aws-sdk-ram 1.31.0 → 1.35.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -27,6 +27,7 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
27
27
  require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
28
28
  require 'aws-sdk-core/plugins/transfer_encoding.rb'
29
29
  require 'aws-sdk-core/plugins/http_checksum.rb'
30
+ require 'aws-sdk-core/plugins/defaults_mode.rb'
30
31
  require 'aws-sdk-core/plugins/signature_v4.rb'
31
32
  require 'aws-sdk-core/plugins/protocols/rest_json.rb'
32
33
 
@@ -73,6 +74,7 @@ module Aws::RAM
73
74
  add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
74
75
  add_plugin(Aws::Plugins::TransferEncoding)
75
76
  add_plugin(Aws::Plugins::HttpChecksum)
77
+ add_plugin(Aws::Plugins::DefaultsMode)
76
78
  add_plugin(Aws::Plugins::SignatureV4)
77
79
  add_plugin(Aws::Plugins::Protocols::RestJson)
78
80
 
@@ -119,7 +121,9 @@ module Aws::RAM
119
121
  # * EC2/ECS IMDS instance profile - When used by default, the timeouts
120
122
  # are very aggressive. Construct and pass an instance of
121
123
  # `Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to
122
- # enable retries and extended timeouts.
124
+ # enable retries and extended timeouts. Instance profile credential
125
+ # fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
126
+ # to true.
123
127
  #
124
128
  # @option options [required, String] :region
125
129
  # The AWS region to connect to. The configured `:region` is
@@ -173,6 +177,10 @@ module Aws::RAM
173
177
  # Used only in `standard` and adaptive retry modes. Specifies whether to apply
174
178
  # a clock skew correction and retry requests with skewed client clocks.
175
179
  #
180
+ # @option options [String] :defaults_mode ("legacy")
181
+ # See {Aws::DefaultsModeConfiguration} for a list of the
182
+ # accepted modes and the configuration defaults that are included.
183
+ #
176
184
  # @option options [Boolean] :disable_host_prefix_injection (false)
177
185
  # Set to true to disable SDK automatically adding host prefix
178
186
  # to default service endpoint when available.
@@ -275,6 +283,15 @@ module Aws::RAM
275
283
  # ** Please note ** When response stubbing is enabled, no HTTP
276
284
  # requests are made, and retries are disabled.
277
285
  #
286
+ # @option options [Boolean] :use_dualstack_endpoint
287
+ # When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
288
+ # will be used if available.
289
+ #
290
+ # @option options [Boolean] :use_fips_endpoint
291
+ # When set to `true`, fips compatible endpoints will be used if available.
292
+ # When a `fips` region is used, the region is normalized and this config
293
+ # is set to `true`.
294
+ #
278
295
  # @option options [Boolean] :validate_params (true)
279
296
  # When `true`, request parameters are validated before
280
297
  # sending the request.
@@ -286,7 +303,7 @@ module Aws::RAM
286
303
  # seconds to wait when opening a HTTP session before raising a
287
304
  # `Timeout::Error`.
288
305
  #
289
- # @option options [Integer] :http_read_timeout (60) The default
306
+ # @option options [Float] :http_read_timeout (60) The default
290
307
  # number of seconds to wait for response data. This value can
291
308
  # safely be set per-request on the session.
292
309
  #
@@ -302,6 +319,9 @@ module Aws::RAM
302
319
  # disables this behaviour. This value can safely be set per
303
320
  # request on the session.
304
321
  #
322
+ # @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
323
+ # in seconds.
324
+ #
305
325
  # @option options [Boolean] :http_wire_trace (false) When `true`,
306
326
  # HTTP debug output will be sent to the `:logger`.
307
327
  #
@@ -328,14 +348,32 @@ module Aws::RAM
328
348
  # @!group API Operations
329
349
 
330
350
  # Accepts an invitation to a resource share from another Amazon Web
331
- # Services account.
351
+ # Services account. After you accept the invitation, the resources
352
+ # included in the resource share are available to interact with in the
353
+ # relevant Amazon Web Services Management Consoles and tools.
332
354
  #
333
355
  # @option params [required, String] :resource_share_invitation_arn
334
- # The Amazon Resource Name (ARN) of the invitation.
356
+ # The [Amazon Resoure Name (ARN)][1] of the invitation that you want to
357
+ # accept.
358
+ #
359
+ #
360
+ #
361
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
335
362
  #
336
363
  # @option params [String] :client_token
337
- # A unique, case-sensitive identifier that you provide to ensure the
338
- # idempotency of the request.
364
+ # Specifies a unique, case-sensitive identifier that you provide to
365
+ # ensure the idempotency of the request. This lets you safely retry the
366
+ # request without accidentally performing the same operation a second
367
+ # time. Passing the same value to a later call to an operation requires
368
+ # that you also pass the same value for all other parameters. We
369
+ # recommend that you use a [UUID type of value.][1].
370
+ #
371
+ # If you don't provide this value, then Amazon Web Services generates a
372
+ # random one for you.
373
+ #
374
+ #
375
+ #
376
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
339
377
  #
340
378
  # @return [Types::AcceptResourceShareInvitationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
341
379
  #
@@ -380,42 +418,78 @@ module Aws::RAM
380
418
  req.send_request(options)
381
419
  end
382
420
 
383
- # Associates the specified resource share with the specified principals
384
- # and resources.
421
+ # Adds the specified list of principals and list of resources to a
422
+ # resource share. Principals that already have access to this resource
423
+ # share immediately receive access to the added resources. Newly added
424
+ # principals immediately receive access to the resources shared in this
425
+ # resource share.
385
426
  #
386
427
  # @option params [required, String] :resource_share_arn
387
- # The Amazon Resource Name (ARN) of the resource share.
428
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share
429
+ # that you want to add principals or resources to.
430
+ #
431
+ #
432
+ #
433
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
388
434
  #
389
435
  # @option params [Array<String>] :resource_arns
390
- # The Amazon Resource Names (ARNs) of the resources.
436
+ # Specifies a list of [Amazon Resource Names (ARNs)][1] of the resources
437
+ # that you want to share. This can be `null` if you want to add only
438
+ # principals.
439
+ #
440
+ #
441
+ #
442
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
391
443
  #
392
444
  # @option params [Array<String>] :principals
393
- # The principals to associate with the resource share. The possible
394
- # values are:
445
+ # Specifies a list of principals to whom you want to the resource share.
446
+ # This can be `null` if you want to add only resources.
395
447
  #
396
- # * An Amazon Web Services account ID
448
+ # What the principals can do with the resources in the share is
449
+ # determined by the RAM permissions that you associate with the resource
450
+ # share. See AssociateResourceSharePermission.
397
451
  #
398
- # * An Amazon Resource Name (ARN) of an organization in Organizations
452
+ # You can include the following values:
399
453
  #
400
- # * An ARN of an organizational unit (OU) in Organizations
454
+ # * An Amazon Web Services account ID, for example: `123456789012`
401
455
  #
402
- # * An ARN of an IAM role
456
+ # * An [Amazon Resoure Name (ARN)][1] of an organization in
457
+ # Organizations, for example:
458
+ # `organizations::123456789012:organization/o-exampleorgid`
403
459
  #
404
- # * An ARN of an IAM user
460
+ # * An ARN of an organizational unit (OU) in Organizations, for example:
461
+ # `organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123`
405
462
  #
406
- # <note markdown="1"> Not all resource types can be shared with IAM roles and IAM users. For
407
- # more information, see [Sharing with IAM roles and IAM users][1] in the
463
+ # * An ARN of an IAM role, for example:
464
+ # `iam::123456789012:role/rolename`
465
+ #
466
+ # * An ARN of an IAM user, for example: `iam::123456789012user/username`
467
+ #
468
+ # <note markdown="1"> Not all resource types can be shared with IAM roles and users. For
469
+ # more information, see [Sharing with IAM roles and users][2] in the
408
470
  # *Resource Access Manager User Guide*.
409
471
  #
410
472
  # </note>
411
473
  #
412
474
  #
413
475
  #
414
- # [1]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
476
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
477
+ # [2]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
415
478
  #
416
479
  # @option params [String] :client_token
417
- # A unique, case-sensitive identifier that you provide to ensure the
418
- # idempotency of the request.
480
+ # Specifies a unique, case-sensitive identifier that you provide to
481
+ # ensure the idempotency of the request. This lets you safely retry the
482
+ # request without accidentally performing the same operation a second
483
+ # time. Passing the same value to a later call to an operation requires
484
+ # that you also pass the same value for all other parameters. We
485
+ # recommend that you use a [UUID type of value.][1].
486
+ #
487
+ # If you don't provide this value, then Amazon Web Services generates a
488
+ # random one for you.
489
+ #
490
+ #
491
+ #
492
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
419
493
  #
420
494
  # @return [Types::AssociateResourceShareResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
421
495
  #
@@ -454,28 +528,64 @@ module Aws::RAM
454
528
  req.send_request(options)
455
529
  end
456
530
 
457
- # Associates a permission with a resource share.
531
+ # Adds or replaces the RAM permission for a resource type included in a
532
+ # resource share. You can have exactly one permission associated with
533
+ # each resource type in the resource share. You can add a new RAM
534
+ # permission only if there are currently no resources of that resource
535
+ # type currently in the resource share.
458
536
  #
459
537
  # @option params [required, String] :resource_share_arn
460
- # The Amazon Resource Name (ARN) of the resource share.
538
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share to
539
+ # which you want to add or replace permissions.
540
+ #
541
+ #
542
+ #
543
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
461
544
  #
462
545
  # @option params [required, String] :permission_arn
463
- # The Amazon Resource Name (ARN) of the RAM permission to associate with
464
- # the resource share.
546
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the RAM permission to
547
+ # associate with the resource share. To find the ARN for a permission,
548
+ # use either the ListPermissions operation or go to the [Permissions
549
+ # library][2] page in the RAM console and then choose the name of the
550
+ # permission. The ARN is displayed on the detail page.
551
+ #
552
+ #
553
+ #
554
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
555
+ # [2]: https://console.aws.amazon.com/ram/home#Permissions:
465
556
  #
466
557
  # @option params [Boolean] :replace
467
- # Indicates whether the permission should replace the permissions that
468
- # are currently associated with the resource share. Use `true` to
469
- # replace the current permissions. Use `false` to add the permission to
470
- # the current permission.
558
+ # Specifies whether the specified permission should replace or add to
559
+ # the existing permission associated with the resource share. Use `true`
560
+ # to replace the current permissions. Use `false` to add the permission
561
+ # to the current permission. The default value is `false`.
562
+ #
563
+ # <note markdown="1"> A resource share can have only one permission per resource type. If a
564
+ # resource share already has a permission for the specified resource
565
+ # type and you don't set `replace` to `true` then the operation returns
566
+ # an error. This helps prevent accidental overwriting of a permission.
567
+ #
568
+ # </note>
471
569
  #
472
570
  # @option params [String] :client_token
473
- # A unique, case-sensitive identifier that you provide to ensure the
474
- # idempotency of the request.
571
+ # Specifies a unique, case-sensitive identifier that you provide to
572
+ # ensure the idempotency of the request. This lets you safely retry the
573
+ # request without accidentally performing the same operation a second
574
+ # time. Passing the same value to a later call to an operation requires
575
+ # that you also pass the same value for all other parameters. We
576
+ # recommend that you use a [UUID type of value.][1].
577
+ #
578
+ # If you don't provide this value, then Amazon Web Services generates a
579
+ # random one for you.
580
+ #
581
+ #
582
+ #
583
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
475
584
  #
476
585
  # @option params [Integer] :permission_version
477
- # The version of the RAM permissions to associate with the resource
478
- # share.
586
+ # Specifies the version of the RAM permission to associate with the
587
+ # resource share. If you don't specify this parameter, the operation
588
+ # uses the version designated as the default.
479
589
  #
480
590
  # @return [Types::AssociateResourceSharePermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
481
591
  #
@@ -506,10 +616,10 @@ module Aws::RAM
506
616
  req.send_request(options)
507
617
  end
508
618
 
509
- # Creates a resource share. You must provide a list of the Amazon
510
- # Resource Names (ARNs) for the resources you want to share. You must
511
- # also specify who you want to share the resources with, and the
512
- # permissions that you grant them.
619
+ # Creates a resource share. You can provide a list of the [Amazon
620
+ # Resource Names (ARNs)][1] for the resources that you want to share, a
621
+ # list of principals you want to share the resources with, and the
622
+ # permissions to grant those principals.
513
623
  #
514
624
  # <note markdown="1"> Sharing a resource makes it available for use by principals outside of
515
625
  # the Amazon Web Services account that created the resource. Sharing
@@ -518,53 +628,86 @@ module Aws::RAM
518
628
  #
519
629
  # </note>
520
630
  #
631
+ #
632
+ #
633
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
634
+ #
521
635
  # @option params [required, String] :name
522
- # The name of the resource share.
636
+ # Specifies the name of the resource share.
523
637
  #
524
638
  # @option params [Array<String>] :resource_arns
525
- # The ARNs of the resources to associate with the resource share.
639
+ # Specifies a list of one or more ARNs of the resources to associate
640
+ # with the resource share.
526
641
  #
527
642
  # @option params [Array<String>] :principals
528
- # The principals to associate with the resource share. The possible
529
- # values are:
643
+ # Specifies a list of one or more principals to associate with the
644
+ # resource share.
645
+ #
646
+ # You can include the following values:
530
647
  #
531
- # * An Amazon Web Services account ID
648
+ # * An Amazon Web Services account ID, for example: `123456789012`
532
649
  #
533
- # * An Amazon Resource Name (ARN) of an organization in Organizations
650
+ # * An [Amazon Resoure Name (ARN)][1] of an organization in
651
+ # Organizations, for example:
652
+ # `organizations::123456789012:organization/o-exampleorgid`
534
653
  #
535
- # * An ARN of an organizational unit (OU) in Organizations
654
+ # * An ARN of an organizational unit (OU) in Organizations, for example:
655
+ # `organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123`
536
656
  #
537
- # * An ARN of an IAM role
657
+ # * An ARN of an IAM role, for example:
658
+ # `iam::123456789012:role/rolename`
538
659
  #
539
- # * An ARN of an IAM user
660
+ # * An ARN of an IAM user, for example: `iam::123456789012user/username`
540
661
  #
541
- # <note markdown="1"> Not all resource types can be shared with IAM roles and IAM users. For
542
- # more information, see [Sharing with IAM roles and IAM users][1] in the
662
+ # <note markdown="1"> Not all resource types can be shared with IAM roles and users. For
663
+ # more information, see [Sharing with IAM roles and users][2] in the
543
664
  # *Resource Access Manager User Guide*.
544
665
  #
545
666
  # </note>
546
667
  #
547
668
  #
548
669
  #
549
- # [1]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
670
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
671
+ # [2]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
550
672
  #
551
673
  # @option params [Array<Types::Tag>] :tags
552
- # One or more tags.
674
+ # Specifies one or more tags to attach to the resource share itself. It
675
+ # doesn't attach the tags to the resources associated with the resource
676
+ # share.
553
677
  #
554
678
  # @option params [Boolean] :allow_external_principals
555
- # Indicates whether principals outside your organization in
556
- # Organizations can be associated with a resource share.
679
+ # Specifies whether principals outside your organization in
680
+ # Organizations can be associated with a resource share. A value of
681
+ # `true` lets you share with individual Amazon Web Services accounts
682
+ # that are *not* in your organization. A value of `false` only has
683
+ # meaning if your account is a member of an Amazon Web Services
684
+ # Organization. The default value is `true`.
557
685
  #
558
686
  # @option params [String] :client_token
559
- # A unique, case-sensitive identifier that you provide to ensure the
560
- # idempotency of the request.
687
+ # Specifies a unique, case-sensitive identifier that you provide to
688
+ # ensure the idempotency of the request. This lets you safely retry the
689
+ # request without accidentally performing the same operation a second
690
+ # time. Passing the same value to a later call to an operation requires
691
+ # that you also pass the same value for all other parameters. We
692
+ # recommend that you use a [UUID type of value.][1].
693
+ #
694
+ # If you don't provide this value, then Amazon Web Services generates a
695
+ # random one for you.
696
+ #
697
+ #
698
+ #
699
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
561
700
  #
562
701
  # @option params [Array<String>] :permission_arns
563
- # The Amazon Resource Names (ARNs) of the permissions to associate with
564
- # the resource share. If you do not specify an ARN for the permission,
565
- # RAM automatically attaches the default version of the permission for
566
- # each resource type. Only one permission can be associated with each
567
- # resource type in a resource share.
702
+ # Specifies the [Amazon Resource Names (ARNs)][1] of the RAM permission
703
+ # to associate with the resource share. If you do not specify an ARN for
704
+ # the permission, RAM automatically attaches the default version of the
705
+ # permission for each resource type. You can associate only one
706
+ # permission with each resource type included in the resource share.
707
+ #
708
+ #
709
+ #
710
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
568
711
  #
569
712
  # @return [Types::CreateResourceShareResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
570
713
  #
@@ -613,14 +756,33 @@ module Aws::RAM
613
756
  req.send_request(options)
614
757
  end
615
758
 
616
- # Deletes the specified resource share.
759
+ # Deletes the specified resource share. This doesn't delete any of the
760
+ # resources that were associated with the resource share; it only stops
761
+ # the sharing of those resources outside of the Amazon Web Services
762
+ # account that created them.
617
763
  #
618
764
  # @option params [required, String] :resource_share_arn
619
- # The Amazon Resource Name (ARN) of the resource share.
765
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share to
766
+ # delete.
767
+ #
768
+ #
769
+ #
770
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
620
771
  #
621
772
  # @option params [String] :client_token
622
- # A unique, case-sensitive identifier that you provide to ensure the
623
- # idempotency of the request.
773
+ # Specifies a unique, case-sensitive identifier that you provide to
774
+ # ensure the idempotency of the request. This lets you safely retry the
775
+ # request without accidentally performing the same operation a second
776
+ # time. Passing the same value to a later call to an operation requires
777
+ # that you also pass the same value for all other parameters. We
778
+ # recommend that you use a [UUID type of value.][1].
779
+ #
780
+ # If you don't provide this value, then Amazon Web Services generates a
781
+ # random one for you.
782
+ #
783
+ #
784
+ #
785
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
624
786
  #
625
787
  # @return [Types::DeleteResourceShareResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
626
788
  #
@@ -652,17 +814,68 @@ module Aws::RAM
652
814
  # resource share.
653
815
  #
654
816
  # @option params [required, String] :resource_share_arn
655
- # The Amazon Resource Name (ARN) of the resource share.
817
+ # Specifies [Amazon Resoure Name (ARN)][1] of the resource share that
818
+ # you want to remove resources from.
819
+ #
820
+ #
821
+ #
822
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
656
823
  #
657
824
  # @option params [Array<String>] :resource_arns
658
- # The Amazon Resource Names (ARNs) of the resources.
825
+ # Specifies a list of [Amazon Resource Names (ARNs)][1] for one or more
826
+ # resources that you want to remove from the resource share. After the
827
+ # operation runs, these resources are no longer shared with principals
828
+ # outside of the Amazon Web Services account that created the resources.
829
+ #
830
+ #
831
+ #
832
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
659
833
  #
660
834
  # @option params [Array<String>] :principals
661
- # The principals.
835
+ # Specifies a list of one or more principals that no longer are to have
836
+ # access to the resources in this resource share.
837
+ #
838
+ # You can include the following values:
839
+ #
840
+ # * An Amazon Web Services account ID, for example: `123456789012`
841
+ #
842
+ # * An [Amazon Resoure Name (ARN)][1] of an organization in
843
+ # Organizations, for example:
844
+ # `organizations::123456789012:organization/o-exampleorgid`
845
+ #
846
+ # * An ARN of an organizational unit (OU) in Organizations, for example:
847
+ # `organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123`
848
+ #
849
+ # * An ARN of an IAM role, for example:
850
+ # `iam::123456789012:role/rolename`
851
+ #
852
+ # * An ARN of an IAM user, for example: `iam::123456789012user/username`
853
+ #
854
+ # <note markdown="1"> Not all resource types can be shared with IAM roles and users. For
855
+ # more information, see [Sharing with IAM roles and users][2] in the
856
+ # *Resource Access Manager User Guide*.
857
+ #
858
+ # </note>
859
+ #
860
+ #
861
+ #
862
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
863
+ # [2]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
662
864
  #
663
865
  # @option params [String] :client_token
664
- # A unique, case-sensitive identifier that you provide to ensure the
665
- # idempotency of the request.
866
+ # Specifies a unique, case-sensitive identifier that you provide to
867
+ # ensure the idempotency of the request. This lets you safely retry the
868
+ # request without accidentally performing the same operation a second
869
+ # time. Passing the same value to a later call to an operation requires
870
+ # that you also pass the same value for all other parameters. We
871
+ # recommend that you use a [UUID type of value.][1].
872
+ #
873
+ # If you don't provide this value, then Amazon Web Services generates a
874
+ # random one for you.
875
+ #
876
+ #
877
+ #
878
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
666
879
  #
667
880
  # @return [Types::DisassociateResourceShareResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
668
881
  #
@@ -701,18 +914,42 @@ module Aws::RAM
701
914
  req.send_request(options)
702
915
  end
703
916
 
704
- # Disassociates an RAM permission from a resource share.
917
+ # Disassociates an RAM permission from a resource share. Permission
918
+ # changes take effect immediately. You can remove a RAM permission from
919
+ # a resource share only if there are currently no resources of the
920
+ # relevant resource type currently attached to the resource share.
705
921
  #
706
922
  # @option params [required, String] :resource_share_arn
707
- # The Amazon Resource Name (ARN) of the resource share.
923
+ # The [Amazon Resoure Name (ARN)][1] of the resource share from which
924
+ # you want to disassociate a permission.
925
+ #
926
+ #
927
+ #
928
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
708
929
  #
709
930
  # @option params [required, String] :permission_arn
710
- # The Amazon Resource Name (ARN) of the permission to disassociate from
711
- # the resource share.
931
+ # The [Amazon Resoure Name (ARN)][1] of the permission to disassociate
932
+ # from the resource share. Changes to permissions take effect
933
+ # immediately.
934
+ #
935
+ #
936
+ #
937
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
712
938
  #
713
939
  # @option params [String] :client_token
714
- # A unique, case-sensitive identifier that you provide to ensure the
715
- # idempotency of the request.
940
+ # Specifies a unique, case-sensitive identifier that you provide to
941
+ # ensure the idempotency of the request. This lets you safely retry the
942
+ # request without accidentally performing the same operation a second
943
+ # time. Passing the same value to a later call to an operation requires
944
+ # that you also pass the same value for all other parameters. We
945
+ # recommend that you use a [UUID type of value.][1].
946
+ #
947
+ # If you don't provide this value, then Amazon Web Services generates a
948
+ # random one for you.
949
+ #
950
+ #
951
+ #
952
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
716
953
  #
717
954
  # @return [Types::DisassociateResourceSharePermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
718
955
  #
@@ -742,8 +979,16 @@ module Aws::RAM
742
979
  end
743
980
 
744
981
  # Enables resource sharing within your organization in Organizations.
982
+ # Calling this operation enables RAM to retrieve information about the
983
+ # organization and its structure. This lets you share resources with all
984
+ # of the accounts in an organization by specifying the organization's
985
+ # ID, or all of the accounts in an organizational unit (OU) by
986
+ # specifying the OU's ID. Until you enable sharing within the
987
+ # organization, you can specify only individual Amazon Web Services
988
+ # accounts, or for supported resource types, IAM users and roles.
745
989
  #
746
- # The caller must be the master account for the organization.
990
+ # You must call this operation from an IAM user or role in the
991
+ # organization's management account.
747
992
  #
748
993
  # @return [Types::EnableSharingWithAwsOrganizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
749
994
  #
@@ -765,10 +1010,21 @@ module Aws::RAM
765
1010
  # Gets the contents of an RAM permission in JSON format.
766
1011
  #
767
1012
  # @option params [required, String] :permission_arn
768
- # The Amazon Resource Name (ARN) of the permission.
1013
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the permission whose
1014
+ # contents you want to retrieve. To find the ARN for a permission, use
1015
+ # either the ListPermissions operation or go to the [Permissions
1016
+ # library][2] page in the RAM console and then choose the name of the
1017
+ # permission. The ARN is displayed on the detail page.
1018
+ #
1019
+ #
1020
+ #
1021
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1022
+ # [2]: https://console.aws.amazon.com/ram/home#Permissions:
769
1023
  #
770
1024
  # @option params [Integer] :permission_version
771
- # The identifier for the version of the permission.
1025
+ # Specifies identifier for the version of the RAM permission to
1026
+ # retrieve. If you don't specify this parameter, the operation
1027
+ # retrieves the default version.
772
1028
  #
773
1029
  # @return [Types::GetPermissionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
774
1030
  #
@@ -802,22 +1058,38 @@ module Aws::RAM
802
1058
  req.send_request(options)
803
1059
  end
804
1060
 
805
- # Gets the policies for the specified resources that you own and have
806
- # shared.
1061
+ # Retrieves the resource policies for the specified resources that you
1062
+ # own and have shared.
807
1063
  #
808
1064
  # @option params [required, Array<String>] :resource_arns
809
- # The Amazon Resource Names (ARNs) of the resources.
1065
+ # Specifies the [Amazon Resource Names (ARNs)][1] of the resources whose
1066
+ # policies you want to retrieve.
1067
+ #
1068
+ #
1069
+ #
1070
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
810
1071
  #
811
1072
  # @option params [String] :principal
812
- # The principal.
1073
+ # Specifies the principal.
813
1074
  #
814
1075
  # @option params [String] :next_token
815
- # The token for the next page of results.
1076
+ # Specifies that you want to receive the next page of results. Valid
1077
+ # only if you received a `NextToken` response in the previous request.
1078
+ # If you did, it indicates that more output is available. Set this
1079
+ # parameter to the value provided by the previous call's `NextToken`
1080
+ # response to request the next page of results.
816
1081
  #
817
1082
  # @option params [Integer] :max_results
818
- # The maximum number of results to return with a single call. To
819
- # retrieve the remaining results, make another call with the returned
820
- # `nextToken` value.
1083
+ # Specifies the total number of results that you want included on each
1084
+ # page of the response. If you do not include this parameter, it
1085
+ # defaults to a value that is specific to the operation. If additional
1086
+ # items exist beyond the number you specify, the `NextToken` response
1087
+ # element is returned with a value (not null). Include the specified
1088
+ # value as the `NextToken` request parameter in the next call to the
1089
+ # operation to get the next part of the results. Note that the service
1090
+ # might return fewer results than the maximum even when there are more
1091
+ # results available. You should check `NextToken` after every operation
1092
+ # to ensure that you receive all of the results.
821
1093
  #
822
1094
  # @return [Types::GetResourcePoliciesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
823
1095
  #
@@ -850,35 +1122,73 @@ module Aws::RAM
850
1122
  req.send_request(options)
851
1123
  end
852
1124
 
853
- # Gets the resources or principals for the resource shares that you own.
1125
+ # Retrieves the resource and principal associations for resource shares
1126
+ # that you own.
854
1127
  #
855
1128
  # @option params [required, String] :association_type
856
- # The association type. Specify `PRINCIPAL` to list the principals that
857
- # are associated with the specified resource share. Specify `RESOURCE`
858
- # to list the resources that are associated with the specified resource
859
- # share.
1129
+ # Specifies whether you want to retrieve the associations that involve a
1130
+ # specified resource or principal.
1131
+ #
1132
+ # * `PRINCIPAL` – list the principals that are associated with the
1133
+ # specified resource share.
1134
+ #
1135
+ # * `RESOURCE` – list the resources that are associated with the
1136
+ # specified resource share.
860
1137
  #
861
1138
  # @option params [Array<String>] :resource_share_arns
862
- # The Amazon Resource Names (ARN) of the resource shares.
1139
+ # Specifies a list of [Amazon Resource Names (ARNs)][1] of the resource
1140
+ # share whose associations you want to retrieve.
1141
+ #
1142
+ #
1143
+ #
1144
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
863
1145
  #
864
1146
  # @option params [String] :resource_arn
865
- # The Amazon Resource Name (ARN) of the resource. You cannot specify
866
- # this parameter if the association type is `PRINCIPAL`.
1147
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource whose
1148
+ # resource shares you want to retrieve.
1149
+ #
1150
+ # You cannot specify this parameter if the association type is
1151
+ # `PRINCIPAL`.
1152
+ #
1153
+ #
1154
+ #
1155
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
867
1156
  #
868
1157
  # @option params [String] :principal
869
- # The principal. You cannot specify this parameter if the association
870
- # type is `RESOURCE`.
1158
+ # Specifies the ID of the principal whose resource shares you want to
1159
+ # retrieve. This can be an Amazon Web Services account ID, an
1160
+ # organization ID, an organizational unit ID, or the [Amazon Resoure
1161
+ # Name (ARN)][1] of an individual IAM user or role.
1162
+ #
1163
+ # You cannot specify this parameter if the association type is
1164
+ # `RESOURCE`.
1165
+ #
1166
+ #
1167
+ #
1168
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
871
1169
  #
872
1170
  # @option params [String] :association_status
873
- # The association status.
1171
+ # Specifies that you want to retrieve only associations with this
1172
+ # status.
874
1173
  #
875
1174
  # @option params [String] :next_token
876
- # The token for the next page of results.
1175
+ # Specifies that you want to receive the next page of results. Valid
1176
+ # only if you received a `NextToken` response in the previous request.
1177
+ # If you did, it indicates that more output is available. Set this
1178
+ # parameter to the value provided by the previous call's `NextToken`
1179
+ # response to request the next page of results.
877
1180
  #
878
1181
  # @option params [Integer] :max_results
879
- # The maximum number of results to return with a single call. To
880
- # retrieve the remaining results, make another call with the returned
881
- # `nextToken` value.
1182
+ # Specifies the total number of results that you want included on each
1183
+ # page of the response. If you do not include this parameter, it
1184
+ # defaults to a value that is specific to the operation. If additional
1185
+ # items exist beyond the number you specify, the `NextToken` response
1186
+ # element is returned with a value (not null). Include the specified
1187
+ # value as the `NextToken` request parameter in the next call to the
1188
+ # operation to get the next part of the results. Note that the service
1189
+ # might return fewer results than the maximum even when there are more
1190
+ # results available. You should check `NextToken` after every operation
1191
+ # to ensure that you receive all of the results.
882
1192
  #
883
1193
  # @return [Types::GetResourceShareAssociationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
884
1194
  #
@@ -922,21 +1232,44 @@ module Aws::RAM
922
1232
  req.send_request(options)
923
1233
  end
924
1234
 
925
- # Gets the invitations that you have received for resource shares.
1235
+ # Retrieves details about invitations that you have received for
1236
+ # resource shares.
926
1237
  #
927
1238
  # @option params [Array<String>] :resource_share_invitation_arns
928
- # The Amazon Resource Names (ARN) of the invitations.
1239
+ # Specifies the [Amazon Resource Names (ARNs)][1] of the resource share
1240
+ # invitations you want information about.
1241
+ #
1242
+ #
1243
+ #
1244
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
929
1245
  #
930
1246
  # @option params [Array<String>] :resource_share_arns
931
- # The Amazon Resource Names (ARN) of the resource shares.
1247
+ # Specifies that you want details about invitations only for the
1248
+ # resource shares described by this list of [Amazon Resource Names
1249
+ # (ARNs)][1]
1250
+ #
1251
+ #
1252
+ #
1253
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
932
1254
  #
933
1255
  # @option params [String] :next_token
934
- # The token for the next page of results.
1256
+ # Specifies that you want to receive the next page of results. Valid
1257
+ # only if you received a `NextToken` response in the previous request.
1258
+ # If you did, it indicates that more output is available. Set this
1259
+ # parameter to the value provided by the previous call's `NextToken`
1260
+ # response to request the next page of results.
935
1261
  #
936
1262
  # @option params [Integer] :max_results
937
- # The maximum number of results to return with a single call. To
938
- # retrieve the remaining results, make another call with the returned
939
- # `nextToken` value.
1263
+ # Specifies the total number of results that you want included on each
1264
+ # page of the response. If you do not include this parameter, it
1265
+ # defaults to a value that is specific to the operation. If additional
1266
+ # items exist beyond the number you specify, the `NextToken` response
1267
+ # element is returned with a value (not null). Include the specified
1268
+ # value as the `NextToken` request parameter in the next call to the
1269
+ # operation to get the next part of the results. Note that the service
1270
+ # might return fewer results than the maximum even when there are more
1271
+ # results available. You should check `NextToken` after every operation
1272
+ # to ensure that you receive all of the results.
940
1273
  #
941
1274
  # @return [Types::GetResourceShareInvitationsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
942
1275
  #
@@ -986,35 +1319,65 @@ module Aws::RAM
986
1319
  req.send_request(options)
987
1320
  end
988
1321
 
989
- # Gets the resource shares that you own or the resource shares that are
1322
+ # Retrieves details about the resource shares that you own or that are
990
1323
  # shared with you.
991
1324
  #
992
1325
  # @option params [Array<String>] :resource_share_arns
993
- # The Amazon Resource Names (ARNs) of the resource shares.
1326
+ # Specifies the [Amazon Resource Names (ARNs)][1] of individual resource
1327
+ # shares that you want information about.
1328
+ #
1329
+ #
1330
+ #
1331
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
994
1332
  #
995
1333
  # @option params [String] :resource_share_status
996
- # The status of the resource share.
1334
+ # Specifies that you want to retrieve details of only those resource
1335
+ # shares that have this status.
997
1336
  #
998
1337
  # @option params [required, String] :resource_owner
999
- # The type of owner.
1338
+ # Specifies that you want to retrieve details of only those resource
1339
+ # shares that match the following:
1340
+ #
1341
+ # * <b> <code>SELF</code> </b> – resources that you are sharing
1342
+ #
1343
+ # * <b> <code>OTHER-ACCOUNTS</code> </b> – resources that other accounts
1344
+ # share with you
1000
1345
  #
1001
1346
  # @option params [String] :name
1002
- # The name of the resource share.
1347
+ # Specifies the name of an individual resource share that you want to
1348
+ # retrieve details about.
1003
1349
  #
1004
1350
  # @option params [Array<Types::TagFilter>] :tag_filters
1005
- # One or more tag filters.
1351
+ # Specifies that you want to retrieve details of only those resource
1352
+ # shares that match the specified tag keys and values.
1006
1353
  #
1007
1354
  # @option params [String] :next_token
1008
- # The token for the next page of results.
1355
+ # Specifies that you want to receive the next page of results. Valid
1356
+ # only if you received a `NextToken` response in the previous request.
1357
+ # If you did, it indicates that more output is available. Set this
1358
+ # parameter to the value provided by the previous call's `NextToken`
1359
+ # response to request the next page of results.
1009
1360
  #
1010
1361
  # @option params [Integer] :max_results
1011
- # The maximum number of results to return with a single call. To
1012
- # retrieve the remaining results, make another call with the returned
1013
- # `nextToken` value.
1362
+ # Specifies the total number of results that you want included on each
1363
+ # page of the response. If you do not include this parameter, it
1364
+ # defaults to a value that is specific to the operation. If additional
1365
+ # items exist beyond the number you specify, the `NextToken` response
1366
+ # element is returned with a value (not null). Include the specified
1367
+ # value as the `NextToken` request parameter in the next call to the
1368
+ # operation to get the next part of the results. Note that the service
1369
+ # might return fewer results than the maximum even when there are more
1370
+ # results available. You should check `NextToken` after every operation
1371
+ # to ensure that you receive all of the results.
1014
1372
  #
1015
1373
  # @option params [String] :permission_arn
1016
- # The Amazon Resource Name (ARN) of the RAM permission that is
1017
- # associated with the resource share.
1374
+ # Specifies that you want to retrieve details of only those resource
1375
+ # shares that use the RAM permission with this [Amazon Resoure Name
1376
+ # (ARN)][1].
1377
+ #
1378
+ #
1379
+ #
1380
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1018
1381
  #
1019
1382
  # @return [Types::GetResourceSharesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1020
1383
  #
@@ -1068,18 +1431,51 @@ module Aws::RAM
1068
1431
  end
1069
1432
 
1070
1433
  # Lists the resources in a resource share that is shared with you but
1071
- # that the invitation is still pending for.
1434
+ # for which the invitation is still `PENDING`. That means that you
1435
+ # haven't accepted or rejected the invitation and the invitation
1436
+ # hasn't expired.
1072
1437
  #
1073
1438
  # @option params [required, String] :resource_share_invitation_arn
1074
- # The Amazon Resource Name (ARN) of the invitation.
1439
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the invitation. You
1440
+ # can use GetResourceShareInvitations to find the ARN of the invitation.
1441
+ #
1442
+ #
1443
+ #
1444
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1075
1445
  #
1076
1446
  # @option params [String] :next_token
1077
- # The token for the next page of results.
1447
+ # Specifies that you want to receive the next page of results. Valid
1448
+ # only if you received a `NextToken` response in the previous request.
1449
+ # If you did, it indicates that more output is available. Set this
1450
+ # parameter to the value provided by the previous call's `NextToken`
1451
+ # response to request the next page of results.
1078
1452
  #
1079
1453
  # @option params [Integer] :max_results
1080
- # The maximum number of results to return with a single call. To
1081
- # retrieve the remaining results, make another call with the returned
1082
- # `nextToken` value.
1454
+ # Specifies the total number of results that you want included on each
1455
+ # page of the response. If you do not include this parameter, it
1456
+ # defaults to a value that is specific to the operation. If additional
1457
+ # items exist beyond the number you specify, the `NextToken` response
1458
+ # element is returned with a value (not null). Include the specified
1459
+ # value as the `NextToken` request parameter in the next call to the
1460
+ # operation to get the next part of the results. Note that the service
1461
+ # might return fewer results than the maximum even when there are more
1462
+ # results available. You should check `NextToken` after every operation
1463
+ # to ensure that you receive all of the results.
1464
+ #
1465
+ # @option params [String] :resource_region_scope
1466
+ # Specifies that you want the results to include only resources that
1467
+ # have the specified scope.
1468
+ #
1469
+ # * `ALL` – the results include both global and regional resources or
1470
+ # resource types.
1471
+ #
1472
+ # * `GLOBAL` – the results include only global resources or resource
1473
+ # types.
1474
+ #
1475
+ # * `REGIONAL` – the results include only regional resources or resource
1476
+ # types.
1477
+ #
1478
+ # The default value is `ALL`.
1083
1479
  #
1084
1480
  # @return [Types::ListPendingInvitationResourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1085
1481
  #
@@ -1094,6 +1490,7 @@ module Aws::RAM
1094
1490
  # resource_share_invitation_arn: "String", # required
1095
1491
  # next_token: "String",
1096
1492
  # max_results: 1,
1493
+ # resource_region_scope: "ALL", # accepts ALL, REGIONAL, GLOBAL
1097
1494
  # })
1098
1495
  #
1099
1496
  # @example Response structure
@@ -1107,6 +1504,7 @@ module Aws::RAM
1107
1504
  # resp.resources[0].status_message #=> String
1108
1505
  # resp.resources[0].creation_time #=> Time
1109
1506
  # resp.resources[0].last_updated_time #=> Time
1507
+ # resp.resources[0].resource_region_scope #=> String, one of "REGIONAL", "GLOBAL"
1110
1508
  # resp.next_token #=> String
1111
1509
  #
1112
1510
  # @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPendingInvitationResources AWS API Documentation
@@ -1118,20 +1516,33 @@ module Aws::RAM
1118
1516
  req.send_request(options)
1119
1517
  end
1120
1518
 
1121
- # Lists the RAM permissions.
1519
+ # Retrieves a list of available RAM permissions that you can use for the
1520
+ # supported resource types.
1122
1521
  #
1123
1522
  # @option params [String] :resource_type
1124
- # Specifies the resource type for which to list permissions. For
1125
- # example, to list only permissions that apply to EC2 subnets, specify
1126
- # `ec2:Subnet`.
1523
+ # Specifies that you want to list permissions for only the specified
1524
+ # resource type. For example, to list only permissions that apply to EC2
1525
+ # subnets, specify `ec2:Subnet`. You can use the ListResourceTypes
1526
+ # operation to get the specific string required.
1127
1527
  #
1128
1528
  # @option params [String] :next_token
1129
- # The token for the next page of results.
1529
+ # Specifies that you want to receive the next page of results. Valid
1530
+ # only if you received a `NextToken` response in the previous request.
1531
+ # If you did, it indicates that more output is available. Set this
1532
+ # parameter to the value provided by the previous call's `NextToken`
1533
+ # response to request the next page of results.
1130
1534
  #
1131
1535
  # @option params [Integer] :max_results
1132
- # The maximum number of results to return with a single call. To
1133
- # retrieve the remaining results, make another call with the returned
1134
- # `nextToken` value.
1536
+ # Specifies the total number of results that you want included on each
1537
+ # page of the response. If you do not include this parameter, it
1538
+ # defaults to a value that is specific to the operation. If additional
1539
+ # items exist beyond the number you specify, the `NextToken` response
1540
+ # element is returned with a value (not null). Include the specified
1541
+ # value as the `NextToken` request parameter in the next call to the
1542
+ # operation to get the next part of the results. Note that the service
1543
+ # might return fewer results than the maximum even when there are more
1544
+ # results available. You should check `NextToken` after every operation
1545
+ # to ensure that you receive all of the results.
1135
1546
  #
1136
1547
  # @return [Types::ListPermissionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1137
1548
  #
@@ -1171,49 +1582,91 @@ module Aws::RAM
1171
1582
  req.send_request(options)
1172
1583
  end
1173
1584
 
1174
- # Lists the principals that you have shared resources with or that have
1175
- # shared resources with you.
1585
+ # Lists the principals that you are sharing resources with or that are
1586
+ # sharing resources with you.
1176
1587
  #
1177
1588
  # @option params [required, String] :resource_owner
1178
- # The type of owner.
1589
+ # Specifies that you want to list information for only resource shares
1590
+ # that match the following:
1591
+ #
1592
+ # * <b> <code>SELF</code> </b> – resources that you are sharing
1593
+ #
1594
+ # * <b> <code>OTHER-ACCOUNTS</code> </b> – resources that other accounts
1595
+ # share with you
1179
1596
  #
1180
1597
  # @option params [String] :resource_arn
1181
- # The Amazon Resource Name (ARN) of the resource.
1598
+ # Specifies that you want to list principal information for the resource
1599
+ # share with the specified [Amazon Resoure Name (ARN)][1].
1600
+ #
1601
+ #
1602
+ #
1603
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1182
1604
  #
1183
1605
  # @option params [Array<String>] :principals
1184
- # The principals.
1606
+ # Specifies that you want to list information for only the listed
1607
+ # principals.
1608
+ #
1609
+ # You can include the following values:
1610
+ #
1611
+ # * An Amazon Web Services account ID, for example: `123456789012`
1612
+ #
1613
+ # * An [Amazon Resoure Name (ARN)][1] of an organization in
1614
+ # Organizations, for example:
1615
+ # `organizations::123456789012:organization/o-exampleorgid`
1616
+ #
1617
+ # * An ARN of an organizational unit (OU) in Organizations, for example:
1618
+ # `organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123`
1619
+ #
1620
+ # * An ARN of an IAM role, for example:
1621
+ # `iam::123456789012:role/rolename`
1622
+ #
1623
+ # * An ARN of an IAM user, for example: `iam::123456789012user/username`
1624
+ #
1625
+ # <note markdown="1"> Not all resource types can be shared with IAM roles and users. For
1626
+ # more information, see [Sharing with IAM roles and users][2] in the
1627
+ # *Resource Access Manager User Guide*.
1628
+ #
1629
+ # </note>
1630
+ #
1631
+ #
1632
+ #
1633
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1634
+ # [2]: https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types
1185
1635
  #
1186
1636
  # @option params [String] :resource_type
1187
- # The resource type.
1188
- #
1189
- # Valid values: `acm-pca:CertificateAuthority` \| `appmesh:Mesh` \|
1190
- # `codebuild:Project` \| `codebuild:ReportGroup` \|
1191
- # `ec2:CapacityReservation` \| `ec2:DedicatedHost` \|
1192
- # `ec2:LocalGatewayRouteTable` \| `ec2:PrefixList` \| `ec2:Subnet` \|
1193
- # `ec2:TrafficMirrorTarget` \| `ec2:TransitGateway` \|
1194
- # `imagebuilder:Component` \| `imagebuilder:Image` \|
1195
- # `imagebuilder:ImageRecipe` \| `imagebuilder:ContainerRecipe` \|
1196
- # `glue:Catalog` \| `glue:Database` \| `glue:Table` \|
1197
- # `license-manager:LicenseConfiguration` I
1198
- # `network-firewall:FirewallPolicy` \|
1199
- # `network-firewall:StatefulRuleGroup` \|
1200
- # `network-firewall:StatelessRuleGroup` \| `outposts:Outpost` \|
1201
- # `resource-groups:Group` \| `rds:Cluster` \|
1202
- # `route53resolver:FirewallRuleGroup`
1203
- # \|`route53resolver:ResolverQueryLogConfig` \|
1204
- # `route53resolver:ResolverRule` \| `s3-outposts:Outpost` \|
1205
- # `ssm-contacts:Contact` \| `ssm-incidents:ResponsePlan`
1637
+ # Specifies that you want to list information for only principals
1638
+ # associated with resource shares that include the specified resource
1639
+ # type.
1640
+ #
1641
+ # For a list of valid values, query the ListResourceTypes operation.
1206
1642
  #
1207
1643
  # @option params [Array<String>] :resource_share_arns
1208
- # The Amazon Resource Names (ARN) of the resource shares.
1644
+ # Specifies that you want to list information for only principals
1645
+ # associated with the resource shares specified by a list the [Amazon
1646
+ # Resource Names (ARNs)][1].
1647
+ #
1648
+ #
1649
+ #
1650
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1209
1651
  #
1210
1652
  # @option params [String] :next_token
1211
- # The token for the next page of results.
1653
+ # Specifies that you want to receive the next page of results. Valid
1654
+ # only if you received a `NextToken` response in the previous request.
1655
+ # If you did, it indicates that more output is available. Set this
1656
+ # parameter to the value provided by the previous call's `NextToken`
1657
+ # response to request the next page of results.
1212
1658
  #
1213
1659
  # @option params [Integer] :max_results
1214
- # The maximum number of results to return with a single call. To
1215
- # retrieve the remaining results, make another call with the returned
1216
- # `nextToken` value.
1660
+ # Specifies the total number of results that you want included on each
1661
+ # page of the response. If you do not include this parameter, it
1662
+ # defaults to a value that is specific to the operation. If additional
1663
+ # items exist beyond the number you specify, the `NextToken` response
1664
+ # element is returned with a value (not null). Include the specified
1665
+ # value as the `NextToken` request parameter in the next call to the
1666
+ # operation to get the next part of the results. Note that the service
1667
+ # might return fewer results than the maximum even when there are more
1668
+ # results available. You should check `NextToken` after every operation
1669
+ # to ensure that you receive all of the results.
1217
1670
  #
1218
1671
  # @return [Types::ListPrincipalsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1219
1672
  #
@@ -1256,15 +1709,31 @@ module Aws::RAM
1256
1709
  # Lists the RAM permissions that are associated with a resource share.
1257
1710
  #
1258
1711
  # @option params [required, String] :resource_share_arn
1259
- # The Amazon Resource Name (ARN) of the resource share.
1712
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share for
1713
+ # which you want to retrieve the associated permissions.
1714
+ #
1715
+ #
1716
+ #
1717
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1260
1718
  #
1261
1719
  # @option params [String] :next_token
1262
- # The token for the next page of results.
1720
+ # Specifies that you want to receive the next page of results. Valid
1721
+ # only if you received a `NextToken` response in the previous request.
1722
+ # If you did, it indicates that more output is available. Set this
1723
+ # parameter to the value provided by the previous call's `NextToken`
1724
+ # response to request the next page of results.
1263
1725
  #
1264
1726
  # @option params [Integer] :max_results
1265
- # The maximum number of results to return with a single call. To
1266
- # retrieve the remaining results, make another call with the returned
1267
- # `nextToken` value.
1727
+ # Specifies the total number of results that you want included on each
1728
+ # page of the response. If you do not include this parameter, it
1729
+ # defaults to a value that is specific to the operation. If additional
1730
+ # items exist beyond the number you specify, the `NextToken` response
1731
+ # element is returned with a value (not null). Include the specified
1732
+ # value as the `NextToken` request parameter in the next call to the
1733
+ # operation to get the next part of the results. Note that the service
1734
+ # might return fewer results than the maximum even when there are more
1735
+ # results available. You should check `NextToken` after every operation
1736
+ # to ensure that you receive all of the results.
1268
1737
  #
1269
1738
  # @return [Types::ListResourceSharePermissionsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1270
1739
  #
@@ -1304,15 +1773,41 @@ module Aws::RAM
1304
1773
  req.send_request(options)
1305
1774
  end
1306
1775
 
1307
- # Lists the shareable resource types supported by RAM.
1776
+ # Lists the resource types that can be shared by RAM.
1308
1777
  #
1309
1778
  # @option params [String] :next_token
1310
- # The token for the next page of results.
1779
+ # Specifies that you want to receive the next page of results. Valid
1780
+ # only if you received a `NextToken` response in the previous request.
1781
+ # If you did, it indicates that more output is available. Set this
1782
+ # parameter to the value provided by the previous call's `NextToken`
1783
+ # response to request the next page of results.
1311
1784
  #
1312
1785
  # @option params [Integer] :max_results
1313
- # The maximum number of results to return with a single call. To
1314
- # retrieve the remaining results, make another call with the returned
1315
- # `nextToken` value.
1786
+ # Specifies the total number of results that you want included on each
1787
+ # page of the response. If you do not include this parameter, it
1788
+ # defaults to a value that is specific to the operation. If additional
1789
+ # items exist beyond the number you specify, the `NextToken` response
1790
+ # element is returned with a value (not null). Include the specified
1791
+ # value as the `NextToken` request parameter in the next call to the
1792
+ # operation to get the next part of the results. Note that the service
1793
+ # might return fewer results than the maximum even when there are more
1794
+ # results available. You should check `NextToken` after every operation
1795
+ # to ensure that you receive all of the results.
1796
+ #
1797
+ # @option params [String] :resource_region_scope
1798
+ # Specifies that you want the results to include only resources that
1799
+ # have the specified scope.
1800
+ #
1801
+ # * `ALL` – the results include both global and regional resources or
1802
+ # resource types.
1803
+ #
1804
+ # * `GLOBAL` – the results include only global resources or resource
1805
+ # types.
1806
+ #
1807
+ # * `REGIONAL` – the results include only regional resources or resource
1808
+ # types.
1809
+ #
1810
+ # The default value is `ALL`.
1316
1811
  #
1317
1812
  # @return [Types::ListResourceTypesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1318
1813
  #
@@ -1326,6 +1821,7 @@ module Aws::RAM
1326
1821
  # resp = client.list_resource_types({
1327
1822
  # next_token: "String",
1328
1823
  # max_results: 1,
1824
+ # resource_region_scope: "ALL", # accepts ALL, REGIONAL, GLOBAL
1329
1825
  # })
1330
1826
  #
1331
1827
  # @example Response structure
@@ -1333,6 +1829,7 @@ module Aws::RAM
1333
1829
  # resp.resource_types #=> Array
1334
1830
  # resp.resource_types[0].resource_type #=> String
1335
1831
  # resp.resource_types[0].service_name #=> String
1832
+ # resp.resource_types[0].resource_region_scope #=> String, one of "REGIONAL", "GLOBAL"
1336
1833
  # resp.next_token #=> String
1337
1834
  #
1338
1835
  # @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListResourceTypes AWS API Documentation
@@ -1348,45 +1845,73 @@ module Aws::RAM
1348
1845
  # resources that are shared with you.
1349
1846
  #
1350
1847
  # @option params [required, String] :resource_owner
1351
- # The type of owner.
1848
+ # Specifies that you want to list only the resource shares that match
1849
+ # the following:
1850
+ #
1851
+ # * <b> <code>SELF</code> </b> – resources that you are sharing
1852
+ #
1853
+ # * <b> <code>OTHER-ACCOUNTS</code> </b> – resources that other accounts
1854
+ # share with you
1352
1855
  #
1353
1856
  # @option params [String] :principal
1354
- # The principal.
1857
+ # Specifies that you want to list only the resource shares that are
1858
+ # associated with the specified principal.
1355
1859
  #
1356
1860
  # @option params [String] :resource_type
1357
- # The resource type.
1358
- #
1359
- # Valid values: `acm-pca:CertificateAuthority` \| `appmesh:Mesh` \|
1360
- # `codebuild:Project` \| `codebuild:ReportGroup` \|
1361
- # `ec2:CapacityReservation` \| `ec2:DedicatedHost` \|
1362
- # `ec2:LocalGatewayRouteTable` \| `ec2:PrefixList` \| `ec2:Subnet` \|
1363
- # `ec2:TrafficMirrorTarget` \| `ec2:TransitGateway` \|
1364
- # `imagebuilder:Component` \| `imagebuilder:Image` \|
1365
- # `imagebuilder:ImageRecipe` \| `imagebuilder:ContainerRecipe` \|
1366
- # `glue:Catalog` \| `glue:Database` \| `glue:Table` \|
1367
- # `license-manager:LicenseConfiguration` I
1368
- # `network-firewall:FirewallPolicy` \|
1369
- # `network-firewall:StatefulRuleGroup` \|
1370
- # `network-firewall:StatelessRuleGroup` \| `outposts:Outpost` \|
1371
- # `resource-groups:Group` \| `rds:Cluster` \|
1372
- # `route53resolver:FirewallRuleGroup`
1373
- # \|`route53resolver:ResolverQueryLogConfig` \|
1374
- # `route53resolver:ResolverRule` \| `s3-outposts:Outpost` \|
1375
- # `ssm-contacts:Contact` \| `ssm-incidents:ResponsePlan`
1861
+ # Specifies that you want to list only the resource shares that include
1862
+ # resources of the specified resource type.
1863
+ #
1864
+ # For valid values, query the ListResourceTypes operation.
1376
1865
  #
1377
1866
  # @option params [Array<String>] :resource_arns
1378
- # The Amazon Resource Names (ARNs) of the resources.
1867
+ # Specifies that you want to list only the resource shares that include
1868
+ # resources with the specified [Amazon Resource Names (ARNs)][1].
1869
+ #
1870
+ #
1871
+ #
1872
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1379
1873
  #
1380
1874
  # @option params [Array<String>] :resource_share_arns
1381
- # The Amazon Resource Names (ARN) of the resource shares.
1875
+ # Specifies that you want to list only resources in the resource shares
1876
+ # identified by the specified [Amazon Resource Names (ARNs)][1].
1877
+ #
1878
+ #
1879
+ #
1880
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1382
1881
  #
1383
1882
  # @option params [String] :next_token
1384
- # The token for the next page of results.
1883
+ # Specifies that you want to receive the next page of results. Valid
1884
+ # only if you received a `NextToken` response in the previous request.
1885
+ # If you did, it indicates that more output is available. Set this
1886
+ # parameter to the value provided by the previous call's `NextToken`
1887
+ # response to request the next page of results.
1385
1888
  #
1386
1889
  # @option params [Integer] :max_results
1387
- # The maximum number of results to return with a single call. To
1388
- # retrieve the remaining results, make another call with the returned
1389
- # `nextToken` value.
1890
+ # Specifies the total number of results that you want included on each
1891
+ # page of the response. If you do not include this parameter, it
1892
+ # defaults to a value that is specific to the operation. If additional
1893
+ # items exist beyond the number you specify, the `NextToken` response
1894
+ # element is returned with a value (not null). Include the specified
1895
+ # value as the `NextToken` request parameter in the next call to the
1896
+ # operation to get the next part of the results. Note that the service
1897
+ # might return fewer results than the maximum even when there are more
1898
+ # results available. You should check `NextToken` after every operation
1899
+ # to ensure that you receive all of the results.
1900
+ #
1901
+ # @option params [String] :resource_region_scope
1902
+ # Specifies that you want the results to include only resources that
1903
+ # have the specified scope.
1904
+ #
1905
+ # * `ALL` – the results include both global and regional resources or
1906
+ # resource types.
1907
+ #
1908
+ # * `GLOBAL` – the results include only global resources or resource
1909
+ # types.
1910
+ #
1911
+ # * `REGIONAL` – the results include only regional resources or resource
1912
+ # types.
1913
+ #
1914
+ # The default value is `ALL`.
1390
1915
  #
1391
1916
  # @return [Types::ListResourcesResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1392
1917
  #
@@ -1405,6 +1930,7 @@ module Aws::RAM
1405
1930
  # resource_share_arns: ["String"],
1406
1931
  # next_token: "String",
1407
1932
  # max_results: 1,
1933
+ # resource_region_scope: "ALL", # accepts ALL, REGIONAL, GLOBAL
1408
1934
  # })
1409
1935
  #
1410
1936
  # @example Response structure
@@ -1418,6 +1944,7 @@ module Aws::RAM
1418
1944
  # resp.resources[0].status_message #=> String
1419
1945
  # resp.resources[0].creation_time #=> Time
1420
1946
  # resp.resources[0].last_updated_time #=> Time
1947
+ # resp.resources[0].resource_region_scope #=> String, one of "REGIONAL", "GLOBAL"
1421
1948
  # resp.next_token #=> String
1422
1949
  #
1423
1950
  # @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListResources AWS API Documentation
@@ -1429,19 +1956,23 @@ module Aws::RAM
1429
1956
  req.send_request(options)
1430
1957
  end
1431
1958
 
1432
- # Resource shares that were created by attaching a policy to a resource
1433
- # are visible only to the resource share owner, and the resource share
1434
- # cannot be modified in RAM.
1959
+ # When you attach a resource-based permission policy to a resource, it
1960
+ # automatically creates a resource share. However, resource shares
1961
+ # created this way are visible only to the resource share owner, and the
1962
+ # resource share can't be modified in RAM.
1435
1963
  #
1436
- # Use this API action to promote the resource share. When you promote
1437
- # the resource share, it becomes:
1964
+ # You can use this operation to promote the resource share to a full RAM
1965
+ # resource share. When you promote a resource share, you can then manage
1966
+ # the resource share in RAM and it becomes visible to all of the
1967
+ # principals you shared it with.
1438
1968
  #
1439
- # * Visible to all principals that it is shared with.
1969
+ # @option params [required, String] :resource_share_arn
1970
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share to
1971
+ # promote.
1440
1972
  #
1441
- # * Modifiable in RAM.
1442
1973
  #
1443
- # @option params [required, String] :resource_share_arn
1444
- # The Amazon Resource Name (ARN) of the resource share to promote.
1974
+ #
1975
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1445
1976
  #
1446
1977
  # @return [Types::PromoteResourceShareCreatedFromPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1447
1978
  #
@@ -1470,11 +2001,27 @@ module Aws::RAM
1470
2001
  # Services account.
1471
2002
  #
1472
2003
  # @option params [required, String] :resource_share_invitation_arn
1473
- # The Amazon Resource Name (ARN) of the invitation.
2004
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the invitation that
2005
+ # you want to reject.
2006
+ #
2007
+ #
2008
+ #
2009
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1474
2010
  #
1475
2011
  # @option params [String] :client_token
1476
- # A unique, case-sensitive identifier that you provide to ensure the
1477
- # idempotency of the request.
2012
+ # Specifies a unique, case-sensitive identifier that you provide to
2013
+ # ensure the idempotency of the request. This lets you safely retry the
2014
+ # request without accidentally performing the same operation a second
2015
+ # time. Passing the same value to a later call to an operation requires
2016
+ # that you also pass the same value for all other parameters. We
2017
+ # recommend that you use a [UUID type of value.][1].
2018
+ #
2019
+ # If you don't provide this value, then Amazon Web Services generates a
2020
+ # random one for you.
2021
+ #
2022
+ #
2023
+ #
2024
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
1478
2025
  #
1479
2026
  # @return [Types::RejectResourceShareInvitationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1480
2027
  #
@@ -1519,13 +2066,22 @@ module Aws::RAM
1519
2066
  req.send_request(options)
1520
2067
  end
1521
2068
 
1522
- # Adds the specified tags to the specified resource share that you own.
2069
+ # Adds the specified tag keys and values to the specified resource
2070
+ # share. The tags are attached only to the resource share, not to the
2071
+ # resources that are in the resource share.
1523
2072
  #
1524
2073
  # @option params [required, String] :resource_share_arn
1525
- # The Amazon Resource Name (ARN) of the resource share.
2074
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share
2075
+ # that you want to add tags to.
2076
+ #
2077
+ #
2078
+ #
2079
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1526
2080
  #
1527
2081
  # @option params [required, Array<Types::Tag>] :tags
1528
- # One or more tags.
2082
+ # A list of one or more tag key and value pairs. The tag key must be
2083
+ # present and not be an empty string. The tag value must be present but
2084
+ # can be an empty string.
1529
2085
  #
1530
2086
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1531
2087
  #
@@ -1550,14 +2106,20 @@ module Aws::RAM
1550
2106
  req.send_request(options)
1551
2107
  end
1552
2108
 
1553
- # Removes the specified tags from the specified resource share that you
1554
- # own.
2109
+ # Removes the specified tag key and value pairs from the specified
2110
+ # resource share.
1555
2111
  #
1556
2112
  # @option params [required, String] :resource_share_arn
1557
- # The Amazon Resource Name (ARN) of the resource share.
2113
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share
2114
+ # that you want to remove tags from. The tags are removed from the
2115
+ # resource share, not the resources in the resource share.
2116
+ #
2117
+ #
2118
+ #
2119
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1558
2120
  #
1559
2121
  # @option params [required, Array<String>] :tag_keys
1560
- # The tag keys of the tags to remove.
2122
+ # Specifies a list of one or more tag keys that you want to remove.
1561
2123
  #
1562
2124
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
1563
2125
  #
@@ -1577,21 +2139,38 @@ module Aws::RAM
1577
2139
  req.send_request(options)
1578
2140
  end
1579
2141
 
1580
- # Updates the specified resource share that you own.
2142
+ # Modifies some of the properties of the specified resource share.
1581
2143
  #
1582
2144
  # @option params [required, String] :resource_share_arn
1583
- # The Amazon Resource Name (ARN) of the resource share.
2145
+ # Specifies the [Amazon Resoure Name (ARN)][1] of the resource share
2146
+ # that you want to modify.
2147
+ #
2148
+ #
2149
+ #
2150
+ # [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
1584
2151
  #
1585
2152
  # @option params [String] :name
1586
- # The name of the resource share.
2153
+ # If specified, the new name that you want to attach to the resource
2154
+ # share.
1587
2155
  #
1588
2156
  # @option params [Boolean] :allow_external_principals
1589
- # Indicates whether principals outside your organization in
2157
+ # Specifies whether principals outside your organization in
1590
2158
  # Organizations can be associated with a resource share.
1591
2159
  #
1592
2160
  # @option params [String] :client_token
1593
- # A unique, case-sensitive identifier that you provide to ensure the
1594
- # idempotency of the request.
2161
+ # Specifies a unique, case-sensitive identifier that you provide to
2162
+ # ensure the idempotency of the request. This lets you safely retry the
2163
+ # request without accidentally performing the same operation a second
2164
+ # time. Passing the same value to a later call to an operation requires
2165
+ # that you also pass the same value for all other parameters. We
2166
+ # recommend that you use a [UUID type of value.][1].
2167
+ #
2168
+ # If you don't provide this value, then Amazon Web Services generates a
2169
+ # random one for you.
2170
+ #
2171
+ #
2172
+ #
2173
+ # [1]: https://wikipedia.org/wiki/Universally_unique_identifier
1595
2174
  #
1596
2175
  # @return [Types::UpdateResourceShareResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1597
2176
  #
@@ -1645,7 +2224,7 @@ module Aws::RAM
1645
2224
  params: params,
1646
2225
  config: config)
1647
2226
  context[:gem_name] = 'aws-sdk-ram'
1648
- context[:gem_version] = '1.31.0'
2227
+ context[:gem_version] = '1.35.0'
1649
2228
  Seahorse::Client::Request.new(handlers, context)
1650
2229
  end
1651
2230