. If
+    # this call is made with the same thing type name but different
+    # configuration a `ResourceAlreadyExistsException` is thrown.
     #
     # Requires permission to access the [CreateThingType][1] action.
     #
@@ -6021,6 +6112,9 @@ module Aws::IoT
     #   * {Types::DescribeDomainConfigurationResponse#last_status_change_date #last_status_change_date} => Time
     #   * {Types::DescribeDomainConfigurationResponse#tls_config #tls_config} => Types::TlsConfig
     #   * {Types::DescribeDomainConfigurationResponse#server_certificate_config #server_certificate_config} => Types::ServerCertificateConfig
+    #   * {Types::DescribeDomainConfigurationResponse#authentication_type #authentication_type} => String
+    #   * {Types::DescribeDomainConfigurationResponse#application_protocol #application_protocol} => String
+    #   * {Types::DescribeDomainConfigurationResponse#client_certificate_config #client_certificate_config} => Types::ClientCertificateConfig
     #
     # @example Request syntax with placeholder values
     #
@@ -6045,6 +6139,9 @@ module Aws::IoT
     #   resp.last_status_change_date #=> Time
     #   resp.tls_config.security_policy #=> String
     #   resp.server_certificate_config.enable_ocsp_check #=> Boolean
+    #   resp.authentication_type #=> String, one of "CUSTOM_AUTH_X509", "CUSTOM_AUTH", "AWS_X509", "AWS_SIGV4", "DEFAULT"
+    #   resp.application_protocol #=> String, one of "SECURE_MQTT", "MQTT_WSS", "HTTPS", "DEFAULT"
+    #   resp.client_certificate_config.client_certificate_callback_arn #=> String
     #
     # @overload describe_domain_configuration(params = {})
     # @param [Hash] params ({})
@@ -7229,8 +7326,8 @@ module Aws::IoT
       req.send_request(options)
     end
 
-    # Disassociates a software bill of materials (SBOM) from a specific
-    # software package version.
+    # Disassociates the selected software bill of materials (SBOM) from a
+    # specific software package version.
     #
     # Requires permission to access the
     # [DisassociateSbomWithPackageVersion][1] action.
@@ -14086,6 +14183,78 @@ module Aws::IoT
     # @option params [Types::ServerCertificateConfig] :server_certificate_config
     #   The server certificate configuration.
     #
+    # @option params [String] :authentication_type
+    #   An enumerated string that specifies the authentication type.
+    #
+    #   * `CUSTOM_AUTH_X509` - Use custom authentication and authorization
+    #     with additional details from the X.509 client certificate.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `CUSTOM_AUTH` - Use custom authentication and authorization. For
+    #     more information, see [Custom authentication and authorization][1].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `AWS_X509` - Use X.509 client certificates without custom
+    #     authentication and authorization. For more information, see [X.509
+    #     client certificates][2].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `AWS_SIGV4` - Use Amazon Web Services Signature Version 4. For more
+    #     information, see [IAM users, groups, and roles][1].
+    #
+    #   ^
+    #   ^
+    #
+    #   * `DEFAULT ` - Use a combination of port and Application Layer
+    #     Protocol Negotiation (ALPN) to specify authentication type. For more
+    #     information, see [Device communication protocols][3].
+    #
+    #   ^
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/custom-authentication.html
+    #   [2]: https://docs.aws.amazon.com/iot/latest/developerguide/x509-client-certs.html
+    #   [3]: https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
+    #
+    # @option params [String] :application_protocol
+    #   An enumerated string that specifies the application-layer protocol.
+    #
+    #   * `SECURE_MQTT` - MQTT over TLS.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `MQTT_WSS` - MQTT over WebSocket.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `HTTPS` - HTTP over TLS.
+    #
+    #   ^
+    #   ^
+    #
+    #   * `DEFAULT` - Use a combination of port and Application Layer Protocol
+    #     Negotiation (ALPN) to specify application\_layer protocol. For more
+    #     information, see [Device communication protocols][1].
+    #
+    #   ^
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/iot/latest/developerguide/protocols.html
+    #
+    # @option params [Types::ClientCertificateConfig] :client_certificate_config
+    #   An object that specifies the client certificate configuration for a
+    #   domain.
+    #
     # @return [Types::UpdateDomainConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateDomainConfigurationResponse#domain_configuration_name #domain_configuration_name} => String
@@ -14107,6 +14276,11 @@ module Aws::IoT
     #     server_certificate_config: {
     #       enable_ocsp_check: false,
     #     },
+    #     authentication_type: "CUSTOM_AUTH_X509", # accepts CUSTOM_AUTH_X509, CUSTOM_AUTH, AWS_X509, AWS_SIGV4, DEFAULT
+    #     application_protocol: "SECURE_MQTT", # accepts SECURE_MQTT, MQTT_WSS, HTTPS, DEFAULT
+    #     client_certificate_config: {
+    #       client_certificate_callback_arn: "ClientCertificateCallbackArn",
+    #     },
     #   })
     #
     # @example Response structure
@@ -14672,7 +14846,7 @@ module Aws::IoT
     #
     # @option params [String] :recipe
     #   The inline job document associated with a software package version
-    #   used for a quick job deployment via IoT Jobs.
+    #   used for a quick job deployment.
     #
     # @option params [String] :client_token
     #   A unique case-sensitive identifier that you can provide to ensure the
@@ -14777,9 +14951,17 @@ module Aws::IoT
     #
     # Requires permission to access the [UpdateRoleAlias][1] action.
     #
+    # The value of [ `credentialDurationSeconds` ][2] must be less than or
+    # equal to the maximum session duration of the IAM role that the role
+    # alias references. For more information, see [ Modifying a role maximum
+    # session duration (Amazon Web Services API)][3] from the Amazon Web
+    # Services Identity and Access Management User Guide.
+    #
     #
     #
     # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    # [2]: https://docs.aws.amazon.com/iot/latest/apireference/API_UpdateRoleAlias.html#iot-UpdateRoleAlias-request-credentialDurationSeconds
+    # [3]: https://docs.aws.amazon.com/IAM/latest/UserGuide/roles-managingrole-editing-api.html#roles-modify_max-session-duration-api
     #
     # @option params [required, String] :role_alias
     #   The role alias to update.
@@ -15431,7 +15613,7 @@ module Aws::IoT
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-iot'
-      context[:gem_version] = '1.135.0'
+      context[:gem_version] = '1.137.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-iot/client_api.rb

@@ -47,6 +47,7 @@ module Aws::IoT
     AllowAuthorizerOverride = Shapes::BooleanShape.new(name: 'AllowAuthorizerOverride')
     AllowAutoRegistration = Shapes::BooleanShape.new(name: 'AllowAutoRegistration')
     Allowed = Shapes::StructureShape.new(name: 'Allowed')
+    ApplicationProtocol = Shapes::StringShape.new(name: 'ApplicationProtocol')
     ApproximateSecondsBeforeTimedOut = Shapes::IntegerShape.new(name: 'ApproximateSecondsBeforeTimedOut')
     AscendingOrder = Shapes::BooleanShape.new(name: 'AscendingOrder')
     AssetId = Shapes::StringShape.new(name: 'AssetId')
@@ -116,6 +117,7 @@ module Aws::IoT
     AuthInfos = Shapes::ListShape.new(name: 'AuthInfos')
     AuthResult = Shapes::StructureShape.new(name: 'AuthResult')
     AuthResults = Shapes::ListShape.new(name: 'AuthResults')
+    AuthenticationType = Shapes::StringShape.new(name: 'AuthenticationType')
     AuthorizerArn = Shapes::StringShape.new(name: 'AuthorizerArn')
     AuthorizerConfig = Shapes::StructureShape.new(name: 'AuthorizerConfig')
     AuthorizerDescription = Shapes::StructureShape.new(name: 'AuthorizerDescription')
@@ -219,6 +221,8 @@ module Aws::IoT
     Cidrs = Shapes::ListShape.new(name: 'Cidrs')
     ClearDefaultAuthorizerRequest = Shapes::StructureShape.new(name: 'ClearDefaultAuthorizerRequest')
     ClearDefaultAuthorizerResponse = Shapes::StructureShape.new(name: 'ClearDefaultAuthorizerResponse')
+    ClientCertificateCallbackArn = Shapes::StringShape.new(name: 'ClientCertificateCallbackArn')
+    ClientCertificateConfig = Shapes::StructureShape.new(name: 'ClientCertificateConfig')
     ClientId = Shapes::StringShape.new(name: 'ClientId')
     ClientProperties = Shapes::MapShape.new(name: 'ClientProperties')
     ClientRequestToken = Shapes::StringShape.new(name: 'ClientRequestToken')
@@ -1878,6 +1882,9 @@ module Aws::IoT
 
     ClearDefaultAuthorizerResponse.struct_class = Types::ClearDefaultAuthorizerResponse
 
+    ClientCertificateConfig.add_member(:client_certificate_callback_arn, Shapes::ShapeRef.new(shape: ClientCertificateCallbackArn, location_name: "clientCertificateCallbackArn"))
+    ClientCertificateConfig.struct_class = Types::ClientCertificateConfig
+
     ClientProperties.key = Shapes::ShapeRef.new(shape: String)
     ClientProperties.value = Shapes::ShapeRef.new(shape: String)
 
@@ -2012,6 +2019,9 @@ module Aws::IoT
     CreateDomainConfigurationRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags"))
     CreateDomainConfigurationRequest.add_member(:tls_config, Shapes::ShapeRef.new(shape: TlsConfig, location_name: "tlsConfig"))
     CreateDomainConfigurationRequest.add_member(:server_certificate_config, Shapes::ShapeRef.new(shape: ServerCertificateConfig, location_name: "serverCertificateConfig"))
+    CreateDomainConfigurationRequest.add_member(:authentication_type, Shapes::ShapeRef.new(shape: AuthenticationType, location_name: "authenticationType"))
+    CreateDomainConfigurationRequest.add_member(:application_protocol, Shapes::ShapeRef.new(shape: ApplicationProtocol, location_name: "applicationProtocol"))
+    CreateDomainConfigurationRequest.add_member(:client_certificate_config, Shapes::ShapeRef.new(shape: ClientCertificateConfig, location_name: "clientCertificateConfig"))
     CreateDomainConfigurationRequest.struct_class = Types::CreateDomainConfigurationRequest
 
     CreateDomainConfigurationResponse.add_member(:domain_configuration_name, Shapes::ShapeRef.new(shape: DomainConfigurationName, location_name: "domainConfigurationName"))
@@ -2641,6 +2651,9 @@ module Aws::IoT
     DescribeDomainConfigurationResponse.add_member(:last_status_change_date, Shapes::ShapeRef.new(shape: DateType, location_name: "lastStatusChangeDate"))
     DescribeDomainConfigurationResponse.add_member(:tls_config, Shapes::ShapeRef.new(shape: TlsConfig, location_name: "tlsConfig"))
     DescribeDomainConfigurationResponse.add_member(:server_certificate_config, Shapes::ShapeRef.new(shape: ServerCertificateConfig, location_name: "serverCertificateConfig"))
+    DescribeDomainConfigurationResponse.add_member(:authentication_type, Shapes::ShapeRef.new(shape: AuthenticationType, location_name: "authenticationType"))
+    DescribeDomainConfigurationResponse.add_member(:application_protocol, Shapes::ShapeRef.new(shape: ApplicationProtocol, location_name: "applicationProtocol"))
+    DescribeDomainConfigurationResponse.add_member(:client_certificate_config, Shapes::ShapeRef.new(shape: ClientCertificateConfig, location_name: "clientCertificateConfig"))
     DescribeDomainConfigurationResponse.struct_class = Types::DescribeDomainConfigurationResponse
 
     DescribeEndpointRequest.add_member(:endpoint_type, Shapes::ShapeRef.new(shape: EndpointType, location: "querystring", location_name: "endpointType"))
@@ -5083,6 +5096,9 @@ module Aws::IoT
     UpdateDomainConfigurationRequest.add_member(:remove_authorizer_config, Shapes::ShapeRef.new(shape: RemoveAuthorizerConfig, location_name: "removeAuthorizerConfig"))
     UpdateDomainConfigurationRequest.add_member(:tls_config, Shapes::ShapeRef.new(shape: TlsConfig, location_name: "tlsConfig"))
     UpdateDomainConfigurationRequest.add_member(:server_certificate_config, Shapes::ShapeRef.new(shape: ServerCertificateConfig, location_name: "serverCertificateConfig"))
+    UpdateDomainConfigurationRequest.add_member(:authentication_type, Shapes::ShapeRef.new(shape: AuthenticationType, location_name: "authenticationType"))
+    UpdateDomainConfigurationRequest.add_member(:application_protocol, Shapes::ShapeRef.new(shape: ApplicationProtocol, location_name: "applicationProtocol"))
+    UpdateDomainConfigurationRequest.add_member(:client_certificate_config, Shapes::ShapeRef.new(shape: ClientCertificateConfig, location_name: "clientCertificateConfig"))
     UpdateDomainConfigurationRequest.struct_class = Types::UpdateDomainConfigurationRequest
 
     UpdateDomainConfigurationResponse.add_member(:domain_configuration_name, Shapes::ShapeRef.new(shape: ReservedDomainConfigurationName, location_name: "domainConfigurationName"))

data/lib/aws-sdk-iot/endpoint_parameters.rb

@@ -52,15 +52,18 @@ module Aws::IoT
       self[:region] = options[:region]
       self[:use_dual_stack] = options[:use_dual_stack]
       self[:use_dual_stack] = false if self[:use_dual_stack].nil?
-      if self[:use_dual_stack].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :use_dual_stack"
-      end
       self[:use_fips] = options[:use_fips]
       self[:use_fips] = false if self[:use_fips].nil?
-      if self[:use_fips].nil?
-        raise ArgumentError, "Missing required EndpointParameter: :use_fips"
-      end
       self[:endpoint] = options[:endpoint]
     end
+
+    def self.create(config, options={})
+      new({
+        region: config.region,
+        use_dual_stack: config.use_dualstack_endpoint,
+        use_fips: config.use_fips_endpoint,
+        endpoint: (config.endpoint.to_s unless config.regional_endpoint),
+      }.merge(options))
+    end
   end
 end