aws-sdk-lambda 1.130.0 → 1.131.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 6b6532d3a0809bd7c331370083e0d9306810545a02d23ac6df1c6a715fe35c58
4
- data.tar.gz: 42a60f2ca275d0cd28f66cd4c3c756f4e577c198e4c5acdfbe3c118c805a20b6
3
+ metadata.gz: 2325a1f7266afce8abd7e4f97535445bc1beb806ff93f82b816a21df828dffe7
4
+ data.tar.gz: '0950c000fd8da2c6d68c1b71fc84fe95e8b5e0ead0691a1fb1993b4950061ab5'
5
5
  SHA512:
6
- metadata.gz: 899518828729c19ef95dad21a49986ae0c6eafc06745aa86e698db1eb43bc686e1dd7dd9ae8a6a30cd4e18fa7f86bb444898902d749403c4fce935335ceb1c2c
7
- data.tar.gz: b7c82a6c61ec5ce002d4996dfaf2a238d6d7196e98e1212109268efdc83be464cdb3d5bf8891c9944b25d0481644c7d135cbaa4fcd4a08a46321859a66d3bf80
6
+ metadata.gz: ae8584979cc1cc80a0f21684986f24aec353fd2422eef0e35af2772d91aa5e28dfb69bcc21eeaf057442b2672148b85d301a7b77cb4e77169e766d26dc230cf6
7
+ data.tar.gz: aaaa56afad2d37595c44f10cd6d9aeaab0a3b20f25473b9ea830ac412ab7dffdc30d62bc01e8257b46fd67f14b424cbc6e89631c4144767502f203ff4ead2884
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.131.0 (2024-09-17)
5
+ ------------------
6
+
7
+ * Feature - Support for JSON resource-based policies and block public access
8
+
4
9
  1.130.0 (2024-09-11)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.130.0
1
+ 1.131.0
@@ -2192,6 +2192,41 @@ module Aws::Lambda
2192
2192
  req.send_request(options)
2193
2193
  end
2194
2194
 
2195
+ # Deletes a [resource-based policy][1] from a function.
2196
+ #
2197
+ #
2198
+ #
2199
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
2200
+ #
2201
+ # @option params [required, String] :resource_arn
2202
+ # The Amazon Resource Name (ARN) of the function you want to delete the
2203
+ # policy from. You can use either a qualified or an unqualified ARN, but
2204
+ # the value you specify must be a complete ARN and wildcard characters
2205
+ # are not accepted.
2206
+ #
2207
+ # @option params [String] :revision_id
2208
+ # Delete the existing policy only if its revision ID matches the string
2209
+ # you specify. To find the revision ID of the policy currently attached
2210
+ # to your function, use the GetResourcePolicy action.
2211
+ #
2212
+ # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
2213
+ #
2214
+ # @example Request syntax with placeholder values
2215
+ #
2216
+ # resp = client.delete_resource_policy({
2217
+ # resource_arn: "PolicyResourceArn", # required
2218
+ # revision_id: "RevisionId",
2219
+ # })
2220
+ #
2221
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteResourcePolicy AWS API Documentation
2222
+ #
2223
+ # @overload delete_resource_policy(params = {})
2224
+ # @param [Hash] params ({})
2225
+ def delete_resource_policy(params = {}, options = {})
2226
+ req = build_request(:delete_resource_policy, params)
2227
+ req.send_request(options)
2228
+ end
2229
+
2195
2230
  # Retrieves details about your account's [limits][1] and usage in an
2196
2231
  # Amazon Web Services Region.
2197
2232
  #
@@ -3198,6 +3233,73 @@ module Aws::Lambda
3198
3233
  req.send_request(options)
3199
3234
  end
3200
3235
 
3236
+ # Retrieve the public-access settings for a function.
3237
+ #
3238
+ # @option params [required, String] :resource_arn
3239
+ # The Amazon Resource Name (ARN) of the function you want to retrieve
3240
+ # public-access settings for.
3241
+ #
3242
+ # @return [Types::GetPublicAccessBlockConfigResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3243
+ #
3244
+ # * {Types::GetPublicAccessBlockConfigResponse#public_access_block_config #public_access_block_config} => Types::PublicAccessBlockConfig
3245
+ #
3246
+ # @example Request syntax with placeholder values
3247
+ #
3248
+ # resp = client.get_public_access_block_config({
3249
+ # resource_arn: "PublicAccessBlockResourceArn", # required
3250
+ # })
3251
+ #
3252
+ # @example Response structure
3253
+ #
3254
+ # resp.public_access_block_config.block_public_policy #=> Boolean
3255
+ # resp.public_access_block_config.restrict_public_resource #=> Boolean
3256
+ #
3257
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetPublicAccessBlockConfig AWS API Documentation
3258
+ #
3259
+ # @overload get_public_access_block_config(params = {})
3260
+ # @param [Hash] params ({})
3261
+ def get_public_access_block_config(params = {}, options = {})
3262
+ req = build_request(:get_public_access_block_config, params)
3263
+ req.send_request(options)
3264
+ end
3265
+
3266
+ # Retrieves the [resource-based policy][1] attached to a function.
3267
+ #
3268
+ #
3269
+ #
3270
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
3271
+ #
3272
+ # @option params [required, String] :resource_arn
3273
+ # The Amazon Resource Name (ARN) of the function you want to retrieve
3274
+ # the policy for. You can use either a qualified or an unqualified ARN,
3275
+ # but the value you specify must be a complete ARN and wildcard
3276
+ # characters are not accepted.
3277
+ #
3278
+ # @return [Types::GetResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
3279
+ #
3280
+ # * {Types::GetResourcePolicyResponse#policy #policy} => String
3281
+ # * {Types::GetResourcePolicyResponse#revision_id #revision_id} => String
3282
+ #
3283
+ # @example Request syntax with placeholder values
3284
+ #
3285
+ # resp = client.get_resource_policy({
3286
+ # resource_arn: "PolicyResourceArn", # required
3287
+ # })
3288
+ #
3289
+ # @example Response structure
3290
+ #
3291
+ # resp.policy #=> String
3292
+ # resp.revision_id #=> String
3293
+ #
3294
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetResourcePolicy AWS API Documentation
3295
+ #
3296
+ # @overload get_resource_policy(params = {})
3297
+ # @param [Hash] params ({})
3298
+ def get_resource_policy(params = {}, options = {})
3299
+ req = build_request(:get_resource_policy, params)
3300
+ req.send_request(options)
3301
+ end
3302
+
3201
3303
  # Retrieves the runtime management configuration for a function's
3202
3304
  # version. If the runtime update mode is **Manual**, this includes the
3203
3305
  # ARN of the runtime version and the runtime update mode. If the runtime
@@ -5235,6 +5337,135 @@ module Aws::Lambda
5235
5337
  req.send_request(options)
5236
5338
  end
5237
5339
 
5340
+ # Configure your function's public-access settings.
5341
+ #
5342
+ # To control public access to a Lambda function, you can choose whether
5343
+ # to allow the creation of [resource-based policies][1] that allow
5344
+ # public access to that function. You can also block public access to a
5345
+ # function, even if it has an existing resource-based policy that allows
5346
+ # it.
5347
+ #
5348
+ #
5349
+ #
5350
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
5351
+ #
5352
+ # @option params [required, String] :resource_arn
5353
+ # The Amazon Resource Name (ARN) of the function you want to configure
5354
+ # public-access settings for. Public-access settings are applied at the
5355
+ # function level, so you can't apply different settings to function
5356
+ # versions or aliases.
5357
+ #
5358
+ # @option params [required, Types::PublicAccessBlockConfig] :public_access_block_config
5359
+ # An object defining the public-access settings you want to apply.
5360
+ #
5361
+ # To block the creation of resource-based policies that would grant
5362
+ # public access to your function, set `BlockPublicPolicy` to `true`. To
5363
+ # allow the creation of resource-based policies that would grant public
5364
+ # access to your function, set `BlockPublicPolicy` to `false`.
5365
+ #
5366
+ # To block public access to your function, even if its resource-based
5367
+ # policy allows it, set `RestrictPublicResource` to `true`. To allow
5368
+ # public access to a function with a resource-based policy that permits
5369
+ # it, set `RestrictPublicResource` to `false`.
5370
+ #
5371
+ # The default setting for both `BlockPublicPolicy` and
5372
+ # `RestrictPublicResource` is `true`.
5373
+ #
5374
+ # @return [Types::PutPublicAccessBlockConfigResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5375
+ #
5376
+ # * {Types::PutPublicAccessBlockConfigResponse#public_access_block_config #public_access_block_config} => Types::PublicAccessBlockConfig
5377
+ #
5378
+ # @example Request syntax with placeholder values
5379
+ #
5380
+ # resp = client.put_public_access_block_config({
5381
+ # resource_arn: "PublicAccessBlockResourceArn", # required
5382
+ # public_access_block_config: { # required
5383
+ # block_public_policy: false,
5384
+ # restrict_public_resource: false,
5385
+ # },
5386
+ # })
5387
+ #
5388
+ # @example Response structure
5389
+ #
5390
+ # resp.public_access_block_config.block_public_policy #=> Boolean
5391
+ # resp.public_access_block_config.restrict_public_resource #=> Boolean
5392
+ #
5393
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutPublicAccessBlockConfig AWS API Documentation
5394
+ #
5395
+ # @overload put_public_access_block_config(params = {})
5396
+ # @param [Hash] params ({})
5397
+ def put_public_access_block_config(params = {}, options = {})
5398
+ req = build_request(:put_public_access_block_config, params)
5399
+ req.send_request(options)
5400
+ end
5401
+
5402
+ # Adds a [resource-based policy][1] to a function. You can use
5403
+ # resource-based policies to grant access to other [Amazon Web Services
5404
+ # accounts][2], [organizations][3], or [services][4]. Resource-based
5405
+ # policies apply to a single function, version, or alias.
5406
+ #
5407
+ # Adding a resource-based policy using this API action replaces any
5408
+ # existing policy you've previously created. This means that if you've
5409
+ # previously added resource-based permissions to a function using the
5410
+ # AddPermission action, those permissions will be overwritten by your
5411
+ # new policy.
5412
+ #
5413
+ #
5414
+ #
5415
+ # [1]: https://docs.aws.amazon.com/lambda/latest/dg/access-control-resource-based.html
5416
+ # [2]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-cross-account.html
5417
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-organization.html
5418
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/permissions-function-services.html
5419
+ #
5420
+ # @option params [required, String] :resource_arn
5421
+ # The Amazon Resource Name (ARN) of the function you want to add the
5422
+ # policy to. You can use either a qualified or an unqualified ARN, but
5423
+ # the value you specify must be a complete ARN and wildcard characters
5424
+ # are not accepted.
5425
+ #
5426
+ # @option params [required, String] :policy
5427
+ # The JSON resource-based policy you want to add to your function.
5428
+ #
5429
+ # To learn more about creating resource-based policies for controlling
5430
+ # access to Lambda, see [Working with resource-based IAM policies in
5431
+ # Lambda][1] in the *Lambda Developer Guide*.
5432
+ #
5433
+ #
5434
+ #
5435
+ # [1]: https://docs.aws.amazon.com/
5436
+ #
5437
+ # @option params [String] :revision_id
5438
+ # Replace the existing policy only if its revision ID matches the string
5439
+ # you specify. To find the revision ID of the policy currently attached
5440
+ # to your function, use the GetResourcePolicy action.
5441
+ #
5442
+ # @return [Types::PutResourcePolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
5443
+ #
5444
+ # * {Types::PutResourcePolicyResponse#policy #policy} => String
5445
+ # * {Types::PutResourcePolicyResponse#revision_id #revision_id} => String
5446
+ #
5447
+ # @example Request syntax with placeholder values
5448
+ #
5449
+ # resp = client.put_resource_policy({
5450
+ # resource_arn: "PolicyResourceArn", # required
5451
+ # policy: "ResourcePolicy", # required
5452
+ # revision_id: "RevisionId",
5453
+ # })
5454
+ #
5455
+ # @example Response structure
5456
+ #
5457
+ # resp.policy #=> String
5458
+ # resp.revision_id #=> String
5459
+ #
5460
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutResourcePolicy AWS API Documentation
5461
+ #
5462
+ # @overload put_resource_policy(params = {})
5463
+ # @param [Hash] params ({})
5464
+ def put_resource_policy(params = {}, options = {})
5465
+ req = build_request(:put_resource_policy, params)
5466
+ req.send_request(options)
5467
+ end
5468
+
5238
5469
  # Sets the runtime management configuration for a function's version.
5239
5470
  # For more information, see [Runtime updates][1].
5240
5471
  #
@@ -6755,7 +6986,7 @@ module Aws::Lambda
6755
6986
  tracer: tracer
6756
6987
  )
6757
6988
  context[:gem_name] = 'aws-sdk-lambda'
6758
- context[:gem_version] = '1.130.0'
6989
+ context[:gem_version] = '1.131.0'
6759
6990
  Seahorse::Client::Request.new(handlers, context)
6760
6991
  end
6761
6992
 
@@ -75,6 +75,7 @@ module Aws::Lambda
75
75
  DeleteFunctionUrlConfigRequest = Shapes::StructureShape.new(name: 'DeleteFunctionUrlConfigRequest')
76
76
  DeleteLayerVersionRequest = Shapes::StructureShape.new(name: 'DeleteLayerVersionRequest')
77
77
  DeleteProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'DeleteProvisionedConcurrencyConfigRequest')
78
+ DeleteResourcePolicyRequest = Shapes::StructureShape.new(name: 'DeleteResourcePolicyRequest')
78
79
  Description = Shapes::StringShape.new(name: 'Description')
79
80
  DestinationArn = Shapes::StringShape.new(name: 'DestinationArn')
80
81
  DestinationConfig = Shapes::StructureShape.new(name: 'DestinationConfig')
@@ -158,6 +159,10 @@ module Aws::Lambda
158
159
  GetPolicyResponse = Shapes::StructureShape.new(name: 'GetPolicyResponse')
159
160
  GetProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'GetProvisionedConcurrencyConfigRequest')
160
161
  GetProvisionedConcurrencyConfigResponse = Shapes::StructureShape.new(name: 'GetProvisionedConcurrencyConfigResponse')
162
+ GetPublicAccessBlockConfigRequest = Shapes::StructureShape.new(name: 'GetPublicAccessBlockConfigRequest')
163
+ GetPublicAccessBlockConfigResponse = Shapes::StructureShape.new(name: 'GetPublicAccessBlockConfigResponse')
164
+ GetResourcePolicyRequest = Shapes::StructureShape.new(name: 'GetResourcePolicyRequest')
165
+ GetResourcePolicyResponse = Shapes::StructureShape.new(name: 'GetResourcePolicyResponse')
161
166
  GetRuntimeManagementConfigRequest = Shapes::StructureShape.new(name: 'GetRuntimeManagementConfigRequest')
162
167
  GetRuntimeManagementConfigResponse = Shapes::StructureShape.new(name: 'GetRuntimeManagementConfigResponse')
163
168
  Handler = Shapes::StringShape.new(name: 'Handler')
@@ -268,6 +273,7 @@ module Aws::Lambda
268
273
  ParallelizationFactor = Shapes::IntegerShape.new(name: 'ParallelizationFactor')
269
274
  Pattern = Shapes::StringShape.new(name: 'Pattern')
270
275
  PolicyLengthExceededException = Shapes::StructureShape.new(name: 'PolicyLengthExceededException')
276
+ PolicyResourceArn = Shapes::StringShape.new(name: 'PolicyResourceArn')
271
277
  PositiveInteger = Shapes::IntegerShape.new(name: 'PositiveInteger')
272
278
  PreconditionFailedException = Shapes::StructureShape.new(name: 'PreconditionFailedException')
273
279
  Principal = Shapes::StringShape.new(name: 'Principal')
@@ -276,6 +282,9 @@ module Aws::Lambda
276
282
  ProvisionedConcurrencyConfigListItem = Shapes::StructureShape.new(name: 'ProvisionedConcurrencyConfigListItem')
277
283
  ProvisionedConcurrencyConfigNotFoundException = Shapes::StructureShape.new(name: 'ProvisionedConcurrencyConfigNotFoundException')
278
284
  ProvisionedConcurrencyStatusEnum = Shapes::StringShape.new(name: 'ProvisionedConcurrencyStatusEnum')
285
+ PublicAccessBlockConfig = Shapes::StructureShape.new(name: 'PublicAccessBlockConfig')
286
+ PublicAccessBlockResourceArn = Shapes::StringShape.new(name: 'PublicAccessBlockResourceArn')
287
+ PublicPolicyException = Shapes::StructureShape.new(name: 'PublicPolicyException')
279
288
  PublishLayerVersionRequest = Shapes::StructureShape.new(name: 'PublishLayerVersionRequest')
280
289
  PublishLayerVersionResponse = Shapes::StructureShape.new(name: 'PublishLayerVersionResponse')
281
290
  PublishVersionRequest = Shapes::StructureShape.new(name: 'PublishVersionRequest')
@@ -287,6 +296,10 @@ module Aws::Lambda
287
296
  PutFunctionRecursionConfigResponse = Shapes::StructureShape.new(name: 'PutFunctionRecursionConfigResponse')
288
297
  PutProvisionedConcurrencyConfigRequest = Shapes::StructureShape.new(name: 'PutProvisionedConcurrencyConfigRequest')
289
298
  PutProvisionedConcurrencyConfigResponse = Shapes::StructureShape.new(name: 'PutProvisionedConcurrencyConfigResponse')
299
+ PutPublicAccessBlockConfigRequest = Shapes::StructureShape.new(name: 'PutPublicAccessBlockConfigRequest')
300
+ PutPublicAccessBlockConfigResponse = Shapes::StructureShape.new(name: 'PutPublicAccessBlockConfigResponse')
301
+ PutResourcePolicyRequest = Shapes::StructureShape.new(name: 'PutResourcePolicyRequest')
302
+ PutResourcePolicyResponse = Shapes::StructureShape.new(name: 'PutResourcePolicyResponse')
290
303
  PutRuntimeManagementConfigRequest = Shapes::StructureShape.new(name: 'PutRuntimeManagementConfigRequest')
291
304
  PutRuntimeManagementConfigResponse = Shapes::StructureShape.new(name: 'PutRuntimeManagementConfigResponse')
292
305
  Qualifier = Shapes::StringShape.new(name: 'Qualifier')
@@ -303,7 +316,9 @@ module Aws::Lambda
303
316
  ResourceInUseException = Shapes::StructureShape.new(name: 'ResourceInUseException')
304
317
  ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
305
318
  ResourceNotReadyException = Shapes::StructureShape.new(name: 'ResourceNotReadyException')
319
+ ResourcePolicy = Shapes::StringShape.new(name: 'ResourcePolicy')
306
320
  ResponseStreamingInvocationType = Shapes::StringShape.new(name: 'ResponseStreamingInvocationType')
321
+ RevisionId = Shapes::StringShape.new(name: 'RevisionId')
307
322
  RoleArn = Shapes::StringShape.new(name: 'RoleArn')
308
323
  Runtime = Shapes::StringShape.new(name: 'Runtime')
309
324
  RuntimeVersionArn = Shapes::StringShape.new(name: 'RuntimeVersionArn')
@@ -609,6 +624,10 @@ module Aws::Lambda
609
624
  DeleteProvisionedConcurrencyConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, required: true, location: "querystring", location_name: "Qualifier"))
610
625
  DeleteProvisionedConcurrencyConfigRequest.struct_class = Types::DeleteProvisionedConcurrencyConfigRequest
611
626
 
627
+ DeleteResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
628
+ DeleteResourcePolicyRequest.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location: "querystring", location_name: "RevisionId"))
629
+ DeleteResourcePolicyRequest.struct_class = Types::DeleteResourcePolicyRequest
630
+
612
631
  DestinationConfig.add_member(:on_success, Shapes::ShapeRef.new(shape: OnSuccess, location_name: "OnSuccess"))
613
632
  DestinationConfig.add_member(:on_failure, Shapes::ShapeRef.new(shape: OnFailure, location_name: "OnFailure"))
614
633
  DestinationConfig.struct_class = Types::DestinationConfig
@@ -916,6 +935,19 @@ module Aws::Lambda
916
935
  GetProvisionedConcurrencyConfigResponse.add_member(:last_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "LastModified"))
917
936
  GetProvisionedConcurrencyConfigResponse.struct_class = Types::GetProvisionedConcurrencyConfigResponse
918
937
 
938
+ GetPublicAccessBlockConfigRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PublicAccessBlockResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
939
+ GetPublicAccessBlockConfigRequest.struct_class = Types::GetPublicAccessBlockConfigRequest
940
+
941
+ GetPublicAccessBlockConfigResponse.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, location_name: "PublicAccessBlockConfig"))
942
+ GetPublicAccessBlockConfigResponse.struct_class = Types::GetPublicAccessBlockConfigResponse
943
+
944
+ GetResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
945
+ GetResourcePolicyRequest.struct_class = Types::GetResourcePolicyRequest
946
+
947
+ GetResourcePolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, location_name: "Policy"))
948
+ GetResourcePolicyResponse.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
949
+ GetResourcePolicyResponse.struct_class = Types::GetResourcePolicyResponse
950
+
919
951
  GetRuntimeManagementConfigRequest.add_member(:function_name, Shapes::ShapeRef.new(shape: NamespacedFunctionName, required: true, location: "uri", location_name: "FunctionName"))
920
952
  GetRuntimeManagementConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, location: "querystring", location_name: "Qualifier"))
921
953
  GetRuntimeManagementConfigRequest.struct_class = Types::GetRuntimeManagementConfigRequest
@@ -1228,6 +1260,14 @@ module Aws::Lambda
1228
1260
  ProvisionedConcurrencyConfigNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
1229
1261
  ProvisionedConcurrencyConfigNotFoundException.struct_class = Types::ProvisionedConcurrencyConfigNotFoundException
1230
1262
 
1263
+ PublicAccessBlockConfig.add_member(:block_public_policy, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "BlockPublicPolicy"))
1264
+ PublicAccessBlockConfig.add_member(:restrict_public_resource, Shapes::ShapeRef.new(shape: NullableBoolean, location_name: "RestrictPublicResource"))
1265
+ PublicAccessBlockConfig.struct_class = Types::PublicAccessBlockConfig
1266
+
1267
+ PublicPolicyException.add_member(:type, Shapes::ShapeRef.new(shape: String, location_name: "Type"))
1268
+ PublicPolicyException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "Message"))
1269
+ PublicPolicyException.struct_class = Types::PublicPolicyException
1270
+
1231
1271
  PublishLayerVersionRequest.add_member(:layer_name, Shapes::ShapeRef.new(shape: LayerName, required: true, location: "uri", location_name: "LayerName"))
1232
1272
  PublishLayerVersionRequest.add_member(:description, Shapes::ShapeRef.new(shape: Description, location_name: "Description"))
1233
1273
  PublishLayerVersionRequest.add_member(:content, Shapes::ShapeRef.new(shape: LayerVersionContentInput, required: true, location_name: "Content"))
@@ -1292,6 +1332,22 @@ module Aws::Lambda
1292
1332
  PutProvisionedConcurrencyConfigResponse.add_member(:last_modified, Shapes::ShapeRef.new(shape: Timestamp, location_name: "LastModified"))
1293
1333
  PutProvisionedConcurrencyConfigResponse.struct_class = Types::PutProvisionedConcurrencyConfigResponse
1294
1334
 
1335
+ PutPublicAccessBlockConfigRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PublicAccessBlockResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
1336
+ PutPublicAccessBlockConfigRequest.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, required: true, location_name: "PublicAccessBlockConfig"))
1337
+ PutPublicAccessBlockConfigRequest.struct_class = Types::PutPublicAccessBlockConfigRequest
1338
+
1339
+ PutPublicAccessBlockConfigResponse.add_member(:public_access_block_config, Shapes::ShapeRef.new(shape: PublicAccessBlockConfig, location_name: "PublicAccessBlockConfig"))
1340
+ PutPublicAccessBlockConfigResponse.struct_class = Types::PutPublicAccessBlockConfigResponse
1341
+
1342
+ PutResourcePolicyRequest.add_member(:resource_arn, Shapes::ShapeRef.new(shape: PolicyResourceArn, required: true, location: "uri", location_name: "ResourceArn"))
1343
+ PutResourcePolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, required: true, location_name: "Policy"))
1344
+ PutResourcePolicyRequest.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
1345
+ PutResourcePolicyRequest.struct_class = Types::PutResourcePolicyRequest
1346
+
1347
+ PutResourcePolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: ResourcePolicy, location_name: "Policy"))
1348
+ PutResourcePolicyResponse.add_member(:revision_id, Shapes::ShapeRef.new(shape: RevisionId, location_name: "RevisionId"))
1349
+ PutResourcePolicyResponse.struct_class = Types::PutResourcePolicyResponse
1350
+
1295
1351
  PutRuntimeManagementConfigRequest.add_member(:function_name, Shapes::ShapeRef.new(shape: FunctionName, required: true, location: "uri", location_name: "FunctionName"))
1296
1352
  PutRuntimeManagementConfigRequest.add_member(:qualifier, Shapes::ShapeRef.new(shape: Qualifier, location: "querystring", location_name: "Qualifier"))
1297
1353
  PutRuntimeManagementConfigRequest.add_member(:update_runtime_on, Shapes::ShapeRef.new(shape: UpdateRuntimeOn, required: true, location_name: "UpdateRuntimeOn"))
@@ -1773,6 +1829,20 @@ module Aws::Lambda
1773
1829
  o.errors << Shapes::ShapeRef.new(shape: ServiceException)
1774
1830
  end)
1775
1831
 
1832
+ api.add_operation(:delete_resource_policy, Seahorse::Model::Operation.new.tap do |o|
1833
+ o.name = "DeleteResourcePolicy"
1834
+ o.http_method = "DELETE"
1835
+ o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
1836
+ o.input = Shapes::ShapeRef.new(shape: DeleteResourcePolicyRequest)
1837
+ o.output = Shapes::ShapeRef.new(shape: Shapes::StructureShape.new(struct_class: Aws::EmptyStructure))
1838
+ o.errors << Shapes::ShapeRef.new(shape: ServiceException)
1839
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
1840
+ o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
1841
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
1842
+ o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
1843
+ o.errors << Shapes::ShapeRef.new(shape: PreconditionFailedException)
1844
+ end)
1845
+
1776
1846
  api.add_operation(:get_account_settings, Seahorse::Model::Operation.new.tap do |o|
1777
1847
  o.name = "GetAccountSettings"
1778
1848
  o.http_method = "GET"
@@ -1963,6 +2033,30 @@ module Aws::Lambda
1963
2033
  o.errors << Shapes::ShapeRef.new(shape: ProvisionedConcurrencyConfigNotFoundException)
1964
2034
  end)
1965
2035
 
2036
+ api.add_operation(:get_public_access_block_config, Seahorse::Model::Operation.new.tap do |o|
2037
+ o.name = "GetPublicAccessBlockConfig"
2038
+ o.http_method = "GET"
2039
+ o.http_request_uri = "/2024-09-16/public-access-block/{ResourceArn}"
2040
+ o.input = Shapes::ShapeRef.new(shape: GetPublicAccessBlockConfigRequest)
2041
+ o.output = Shapes::ShapeRef.new(shape: GetPublicAccessBlockConfigResponse)
2042
+ o.errors << Shapes::ShapeRef.new(shape: ServiceException)
2043
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
2044
+ o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
2045
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
2046
+ end)
2047
+
2048
+ api.add_operation(:get_resource_policy, Seahorse::Model::Operation.new.tap do |o|
2049
+ o.name = "GetResourcePolicy"
2050
+ o.http_method = "GET"
2051
+ o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
2052
+ o.input = Shapes::ShapeRef.new(shape: GetResourcePolicyRequest)
2053
+ o.output = Shapes::ShapeRef.new(shape: GetResourcePolicyResponse)
2054
+ o.errors << Shapes::ShapeRef.new(shape: ServiceException)
2055
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
2056
+ o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
2057
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
2058
+ end)
2059
+
1966
2060
  api.add_operation(:get_runtime_management_config, Seahorse::Model::Operation.new.tap do |o|
1967
2061
  o.name = "GetRuntimeManagementConfig"
1968
2062
  o.http_method = "GET"
@@ -2364,6 +2458,35 @@ module Aws::Lambda
2364
2458
  o.errors << Shapes::ShapeRef.new(shape: ServiceException)
2365
2459
  end)
2366
2460
 
2461
+ api.add_operation(:put_public_access_block_config, Seahorse::Model::Operation.new.tap do |o|
2462
+ o.name = "PutPublicAccessBlockConfig"
2463
+ o.http_method = "PUT"
2464
+ o.http_request_uri = "/2024-09-16/public-access-block/{ResourceArn}"
2465
+ o.input = Shapes::ShapeRef.new(shape: PutPublicAccessBlockConfigRequest)
2466
+ o.output = Shapes::ShapeRef.new(shape: PutPublicAccessBlockConfigResponse)
2467
+ o.errors << Shapes::ShapeRef.new(shape: ServiceException)
2468
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
2469
+ o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
2470
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
2471
+ o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
2472
+ end)
2473
+
2474
+ api.add_operation(:put_resource_policy, Seahorse::Model::Operation.new.tap do |o|
2475
+ o.name = "PutResourcePolicy"
2476
+ o.http_method = "PUT"
2477
+ o.http_request_uri = "/2024-09-16/resource-policy/{ResourceArn}"
2478
+ o.input = Shapes::ShapeRef.new(shape: PutResourcePolicyRequest)
2479
+ o.output = Shapes::ShapeRef.new(shape: PutResourcePolicyResponse)
2480
+ o.errors << Shapes::ShapeRef.new(shape: ServiceException)
2481
+ o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
2482
+ o.errors << Shapes::ShapeRef.new(shape: ResourceConflictException)
2483
+ o.errors << Shapes::ShapeRef.new(shape: InvalidParameterValueException)
2484
+ o.errors << Shapes::ShapeRef.new(shape: PolicyLengthExceededException)
2485
+ o.errors << Shapes::ShapeRef.new(shape: TooManyRequestsException)
2486
+ o.errors << Shapes::ShapeRef.new(shape: PreconditionFailedException)
2487
+ o.errors << Shapes::ShapeRef.new(shape: PublicPolicyException)
2488
+ end)
2489
+
2367
2490
  api.add_operation(:put_runtime_management_config, Seahorse::Model::Operation.new.tap do |o|
2368
2491
  o.name = "PutRuntimeManagementConfig"
2369
2492
  o.http_method = "PUT"
@@ -199,6 +199,17 @@ module Aws::Lambda
199
199
  end
200
200
  end
201
201
 
202
+ class DeleteResourcePolicy
203
+ def self.build(context)
204
+ Aws::Lambda::EndpointParameters.new(
205
+ region: context.config.region,
206
+ use_dual_stack: context.config.use_dualstack_endpoint,
207
+ use_fips: context.config.use_fips_endpoint,
208
+ endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
209
+ )
210
+ end
211
+ end
212
+
202
213
  class GetAccountSettings
203
214
  def self.build(context)
204
215
  Aws::Lambda::EndpointParameters.new(
@@ -375,6 +386,28 @@ module Aws::Lambda
375
386
  end
376
387
  end
377
388
 
389
+ class GetPublicAccessBlockConfig
390
+ def self.build(context)
391
+ Aws::Lambda::EndpointParameters.new(
392
+ region: context.config.region,
393
+ use_dual_stack: context.config.use_dualstack_endpoint,
394
+ use_fips: context.config.use_fips_endpoint,
395
+ endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
396
+ )
397
+ end
398
+ end
399
+
400
+ class GetResourcePolicy
401
+ def self.build(context)
402
+ Aws::Lambda::EndpointParameters.new(
403
+ region: context.config.region,
404
+ use_dual_stack: context.config.use_dualstack_endpoint,
405
+ use_fips: context.config.use_fips_endpoint,
406
+ endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
407
+ )
408
+ end
409
+ end
410
+
378
411
  class GetRuntimeManagementConfig
379
412
  def self.build(context)
380
413
  Aws::Lambda::EndpointParameters.new(
@@ -628,6 +661,28 @@ module Aws::Lambda
628
661
  end
629
662
  end
630
663
 
664
+ class PutPublicAccessBlockConfig
665
+ def self.build(context)
666
+ Aws::Lambda::EndpointParameters.new(
667
+ region: context.config.region,
668
+ use_dual_stack: context.config.use_dualstack_endpoint,
669
+ use_fips: context.config.use_fips_endpoint,
670
+ endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
671
+ )
672
+ end
673
+ end
674
+
675
+ class PutResourcePolicy
676
+ def self.build(context)
677
+ Aws::Lambda::EndpointParameters.new(
678
+ region: context.config.region,
679
+ use_dual_stack: context.config.use_dualstack_endpoint,
680
+ use_fips: context.config.use_fips_endpoint,
681
+ endpoint: context.config.regional_endpoint ? nil : context.config.endpoint.to_s,
682
+ )
683
+ end
684
+ end
685
+
631
686
  class PutRuntimeManagementConfig
632
687
  def self.build(context)
633
688
  Aws::Lambda::EndpointParameters.new(
@@ -52,6 +52,7 @@ module Aws::Lambda
52
52
  # * {PolicyLengthExceededException}
53
53
  # * {PreconditionFailedException}
54
54
  # * {ProvisionedConcurrencyConfigNotFoundException}
55
+ # * {PublicPolicyException}
55
56
  # * {RecursiveInvocationException}
56
57
  # * {RequestTooLargeException}
57
58
  # * {ResourceConflictException}
@@ -577,6 +578,26 @@ module Aws::Lambda
577
578
  end
578
579
  end
579
580
 
581
+ class PublicPolicyException < ServiceError
582
+
583
+ # @param [Seahorse::Client::RequestContext] context
584
+ # @param [String] message
585
+ # @param [Aws::Lambda::Types::PublicPolicyException] data
586
+ def initialize(context, message, data = Aws::EmptyStructure.new)
587
+ super(context, message, data)
588
+ end
589
+
590
+ # @return [String]
591
+ def type
592
+ @data[:type]
593
+ end
594
+
595
+ # @return [String]
596
+ def message
597
+ @message || @data[:message]
598
+ end
599
+ end
600
+
580
601
  class RecursiveInvocationException < ServiceError
581
602
 
582
603
  # @param [Seahorse::Client::RequestContext] context
@@ -101,6 +101,8 @@ module Aws::Lambda
101
101
  Aws::Lambda::Endpoints::DeleteLayerVersion.build(context)
102
102
  when :delete_provisioned_concurrency_config
103
103
  Aws::Lambda::Endpoints::DeleteProvisionedConcurrencyConfig.build(context)
104
+ when :delete_resource_policy
105
+ Aws::Lambda::Endpoints::DeleteResourcePolicy.build(context)
104
106
  when :get_account_settings
105
107
  Aws::Lambda::Endpoints::GetAccountSettings.build(context)
106
108
  when :get_alias
@@ -133,6 +135,10 @@ module Aws::Lambda
133
135
  Aws::Lambda::Endpoints::GetPolicy.build(context)
134
136
  when :get_provisioned_concurrency_config
135
137
  Aws::Lambda::Endpoints::GetProvisionedConcurrencyConfig.build(context)
138
+ when :get_public_access_block_config
139
+ Aws::Lambda::Endpoints::GetPublicAccessBlockConfig.build(context)
140
+ when :get_resource_policy
141
+ Aws::Lambda::Endpoints::GetResourcePolicy.build(context)
136
142
  when :get_runtime_management_config
137
143
  Aws::Lambda::Endpoints::GetRuntimeManagementConfig.build(context)
138
144
  when :invoke
@@ -179,6 +185,10 @@ module Aws::Lambda
179
185
  Aws::Lambda::Endpoints::PutFunctionRecursionConfig.build(context)
180
186
  when :put_provisioned_concurrency_config
181
187
  Aws::Lambda::Endpoints::PutProvisionedConcurrencyConfig.build(context)
188
+ when :put_public_access_block_config
189
+ Aws::Lambda::Endpoints::PutPublicAccessBlockConfig.build(context)
190
+ when :put_resource_policy
191
+ Aws::Lambda::Endpoints::PutResourcePolicy.build(context)
182
192
  when :put_runtime_management_config
183
193
  Aws::Lambda::Endpoints::PutRuntimeManagementConfig.build(context)
184
194
  when :remove_layer_version_permission
@@ -1532,6 +1532,28 @@ module Aws::Lambda
1532
1532
  include Aws::Structure
1533
1533
  end
1534
1534
 
1535
+ # @!attribute [rw] resource_arn
1536
+ # The Amazon Resource Name (ARN) of the function you want to delete
1537
+ # the policy from. You can use either a qualified or an unqualified
1538
+ # ARN, but the value you specify must be a complete ARN and wildcard
1539
+ # characters are not accepted.
1540
+ # @return [String]
1541
+ #
1542
+ # @!attribute [rw] revision_id
1543
+ # Delete the existing policy only if its revision ID matches the
1544
+ # string you specify. To find the revision ID of the policy currently
1545
+ # attached to your function, use the GetResourcePolicy action.
1546
+ # @return [String]
1547
+ #
1548
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/DeleteResourcePolicyRequest AWS API Documentation
1549
+ #
1550
+ class DeleteResourcePolicyRequest < Struct.new(
1551
+ :resource_arn,
1552
+ :revision_id)
1553
+ SENSITIVE = []
1554
+ include Aws::Structure
1555
+ end
1556
+
1535
1557
  # A configuration object that specifies the destination of an event
1536
1558
  # after Lambda processes it.
1537
1559
  #
@@ -3300,6 +3322,63 @@ module Aws::Lambda
3300
3322
  include Aws::Structure
3301
3323
  end
3302
3324
 
3325
+ # @!attribute [rw] resource_arn
3326
+ # The Amazon Resource Name (ARN) of the function you want to retrieve
3327
+ # public-access settings for.
3328
+ # @return [String]
3329
+ #
3330
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetPublicAccessBlockConfigRequest AWS API Documentation
3331
+ #
3332
+ class GetPublicAccessBlockConfigRequest < Struct.new(
3333
+ :resource_arn)
3334
+ SENSITIVE = []
3335
+ include Aws::Structure
3336
+ end
3337
+
3338
+ # @!attribute [rw] public_access_block_config
3339
+ # The public-access settings configured for the function you specified
3340
+ # @return [Types::PublicAccessBlockConfig]
3341
+ #
3342
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetPublicAccessBlockConfigResponse AWS API Documentation
3343
+ #
3344
+ class GetPublicAccessBlockConfigResponse < Struct.new(
3345
+ :public_access_block_config)
3346
+ SENSITIVE = []
3347
+ include Aws::Structure
3348
+ end
3349
+
3350
+ # @!attribute [rw] resource_arn
3351
+ # The Amazon Resource Name (ARN) of the function you want to retrieve
3352
+ # the policy for. You can use either a qualified or an unqualified
3353
+ # ARN, but the value you specify must be a complete ARN and wildcard
3354
+ # characters are not accepted.
3355
+ # @return [String]
3356
+ #
3357
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetResourcePolicyRequest AWS API Documentation
3358
+ #
3359
+ class GetResourcePolicyRequest < Struct.new(
3360
+ :resource_arn)
3361
+ SENSITIVE = []
3362
+ include Aws::Structure
3363
+ end
3364
+
3365
+ # @!attribute [rw] policy
3366
+ # The resource-based policy attached to the function you specified.
3367
+ # @return [String]
3368
+ #
3369
+ # @!attribute [rw] revision_id
3370
+ # The revision ID of the policy.
3371
+ # @return [String]
3372
+ #
3373
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/GetResourcePolicyResponse AWS API Documentation
3374
+ #
3375
+ class GetResourcePolicyResponse < Struct.new(
3376
+ :policy,
3377
+ :revision_id)
3378
+ SENSITIVE = []
3379
+ include Aws::Structure
3380
+ end
3381
+
3303
3382
  # @!attribute [rw] function_name
3304
3383
  # The name or ARN of the Lambda function.
3305
3384
  #
@@ -4951,6 +5030,52 @@ module Aws::Lambda
4951
5030
  include Aws::Structure
4952
5031
  end
4953
5032
 
5033
+ # An object that defines the public-access settings for a function.
5034
+ #
5035
+ # @!attribute [rw] block_public_policy
5036
+ # To block the creation of resource-based policies that would grant
5037
+ # public access to your function, set `BlockPublicPolicy` to `true`.
5038
+ # To allow the creation of resource-based policies that would grant
5039
+ # public access to your function, set `BlockPublicPolicy` to `false`.
5040
+ # @return [Boolean]
5041
+ #
5042
+ # @!attribute [rw] restrict_public_resource
5043
+ # To block public access to your function, even if its resource-based
5044
+ # policy allows it, set `RestrictPublicResource` to `true`. To allow
5045
+ # public access to a function with a resource-based policy that
5046
+ # permits it, set `RestrictPublicResource` to `false`.
5047
+ # @return [Boolean]
5048
+ #
5049
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PublicAccessBlockConfig AWS API Documentation
5050
+ #
5051
+ class PublicAccessBlockConfig < Struct.new(
5052
+ :block_public_policy,
5053
+ :restrict_public_resource)
5054
+ SENSITIVE = []
5055
+ include Aws::Structure
5056
+ end
5057
+
5058
+ # Lambda prevented your policy from being created because it would grant
5059
+ # public access to your function. If you intended to create a public
5060
+ # policy, use the PutPublicAccessBlockConfig API action to configure
5061
+ # your function's public-access settings to allow public policies.
5062
+ #
5063
+ # @!attribute [rw] type
5064
+ # The exception type.
5065
+ # @return [String]
5066
+ #
5067
+ # @!attribute [rw] message
5068
+ # @return [String]
5069
+ #
5070
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PublicPolicyException AWS API Documentation
5071
+ #
5072
+ class PublicPolicyException < Struct.new(
5073
+ :type,
5074
+ :message)
5075
+ SENSITIVE = []
5076
+ include Aws::Structure
5077
+ end
5078
+
4954
5079
  # @!attribute [rw] layer_name
4955
5080
  # The name or Amazon Resource Name (ARN) of the layer.
4956
5081
  # @return [String]
@@ -5435,6 +5560,103 @@ module Aws::Lambda
5435
5560
  include Aws::Structure
5436
5561
  end
5437
5562
 
5563
+ # @!attribute [rw] resource_arn
5564
+ # The Amazon Resource Name (ARN) of the function you want to configure
5565
+ # public-access settings for. Public-access settings are applied at
5566
+ # the function level, so you can't apply different settings to
5567
+ # function versions or aliases.
5568
+ # @return [String]
5569
+ #
5570
+ # @!attribute [rw] public_access_block_config
5571
+ # An object defining the public-access settings you want to apply.
5572
+ #
5573
+ # To block the creation of resource-based policies that would grant
5574
+ # public access to your function, set `BlockPublicPolicy` to `true`.
5575
+ # To allow the creation of resource-based policies that would grant
5576
+ # public access to your function, set `BlockPublicPolicy` to `false`.
5577
+ #
5578
+ # To block public access to your function, even if its resource-based
5579
+ # policy allows it, set `RestrictPublicResource` to `true`. To allow
5580
+ # public access to a function with a resource-based policy that
5581
+ # permits it, set `RestrictPublicResource` to `false`.
5582
+ #
5583
+ # The default setting for both `BlockPublicPolicy` and
5584
+ # `RestrictPublicResource` is `true`.
5585
+ # @return [Types::PublicAccessBlockConfig]
5586
+ #
5587
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutPublicAccessBlockConfigRequest AWS API Documentation
5588
+ #
5589
+ class PutPublicAccessBlockConfigRequest < Struct.new(
5590
+ :resource_arn,
5591
+ :public_access_block_config)
5592
+ SENSITIVE = []
5593
+ include Aws::Structure
5594
+ end
5595
+
5596
+ # @!attribute [rw] public_access_block_config
5597
+ # The public-access settings Lambda applied to your function.
5598
+ # @return [Types::PublicAccessBlockConfig]
5599
+ #
5600
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutPublicAccessBlockConfigResponse AWS API Documentation
5601
+ #
5602
+ class PutPublicAccessBlockConfigResponse < Struct.new(
5603
+ :public_access_block_config)
5604
+ SENSITIVE = []
5605
+ include Aws::Structure
5606
+ end
5607
+
5608
+ # @!attribute [rw] resource_arn
5609
+ # The Amazon Resource Name (ARN) of the function you want to add the
5610
+ # policy to. You can use either a qualified or an unqualified ARN, but
5611
+ # the value you specify must be a complete ARN and wildcard characters
5612
+ # are not accepted.
5613
+ # @return [String]
5614
+ #
5615
+ # @!attribute [rw] policy
5616
+ # The JSON resource-based policy you want to add to your function.
5617
+ #
5618
+ # To learn more about creating resource-based policies for controlling
5619
+ # access to Lambda, see [Working with resource-based IAM policies in
5620
+ # Lambda][1] in the *Lambda Developer Guide*.
5621
+ #
5622
+ #
5623
+ #
5624
+ # [1]: https://docs.aws.amazon.com/
5625
+ # @return [String]
5626
+ #
5627
+ # @!attribute [rw] revision_id
5628
+ # Replace the existing policy only if its revision ID matches the
5629
+ # string you specify. To find the revision ID of the policy currently
5630
+ # attached to your function, use the GetResourcePolicy action.
5631
+ # @return [String]
5632
+ #
5633
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutResourcePolicyRequest AWS API Documentation
5634
+ #
5635
+ class PutResourcePolicyRequest < Struct.new(
5636
+ :resource_arn,
5637
+ :policy,
5638
+ :revision_id)
5639
+ SENSITIVE = []
5640
+ include Aws::Structure
5641
+ end
5642
+
5643
+ # @!attribute [rw] policy
5644
+ # The policy Lambda added to your function.
5645
+ # @return [String]
5646
+ #
5647
+ # @!attribute [rw] revision_id
5648
+ # The revision ID of the policy Lambda added to your function.
5649
+ # @return [String]
5650
+ #
5651
+ # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/PutResourcePolicyResponse AWS API Documentation
5652
+ #
5653
+ class PutResourcePolicyResponse < Struct.new(
5654
+ :policy,
5655
+ :revision_id)
5656
+ SENSITIVE = []
5657
+ include Aws::Structure
5658
+ end
5659
+
5438
5660
  # @!attribute [rw] function_name
5439
5661
  # The name or ARN of the Lambda function.
5440
5662
  #
@@ -54,6 +54,6 @@ require_relative 'aws-sdk-lambda/event_streams'
54
54
  # @!group service
55
55
  module Aws::Lambda
56
56
 
57
- GEM_VERSION = '1.130.0'
57
+ GEM_VERSION = '1.131.0'
58
58
 
59
59
  end
data/sig/client.rbs CHANGED
@@ -471,6 +471,13 @@ module Aws
471
471
  ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
472
472
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
473
473
 
474
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Lambda/Client.html#delete_resource_policy-instance_method
475
+ def delete_resource_policy: (
476
+ resource_arn: ::String,
477
+ ?revision_id: ::String
478
+ ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
479
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
480
+
474
481
  interface _GetAccountSettingsResponseSuccess
475
482
  include ::Seahorse::Client::_ResponseSuccess[Types::GetAccountSettingsResponse]
476
483
  def account_limit: () -> Types::AccountLimit
@@ -745,6 +752,27 @@ module Aws
745
752
  ) -> _GetProvisionedConcurrencyConfigResponseSuccess
746
753
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetProvisionedConcurrencyConfigResponseSuccess
747
754
 
755
+ interface _GetPublicAccessBlockConfigResponseSuccess
756
+ include ::Seahorse::Client::_ResponseSuccess[Types::GetPublicAccessBlockConfigResponse]
757
+ def public_access_block_config: () -> Types::PublicAccessBlockConfig
758
+ end
759
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Lambda/Client.html#get_public_access_block_config-instance_method
760
+ def get_public_access_block_config: (
761
+ resource_arn: ::String
762
+ ) -> _GetPublicAccessBlockConfigResponseSuccess
763
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetPublicAccessBlockConfigResponseSuccess
764
+
765
+ interface _GetResourcePolicyResponseSuccess
766
+ include ::Seahorse::Client::_ResponseSuccess[Types::GetResourcePolicyResponse]
767
+ def policy: () -> ::String
768
+ def revision_id: () -> ::String
769
+ end
770
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Lambda/Client.html#get_resource_policy-instance_method
771
+ def get_resource_policy: (
772
+ resource_arn: ::String
773
+ ) -> _GetResourcePolicyResponseSuccess
774
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetResourcePolicyResponseSuccess
775
+
748
776
  interface _GetRuntimeManagementConfigResponseSuccess
749
777
  include ::Seahorse::Client::_ResponseSuccess[Types::GetRuntimeManagementConfigResponse]
750
778
  def update_runtime_on: () -> ("Auto" | "Manual" | "FunctionUpdate")
@@ -1116,6 +1144,33 @@ module Aws
1116
1144
  ) -> _PutProvisionedConcurrencyConfigResponseSuccess
1117
1145
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutProvisionedConcurrencyConfigResponseSuccess
1118
1146
 
1147
+ interface _PutPublicAccessBlockConfigResponseSuccess
1148
+ include ::Seahorse::Client::_ResponseSuccess[Types::PutPublicAccessBlockConfigResponse]
1149
+ def public_access_block_config: () -> Types::PublicAccessBlockConfig
1150
+ end
1151
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Lambda/Client.html#put_public_access_block_config-instance_method
1152
+ def put_public_access_block_config: (
1153
+ resource_arn: ::String,
1154
+ public_access_block_config: {
1155
+ block_public_policy: bool?,
1156
+ restrict_public_resource: bool?
1157
+ }
1158
+ ) -> _PutPublicAccessBlockConfigResponseSuccess
1159
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutPublicAccessBlockConfigResponseSuccess
1160
+
1161
+ interface _PutResourcePolicyResponseSuccess
1162
+ include ::Seahorse::Client::_ResponseSuccess[Types::PutResourcePolicyResponse]
1163
+ def policy: () -> ::String
1164
+ def revision_id: () -> ::String
1165
+ end
1166
+ # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/Lambda/Client.html#put_resource_policy-instance_method
1167
+ def put_resource_policy: (
1168
+ resource_arn: ::String,
1169
+ policy: ::String,
1170
+ ?revision_id: ::String
1171
+ ) -> _PutResourcePolicyResponseSuccess
1172
+ | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutResourcePolicyResponseSuccess
1173
+
1119
1174
  interface _PutRuntimeManagementConfigResponseSuccess
1120
1175
  include ::Seahorse::Client::_ResponseSuccess[Types::PutRuntimeManagementConfigResponse]
1121
1176
  def update_runtime_on: () -> ("Auto" | "Manual" | "FunctionUpdate")
data/sig/errors.rbs CHANGED
@@ -112,6 +112,10 @@ module Aws
112
112
  def type: () -> ::String
113
113
  def message: () -> ::String
114
114
  end
115
+ class PublicPolicyException < ::Aws::Errors::ServiceError
116
+ def type: () -> ::String
117
+ def message: () -> ::String
118
+ end
115
119
  class RecursiveInvocationException < ::Aws::Errors::ServiceError
116
120
  def type: () -> ::String
117
121
  def message: () -> ::String
data/sig/types.rbs CHANGED
@@ -293,6 +293,12 @@ module Aws::Lambda
293
293
  SENSITIVE: []
294
294
  end
295
295
 
296
+ class DeleteResourcePolicyRequest
297
+ attr_accessor resource_arn: ::String
298
+ attr_accessor revision_id: ::String
299
+ SENSITIVE: []
300
+ end
301
+
296
302
  class DestinationConfig
297
303
  attr_accessor on_success: Types::OnSuccess
298
304
  attr_accessor on_failure: Types::OnFailure
@@ -677,6 +683,27 @@ module Aws::Lambda
677
683
  SENSITIVE: []
678
684
  end
679
685
 
686
+ class GetPublicAccessBlockConfigRequest
687
+ attr_accessor resource_arn: ::String
688
+ SENSITIVE: []
689
+ end
690
+
691
+ class GetPublicAccessBlockConfigResponse
692
+ attr_accessor public_access_block_config: Types::PublicAccessBlockConfig
693
+ SENSITIVE: []
694
+ end
695
+
696
+ class GetResourcePolicyRequest
697
+ attr_accessor resource_arn: ::String
698
+ SENSITIVE: []
699
+ end
700
+
701
+ class GetResourcePolicyResponse
702
+ attr_accessor policy: ::String
703
+ attr_accessor revision_id: ::String
704
+ SENSITIVE: []
705
+ end
706
+
680
707
  class GetRuntimeManagementConfigRequest
681
708
  attr_accessor function_name: ::String
682
709
  attr_accessor qualifier: ::String
@@ -1085,6 +1112,18 @@ module Aws::Lambda
1085
1112
  SENSITIVE: []
1086
1113
  end
1087
1114
 
1115
+ class PublicAccessBlockConfig
1116
+ attr_accessor block_public_policy: bool
1117
+ attr_accessor restrict_public_resource: bool
1118
+ SENSITIVE: []
1119
+ end
1120
+
1121
+ class PublicPolicyException
1122
+ attr_accessor type: ::String
1123
+ attr_accessor message: ::String
1124
+ SENSITIVE: []
1125
+ end
1126
+
1088
1127
  class PublishLayerVersionRequest
1089
1128
  attr_accessor layer_name: ::String
1090
1129
  attr_accessor description: ::String
@@ -1171,6 +1210,30 @@ module Aws::Lambda
1171
1210
  SENSITIVE: []
1172
1211
  end
1173
1212
 
1213
+ class PutPublicAccessBlockConfigRequest
1214
+ attr_accessor resource_arn: ::String
1215
+ attr_accessor public_access_block_config: Types::PublicAccessBlockConfig
1216
+ SENSITIVE: []
1217
+ end
1218
+
1219
+ class PutPublicAccessBlockConfigResponse
1220
+ attr_accessor public_access_block_config: Types::PublicAccessBlockConfig
1221
+ SENSITIVE: []
1222
+ end
1223
+
1224
+ class PutResourcePolicyRequest
1225
+ attr_accessor resource_arn: ::String
1226
+ attr_accessor policy: ::String
1227
+ attr_accessor revision_id: ::String
1228
+ SENSITIVE: []
1229
+ end
1230
+
1231
+ class PutResourcePolicyResponse
1232
+ attr_accessor policy: ::String
1233
+ attr_accessor revision_id: ::String
1234
+ SENSITIVE: []
1235
+ end
1236
+
1174
1237
  class PutRuntimeManagementConfigRequest
1175
1238
  attr_accessor function_name: ::String
1176
1239
  attr_accessor qualifier: ::String
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-lambda
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.130.0
4
+ version: 1.131.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-09-11 00:00:00.000000000 Z
11
+ date: 2024-09-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core