aws-sdk-iotsecuretunneling 1.20.0 → 1.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1b6b77ebcd2328535a2684a48891b77fd137736dc1023b7647669820b8b12fe1
-  data.tar.gz: c0f6519a0959645a96961faec7d1a570a09d20a96fa6386c4d7e47bbde9fa618
+  metadata.gz: 77218c860940699b9f07885a9aa2d35f488390e9bf544ad5680fc7badc3f8a12
+  data.tar.gz: 30fc5fd451483f480a809c4aa6dc04efa65ebd19c8168cf9fae88255da4aec00
 SHA512:
-  metadata.gz: 82b44b4886398766f6fd213c3259e2391acdcfb7fd0b7e09b3d36dde64d16d1b24689f979554f05725606200c9b3891da993f4a969de9871cb81515dd4861ea8
-  data.tar.gz: 3c37471f3e59b6eaaba8e1415854ca1073f825a810935e0d006c00464b83eb9323bc2cea3a6eace8873e7d880e2a1eac58602f0e0f4f5845ab95cd816db88d2a
+  metadata.gz: 00c0d37f8b2d0a471b39a28d3b269f108f87a566e104bcd7261a5f190791f6ebb8db63fa4451c324d1250bc6d3b23ee1077076e527bcc24bff1bc67eb99211e2
+  data.tar.gz: 4cdee4c9718267d1c6a563103c8bb3f6fb400c34076d00a7e6fe057f0b2228bb05755dbd7fef8c82f16c87b7708ebec126a5d950e23229e20d752db252a43300

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.21.0 (2022-05-04)
+------------------
+
+* Feature - This release introduces a new API RotateTunnelAccessToken that allow revoking the existing tokens and generate new tokens
+
 1.20.0 (2022-02-24)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.20.0
+1.21.0

data/lib/aws-sdk-iotsecuretunneling/client.rb

@@ -365,11 +365,17 @@ module Aws::IoTSecureTunneling
     # `CloseTunnel` request is received, we close the WebSocket connections
     # between the client and proxy server so no data can be transmitted.
     #
+    # Requires permission to access the [CloseTunnel][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
     # @option params [required, String] :tunnel_id
     #   The ID of the tunnel to close.
     #
     # @option params [Boolean] :delete
-    #   When set to true, AWS IoT Secure Tunneling deletes the tunnel data
+    #   When set to true, IoT Secure Tunneling deletes the tunnel data
     #   immediately.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
@@ -390,6 +396,12 @@ module Aws::IoTSecureTunneling
 
     # Gets information about a tunnel identified by the unique tunnel id.
     #
+    # Requires permission to access the [DescribeTunnel][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
     # @option params [required, String] :tunnel_id
     #   The tunnel to describe.
     #
@@ -458,9 +470,15 @@ module Aws::IoTSecureTunneling
       req.send_request(options)
     end
 
-    # List all tunnels for an AWS account. Tunnels are listed by creation
-    # time in descending order, newer tunnels will be listed before older
-    # tunnels.
+    # List all tunnels for an Amazon Web Services account. Tunnels are
+    # listed by creation time in descending order, newer tunnels will be
+    # listed before older tunnels.
+    #
+    # Requires permission to access the [ListTunnels][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [String] :thing_name
     #   The name of the IoT thing associated with the destination device.
@@ -469,7 +487,8 @@ module Aws::IoTSecureTunneling
     #   The maximum number of results to return at once.
     #
     # @option params [String] :next_token
-    #   A token to retrieve the next set of results.
+    #   To retrieve the next set of results, the nextToken value from a
+    #   previous response; otherwise null to receive the first set of results.
     #
     # @return [Types::ListTunnelsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -505,7 +524,13 @@ module Aws::IoTSecureTunneling
     end
 
     # Creates a new tunnel, and returns two client access tokens for clients
-    # to use to connect to the AWS IoT Secure Tunneling proxy server.
+    # to use to connect to the IoT Secure Tunneling proxy server.
+    #
+    # Requires permission to access the [OpenTunnel][1] action.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
     #
     # @option params [String] :description
     #   A short text description of the tunnel.
@@ -559,6 +584,63 @@ module Aws::IoTSecureTunneling
       req.send_request(options)
     end
 
+    # Revokes the current client access token (CAT) and returns new CAT for
+    # clients to use when reconnecting to secure tunneling to access the
+    # same tunnel.
+    #
+    # Requires permission to access the [RotateTunnelAccessToken][1] action.
+    #
+    # <note markdown="1"> Rotating the CAT doesn't extend the tunnel duration. For example, say
+    # the tunnel duration is 12 hours and the tunnel has already been open
+    # for 4 hours. When you rotate the access tokens, the new tokens that
+    # are generated can only be used for the remaining 8 hours.
+    #
+    #  </note>
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions
+    #
+    # @option params [required, String] :tunnel_id
+    #   The tunnel for which you want to rotate the access tokens.
+    #
+    # @option params [required, String] :client_mode
+    #   The mode of the client that will use the client token, which can be
+    #   either the source or destination, or both source and destination.
+    #
+    # @option params [Types::DestinationConfig] :destination_config
+    #   The destination configuration.
+    #
+    # @return [Types::RotateTunnelAccessTokenResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::RotateTunnelAccessTokenResponse#tunnel_arn #tunnel_arn} => String
+    #   * {Types::RotateTunnelAccessTokenResponse#source_access_token #source_access_token} => String
+    #   * {Types::RotateTunnelAccessTokenResponse#destination_access_token #destination_access_token} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.rotate_tunnel_access_token({
+    #     tunnel_id: "TunnelId", # required
+    #     client_mode: "SOURCE", # required, accepts SOURCE, DESTINATION, ALL
+    #     destination_config: {
+    #       thing_name: "ThingName",
+    #       services: ["Service"], # required
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.tunnel_arn #=> String
+    #   resp.source_access_token #=> String
+    #   resp.destination_access_token #=> String
+    #
+    # @overload rotate_tunnel_access_token(params = {})
+    # @param [Hash] params ({})
+    def rotate_tunnel_access_token(params = {}, options = {})
+      req = build_request(:rotate_tunnel_access_token, params)
+      req.send_request(options)
+    end
+
     # A resource tag.
     #
     # @option params [required, String] :resource_arn
@@ -625,7 +707,7 @@ module Aws::IoTSecureTunneling
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-iotsecuretunneling'
-      context[:gem_version] = '1.20.0'
+      context[:gem_version] = '1.21.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-iotsecuretunneling/client_api.rb

@@ -15,6 +15,7 @@ module Aws::IoTSecureTunneling
 
     AmazonResourceName = Shapes::StringShape.new(name: 'AmazonResourceName')
     ClientAccessToken = Shapes::StringShape.new(name: 'ClientAccessToken')
+    ClientMode = Shapes::StringShape.new(name: 'ClientMode')
     CloseTunnelRequest = Shapes::StructureShape.new(name: 'CloseTunnelRequest')
     CloseTunnelResponse = Shapes::StructureShape.new(name: 'CloseTunnelResponse')
     ConnectionState = Shapes::StructureShape.new(name: 'ConnectionState')
@@ -36,6 +37,8 @@ module Aws::IoTSecureTunneling
     OpenTunnelRequest = Shapes::StructureShape.new(name: 'OpenTunnelRequest')
     OpenTunnelResponse = Shapes::StructureShape.new(name: 'OpenTunnelResponse')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
+    RotateTunnelAccessTokenRequest = Shapes::StructureShape.new(name: 'RotateTunnelAccessTokenRequest')
+    RotateTunnelAccessTokenResponse = Shapes::StructureShape.new(name: 'RotateTunnelAccessTokenResponse')
     Service = Shapes::StringShape.new(name: 'Service')
     ServiceList = Shapes::ListShape.new(name: 'ServiceList')
     Tag = Shapes::StructureShape.new(name: 'Tag')
@@ -110,6 +113,16 @@ module Aws::IoTSecureTunneling
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessage, location_name: "message"))
     ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
 
+    RotateTunnelAccessTokenRequest.add_member(:tunnel_id, Shapes::ShapeRef.new(shape: TunnelId, required: true, location_name: "tunnelId"))
+    RotateTunnelAccessTokenRequest.add_member(:client_mode, Shapes::ShapeRef.new(shape: ClientMode, required: true, location_name: "clientMode"))
+    RotateTunnelAccessTokenRequest.add_member(:destination_config, Shapes::ShapeRef.new(shape: DestinationConfig, location_name: "destinationConfig"))
+    RotateTunnelAccessTokenRequest.struct_class = Types::RotateTunnelAccessTokenRequest
+
+    RotateTunnelAccessTokenResponse.add_member(:tunnel_arn, Shapes::ShapeRef.new(shape: TunnelArn, location_name: "tunnelArn"))
+    RotateTunnelAccessTokenResponse.add_member(:source_access_token, Shapes::ShapeRef.new(shape: ClientAccessToken, location_name: "sourceAccessToken"))
+    RotateTunnelAccessTokenResponse.add_member(:destination_access_token, Shapes::ShapeRef.new(shape: ClientAccessToken, location_name: "destinationAccessToken"))
+    RotateTunnelAccessTokenResponse.struct_class = Types::RotateTunnelAccessTokenResponse
+
     ServiceList.member = Shapes::ShapeRef.new(shape: Service)
 
     Tag.add_member(:key, Shapes::ShapeRef.new(shape: TagKey, required: true, location_name: "key"))
@@ -227,6 +240,15 @@ module Aws::IoTSecureTunneling
         o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
       end)
 
+      api.add_operation(:rotate_tunnel_access_token, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "RotateTunnelAccessToken"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: RotateTunnelAccessTokenRequest)
+        o.output = Shapes::ShapeRef.new(shape: RotateTunnelAccessTokenResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+      end)
+
       api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o|
         o.name = "TagResource"
         o.http_method = "POST"

data/lib/aws-sdk-iotsecuretunneling/types.rb

@@ -23,7 +23,7 @@ module Aws::IoTSecureTunneling
     #   @return [String]
     #
     # @!attribute [rw] delete
-    #   When set to true, AWS IoT Secure Tunneling deletes the tunnel data
+    #   When set to true, IoT Secure Tunneling deletes the tunnel data
     #   immediately.
     #   @return [Boolean]
     #
@@ -96,11 +96,11 @@ module Aws::IoTSecureTunneling
     #   @return [String]
     #
     # @!attribute [rw] services
-    #   A list of service names that identity the target application. The
-    #   AWS IoT client running on the destination device reads this value
-    #   and uses it to look up a port or an IP address and a port. The AWS
-    #   IoT client instantiates the local proxy which uses this information
-    #   to connect to the destination application.
+    #   A list of service names that identify the target application. The
+    #   IoT client running on the destination device reads this value and
+    #   uses it to look up a port or an IP address and a port. The IoT
+    #   client instantiates the local proxy, which uses this information to
+    #   connect to the destination application.
     #   @return [Array<String>]
     #
     class DestinationConfig < Struct.new(
@@ -166,7 +166,9 @@ module Aws::IoTSecureTunneling
     #   @return [Integer]
     #
     # @!attribute [rw] next_token
-    #   A token to retrieve the next set of results.
+    #   To retrieve the next set of results, the nextToken value from a
+    #   previous response; otherwise null to receive the first set of
+    #   results.
     #   @return [String]
     #
     class ListTunnelsRequest < Struct.new(
@@ -178,11 +180,13 @@ module Aws::IoTSecureTunneling
     end
 
     # @!attribute [rw] tunnel_summaries
-    #   A short description of the tunnels in an AWS account.
+    #   A short description of the tunnels in an Amazon Web Services
+    #   account.
     #   @return [Array<Types::TunnelSummary>]
     #
     # @!attribute [rw] next_token
-    #   A token to used to retrieve the next set of results.
+    #   The token to use to get the next set of results, or null if there
+    #   are no additional results.
     #   @return [String]
     #
     class ListTunnelsResponse < Struct.new(
@@ -242,18 +246,17 @@ module Aws::IoTSecureTunneling
     #   @return [String]
     #
     # @!attribute [rw] tunnel_arn
-    #   The Amazon Resource Name for the tunnel. The tunnel ARN format is
-    #   `arn:aws:tunnel:<region>:<account-id>:tunnel/<tunnel-id>`
+    #   The Amazon Resource Name for the tunnel.
     #   @return [String]
     #
     # @!attribute [rw] source_access_token
-    #   The access token the source local proxy uses to connect to AWS IoT
+    #   The access token the source local proxy uses to connect to IoT
     #   Secure Tunneling.
     #   @return [String]
     #
     # @!attribute [rw] destination_access_token
-    #   The access token the destination local proxy uses to connect to AWS
-    #   IoT Secure Tunneling.
+    #   The access token the destination local proxy uses to connect to IoT
+    #   Secure Tunneling.
     #   @return [String]
     #
     class OpenTunnelResponse < Struct.new(
@@ -277,6 +280,61 @@ module Aws::IoTSecureTunneling
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass RotateTunnelAccessTokenRequest
+    #   data as a hash:
+    #
+    #       {
+    #         tunnel_id: "TunnelId", # required
+    #         client_mode: "SOURCE", # required, accepts SOURCE, DESTINATION, ALL
+    #         destination_config: {
+    #           thing_name: "ThingName",
+    #           services: ["Service"], # required
+    #         },
+    #       }
+    #
+    # @!attribute [rw] tunnel_id
+    #   The tunnel for which you want to rotate the access tokens.
+    #   @return [String]
+    #
+    # @!attribute [rw] client_mode
+    #   The mode of the client that will use the client token, which can be
+    #   either the source or destination, or both source and destination.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_config
+    #   The destination configuration.
+    #   @return [Types::DestinationConfig]
+    #
+    class RotateTunnelAccessTokenRequest < Struct.new(
+      :tunnel_id,
+      :client_mode,
+      :destination_config)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] tunnel_arn
+    #   The Amazon Resource Name for the tunnel.
+    #   @return [String]
+    #
+    # @!attribute [rw] source_access_token
+    #   The client access token that the source local proxy uses to connect
+    #   to IoT Secure Tunneling.
+    #   @return [String]
+    #
+    # @!attribute [rw] destination_access_token
+    #   The client access token that the destination local proxy uses to
+    #   connect to IoT Secure Tunneling.
+    #   @return [String]
+    #
+    class RotateTunnelAccessTokenResponse < Struct.new(
+      :tunnel_arn,
+      :source_access_token,
+      :destination_access_token)
+      SENSITIVE = [:source_access_token, :destination_access_token]
+      include Aws::Structure
+    end
+
     # An arbitary key/value pair used to add searchable metadata to secure
     # tunnel resources.
     #
@@ -361,8 +419,7 @@ module Aws::IoTSecureTunneling
     #   @return [String]
     #
     # @!attribute [rw] tunnel_arn
-    #   The Amazon Resource Name (ARN) of a tunnel. The tunnel ARN format is
-    #   `arn:aws:tunnel:<region>:<account-id>:tunnel/<tunnel-id>`
+    #   The Amazon Resource Name (ARN) of a tunnel.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -426,8 +483,7 @@ module Aws::IoTSecureTunneling
     #   @return [String]
     #
     # @!attribute [rw] tunnel_arn
-    #   The Amazon Resource Name of the tunnel. The tunnel ARN format is
-    #   `arn:aws:tunnel:<region>:<account-id>:tunnel/<tunnel-id>`
+    #   The Amazon Resource Name of the tunnel.
     #   @return [String]
     #
     # @!attribute [rw] status

data/lib/aws-sdk-iotsecuretunneling.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-iotsecuretunneling/customizations'
 # @!group service
 module Aws::IoTSecureTunneling
 
-  GEM_VERSION = '1.20.0'
+  GEM_VERSION = '1.21.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-iotsecuretunneling
 version: !ruby/object:Gem::Version
-  version: 1.20.0
+  version: 1.21.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2022-02-24 00:00:00.000000000 Z
+date: 2022-05-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core