aws-sdk-lambda 1.129.0 → 1.131.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: ea62d2ede800fda017b188d053e1240eef316763cdba91d682dce7525a71b316
-  data.tar.gz: a5982b5ba772729d27a33146944b2b9a748c826e199a8d4976abdf9c1d599a2d
+  metadata.gz: 2325a1f7266afce8abd7e4f97535445bc1beb806ff93f82b816a21df828dffe7
+  data.tar.gz: '0950c000fd8da2c6d68c1b71fc84fe95e8b5e0ead0691a1fb1993b4950061ab5'
 SHA512:
-  metadata.gz: d09f01c03a917625cdc8725026ccd7085a6815bb2f8525ed027bd25b20a5a37bf7b133a7b10b0b7a6e0b815b41c4d73dc28c3ac673b9f15b9f6fd140fe7b3669
-  data.tar.gz: b57b5c204e6f8f24326f19752ca0d0c20ad2c463d7333807999263fc2ab12f4dc43c192762c6f60b6ce21462aafe535d4134cafaf6b9d9c0ea8f109171b9e933
+  metadata.gz: ae8584979cc1cc80a0f21684986f24aec353fd2422eef0e35af2772d91aa5e28dfb69bcc21eeaf057442b2672148b85d301a7b77cb4e77169e766d26dc230cf6
+  data.tar.gz: aaaa56afad2d37595c44f10cd6d9aeaab0a3b20f25473b9ea830ac412ab7dffdc30d62bc01e8257b46fd67f14b424cbc6e89631c4144767502f203ff4ead2884

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.131.0 (2024-09-17)
+------------------
+
+* Feature - Support for JSON resource-based policies and block public access
+
+1.130.0 (2024-09-11)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
 1.129.0 (2024-09-10)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.129.0
+1.131.0

data/lib/aws-sdk-lambda/client.rb

@@ -2192,6 +2192,41 @@ module Aws::Lambda
       req.send_request(options)
     end
 
+    # Deletes a [resource-based policy][1] from a function.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the function you want to delete the
+    #   policy from. You can use either a qualified or an unqualified ARN, but
+    #   the value you specify must be a complete ARN and wildcard characters
+    #   are not accepted.
+    #
+    # @option params [String] :revision_id
+    #   Delete the existing policy only if its revision ID matches the string
+    #   you specify. To find the revision ID of the policy currently attached
+    #   to your function, use the GetResourcePolicy action.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_resource_policy({
+    #     resource_arn: "PolicyResourceArn", # required
+    #     revision_id: "RevisionId",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteResourcePolicy AWS API Documentation
+    #
+    # @overload delete_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def delete_resource_policy(params = {}, options = {})
+      req = build_request(:delete_resource_policy, params)
+      req.send_request(options)
+    end
+
     # Retrieves details about your account's [limits][1] and usage in an
     # Amazon Web Services Region.
     #
@@ -3198,6 +3233,73 @@ module Aws::Lambda
       req.send_request(options)
     end
 
+    # Retrieve the public-access settings for a function.
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the function you want to retrieve
+    #   public-access settings for.
+    #
+    # @return [Types::GetPublicAccessBlockConfigResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPublicAccessBlockConfigResponse#public_access_block_config #public_access_block_config} => Types::PublicAccessBlockConfig
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_public_access_block_config({
+    #     resource_arn: "PublicAccessBlockResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.public_access_block_config.block_public_policy #=> Boolean
+    #   resp.public_access_block_config.restrict_public_resource #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetPublicAccessBlockConfig AWS API Documentation
+    #
+    # @overload get_public_access_block_config(params = {})
+    # @param [Hash] params ({})
+    def get_public_access_block_config(params = {}, options = {})
+      req = build_request(:get_public_access_block_config, params)
+      req.send_request(options)
+    end
+
+    # Retrieves the [resource-based policy][1] attached to a function.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the function you want to retrieve
+    #   the policy for. You can use either a qualified or an unqualified ARN,
+    #   but the value you specify must be a complete ARN and wildcard
+    #   characters are not accepted.
+    #
+    # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetResourcePolicyResponse#policy #policy} => String
+    #   * {Types::GetResourcePolicyResponse#revision_id #revision_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_resource_policy({
+    #     resource_arn: "PolicyResourceArn", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.policy #=> String
+    #   resp.revision_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetResourcePolicy AWS API Documentation
+    #
+    # @overload get_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def get_resource_policy(params = {}, options = {})
+      req = build_request(:get_resource_policy, params)
+      req.send_request(options)
+    end
+
     # Retrieves the runtime management configuration for a function's
     # version. If the runtime update mode is **Manual**, this includes the
     # ARN of the runtime version and the runtime update mode. If the runtime
@@ -5235,6 +5337,135 @@ module Aws::Lambda
       req.send_request(options)
     end
 
+    # Configure your function's public-access settings.
+    #
+    # To control public access to a Lambda function, you can choose whether
+    # to allow the creation of [resource-based policies][1] that allow
+    # public access to that function. You can also block public access to a
+    # function, even if it has an existing resource-based policy that allows
+    # it.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the function you want to configure
+    #   public-access settings for. Public-access settings are applied at the
+    #   function level, so you can't apply different settings to function
+    #   versions or aliases.
+    #
+    # @option params [required, Types::PublicAccessBlockConfig] :public_access_block_config
+    #   An object defining the public-access settings you want to apply.
+    #
+    #   To block the creation of resource-based policies that would grant
+    #   public access to your function, set `BlockPublicPolicy` to `true`. To
+    #   allow the creation of resource-based policies that would grant public
+    #   access to your function, set `BlockPublicPolicy` to `false`.
+    #
+    #   To block public access to your function, even if its resource-based
+    #   policy allows it, set `RestrictPublicResource` to `true`. To allow
+    #   public access to a function with a resource-based policy that permits
+    #   it, set `RestrictPublicResource` to `false`.
+    #
+    #   The default setting for both `BlockPublicPolicy` and
+    #   `RestrictPublicResource` is `true`.
+    #
+    # @return [Types::PutPublicAccessBlockConfigResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutPublicAccessBlockConfigResponse#public_access_block_config #public_access_block_config} => Types::PublicAccessBlockConfig
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_public_access_block_config({
+    #     resource_arn: "PublicAccessBlockResourceArn", # required
+    #     public_access_block_config: { # required
+    #       block_public_policy: false,
+    #       restrict_public_resource: false,
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.public_access_block_config.block_public_policy #=> Boolean
+    #   resp.public_access_block_config.restrict_public_resource #=> Boolean
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutPublicAccessBlockConfig AWS API Documentation
+    #
+    # @overload put_public_access_block_config(params = {})
+    # @param [Hash] params ({})
+    def put_public_access_block_config(params = {}, options = {})
+      req = build_request(:put_public_access_block_config, params)
+      req.send_request(options)
+    end
+
+    # Adds a [resource-based policy][1] to a function. You can use
+    # resource-based policies to grant access to other [Amazon Web Services
+    # accounts][2], [organizations][3], or [services][4]. Resource-based
+    # policies apply to a single function, version, or alias.
+    #
+    # Adding a resource-based policy using this API action replaces any
+    # existing policy you've previously created. This means that if you've
+    # previously added resource-based permissions to a function using the
+    # AddPermission action, those permissions will be overwritten by your
+    # new policy.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
+    # [2]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-cross-account.html
+    # [3]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-organization.html
+    # [4]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-services.html
+    #
+    # @option params [required, String] :resource_arn
+    #   The Amazon Resource Name (ARN) of the function you want to add the
+    #   policy to. You can use either a qualified or an unqualified ARN, but
+    #   the value you specify must be a complete ARN and wildcard characters
+    #   are not accepted.
+    #
+    # @option params [required, String] :policy
+    #   The JSON resource-based policy you want to add to your function.
+    #
+    #   To learn more about creating resource-based policies for controlling
+    #   access to Lambda, see [Working with resource-based IAM policies in
+    #   Lambda][1] in the *Lambda Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/
+    #
+    # @option params [String] :revision_id
+    #   Replace the existing policy only if its revision ID matches the string
+    #   you specify. To find the revision ID of the policy currently attached
+    #   to your function, use the GetResourcePolicy action.
+    #
+    # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutResourcePolicyResponse#policy #policy} => String
+    #   * {Types::PutResourcePolicyResponse#revision_id #revision_id} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_resource_policy({
+    #     resource_arn: "PolicyResourceArn", # required
+    #     policy: "ResourcePolicy", # required
+    #     revision_id: "RevisionId",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.policy #=> String
+    #   resp.revision_id #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutResourcePolicy AWS API Documentation
+    #
+    # @overload put_resource_policy(params = {})
+    # @param [Hash] params ({})
+    def put_resource_policy(params = {}, options = {})
+      req = build_request(:put_resource_policy, params)
+      req.send_request(options)
+    end
+
     # Sets the runtime management configuration for a function's version.
     # For more information, see [Runtime updates][1].
     #
@@ -6755,7 +6986,7 @@ module Aws::Lambda
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-lambda'
-      context[:gem_version] = '1.129.0'
+      context[:gem_version] = '1.131.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-lambda/client_api.rb

@@ -75,6 +75,7 @@ module Aws::Lambda
     DeleteFunctionUrlConfigRequest = Shapes::StructureShape.new(name: 'DeleteFunctionUrlConfigRequest')
     DeleteLayerVersionRequest = Shapes::StructureShape.new(name: 'DeleteLayerVersionRequest')
     DeleteProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'DeleteProvisionedConcurrencyConfigRequest')
+    DeleteResourcePolicyRequest = Shapes::StructureShape.new(name: 'DeleteResourcePolicyRequest')
     Description = Shapes::StringShape.new(name: 'Description')
     DestinationArn = Shapes::StringShape.new(name: 'DestinationArn')
     DestinationConfig = Shapes::StructureShape.new(name: 'DestinationConfig')
@@ -158,6 +159,10 @@ module Aws::Lambda
     GetPolicyResponse = Shapes::StructureShape.new(name: 'GetPolicyResponse')
     GetProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'GetProvisionedConcurrencyConfigRequest')
     GetProvisionedConcurrencyConfigResponse = Shapes::StructureShape.new(name: 'GetProvisionedConcurrencyConfigResponse')
+    GetPublicAccessBlockConfigRequest = Shapes::StructureShape.new(name: 'GetPublicAccessBlockConfigRequest')
+    GetPublicAccessBlockConfigResponse = Shapes::StructureShape.new(name: 'GetPublicAccessBlockConfigResponse')
+    GetResourcePolicyRequest = Shapes::StructureShape.new(name: 'GetResourcePolicyRequest')
+    GetResourcePolicyResponse = Shapes::StructureShape.new(name: 'GetResourcePolicyResponse')
     GetRuntimeManagementConfigRequest = Shapes::StructureShape.new(name: 'GetRuntimeManagementConfigRequest')
     GetRuntimeManagementConfigResponse = Shapes::StructureShape.new(name: 'GetRuntimeManagementConfigResponse')
     Handler = Shapes::StringShape.new(name: 'Handler')
@@ -268,6 +273,7 @@ module Aws::Lambda
     ParallelizationFactor = Shapes::IntegerShape.new(name: 'ParallelizationFactor')
     Pattern = Shapes::StringShape.new(name: 'Pattern')
     PolicyLengthExceededException = Shapes::StructureShape.new(name: 'PolicyLengthExceededException')
+    PolicyResourceArn = Shapes::StringShape.new(name: 'PolicyResourceArn')
     PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
     PreconditionFailedException = Shapes::StructureShape.new(name: 'PreconditionFailedException')
     Principal = Shapes::StringShape.new(name: 'Principal')
@@ -276,6 +282,9 @@ module Aws::Lambda
     ProvisionedConcurrencyConfigListItem = Shapes::StructureShape.new(name: 'ProvisionedConcurrencyConfigListItem')
     ProvisionedConcurrencyConfigNotFoundException = Shapes::StructureShape.new(name: 'ProvisionedConcurrencyConfigNotFoundException')
     ProvisionedConcurrencyStatusEnum = Shapes::StringShape.new(name: 'ProvisionedConcurrencyStatusEnum')
+    PublicAccessBlockConfig = Shapes::StructureShape.new(name: 'PublicAccessBlockConfig')
+    PublicAccessBlockResourceArn = Shapes::StringShape.new(name: 'PublicAccessBlockResourceArn')
+    PublicPolicyException = Shapes::StructureShape.new(name: 'PublicPolicyException')
     PublishLayerVersionRequest = Shapes::StructureShape.new(name: 'PublishLayerVersionRequest')
     PublishLayerVersionResponse = Shapes::StructureShape.new(name: 'PublishLayerVersionResponse')
     PublishVersionRequest = Shapes::StructureShape.new(name: 'PublishVersionRequest')
@@ -287,6 +296,10 @@ module Aws::Lambda
     PutFunctionRecursionConfigResponse = Shapes::StructureShape.new(name: 'PutFunctionRecursionConfigResponse')
     PutProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'PutProvisionedConcurrencyConfigRequest')
     PutProvisionedConcurrencyConfigResponse = Shapes::StructureShape.new(name: 'PutProvisionedConcurrencyConfigResponse')
+    PutPublicAccessBlockConfigRequest = Shapes::StructureShape.new(name: 'PutPublicAccessBlockConfigRequest')
+    PutPublicAccessBlockConfigResponse = Shapes::StructureShape.new(name: 'PutPublicAccessBlockConfigResponse')
+    PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
+    PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
     PutRuntimeManagementConfigRequest = Shapes::StructureShape.new(name: 'PutRuntimeManagementConfigRequest')
     PutRuntimeManagementConfigResponse = Shapes::StructureShape.new(name: 'PutRuntimeManagementConfigResponse')
     Qualifier = Shapes::StringShape.new(name: 'Qualifier')
@@ -303,7 +316,9 @@ module Aws::Lambda
     ResourceInUseException = Shapes::StructureShape.new(name: 'ResourceInUseException')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     ResourceNotReadyException = Shapes::StructureShape.new(name: 'ResourceNotReadyException')
+    ResourcePolicy = Shapes::StringShape.new(name: 'ResourcePolicy')
     ResponseStreamingInvocationType = Shapes::StringShape.new(name: 'ResponseStreamingInvocationType')
+    RevisionId = Shapes::StringShape.new(name: 'RevisionId')
     RoleArn = Shapes::StringShape.new(name: 'RoleArn')
     Runtime = Shapes::StringShape.new(name: 'Runtime')
     RuntimeVersionArn = Shapes::StringShape.new(name: 'RuntimeVersionArn')
@@ -609,6 +624,10 @@ module Aws::Lambda
     DeleteProvisionedConcurrencyConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, required: true, location: "querystring", location_name: "Qualifier"))
     DeleteProvisionedConcurrencyConfigRequest.struct_class = Types::DeleteProvisionedConcurrencyConfigRequest
 
+    DeleteResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
+    DeleteResourcePolicyRequest.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location: "querystring", location_name: "RevisionId"))
+    DeleteResourcePolicyRequest.struct_class = Types::DeleteResourcePolicyRequest
+
     DestinationConfig.add_member(:on_success, Shapes::ShapeRef.new(shape: OnSuccess, location_name: "OnSuccess"))
     DestinationConfig.add_member(:on_failure, Shapes::ShapeRef.new(shape: OnFailure, location_name: "OnFailure"))
     DestinationConfig.struct_class = Types::DestinationConfig
@@ -916,6 +935,19 @@ module Aws::Lambda
     GetProvisionedConcurrencyConfigResponse.add_member(:last_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "LastModified"))
     GetProvisionedConcurrencyConfigResponse.struct_class = Types::GetProvisionedConcurrencyConfigResponse
 
+    GetPublicAccessBlockConfigRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PublicAccessBlockResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
+    GetPublicAccessBlockConfigRequest.struct_class = Types::GetPublicAccessBlockConfigRequest
+
+    GetPublicAccessBlockConfigResponse.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, location_name: "PublicAccessBlockConfig"))
+    GetPublicAccessBlockConfigResponse.struct_class = Types::GetPublicAccessBlockConfigResponse
+
+    GetResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
+    GetResourcePolicyRequest.struct_class = Types::GetResourcePolicyRequest
+
+    GetResourcePolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, location_name: "Policy"))
+    GetResourcePolicyResponse.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
+    GetResourcePolicyResponse.struct_class = Types::GetResourcePolicyResponse
+
     GetRuntimeManagementConfigRequest.add_member(:function_name, Shapes::ShapeRef.new(shape: NamespacedFunctionName, required: true, location: "uri", location_name: "FunctionName"))
     GetRuntimeManagementConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, location: "querystring", location_name: "Qualifier"))
     GetRuntimeManagementConfigRequest.struct_class = Types::GetRuntimeManagementConfigRequest
@@ -1228,6 +1260,14 @@ module Aws::Lambda
     ProvisionedConcurrencyConfigNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     ProvisionedConcurrencyConfigNotFoundException.struct_class = Types::ProvisionedConcurrencyConfigNotFoundException
 
+    PublicAccessBlockConfig.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "BlockPublicPolicy"))
+    PublicAccessBlockConfig.add_member(:restrict_public_resource, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "RestrictPublicResource"))
+    PublicAccessBlockConfig.struct_class = Types::PublicAccessBlockConfig
+
+    PublicPolicyException.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "Type"))
+    PublicPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
+    PublicPolicyException.struct_class = Types::PublicPolicyException
+
     PublishLayerVersionRequest.add_member(:layer_name, Shapes::ShapeRef.new(shape: LayerName, required: true, location: "uri", location_name: "LayerName"))
     PublishLayerVersionRequest.add_member(:description, Shapes::ShapeRef.new(shape: Description, location_name: "Description"))
     PublishLayerVersionRequest.add_member(:content, Shapes::ShapeRef.new(shape: LayerVersionContentInput, required: true, location_name: "Content"))
@@ -1292,6 +1332,22 @@ module Aws::Lambda
     PutProvisionedConcurrencyConfigResponse.add_member(:last_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "LastModified"))
     PutProvisionedConcurrencyConfigResponse.struct_class = Types::PutProvisionedConcurrencyConfigResponse
 
+    PutPublicAccessBlockConfigRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PublicAccessBlockResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
+    PutPublicAccessBlockConfigRequest.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, required: true, location_name: "PublicAccessBlockConfig"))
+    PutPublicAccessBlockConfigRequest.struct_class = Types::PutPublicAccessBlockConfigRequest
+
+    PutPublicAccessBlockConfigResponse.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, location_name: "PublicAccessBlockConfig"))
+    PutPublicAccessBlockConfigResponse.struct_class = Types::PutPublicAccessBlockConfigResponse
+
+    PutResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
+    PutResourcePolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, required: true, location_name: "Policy"))
+    PutResourcePolicyRequest.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
+    PutResourcePolicyRequest.struct_class = Types::PutResourcePolicyRequest
+
+    PutResourcePolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, location_name: "Policy"))
+    PutResourcePolicyResponse.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
+    PutResourcePolicyResponse.struct_class = Types::PutResourcePolicyResponse
+
     PutRuntimeManagementConfigRequest.add_member(:function_name, Shapes::ShapeRef.new(shape: FunctionName, required: true, location: "uri", location_name: "FunctionName"))
     PutRuntimeManagementConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, location: "querystring", location_name: "Qualifier"))
     PutRuntimeManagementConfigRequest.add_member(:update_runtime_on, Shapes::ShapeRef.new(shape: UpdateRuntimeOn, required: true, location_name: "UpdateRuntimeOn"))
@@ -1773,6 +1829,20 @@ module Aws::Lambda
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:delete_resource_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteResourcePolicy"
+        o.http_method = "DELETE"
+        o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: DeleteResourcePolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: PreconditionFailedException)
+      end)
+
       api.add_operation(:get_account_settings, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetAccountSettings"
         o.http_method = "GET"
@@ -1963,6 +2033,30 @@ module Aws::Lambda
         o.errors << Shapes::ShapeRef.new(shape: ProvisionedConcurrencyConfigNotFoundException)
       end)
 
+      api.add_operation(:get_public_access_block_config, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetPublicAccessBlockConfig"
+        o.http_method = "GET"
+        o.http_request_uri = "/2024-09-16/public-access-block/{ResourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: GetPublicAccessBlockConfigRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetPublicAccessBlockConfigResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
+      end)
+
+      api.add_operation(:get_resource_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "GetResourcePolicy"
+        o.http_method = "GET"
+        o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: GetResourcePolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: GetResourcePolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
+      end)
+
       api.add_operation(:get_runtime_management_config, Seahorse::Model::Operation.new.tap do |o|
         o.name = "GetRuntimeManagementConfig"
         o.http_method = "GET"
@@ -2364,6 +2458,35 @@ module Aws::Lambda
         o.errors << Shapes::ShapeRef.new(shape: ServiceException)
       end)
 
+      api.add_operation(:put_public_access_block_config, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutPublicAccessBlockConfig"
+        o.http_method = "PUT"
+        o.http_request_uri = "/2024-09-16/public-access-block/{ResourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: PutPublicAccessBlockConfigRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutPublicAccessBlockConfigResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+      end)
+
+      api.add_operation(:put_resource_policy, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutResourcePolicy"
+        o.http_method = "PUT"
+        o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
+        o.input = Shapes::ShapeRef.new(shape: PutResourcePolicyRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutResourcePolicyResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ServiceException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
+        o.errors << Shapes::ShapeRef.new(shape: PolicyLengthExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
+        o.errors << Shapes::ShapeRef.new(shape: PreconditionFailedException)
+        o.errors << Shapes::ShapeRef.new(shape: PublicPolicyException)
+      end)
+
       api.add_operation(:put_runtime_management_config, Seahorse::Model::Operation.new.tap do |o|
         o.name = "PutRuntimeManagementConfig"
         o.http_method = "PUT"