aws-sdk-ram 1.42.0 → 1.44.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-ram/client.rb +1025 -87
- data/lib/aws-sdk-ram/client_api.rb +338 -2
- data/lib/aws-sdk-ram/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-ram/endpoint_provider.rb +29 -32
- data/lib/aws-sdk-ram/endpoints.rb +126 -0
- data/lib/aws-sdk-ram/errors.rb +96 -0
- data/lib/aws-sdk-ram/plugins/endpoints.rb +18 -0
- data/lib/aws-sdk-ram/types.rb +1428 -173
- data/lib/aws-sdk-ram.rb +1 -1
- metadata +4 -4
data/lib/aws-sdk-ram/types.rb
CHANGED
@@ -11,7 +11,7 @@ module Aws::RAM
|
|
11
11
|
module Types
|
12
12
|
|
13
13
|
# @!attribute [rw] resource_share_invitation_arn
|
14
|
-
# The [Amazon
|
14
|
+
# The [Amazon Resource Name (ARN)][1] of the invitation that you want
|
15
15
|
# to accept.
|
16
16
|
#
|
17
17
|
#
|
@@ -30,6 +30,10 @@ module Aws::RAM
|
|
30
30
|
# If you don't provide this value, then Amazon Web Services generates
|
31
31
|
# a random one for you.
|
32
32
|
#
|
33
|
+
# If you retry the operation with the same `ClientToken`, but with
|
34
|
+
# different parameters, the retry fails with an
|
35
|
+
# `IdempotentParameterMismatch` error.
|
36
|
+
#
|
33
37
|
#
|
34
38
|
#
|
35
39
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -66,7 +70,7 @@ module Aws::RAM
|
|
66
70
|
end
|
67
71
|
|
68
72
|
# @!attribute [rw] resource_share_arn
|
69
|
-
# Specifies the [Amazon
|
73
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
70
74
|
# to which you want to add or replace permissions.
|
71
75
|
#
|
72
76
|
#
|
@@ -75,7 +79,7 @@ module Aws::RAM
|
|
75
79
|
# @return [String]
|
76
80
|
#
|
77
81
|
# @!attribute [rw] permission_arn
|
78
|
-
# Specifies the [Amazon
|
82
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the RAM permission
|
79
83
|
# to associate with the resource share. To find the ARN for a
|
80
84
|
# permission, use either the ListPermissions operation or go to the
|
81
85
|
# [Permissions library][2] page in the RAM console and then choose the
|
@@ -88,10 +92,11 @@ module Aws::RAM
|
|
88
92
|
# @return [String]
|
89
93
|
#
|
90
94
|
# @!attribute [rw] replace
|
91
|
-
# Specifies whether the specified permission should replace
|
92
|
-
#
|
93
|
-
#
|
94
|
-
# permission to
|
95
|
+
# Specifies whether the specified permission should replace the
|
96
|
+
# existing permission associated with the resource share. Use `true`
|
97
|
+
# to replace the current permissions. Use `false` to add the
|
98
|
+
# permission to a resource share that currently doesn't have a
|
99
|
+
# permission. The default value is `false`.
|
95
100
|
#
|
96
101
|
# <note markdown="1"> A resource share can have only one permission per resource type. If
|
97
102
|
# a resource share already has a permission for the specified resource
|
@@ -113,6 +118,10 @@ module Aws::RAM
|
|
113
118
|
# If you don't provide this value, then Amazon Web Services generates
|
114
119
|
# a random one for you.
|
115
120
|
#
|
121
|
+
# If you retry the operation with the same `ClientToken`, but with
|
122
|
+
# different parameters, the retry fails with an
|
123
|
+
# `IdempotentParameterMismatch` error.
|
124
|
+
#
|
116
125
|
#
|
117
126
|
#
|
118
127
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -120,10 +129,17 @@ module Aws::RAM
|
|
120
129
|
#
|
121
130
|
# @!attribute [rw] permission_version
|
122
131
|
# Specifies the version of the RAM permission to associate with the
|
123
|
-
# resource share.
|
124
|
-
#
|
125
|
-
#
|
126
|
-
# of
|
132
|
+
# resource share. You can specify *only* the version that is currently
|
133
|
+
# set as the default version for the permission. If you also set the
|
134
|
+
# `replace` pararameter to `true`, then this operation updates an
|
135
|
+
# outdated version of the permission to the current default version.
|
136
|
+
#
|
137
|
+
# <note markdown="1"> You don't need to specify this parameter because the default
|
138
|
+
# behavior is to use the version that is currently set as the default
|
139
|
+
# version for the permission. This parameter is supported for
|
140
|
+
# backwards compatibility.
|
141
|
+
#
|
142
|
+
# </note>
|
127
143
|
# @return [Integer]
|
128
144
|
#
|
129
145
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/AssociateResourceSharePermissionRequest AWS API Documentation
|
@@ -161,7 +177,7 @@ module Aws::RAM
|
|
161
177
|
end
|
162
178
|
|
163
179
|
# @!attribute [rw] resource_share_arn
|
164
|
-
# Specifies the [Amazon
|
180
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
165
181
|
# that you want to add principals or resources to.
|
166
182
|
#
|
167
183
|
#
|
@@ -191,7 +207,7 @@ module Aws::RAM
|
|
191
207
|
#
|
192
208
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
193
209
|
#
|
194
|
-
# * An [Amazon
|
210
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
195
211
|
# Organizations, for example:
|
196
212
|
# `organizations::123456789012:organization/o-exampleorgid`
|
197
213
|
#
|
@@ -228,6 +244,10 @@ module Aws::RAM
|
|
228
244
|
# If you don't provide this value, then Amazon Web Services generates
|
229
245
|
# a random one for you.
|
230
246
|
#
|
247
|
+
# If you retry the operation with the same `ClientToken`, but with
|
248
|
+
# different parameters, the retry fails with an
|
249
|
+
# `IdempotentParameterMismatch` error.
|
250
|
+
#
|
231
251
|
#
|
232
252
|
#
|
233
253
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -265,6 +285,301 @@ module Aws::RAM
|
|
265
285
|
include Aws::Structure
|
266
286
|
end
|
267
287
|
|
288
|
+
# An object that describes a managed permission associated with a
|
289
|
+
# resource share.
|
290
|
+
#
|
291
|
+
# @!attribute [rw] arn
|
292
|
+
# The [Amazon Resource Name (ARN)][1] of the associated managed
|
293
|
+
# permission.
|
294
|
+
#
|
295
|
+
#
|
296
|
+
#
|
297
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
298
|
+
# @return [String]
|
299
|
+
#
|
300
|
+
# @!attribute [rw] permission_version
|
301
|
+
# The version of the permission currently associated with the resource
|
302
|
+
# share.
|
303
|
+
# @return [String]
|
304
|
+
#
|
305
|
+
# @!attribute [rw] default_version
|
306
|
+
# Indicates whether the associated resource share is using the default
|
307
|
+
# version of the permission.
|
308
|
+
# @return [Boolean]
|
309
|
+
#
|
310
|
+
# @!attribute [rw] resource_type
|
311
|
+
# The resource type to which this permission applies.
|
312
|
+
# @return [String]
|
313
|
+
#
|
314
|
+
# @!attribute [rw] status
|
315
|
+
# The current status of the association between the permission and the
|
316
|
+
# resource share. The following are the possible values:
|
317
|
+
#
|
318
|
+
# * `ATTACHABLE` – This permission or version can be associated with
|
319
|
+
# resource shares.
|
320
|
+
#
|
321
|
+
# * `UNATTACHABLE` – This permission or version can't currently be
|
322
|
+
# associated with resource shares.
|
323
|
+
#
|
324
|
+
# * `DELETING` – This permission or version is in the process of being
|
325
|
+
# deleted.
|
326
|
+
#
|
327
|
+
# * `DELETED` – This permission or version is deleted.
|
328
|
+
# @return [String]
|
329
|
+
#
|
330
|
+
# @!attribute [rw] feature_set
|
331
|
+
# Indicates what features are available for this resource share. This
|
332
|
+
# parameter can have one of the following values:
|
333
|
+
#
|
334
|
+
# * **STANDARD** – A resource share that supports all functionality.
|
335
|
+
# These resource shares are visible to all principals you share the
|
336
|
+
# resource share with. You can modify these resource shares in RAM
|
337
|
+
# using the console or APIs. This resource share might have been
|
338
|
+
# created by RAM, or it might have been **CREATED\_FROM\_POLICY**
|
339
|
+
# and then promoted.
|
340
|
+
#
|
341
|
+
# * **CREATED\_FROM\_POLICY** – The customer manually shared a
|
342
|
+
# resource by attaching a resource-based policy. That policy did not
|
343
|
+
# match any existing managed permissions, so RAM created this
|
344
|
+
# customer managed permission automatically on the customer's
|
345
|
+
# behalf based on the attached policy document. This type of
|
346
|
+
# resource share is visible only to the Amazon Web Services account
|
347
|
+
# that created it. You can't modify it in RAM unless you promote
|
348
|
+
# it. For more information, see
|
349
|
+
# PromoteResourceShareCreatedFromPolicy.
|
350
|
+
#
|
351
|
+
# * **PROMOTING\_TO\_STANDARD** – This resource share was originally
|
352
|
+
# `CREATED_FROM_POLICY`, but the customer ran the
|
353
|
+
# PromoteResourceShareCreatedFromPolicy and that operation is still
|
354
|
+
# in progress. This value changes to `STANDARD` when complete.
|
355
|
+
# @return [String]
|
356
|
+
#
|
357
|
+
# @!attribute [rw] last_updated_time
|
358
|
+
# The date and time when the association between the permission and
|
359
|
+
# the resource share was last updated.
|
360
|
+
# @return [Time]
|
361
|
+
#
|
362
|
+
# @!attribute [rw] resource_share_arn
|
363
|
+
# The [Amazon Resource Name (ARN)][1] of a resource share associated
|
364
|
+
# with this permission.
|
365
|
+
#
|
366
|
+
#
|
367
|
+
#
|
368
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
369
|
+
# @return [String]
|
370
|
+
#
|
371
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/AssociatedPermission AWS API Documentation
|
372
|
+
#
|
373
|
+
class AssociatedPermission < Struct.new(
|
374
|
+
:arn,
|
375
|
+
:permission_version,
|
376
|
+
:default_version,
|
377
|
+
:resource_type,
|
378
|
+
:status,
|
379
|
+
:feature_set,
|
380
|
+
:last_updated_time,
|
381
|
+
:resource_share_arn)
|
382
|
+
SENSITIVE = []
|
383
|
+
include Aws::Structure
|
384
|
+
end
|
385
|
+
|
386
|
+
# @!attribute [rw] name
|
387
|
+
# Specifies the name of the customer managed permission. The name must
|
388
|
+
# be unique within the Amazon Web Services Region.
|
389
|
+
# @return [String]
|
390
|
+
#
|
391
|
+
# @!attribute [rw] resource_type
|
392
|
+
# Specifies the name of the resource type that this customer managed
|
393
|
+
# permission applies to.
|
394
|
+
#
|
395
|
+
# The format is ` <service-code>:<resource-type> ` and is not case
|
396
|
+
# sensitive. For example, to specify an Amazon EC2 Subnet, you can use
|
397
|
+
# the string `ec2:subnet`. To see the list of valid values for this
|
398
|
+
# parameter, query the ListResourceTypes operation.
|
399
|
+
# @return [String]
|
400
|
+
#
|
401
|
+
# @!attribute [rw] policy_template
|
402
|
+
# A string in JSON format string that contains the following elements
|
403
|
+
# of a resource-based policy:
|
404
|
+
#
|
405
|
+
# * **Effect**: must be set to `ALLOW`.
|
406
|
+
#
|
407
|
+
# * **Action**: specifies the actions that are allowed by this
|
408
|
+
# customer managed permission. The list must contain only actions
|
409
|
+
# that are supported by the specified resource type. For a list of
|
410
|
+
# all actions supported by each resource type, see [Actions,
|
411
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
412
|
+
# in the *Identity and Access Management User Guide*.
|
413
|
+
#
|
414
|
+
# * **Condition**: (optional) specifies conditional parameters that
|
415
|
+
# must evaluate to true when a user attempts an action for that
|
416
|
+
# action to be allowed. For more information about the Condition
|
417
|
+
# element, see [IAM policies: Condition element][2] in the *Identity
|
418
|
+
# and Access Management User Guide*.
|
419
|
+
#
|
420
|
+
# This template can't include either the `Resource` or `Principal`
|
421
|
+
# elements. Those are both filled in by RAM when it instantiates the
|
422
|
+
# resource-based policy on each resource shared using this managed
|
423
|
+
# permission. The `Resource` comes from the ARN of the specific
|
424
|
+
# resource that you are sharing. The `Principal` comes from the list
|
425
|
+
# of identities added to the resource share.
|
426
|
+
#
|
427
|
+
#
|
428
|
+
#
|
429
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html
|
430
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
|
431
|
+
# @return [String]
|
432
|
+
#
|
433
|
+
# @!attribute [rw] client_token
|
434
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
435
|
+
# ensure the idempotency of the request. This lets you safely retry
|
436
|
+
# the request without accidentally performing the same operation a
|
437
|
+
# second time. Passing the same value to a later call to an operation
|
438
|
+
# requires that you also pass the same value for all other parameters.
|
439
|
+
# We recommend that you use a [UUID type of value.][1].
|
440
|
+
#
|
441
|
+
# If you don't provide this value, then Amazon Web Services generates
|
442
|
+
# a random one for you.
|
443
|
+
#
|
444
|
+
# If you retry the operation with the same `ClientToken`, but with
|
445
|
+
# different parameters, the retry fails with an
|
446
|
+
# `IdempotentParameterMismatch` error.
|
447
|
+
#
|
448
|
+
#
|
449
|
+
#
|
450
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
451
|
+
# @return [String]
|
452
|
+
#
|
453
|
+
# @!attribute [rw] tags
|
454
|
+
# Specifies a list of one or more tag key and value pairs to attach to
|
455
|
+
# the permission.
|
456
|
+
# @return [Array<Types::Tag>]
|
457
|
+
#
|
458
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermissionRequest AWS API Documentation
|
459
|
+
#
|
460
|
+
class CreatePermissionRequest < Struct.new(
|
461
|
+
:name,
|
462
|
+
:resource_type,
|
463
|
+
:policy_template,
|
464
|
+
:client_token,
|
465
|
+
:tags)
|
466
|
+
SENSITIVE = []
|
467
|
+
include Aws::Structure
|
468
|
+
end
|
469
|
+
|
470
|
+
# @!attribute [rw] permission
|
471
|
+
# A structure with information about this customer managed permission.
|
472
|
+
# @return [Types::ResourceSharePermissionSummary]
|
473
|
+
#
|
474
|
+
# @!attribute [rw] client_token
|
475
|
+
# The idempotency identifier associated with this request. If you want
|
476
|
+
# to repeat the same operation in an idempotent manner then you must
|
477
|
+
# include this value in the `clientToken` request parameter of that
|
478
|
+
# later call. All other parameters must also have the same values that
|
479
|
+
# you used in the first call.
|
480
|
+
# @return [String]
|
481
|
+
#
|
482
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermissionResponse AWS API Documentation
|
483
|
+
#
|
484
|
+
class CreatePermissionResponse < Struct.new(
|
485
|
+
:permission,
|
486
|
+
:client_token)
|
487
|
+
SENSITIVE = []
|
488
|
+
include Aws::Structure
|
489
|
+
end
|
490
|
+
|
491
|
+
# @!attribute [rw] permission_arn
|
492
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer
|
493
|
+
# managed permission you're creating a new version for.
|
494
|
+
#
|
495
|
+
#
|
496
|
+
#
|
497
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
498
|
+
# @return [String]
|
499
|
+
#
|
500
|
+
# @!attribute [rw] policy_template
|
501
|
+
# A string in JSON format string that contains the following elements
|
502
|
+
# of a resource-based policy:
|
503
|
+
#
|
504
|
+
# * **Effect**: must be set to `ALLOW`.
|
505
|
+
#
|
506
|
+
# * **Action**: specifies the actions that are allowed by this
|
507
|
+
# customer managed permission. The list must contain only actions
|
508
|
+
# that are supported by the specified resource type. For a list of
|
509
|
+
# all actions supported by each resource type, see [Actions,
|
510
|
+
# resources, and condition keys for Amazon Web Services services][1]
|
511
|
+
# in the *Identity and Access Management User Guide*.
|
512
|
+
#
|
513
|
+
# * **Condition**: (optional) specifies conditional parameters that
|
514
|
+
# must evaluate to true when a user attempts an action for that
|
515
|
+
# action to be allowed. For more information about the Condition
|
516
|
+
# element, see [IAM policies: Condition element][2] in the *Identity
|
517
|
+
# and Access Management User Guide*.
|
518
|
+
#
|
519
|
+
# This template can't include either the `Resource` or `Principal`
|
520
|
+
# elements. Those are both filled in by RAM when it instantiates the
|
521
|
+
# resource-based policy on each resource shared using this managed
|
522
|
+
# permission. The `Resource` comes from the ARN of the specific
|
523
|
+
# resource that you are sharing. The `Principal` comes from the list
|
524
|
+
# of identities added to the resource share.
|
525
|
+
#
|
526
|
+
#
|
527
|
+
#
|
528
|
+
# [1]: https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html
|
529
|
+
# [2]: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html
|
530
|
+
# @return [String]
|
531
|
+
#
|
532
|
+
# @!attribute [rw] client_token
|
533
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
534
|
+
# ensure the idempotency of the request. This lets you safely retry
|
535
|
+
# the request without accidentally performing the same operation a
|
536
|
+
# second time. Passing the same value to a later call to an operation
|
537
|
+
# requires that you also pass the same value for all other parameters.
|
538
|
+
# We recommend that you use a [UUID type of value.][1].
|
539
|
+
#
|
540
|
+
# If you don't provide this value, then Amazon Web Services generates
|
541
|
+
# a random one for you.
|
542
|
+
#
|
543
|
+
# If you retry the operation with the same `ClientToken`, but with
|
544
|
+
# different parameters, the retry fails with an
|
545
|
+
# `IdempotentParameterMismatch` error.
|
546
|
+
#
|
547
|
+
#
|
548
|
+
#
|
549
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
550
|
+
# @return [String]
|
551
|
+
#
|
552
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermissionVersionRequest AWS API Documentation
|
553
|
+
#
|
554
|
+
class CreatePermissionVersionRequest < Struct.new(
|
555
|
+
:permission_arn,
|
556
|
+
:policy_template,
|
557
|
+
:client_token)
|
558
|
+
SENSITIVE = []
|
559
|
+
include Aws::Structure
|
560
|
+
end
|
561
|
+
|
562
|
+
# @!attribute [rw] permission
|
563
|
+
# Information about a RAM managed permission.
|
564
|
+
# @return [Types::ResourceSharePermissionDetail]
|
565
|
+
#
|
566
|
+
# @!attribute [rw] client_token
|
567
|
+
# The idempotency identifier associated with this request. If you want
|
568
|
+
# to repeat the same operation in an idempotent manner then you must
|
569
|
+
# include this value in the `clientToken` request parameter of that
|
570
|
+
# later call. All other parameters must also have the same values that
|
571
|
+
# you used in the first call.
|
572
|
+
# @return [String]
|
573
|
+
#
|
574
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/CreatePermissionVersionResponse AWS API Documentation
|
575
|
+
#
|
576
|
+
class CreatePermissionVersionResponse < Struct.new(
|
577
|
+
:permission,
|
578
|
+
:client_token)
|
579
|
+
SENSITIVE = []
|
580
|
+
include Aws::Structure
|
581
|
+
end
|
582
|
+
|
268
583
|
# @!attribute [rw] name
|
269
584
|
# Specifies the name of the resource share.
|
270
585
|
# @return [String]
|
@@ -282,7 +597,7 @@ module Aws::RAM
|
|
282
597
|
#
|
283
598
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
284
599
|
#
|
285
|
-
# * An [Amazon
|
600
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
286
601
|
# Organizations, for example:
|
287
602
|
# `organizations::123456789012:organization/o-exampleorgid`
|
288
603
|
#
|
@@ -334,6 +649,10 @@ module Aws::RAM
|
|
334
649
|
# If you don't provide this value, then Amazon Web Services generates
|
335
650
|
# a random one for you.
|
336
651
|
#
|
652
|
+
# If you retry the operation with the same `ClientToken`, but with
|
653
|
+
# different parameters, the retry fails with an
|
654
|
+
# `IdempotentParameterMismatch` error.
|
655
|
+
#
|
337
656
|
#
|
338
657
|
#
|
339
658
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -387,8 +706,157 @@ module Aws::RAM
|
|
387
706
|
include Aws::Structure
|
388
707
|
end
|
389
708
|
|
709
|
+
# @!attribute [rw] permission_arn
|
710
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer
|
711
|
+
# managed permission that you want to delete.
|
712
|
+
#
|
713
|
+
#
|
714
|
+
#
|
715
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
716
|
+
# @return [String]
|
717
|
+
#
|
718
|
+
# @!attribute [rw] client_token
|
719
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
720
|
+
# ensure the idempotency of the request. This lets you safely retry
|
721
|
+
# the request without accidentally performing the same operation a
|
722
|
+
# second time. Passing the same value to a later call to an operation
|
723
|
+
# requires that you also pass the same value for all other parameters.
|
724
|
+
# We recommend that you use a [UUID type of value.][1].
|
725
|
+
#
|
726
|
+
# If you don't provide this value, then Amazon Web Services generates
|
727
|
+
# a random one for you.
|
728
|
+
#
|
729
|
+
# If you retry the operation with the same `ClientToken`, but with
|
730
|
+
# different parameters, the retry fails with an
|
731
|
+
# `IdempotentParameterMismatch` error.
|
732
|
+
#
|
733
|
+
#
|
734
|
+
#
|
735
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
736
|
+
# @return [String]
|
737
|
+
#
|
738
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermissionRequest AWS API Documentation
|
739
|
+
#
|
740
|
+
class DeletePermissionRequest < Struct.new(
|
741
|
+
:permission_arn,
|
742
|
+
:client_token)
|
743
|
+
SENSITIVE = []
|
744
|
+
include Aws::Structure
|
745
|
+
end
|
746
|
+
|
747
|
+
# @!attribute [rw] return_value
|
748
|
+
# A boolean that indicates whether the delete operations succeeded.
|
749
|
+
# @return [Boolean]
|
750
|
+
#
|
751
|
+
# @!attribute [rw] client_token
|
752
|
+
# The idempotency identifier associated with this request. If you want
|
753
|
+
# to repeat the same operation in an idempotent manner then you must
|
754
|
+
# include this value in the `clientToken` request parameter of that
|
755
|
+
# later call. All other parameters must also have the same values that
|
756
|
+
# you used in the first call.
|
757
|
+
# @return [String]
|
758
|
+
#
|
759
|
+
# @!attribute [rw] permission_status
|
760
|
+
# This operation is performed asynchronously, and this response
|
761
|
+
# parameter indicates the current status.
|
762
|
+
# @return [String]
|
763
|
+
#
|
764
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermissionResponse AWS API Documentation
|
765
|
+
#
|
766
|
+
class DeletePermissionResponse < Struct.new(
|
767
|
+
:return_value,
|
768
|
+
:client_token,
|
769
|
+
:permission_status)
|
770
|
+
SENSITIVE = []
|
771
|
+
include Aws::Structure
|
772
|
+
end
|
773
|
+
|
774
|
+
# @!attribute [rw] permission_arn
|
775
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the permission with
|
776
|
+
# the version you want to delete.
|
777
|
+
#
|
778
|
+
#
|
779
|
+
#
|
780
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
781
|
+
# @return [String]
|
782
|
+
#
|
783
|
+
# @!attribute [rw] permission_version
|
784
|
+
# Specifies the version number to delete.
|
785
|
+
#
|
786
|
+
# You can't delete the default version for a customer managed
|
787
|
+
# permission.
|
788
|
+
#
|
789
|
+
# You can't delete a version if it's the only version of the
|
790
|
+
# permission. You must either first create another version, or delete
|
791
|
+
# the permission completely.
|
792
|
+
#
|
793
|
+
# You can't delete a version if it is attached to any resource
|
794
|
+
# shares. If the version is the default, you must first use
|
795
|
+
# SetDefaultPermissionVersion to set a different version as the
|
796
|
+
# default for the customer managed permission, and then use
|
797
|
+
# AssociateResourceSharePermission to update your resource shares to
|
798
|
+
# use the new default version.
|
799
|
+
# @return [Integer]
|
800
|
+
#
|
801
|
+
# @!attribute [rw] client_token
|
802
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
803
|
+
# ensure the idempotency of the request. This lets you safely retry
|
804
|
+
# the request without accidentally performing the same operation a
|
805
|
+
# second time. Passing the same value to a later call to an operation
|
806
|
+
# requires that you also pass the same value for all other parameters.
|
807
|
+
# We recommend that you use a [UUID type of value.][1].
|
808
|
+
#
|
809
|
+
# If you don't provide this value, then Amazon Web Services generates
|
810
|
+
# a random one for you.
|
811
|
+
#
|
812
|
+
# If you retry the operation with the same `ClientToken`, but with
|
813
|
+
# different parameters, the retry fails with an
|
814
|
+
# `IdempotentParameterMismatch` error.
|
815
|
+
#
|
816
|
+
#
|
817
|
+
#
|
818
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
819
|
+
# @return [String]
|
820
|
+
#
|
821
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermissionVersionRequest AWS API Documentation
|
822
|
+
#
|
823
|
+
class DeletePermissionVersionRequest < Struct.new(
|
824
|
+
:permission_arn,
|
825
|
+
:permission_version,
|
826
|
+
:client_token)
|
827
|
+
SENSITIVE = []
|
828
|
+
include Aws::Structure
|
829
|
+
end
|
830
|
+
|
831
|
+
# @!attribute [rw] return_value
|
832
|
+
# A boolean value that indicates whether the operation is successful.
|
833
|
+
# @return [Boolean]
|
834
|
+
#
|
835
|
+
# @!attribute [rw] client_token
|
836
|
+
# The idempotency identifier associated with this request. If you want
|
837
|
+
# to repeat the same operation in an idempotent manner then you must
|
838
|
+
# include this value in the `clientToken` request parameter of that
|
839
|
+
# later call. All other parameters must also have the same values that
|
840
|
+
# you used in the first call.
|
841
|
+
# @return [String]
|
842
|
+
#
|
843
|
+
# @!attribute [rw] permission_status
|
844
|
+
# This operation is performed asynchronously, and this response
|
845
|
+
# parameter indicates the current status.
|
846
|
+
# @return [String]
|
847
|
+
#
|
848
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/DeletePermissionVersionResponse AWS API Documentation
|
849
|
+
#
|
850
|
+
class DeletePermissionVersionResponse < Struct.new(
|
851
|
+
:return_value,
|
852
|
+
:client_token,
|
853
|
+
:permission_status)
|
854
|
+
SENSITIVE = []
|
855
|
+
include Aws::Structure
|
856
|
+
end
|
857
|
+
|
390
858
|
# @!attribute [rw] resource_share_arn
|
391
|
-
# Specifies the [Amazon
|
859
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
392
860
|
# to delete.
|
393
861
|
#
|
394
862
|
#
|
@@ -407,6 +875,10 @@ module Aws::RAM
|
|
407
875
|
# If you don't provide this value, then Amazon Web Services generates
|
408
876
|
# a random one for you.
|
409
877
|
#
|
878
|
+
# If you retry the operation with the same `ClientToken`, but with
|
879
|
+
# different parameters, the retry fails with an
|
880
|
+
# `IdempotentParameterMismatch` error.
|
881
|
+
#
|
410
882
|
#
|
411
883
|
#
|
412
884
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -444,8 +916,8 @@ module Aws::RAM
|
|
444
916
|
end
|
445
917
|
|
446
918
|
# @!attribute [rw] resource_share_arn
|
447
|
-
# The [Amazon
|
448
|
-
#
|
919
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share that you
|
920
|
+
# want to remove the managed permission from.
|
449
921
|
#
|
450
922
|
#
|
451
923
|
#
|
@@ -453,9 +925,9 @@ module Aws::RAM
|
|
453
925
|
# @return [String]
|
454
926
|
#
|
455
927
|
# @!attribute [rw] permission_arn
|
456
|
-
# The [Amazon
|
457
|
-
# from the resource share. Changes to permissions take
|
458
|
-
# immediately.
|
928
|
+
# The [Amazon Resource Name (ARN)][1] of the managed permission to
|
929
|
+
# disassociate from the resource share. Changes to permissions take
|
930
|
+
# effect immediately.
|
459
931
|
#
|
460
932
|
#
|
461
933
|
#
|
@@ -473,6 +945,10 @@ module Aws::RAM
|
|
473
945
|
# If you don't provide this value, then Amazon Web Services generates
|
474
946
|
# a random one for you.
|
475
947
|
#
|
948
|
+
# If you retry the operation with the same `ClientToken`, but with
|
949
|
+
# different parameters, the retry fails with an
|
950
|
+
# `IdempotentParameterMismatch` error.
|
951
|
+
#
|
476
952
|
#
|
477
953
|
#
|
478
954
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -511,8 +987,8 @@ module Aws::RAM
|
|
511
987
|
end
|
512
988
|
|
513
989
|
# @!attribute [rw] resource_share_arn
|
514
|
-
# Specifies [Amazon
|
515
|
-
# you want to remove resources from.
|
990
|
+
# Specifies [Amazon Resource Name (ARN)][1] of the resource share that
|
991
|
+
# you want to remove resources or principals from.
|
516
992
|
#
|
517
993
|
#
|
518
994
|
#
|
@@ -523,8 +999,7 @@ module Aws::RAM
|
|
523
999
|
# Specifies a list of [Amazon Resource Names (ARNs)][1] for one or
|
524
1000
|
# more resources that you want to remove from the resource share.
|
525
1001
|
# After the operation runs, these resources are no longer shared with
|
526
|
-
# principals
|
527
|
-
# the resources.
|
1002
|
+
# principals associated with the resource share.
|
528
1003
|
#
|
529
1004
|
#
|
530
1005
|
#
|
@@ -539,7 +1014,7 @@ module Aws::RAM
|
|
539
1014
|
#
|
540
1015
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
541
1016
|
#
|
542
|
-
# * An [Amazon
|
1017
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
543
1018
|
# Organizations, for example:
|
544
1019
|
# `organizations::123456789012:organization/o-exampleorgid`
|
545
1020
|
#
|
@@ -576,6 +1051,10 @@ module Aws::RAM
|
|
576
1051
|
# If you don't provide this value, then Amazon Web Services generates
|
577
1052
|
# a random one for you.
|
578
1053
|
#
|
1054
|
+
# If you retry the operation with the same `ClientToken`, but with
|
1055
|
+
# different parameters, the retry fails with an
|
1056
|
+
# `IdempotentParameterMismatch` error.
|
1057
|
+
#
|
579
1058
|
#
|
580
1059
|
#
|
581
1060
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -593,8 +1072,8 @@ module Aws::RAM
|
|
593
1072
|
end
|
594
1073
|
|
595
1074
|
# @!attribute [rw] resource_share_associations
|
596
|
-
# An array of objects
|
597
|
-
#
|
1075
|
+
# An array of objects with information about the updated associations
|
1076
|
+
# for this resource share.
|
598
1077
|
# @return [Array<Types::ResourceShareAssociation>]
|
599
1078
|
#
|
600
1079
|
# @!attribute [rw] client_token
|
@@ -634,11 +1113,11 @@ module Aws::RAM
|
|
634
1113
|
end
|
635
1114
|
|
636
1115
|
# @!attribute [rw] permission_arn
|
637
|
-
# Specifies the [Amazon
|
638
|
-
# contents you want to retrieve. To find the ARN for a
|
639
|
-
# either the ListPermissions operation or go to the
|
640
|
-
# library][2] page in the RAM console and then choose the
|
641
|
-
# permission. The ARN is displayed on the detail page.
|
1116
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the permission
|
1117
|
+
# whose contents you want to retrieve. To find the ARN for a
|
1118
|
+
# permission, use either the ListPermissions operation or go to the
|
1119
|
+
# [Permissions library][2] page in the RAM console and then choose the
|
1120
|
+
# name of the permission. The ARN is displayed on the detail page.
|
642
1121
|
#
|
643
1122
|
#
|
644
1123
|
#
|
@@ -647,9 +1126,11 @@ module Aws::RAM
|
|
647
1126
|
# @return [String]
|
648
1127
|
#
|
649
1128
|
# @!attribute [rw] permission_version
|
650
|
-
# Specifies
|
651
|
-
#
|
652
|
-
#
|
1129
|
+
# Specifies the version number of the RAM permission to retrieve. If
|
1130
|
+
# you don't specify this parameter, the operation retrieves the
|
1131
|
+
# default version.
|
1132
|
+
#
|
1133
|
+
# To see the list of available versions, use ListPermissionVersions.
|
653
1134
|
# @return [Integer]
|
654
1135
|
#
|
655
1136
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/GetPermissionRequest AWS API Documentation
|
@@ -662,7 +1143,7 @@ module Aws::RAM
|
|
662
1143
|
end
|
663
1144
|
|
664
1145
|
# @!attribute [rw] permission
|
665
|
-
# An object
|
1146
|
+
# An object with details about the permission.
|
666
1147
|
# @return [Types::ResourceSharePermissionDetail]
|
667
1148
|
#
|
668
1149
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/GetPermissionResponse AWS API Documentation
|
@@ -744,11 +1225,11 @@ module Aws::RAM
|
|
744
1225
|
# Specifies whether you want to retrieve the associations that involve
|
745
1226
|
# a specified resource or principal.
|
746
1227
|
#
|
747
|
-
# * `PRINCIPAL` – list the principals
|
748
|
-
#
|
1228
|
+
# * `PRINCIPAL` – list the principals whose associations you want to
|
1229
|
+
# see.
|
749
1230
|
#
|
750
|
-
# * `RESOURCE` – list the resources
|
751
|
-
#
|
1231
|
+
# * `RESOURCE` – list the resources whose associations you want to
|
1232
|
+
# see.
|
752
1233
|
# @return [String]
|
753
1234
|
#
|
754
1235
|
# @!attribute [rw] resource_share_arns
|
@@ -761,7 +1242,7 @@ module Aws::RAM
|
|
761
1242
|
# @return [Array<String>]
|
762
1243
|
#
|
763
1244
|
# @!attribute [rw] resource_arn
|
764
|
-
# Specifies the [Amazon
|
1245
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of a resource whose
|
765
1246
|
# resource shares you want to retrieve.
|
766
1247
|
#
|
767
1248
|
# You cannot specify this parameter if the association type is
|
@@ -775,7 +1256,7 @@ module Aws::RAM
|
|
775
1256
|
# @!attribute [rw] principal
|
776
1257
|
# Specifies the ID of the principal whose resource shares you want to
|
777
1258
|
# retrieve. This can be an Amazon Web Services account ID, an
|
778
|
-
# organization ID, an organizational unit ID, or the [Amazon
|
1259
|
+
# organization ID, an organizational unit ID, or the [Amazon Resource
|
779
1260
|
# Name (ARN)][1] of an individual IAM user or role.
|
780
1261
|
#
|
781
1262
|
# You cannot specify this parameter if the association type is
|
@@ -787,7 +1268,7 @@ module Aws::RAM
|
|
787
1268
|
# @return [String]
|
788
1269
|
#
|
789
1270
|
# @!attribute [rw] association_status
|
790
|
-
# Specifies that you want to retrieve only associations
|
1271
|
+
# Specifies that you want to retrieve only associations that have this
|
791
1272
|
# status.
|
792
1273
|
# @return [String]
|
793
1274
|
#
|
@@ -979,14 +1460,19 @@ module Aws::RAM
|
|
979
1460
|
#
|
980
1461
|
# @!attribute [rw] permission_arn
|
981
1462
|
# Specifies that you want to retrieve details of only those resource
|
982
|
-
# shares that use the
|
983
|
-
# (ARN)][1].
|
1463
|
+
# shares that use the managed permission with this [Amazon Resource
|
1464
|
+
# Name (ARN)][1].
|
984
1465
|
#
|
985
1466
|
#
|
986
1467
|
#
|
987
1468
|
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
988
1469
|
# @return [String]
|
989
1470
|
#
|
1471
|
+
# @!attribute [rw] permission_version
|
1472
|
+
# Specifies that you want to retrieve details for only those resource
|
1473
|
+
# shares that use the specified version of the managed permission.
|
1474
|
+
# @return [Integer]
|
1475
|
+
#
|
990
1476
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/GetResourceSharesRequest AWS API Documentation
|
991
1477
|
#
|
992
1478
|
class GetResourceSharesRequest < Struct.new(
|
@@ -997,7 +1483,8 @@ module Aws::RAM
|
|
997
1483
|
:tag_filters,
|
998
1484
|
:next_token,
|
999
1485
|
:max_results,
|
1000
|
-
:permission_arn
|
1486
|
+
:permission_arn,
|
1487
|
+
:permission_version)
|
1001
1488
|
SENSITIVE = []
|
1002
1489
|
include Aws::Structure
|
1003
1490
|
end
|
@@ -1025,9 +1512,9 @@ module Aws::RAM
|
|
1025
1512
|
include Aws::Structure
|
1026
1513
|
end
|
1027
1514
|
|
1028
|
-
# The client token input parameter
|
1029
|
-
# call to the operation, but at least
|
1030
|
-
# is different from the previous call.
|
1515
|
+
# The operation failed because the client token input parameter matched
|
1516
|
+
# one that was used with a previous call to the operation, but at least
|
1517
|
+
# one of the other input parameters is different from the previous call.
|
1031
1518
|
#
|
1032
1519
|
# @!attribute [rw] message
|
1033
1520
|
# @return [String]
|
@@ -1040,7 +1527,7 @@ module Aws::RAM
|
|
1040
1527
|
include Aws::Structure
|
1041
1528
|
end
|
1042
1529
|
|
1043
|
-
# The client token
|
1530
|
+
# The operation failed because the specified client token isn't valid.
|
1044
1531
|
#
|
1045
1532
|
# @!attribute [rw] message
|
1046
1533
|
# @return [String]
|
@@ -1053,7 +1540,8 @@ module Aws::RAM
|
|
1053
1540
|
include Aws::Structure
|
1054
1541
|
end
|
1055
1542
|
|
1056
|
-
# The specified value for `MaxResults`
|
1543
|
+
# The operation failed because the specified value for `MaxResults`
|
1544
|
+
# isn't valid.
|
1057
1545
|
#
|
1058
1546
|
# @!attribute [rw] message
|
1059
1547
|
# @return [String]
|
@@ -1066,33 +1554,48 @@ module Aws::RAM
|
|
1066
1554
|
include Aws::Structure
|
1067
1555
|
end
|
1068
1556
|
|
1069
|
-
# The specified value for `NextToken`
|
1557
|
+
# The operation failed because the specified value for `NextToken`
|
1558
|
+
# isn't valid. You must specify a value you received in the `NextToken`
|
1559
|
+
# response of a previous call to this operation.
|
1560
|
+
#
|
1561
|
+
# @!attribute [rw] message
|
1562
|
+
# @return [String]
|
1563
|
+
#
|
1564
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/InvalidNextTokenException AWS API Documentation
|
1565
|
+
#
|
1566
|
+
class InvalidNextTokenException < Struct.new(
|
1567
|
+
:message)
|
1568
|
+
SENSITIVE = []
|
1569
|
+
include Aws::Structure
|
1570
|
+
end
|
1571
|
+
|
1572
|
+
# The operation failed because a parameter you specified isn't valid.
|
1070
1573
|
#
|
1071
1574
|
# @!attribute [rw] message
|
1072
1575
|
# @return [String]
|
1073
1576
|
#
|
1074
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/
|
1577
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/InvalidParameterException AWS API Documentation
|
1075
1578
|
#
|
1076
|
-
class
|
1579
|
+
class InvalidParameterException < Struct.new(
|
1077
1580
|
:message)
|
1078
1581
|
SENSITIVE = []
|
1079
1582
|
include Aws::Structure
|
1080
1583
|
end
|
1081
1584
|
|
1082
|
-
#
|
1585
|
+
# The operation failed because a policy you specified isn't valid.
|
1083
1586
|
#
|
1084
1587
|
# @!attribute [rw] message
|
1085
1588
|
# @return [String]
|
1086
1589
|
#
|
1087
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/
|
1590
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/InvalidPolicyException AWS API Documentation
|
1088
1591
|
#
|
1089
|
-
class
|
1592
|
+
class InvalidPolicyException < Struct.new(
|
1090
1593
|
:message)
|
1091
1594
|
SENSITIVE = []
|
1092
1595
|
include Aws::Structure
|
1093
1596
|
end
|
1094
1597
|
|
1095
|
-
# The specified resource type
|
1598
|
+
# The operation failed because the specified resource type isn't valid.
|
1096
1599
|
#
|
1097
1600
|
# @!attribute [rw] message
|
1098
1601
|
# @return [String]
|
@@ -1105,7 +1608,8 @@ module Aws::RAM
|
|
1105
1608
|
include Aws::Structure
|
1106
1609
|
end
|
1107
1610
|
|
1108
|
-
# The
|
1611
|
+
# The operation failed because the requested operation isn't valid for
|
1612
|
+
# the resource share in its current state.
|
1109
1613
|
#
|
1110
1614
|
# @!attribute [rw] message
|
1111
1615
|
# @return [String]
|
@@ -1119,7 +1623,7 @@ module Aws::RAM
|
|
1119
1623
|
end
|
1120
1624
|
|
1121
1625
|
# @!attribute [rw] resource_share_invitation_arn
|
1122
|
-
# Specifies the [Amazon
|
1626
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the invitation. You
|
1123
1627
|
# can use GetResourceShareInvitations to find the ARN of the
|
1124
1628
|
# invitation.
|
1125
1629
|
#
|
@@ -1200,7 +1704,107 @@ module Aws::RAM
|
|
1200
1704
|
end
|
1201
1705
|
|
1202
1706
|
# @!attribute [rw] permission_arn
|
1203
|
-
# Specifies the [Amazon
|
1707
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
1708
|
+
# permission.
|
1709
|
+
#
|
1710
|
+
#
|
1711
|
+
#
|
1712
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1713
|
+
# @return [String]
|
1714
|
+
#
|
1715
|
+
# @!attribute [rw] permission_version
|
1716
|
+
# Specifies that you want to list only those associations with
|
1717
|
+
# resource shares that use this version of the managed permission. If
|
1718
|
+
# you don't provide a value for this parameter, then the operation
|
1719
|
+
# returns information about associations with resource shares that use
|
1720
|
+
# any version of the managed permission.
|
1721
|
+
# @return [Integer]
|
1722
|
+
#
|
1723
|
+
# @!attribute [rw] association_status
|
1724
|
+
# Specifies that you want to list only those associations with
|
1725
|
+
# resource shares that match this status.
|
1726
|
+
# @return [String]
|
1727
|
+
#
|
1728
|
+
# @!attribute [rw] resource_type
|
1729
|
+
# Specifies that you want to list only those associations with
|
1730
|
+
# resource shares that include at least one resource of this resource
|
1731
|
+
# type.
|
1732
|
+
# @return [String]
|
1733
|
+
#
|
1734
|
+
# @!attribute [rw] feature_set
|
1735
|
+
# Specifies that you want to list only those associations with
|
1736
|
+
# resource shares that have a `featureSet` with this value.
|
1737
|
+
# @return [String]
|
1738
|
+
#
|
1739
|
+
# @!attribute [rw] default_version
|
1740
|
+
# When `true`, specifies that you want to list only those associations
|
1741
|
+
# with resource shares that use the default version of the specified
|
1742
|
+
# managed permission.
|
1743
|
+
#
|
1744
|
+
# When `false` (the default value), lists associations with resource
|
1745
|
+
# shares that use any version of the specified managed permission.
|
1746
|
+
# @return [Boolean]
|
1747
|
+
#
|
1748
|
+
# @!attribute [rw] next_token
|
1749
|
+
# Specifies that you want to receive the next page of results. Valid
|
1750
|
+
# only if you received a `NextToken` response in the previous request.
|
1751
|
+
# If you did, it indicates that more output is available. Set this
|
1752
|
+
# parameter to the value provided by the previous call's `NextToken`
|
1753
|
+
# response to request the next page of results.
|
1754
|
+
# @return [String]
|
1755
|
+
#
|
1756
|
+
# @!attribute [rw] max_results
|
1757
|
+
# Specifies the total number of results that you want included on each
|
1758
|
+
# page of the response. If you do not include this parameter, it
|
1759
|
+
# defaults to a value that is specific to the operation. If additional
|
1760
|
+
# items exist beyond the number you specify, the `NextToken` response
|
1761
|
+
# element is returned with a value (not null). Include the specified
|
1762
|
+
# value as the `NextToken` request parameter in the next call to the
|
1763
|
+
# operation to get the next part of the results. Note that the service
|
1764
|
+
# might return fewer results than the maximum even when there are more
|
1765
|
+
# results available. You should check `NextToken` after every
|
1766
|
+
# operation to ensure that you receive all of the results.
|
1767
|
+
# @return [Integer]
|
1768
|
+
#
|
1769
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissionAssociationsRequest AWS API Documentation
|
1770
|
+
#
|
1771
|
+
class ListPermissionAssociationsRequest < Struct.new(
|
1772
|
+
:permission_arn,
|
1773
|
+
:permission_version,
|
1774
|
+
:association_status,
|
1775
|
+
:resource_type,
|
1776
|
+
:feature_set,
|
1777
|
+
:default_version,
|
1778
|
+
:next_token,
|
1779
|
+
:max_results)
|
1780
|
+
SENSITIVE = []
|
1781
|
+
include Aws::Structure
|
1782
|
+
end
|
1783
|
+
|
1784
|
+
# @!attribute [rw] permissions
|
1785
|
+
# A structure with information about this customer managed permission.
|
1786
|
+
# @return [Array<Types::AssociatedPermission>]
|
1787
|
+
#
|
1788
|
+
# @!attribute [rw] next_token
|
1789
|
+
# If present, this value indicates that more output is available than
|
1790
|
+
# is included in the current response. Use this value in the
|
1791
|
+
# `NextToken` request parameter in a subsequent call to the operation
|
1792
|
+
# to get the next part of the output. You should repeat this until the
|
1793
|
+
# `NextToken` response element comes back as `null`. This indicates
|
1794
|
+
# that this is the last page of results.
|
1795
|
+
# @return [String]
|
1796
|
+
#
|
1797
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissionAssociationsResponse AWS API Documentation
|
1798
|
+
#
|
1799
|
+
class ListPermissionAssociationsResponse < Struct.new(
|
1800
|
+
:permissions,
|
1801
|
+
:next_token)
|
1802
|
+
SENSITIVE = []
|
1803
|
+
include Aws::Structure
|
1804
|
+
end
|
1805
|
+
|
1806
|
+
# @!attribute [rw] permission_arn
|
1807
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the RAM permission
|
1204
1808
|
# whose versions you want to list. You can use the `permissionVersion`
|
1205
1809
|
# parameter on the AssociateResourceSharePermission operation to
|
1206
1810
|
# specify a non-default version to attach.
|
@@ -1265,9 +1869,11 @@ module Aws::RAM
|
|
1265
1869
|
end
|
1266
1870
|
|
1267
1871
|
# @!attribute [rw] resource_type
|
1268
|
-
# Specifies that you want to list permissions
|
1269
|
-
# resource type.
|
1270
|
-
#
|
1872
|
+
# Specifies that you want to list only those permissions that apply to
|
1873
|
+
# the specified resource type. This parameter is not case sensitive.
|
1874
|
+
#
|
1875
|
+
# For example, to list only permissions that apply to Amazon EC2
|
1876
|
+
# subnets, specify `ec2:subnet`. You can use the ListResourceTypes
|
1271
1877
|
# operation to get the specific string required.
|
1272
1878
|
# @return [String]
|
1273
1879
|
#
|
@@ -1292,12 +1898,26 @@ module Aws::RAM
|
|
1292
1898
|
# operation to ensure that you receive all of the results.
|
1293
1899
|
# @return [Integer]
|
1294
1900
|
#
|
1901
|
+
# @!attribute [rw] permission_type
|
1902
|
+
# Specifies that you want to list only permissions of this type:
|
1903
|
+
#
|
1904
|
+
# * `AWS` – returns only Amazon Web Services managed permissions.
|
1905
|
+
#
|
1906
|
+
# * `LOCAL` – returns only customer managed permissions
|
1907
|
+
#
|
1908
|
+
# * `ALL` – returns both Amazon Web Services managed permissions and
|
1909
|
+
# customer managed permissions.
|
1910
|
+
#
|
1911
|
+
# If you don't specify this parameter, the default is `All`.
|
1912
|
+
# @return [String]
|
1913
|
+
#
|
1295
1914
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListPermissionsRequest AWS API Documentation
|
1296
1915
|
#
|
1297
1916
|
class ListPermissionsRequest < Struct.new(
|
1298
1917
|
:resource_type,
|
1299
1918
|
:next_token,
|
1300
|
-
:max_results
|
1919
|
+
:max_results,
|
1920
|
+
:permission_type)
|
1301
1921
|
SENSITIVE = []
|
1302
1922
|
include Aws::Structure
|
1303
1923
|
end
|
@@ -1337,7 +1957,7 @@ module Aws::RAM
|
|
1337
1957
|
#
|
1338
1958
|
# @!attribute [rw] resource_arn
|
1339
1959
|
# Specifies that you want to list principal information for the
|
1340
|
-
# resource share with the specified [Amazon
|
1960
|
+
# resource share with the specified [Amazon Resource Name (ARN)][1].
|
1341
1961
|
#
|
1342
1962
|
#
|
1343
1963
|
#
|
@@ -1352,7 +1972,7 @@ module Aws::RAM
|
|
1352
1972
|
#
|
1353
1973
|
# * An Amazon Web Services account ID, for example: `123456789012`
|
1354
1974
|
#
|
1355
|
-
# * An [Amazon
|
1975
|
+
# * An [Amazon Resource Name (ARN)][1] of an organization in
|
1356
1976
|
# Organizations, for example:
|
1357
1977
|
# `organizations::123456789012:organization/o-exampleorgid`
|
1358
1978
|
#
|
@@ -1453,8 +2073,74 @@ module Aws::RAM
|
|
1453
2073
|
include Aws::Structure
|
1454
2074
|
end
|
1455
2075
|
|
2076
|
+
# @!attribute [rw] work_ids
|
2077
|
+
# A list of IDs. These values come from the `id`field of the
|
2078
|
+
# `replacePermissionAssociationsWork`structure returned by the
|
2079
|
+
# ReplacePermissionAssociations operation.
|
2080
|
+
# @return [Array<String>]
|
2081
|
+
#
|
2082
|
+
# @!attribute [rw] status
|
2083
|
+
# Specifies that you want to see only the details about requests with
|
2084
|
+
# a status that matches this value.
|
2085
|
+
# @return [String]
|
2086
|
+
#
|
2087
|
+
# @!attribute [rw] next_token
|
2088
|
+
# Specifies that you want to receive the next page of results. Valid
|
2089
|
+
# only if you received a `NextToken` response in the previous request.
|
2090
|
+
# If you did, it indicates that more output is available. Set this
|
2091
|
+
# parameter to the value provided by the previous call's `NextToken`
|
2092
|
+
# response to request the next page of results.
|
2093
|
+
# @return [String]
|
2094
|
+
#
|
2095
|
+
# @!attribute [rw] max_results
|
2096
|
+
# Specifies the total number of results that you want included on each
|
2097
|
+
# page of the response. If you do not include this parameter, it
|
2098
|
+
# defaults to a value that is specific to the operation. If additional
|
2099
|
+
# items exist beyond the number you specify, the `NextToken` response
|
2100
|
+
# element is returned with a value (not null). Include the specified
|
2101
|
+
# value as the `NextToken` request parameter in the next call to the
|
2102
|
+
# operation to get the next part of the results. Note that the service
|
2103
|
+
# might return fewer results than the maximum even when there are more
|
2104
|
+
# results available. You should check `NextToken` after every
|
2105
|
+
# operation to ensure that you receive all of the results.
|
2106
|
+
# @return [Integer]
|
2107
|
+
#
|
2108
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListReplacePermissionAssociationsWorkRequest AWS API Documentation
|
2109
|
+
#
|
2110
|
+
class ListReplacePermissionAssociationsWorkRequest < Struct.new(
|
2111
|
+
:work_ids,
|
2112
|
+
:status,
|
2113
|
+
:next_token,
|
2114
|
+
:max_results)
|
2115
|
+
SENSITIVE = []
|
2116
|
+
include Aws::Structure
|
2117
|
+
end
|
2118
|
+
|
2119
|
+
# @!attribute [rw] replace_permission_associations_works
|
2120
|
+
# An array of data structures that provide details of the matching
|
2121
|
+
# work IDs.
|
2122
|
+
# @return [Array<Types::ReplacePermissionAssociationsWork>]
|
2123
|
+
#
|
2124
|
+
# @!attribute [rw] next_token
|
2125
|
+
# If present, this value indicates that more output is available than
|
2126
|
+
# is included in the current response. Use this value in the
|
2127
|
+
# `NextToken` request parameter in a subsequent call to the operation
|
2128
|
+
# to get the next part of the output. You should repeat this until the
|
2129
|
+
# `NextToken` response element comes back as `null`. This indicates
|
2130
|
+
# that this is the last page of results.
|
2131
|
+
# @return [String]
|
2132
|
+
#
|
2133
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ListReplacePermissionAssociationsWorkResponse AWS API Documentation
|
2134
|
+
#
|
2135
|
+
class ListReplacePermissionAssociationsWorkResponse < Struct.new(
|
2136
|
+
:replace_permission_associations_works,
|
2137
|
+
:next_token)
|
2138
|
+
SENSITIVE = []
|
2139
|
+
include Aws::Structure
|
2140
|
+
end
|
2141
|
+
|
1456
2142
|
# @!attribute [rw] resource_share_arn
|
1457
|
-
# Specifies the [Amazon
|
2143
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
1458
2144
|
# for which you want to retrieve the associated permissions.
|
1459
2145
|
#
|
1460
2146
|
#
|
@@ -1703,7 +2389,12 @@ module Aws::RAM
|
|
1703
2389
|
include Aws::Structure
|
1704
2390
|
end
|
1705
2391
|
|
1706
|
-
# The
|
2392
|
+
# The operation failed because the specified [Amazon Resource Name
|
2393
|
+
# (ARN)][1] has a format that isn't valid.
|
2394
|
+
#
|
2395
|
+
#
|
2396
|
+
#
|
2397
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1707
2398
|
#
|
1708
2399
|
# @!attribute [rw] message
|
1709
2400
|
# @return [String]
|
@@ -1716,7 +2407,21 @@ module Aws::RAM
|
|
1716
2407
|
include Aws::Structure
|
1717
2408
|
end
|
1718
2409
|
|
1719
|
-
#
|
2410
|
+
# The operation failed because the policy template that you provided
|
2411
|
+
# isn't valid.
|
2412
|
+
#
|
2413
|
+
# @!attribute [rw] message
|
2414
|
+
# @return [String]
|
2415
|
+
#
|
2416
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/MalformedPolicyTemplateException AWS API Documentation
|
2417
|
+
#
|
2418
|
+
class MalformedPolicyTemplateException < Struct.new(
|
2419
|
+
:message)
|
2420
|
+
SENSITIVE = []
|
2421
|
+
include Aws::Structure
|
2422
|
+
end
|
2423
|
+
|
2424
|
+
# The operation failed because a required input parameter is missing.
|
1720
2425
|
#
|
1721
2426
|
# @!attribute [rw] message
|
1722
2427
|
# @return [String]
|
@@ -1729,7 +2434,7 @@ module Aws::RAM
|
|
1729
2434
|
include Aws::Structure
|
1730
2435
|
end
|
1731
2436
|
|
1732
|
-
# The requested operation
|
2437
|
+
# The operation failed because the requested operation isn't permitted.
|
1733
2438
|
#
|
1734
2439
|
# @!attribute [rw] message
|
1735
2440
|
# @return [String]
|
@@ -1742,50 +2447,177 @@ module Aws::RAM
|
|
1742
2447
|
include Aws::Structure
|
1743
2448
|
end
|
1744
2449
|
|
2450
|
+
# The operation failed because a permission with the specified name
|
2451
|
+
# already exists in the requested Amazon Web Services Region. Choose a
|
2452
|
+
# different name.
|
2453
|
+
#
|
2454
|
+
# @!attribute [rw] message
|
2455
|
+
# @return [String]
|
2456
|
+
#
|
2457
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PermissionAlreadyExistsException AWS API Documentation
|
2458
|
+
#
|
2459
|
+
class PermissionAlreadyExistsException < Struct.new(
|
2460
|
+
:message)
|
2461
|
+
SENSITIVE = []
|
2462
|
+
include Aws::Structure
|
2463
|
+
end
|
2464
|
+
|
2465
|
+
# The operation failed because it would exceed the maximum number of
|
2466
|
+
# permissions you can create in each Amazon Web Services Region. To view
|
2467
|
+
# the limits for your Amazon Web Services account, see the [RAM page in
|
2468
|
+
# the Service Quotas console][1].
|
2469
|
+
#
|
2470
|
+
#
|
2471
|
+
#
|
2472
|
+
# [1]: https://console.aws.amazon.com/servicequotas/home/services/ram/quotas
|
2473
|
+
#
|
2474
|
+
# @!attribute [rw] message
|
2475
|
+
# @return [String]
|
2476
|
+
#
|
2477
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PermissionLimitExceededException AWS API Documentation
|
2478
|
+
#
|
2479
|
+
class PermissionLimitExceededException < Struct.new(
|
2480
|
+
:message)
|
2481
|
+
SENSITIVE = []
|
2482
|
+
include Aws::Structure
|
2483
|
+
end
|
2484
|
+
|
2485
|
+
# The operation failed because it would exceed the limit for the number
|
2486
|
+
# of versions you can have for a permission. To view the limits for your
|
2487
|
+
# Amazon Web Services account, see the [RAM page in the Service Quotas
|
2488
|
+
# console][1].
|
2489
|
+
#
|
2490
|
+
#
|
2491
|
+
#
|
2492
|
+
# [1]: https://console.aws.amazon.com/servicequotas/home/services/ram/quotas
|
2493
|
+
#
|
2494
|
+
# @!attribute [rw] message
|
2495
|
+
# @return [String]
|
2496
|
+
#
|
2497
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PermissionVersionsLimitExceededException AWS API Documentation
|
2498
|
+
#
|
2499
|
+
class PermissionVersionsLimitExceededException < Struct.new(
|
2500
|
+
:message)
|
2501
|
+
SENSITIVE = []
|
2502
|
+
include Aws::Structure
|
2503
|
+
end
|
2504
|
+
|
1745
2505
|
# Describes a principal for use with Resource Access Manager.
|
1746
2506
|
#
|
1747
2507
|
# @!attribute [rw] id
|
1748
|
-
# The ID of the principal
|
2508
|
+
# The ID of the principal that can be associated with a resource
|
2509
|
+
# share.
|
1749
2510
|
# @return [String]
|
1750
2511
|
#
|
1751
2512
|
# @!attribute [rw] resource_share_arn
|
1752
|
-
# The [Amazon
|
1753
|
-
# is associated with.
|
2513
|
+
# The [Amazon Resource Name (ARN)][1] of a resource share the
|
2514
|
+
# principal is associated with.
|
2515
|
+
#
|
1754
2516
|
#
|
1755
2517
|
#
|
2518
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2519
|
+
# @return [String]
|
2520
|
+
#
|
2521
|
+
# @!attribute [rw] creation_time
|
2522
|
+
# The date and time when the principal was associated with the
|
2523
|
+
# resource share.
|
2524
|
+
# @return [Time]
|
2525
|
+
#
|
2526
|
+
# @!attribute [rw] last_updated_time
|
2527
|
+
# The date and time when the association between the resource share
|
2528
|
+
# and the principal was last updated.
|
2529
|
+
# @return [Time]
|
2530
|
+
#
|
2531
|
+
# @!attribute [rw] external
|
2532
|
+
# Indicates the relationship between the Amazon Web Services account
|
2533
|
+
# the principal belongs to and the account that owns the resource
|
2534
|
+
# share:
|
2535
|
+
#
|
2536
|
+
# * `True` – The two accounts belong to same organization.
|
2537
|
+
#
|
2538
|
+
# * `False` – The two accounts do not belong to the same organization.
|
2539
|
+
# @return [Boolean]
|
2540
|
+
#
|
2541
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/Principal AWS API Documentation
|
2542
|
+
#
|
2543
|
+
class Principal < Struct.new(
|
2544
|
+
:id,
|
2545
|
+
:resource_share_arn,
|
2546
|
+
:creation_time,
|
2547
|
+
:last_updated_time,
|
2548
|
+
:external)
|
2549
|
+
SENSITIVE = []
|
2550
|
+
include Aws::Structure
|
2551
|
+
end
|
2552
|
+
|
2553
|
+
# @!attribute [rw] permission_arn
|
2554
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the
|
2555
|
+
# `CREATED_FROM_POLICY` permission that you want to promote. You can
|
2556
|
+
# get this [Amazon Resource Name (ARN)][1] by calling the
|
2557
|
+
# ListResourceSharePermissions operation.
|
2558
|
+
#
|
2559
|
+
#
|
2560
|
+
#
|
2561
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2562
|
+
# @return [String]
|
2563
|
+
#
|
2564
|
+
# @!attribute [rw] name
|
2565
|
+
# Specifies a name for the promoted customer managed permission.
|
2566
|
+
# @return [String]
|
2567
|
+
#
|
2568
|
+
# @!attribute [rw] client_token
|
2569
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
2570
|
+
# ensure the idempotency of the request. This lets you safely retry
|
2571
|
+
# the request without accidentally performing the same operation a
|
2572
|
+
# second time. Passing the same value to a later call to an operation
|
2573
|
+
# requires that you also pass the same value for all other parameters.
|
2574
|
+
# We recommend that you use a [UUID type of value.][1].
|
2575
|
+
#
|
2576
|
+
# If you don't provide this value, then Amazon Web Services generates
|
2577
|
+
# a random one for you.
|
2578
|
+
#
|
2579
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2580
|
+
# different parameters, the retry fails with an
|
2581
|
+
# `IdempotentParameterMismatch` error.
|
2582
|
+
#
|
2583
|
+
#
|
2584
|
+
#
|
2585
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
2586
|
+
# @return [String]
|
2587
|
+
#
|
2588
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PromotePermissionCreatedFromPolicyRequest AWS API Documentation
|
2589
|
+
#
|
2590
|
+
class PromotePermissionCreatedFromPolicyRequest < Struct.new(
|
2591
|
+
:permission_arn,
|
2592
|
+
:name,
|
2593
|
+
:client_token)
|
2594
|
+
SENSITIVE = []
|
2595
|
+
include Aws::Structure
|
2596
|
+
end
|
2597
|
+
|
2598
|
+
# @!attribute [rw] permission
|
2599
|
+
# Information about an RAM permission.
|
2600
|
+
# @return [Types::ResourceSharePermissionSummary]
|
1756
2601
|
#
|
1757
|
-
#
|
2602
|
+
# @!attribute [rw] client_token
|
2603
|
+
# The idempotency identifier associated with this request. If you want
|
2604
|
+
# to repeat the same operation in an idempotent manner then you must
|
2605
|
+
# include this value in the `clientToken` request parameter of that
|
2606
|
+
# later call. All other parameters must also have the same values that
|
2607
|
+
# you used in the first call.
|
1758
2608
|
# @return [String]
|
1759
2609
|
#
|
1760
|
-
#
|
1761
|
-
# The date and time when the principal was associated with the
|
1762
|
-
# resource share.
|
1763
|
-
# @return [Time]
|
1764
|
-
#
|
1765
|
-
# @!attribute [rw] last_updated_time
|
1766
|
-
# The date and time when the association was last updated.
|
1767
|
-
# @return [Time]
|
1768
|
-
#
|
1769
|
-
# @!attribute [rw] external
|
1770
|
-
# Indicates whether the principal belongs to the same organization in
|
1771
|
-
# Organizations as the Amazon Web Services account that owns the
|
1772
|
-
# resource share.
|
1773
|
-
# @return [Boolean]
|
1774
|
-
#
|
1775
|
-
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/Principal AWS API Documentation
|
2610
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/PromotePermissionCreatedFromPolicyResponse AWS API Documentation
|
1776
2611
|
#
|
1777
|
-
class
|
1778
|
-
:
|
1779
|
-
:
|
1780
|
-
:creation_time,
|
1781
|
-
:last_updated_time,
|
1782
|
-
:external)
|
2612
|
+
class PromotePermissionCreatedFromPolicyResponse < Struct.new(
|
2613
|
+
:permission,
|
2614
|
+
:client_token)
|
1783
2615
|
SENSITIVE = []
|
1784
2616
|
include Aws::Structure
|
1785
2617
|
end
|
1786
2618
|
|
1787
2619
|
# @!attribute [rw] resource_share_arn
|
1788
|
-
# Specifies the [Amazon
|
2620
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
1789
2621
|
# to promote.
|
1790
2622
|
#
|
1791
2623
|
#
|
@@ -1815,7 +2647,7 @@ module Aws::RAM
|
|
1815
2647
|
end
|
1816
2648
|
|
1817
2649
|
# @!attribute [rw] resource_share_invitation_arn
|
1818
|
-
# Specifies the [Amazon
|
2650
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the invitation that
|
1819
2651
|
# you want to reject.
|
1820
2652
|
#
|
1821
2653
|
#
|
@@ -1834,6 +2666,10 @@ module Aws::RAM
|
|
1834
2666
|
# If you don't provide this value, then Amazon Web Services generates
|
1835
2667
|
# a random one for you.
|
1836
2668
|
#
|
2669
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2670
|
+
# different parameters, the retry fails with an
|
2671
|
+
# `IdempotentParameterMismatch` error.
|
2672
|
+
#
|
1837
2673
|
#
|
1838
2674
|
#
|
1839
2675
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
@@ -1869,10 +2705,166 @@ module Aws::RAM
|
|
1869
2705
|
include Aws::Structure
|
1870
2706
|
end
|
1871
2707
|
|
2708
|
+
# @!attribute [rw] from_permission_arn
|
2709
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
2710
|
+
# permission that you want to replace.
|
2711
|
+
#
|
2712
|
+
#
|
2713
|
+
#
|
2714
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2715
|
+
# @return [String]
|
2716
|
+
#
|
2717
|
+
# @!attribute [rw] from_permission_version
|
2718
|
+
# Specifies that you want to updated the permissions for only those
|
2719
|
+
# resource shares that use the specified version of the managed
|
2720
|
+
# permission.
|
2721
|
+
# @return [Integer]
|
2722
|
+
#
|
2723
|
+
# @!attribute [rw] to_permission_arn
|
2724
|
+
# Specifies the ARN of the managed permission that you want to
|
2725
|
+
# associate with resource shares in place of the one specified by
|
2726
|
+
# `fromPerssionArn` and `fromPermissionVersion`.
|
2727
|
+
#
|
2728
|
+
# The operation always associates the version that is currently the
|
2729
|
+
# default for the specified managed permission.
|
2730
|
+
# @return [String]
|
2731
|
+
#
|
2732
|
+
# @!attribute [rw] client_token
|
2733
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
2734
|
+
# ensure the idempotency of the request. This lets you safely retry
|
2735
|
+
# the request without accidentally performing the same operation a
|
2736
|
+
# second time. Passing the same value to a later call to an operation
|
2737
|
+
# requires that you also pass the same value for all other parameters.
|
2738
|
+
# We recommend that you use a [UUID type of value.][1].
|
2739
|
+
#
|
2740
|
+
# If you don't provide this value, then Amazon Web Services generates
|
2741
|
+
# a random one for you.
|
2742
|
+
#
|
2743
|
+
# If you retry the operation with the same `ClientToken`, but with
|
2744
|
+
# different parameters, the retry fails with an
|
2745
|
+
# `IdempotentParameterMismatch` error.
|
2746
|
+
#
|
2747
|
+
#
|
2748
|
+
#
|
2749
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
2750
|
+
# @return [String]
|
2751
|
+
#
|
2752
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ReplacePermissionAssociationsRequest AWS API Documentation
|
2753
|
+
#
|
2754
|
+
class ReplacePermissionAssociationsRequest < Struct.new(
|
2755
|
+
:from_permission_arn,
|
2756
|
+
:from_permission_version,
|
2757
|
+
:to_permission_arn,
|
2758
|
+
:client_token)
|
2759
|
+
SENSITIVE = []
|
2760
|
+
include Aws::Structure
|
2761
|
+
end
|
2762
|
+
|
2763
|
+
# @!attribute [rw] replace_permission_associations_work
|
2764
|
+
# Specifies a data structure that you can use to track the
|
2765
|
+
# asynchronous tasks that RAM performs to complete this operation. You
|
2766
|
+
# can use the ListReplacePermissionAssociationsWork operation and pass
|
2767
|
+
# the `id` value returned in this structure.
|
2768
|
+
# @return [Types::ReplacePermissionAssociationsWork]
|
2769
|
+
#
|
2770
|
+
# @!attribute [rw] client_token
|
2771
|
+
# The idempotency identifier associated with this request. If you want
|
2772
|
+
# to repeat the same operation in an idempotent manner then you must
|
2773
|
+
# include this value in the `clientToken` request parameter of that
|
2774
|
+
# later call. All other parameters must also have the same values that
|
2775
|
+
# you used in the first call.
|
2776
|
+
# @return [String]
|
2777
|
+
#
|
2778
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ReplacePermissionAssociationsResponse AWS API Documentation
|
2779
|
+
#
|
2780
|
+
class ReplacePermissionAssociationsResponse < Struct.new(
|
2781
|
+
:replace_permission_associations_work,
|
2782
|
+
:client_token)
|
2783
|
+
SENSITIVE = []
|
2784
|
+
include Aws::Structure
|
2785
|
+
end
|
2786
|
+
|
2787
|
+
# A structure that represents the background work that RAM performs when
|
2788
|
+
# you invoke the ReplacePermissionAssociations operation.
|
2789
|
+
#
|
2790
|
+
# @!attribute [rw] id
|
2791
|
+
# The unique identifier for the background task associated with one
|
2792
|
+
# ReplacePermissionAssociations request.
|
2793
|
+
# @return [String]
|
2794
|
+
#
|
2795
|
+
# @!attribute [rw] from_permission_arn
|
2796
|
+
# The [Amazon Resource Name (ARN)][1] of the managed permission that
|
2797
|
+
# this background task is replacing.
|
2798
|
+
#
|
2799
|
+
#
|
2800
|
+
#
|
2801
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2802
|
+
# @return [String]
|
2803
|
+
#
|
2804
|
+
# @!attribute [rw] from_permission_version
|
2805
|
+
# The version of the managed permission that this background task is
|
2806
|
+
# replacing.
|
2807
|
+
# @return [String]
|
2808
|
+
#
|
2809
|
+
# @!attribute [rw] to_permission_arn
|
2810
|
+
# The ARN of the managed permission that this background task is
|
2811
|
+
# associating with the resource shares in place of the managed
|
2812
|
+
# permission and version specified in `fromPermissionArn` and
|
2813
|
+
# `fromPermissionVersion`.
|
2814
|
+
# @return [String]
|
2815
|
+
#
|
2816
|
+
# @!attribute [rw] to_permission_version
|
2817
|
+
# The version of the managed permission that this background task is
|
2818
|
+
# associating with the resource shares. This is always the version
|
2819
|
+
# that is currently the default for this managed permission.
|
2820
|
+
# @return [String]
|
2821
|
+
#
|
2822
|
+
# @!attribute [rw] status
|
2823
|
+
# Specifies the current status of the background tasks for the
|
2824
|
+
# specified ID. The output is one of the following strings:
|
2825
|
+
#
|
2826
|
+
# * `IN_PROGRESS`
|
2827
|
+
#
|
2828
|
+
# * `COMPLETED`
|
2829
|
+
#
|
2830
|
+
# * `FAILED`
|
2831
|
+
# @return [String]
|
2832
|
+
#
|
2833
|
+
# @!attribute [rw] status_message
|
2834
|
+
# Specifies the reason for a `FAILED` status. This field is present
|
2835
|
+
# only when there `status` is `FAILED`.
|
2836
|
+
# @return [String]
|
2837
|
+
#
|
2838
|
+
# @!attribute [rw] creation_time
|
2839
|
+
# The date and time when this asynchronous background task was
|
2840
|
+
# created.
|
2841
|
+
# @return [Time]
|
2842
|
+
#
|
2843
|
+
# @!attribute [rw] last_updated_time
|
2844
|
+
# The date and time when the status of this background task was last
|
2845
|
+
# updated.
|
2846
|
+
# @return [Time]
|
2847
|
+
#
|
2848
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ReplacePermissionAssociationsWork AWS API Documentation
|
2849
|
+
#
|
2850
|
+
class ReplacePermissionAssociationsWork < Struct.new(
|
2851
|
+
:id,
|
2852
|
+
:from_permission_arn,
|
2853
|
+
:from_permission_version,
|
2854
|
+
:to_permission_arn,
|
2855
|
+
:to_permission_version,
|
2856
|
+
:status,
|
2857
|
+
:status_message,
|
2858
|
+
:creation_time,
|
2859
|
+
:last_updated_time)
|
2860
|
+
SENSITIVE = []
|
2861
|
+
include Aws::Structure
|
2862
|
+
end
|
2863
|
+
|
1872
2864
|
# Describes a resource associated with a resource share in RAM.
|
1873
2865
|
#
|
1874
2866
|
# @!attribute [rw] arn
|
1875
|
-
# The [Amazon
|
2867
|
+
# The [Amazon Resource Name (ARN)][1] of the resource.
|
1876
2868
|
#
|
1877
2869
|
#
|
1878
2870
|
#
|
@@ -1881,11 +2873,13 @@ module Aws::RAM
|
|
1881
2873
|
#
|
1882
2874
|
# @!attribute [rw] type
|
1883
2875
|
# The resource type. This takes the form of:
|
1884
|
-
# `service-code
|
2876
|
+
# `service-code`:`resource-code`, and is case-insensitive. For
|
2877
|
+
# example, an Amazon EC2 Subnet would be represented by the string
|
2878
|
+
# `ec2:subnet`.
|
1885
2879
|
# @return [String]
|
1886
2880
|
#
|
1887
2881
|
# @!attribute [rw] resource_share_arn
|
1888
|
-
# The [Amazon
|
2882
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share this
|
1889
2883
|
# resource is associated with.
|
1890
2884
|
#
|
1891
2885
|
#
|
@@ -1894,8 +2888,8 @@ module Aws::RAM
|
|
1894
2888
|
# @return [String]
|
1895
2889
|
#
|
1896
2890
|
# @!attribute [rw] resource_group_arn
|
1897
|
-
# The [Amazon
|
1898
|
-
# is available only if the resource is part of a resource group.
|
2891
|
+
# The [Amazon Resource Name (ARN)][1] of the resource group. This
|
2892
|
+
# value is available only if the resource is part of a resource group.
|
1899
2893
|
#
|
1900
2894
|
#
|
1901
2895
|
#
|
@@ -1916,7 +2910,8 @@ module Aws::RAM
|
|
1916
2910
|
# @return [Time]
|
1917
2911
|
#
|
1918
2912
|
# @!attribute [rw] last_updated_time
|
1919
|
-
# The date an time when the association
|
2913
|
+
# The date an time when the association between the resource and the
|
2914
|
+
# resource share was last updated.
|
1920
2915
|
# @return [Time]
|
1921
2916
|
#
|
1922
2917
|
# @!attribute [rw] resource_region_scope
|
@@ -1946,7 +2941,12 @@ module Aws::RAM
|
|
1946
2941
|
include Aws::Structure
|
1947
2942
|
end
|
1948
2943
|
|
1949
|
-
# The specified Amazon Resource Name
|
2944
|
+
# The operation failed because the specified [Amazon Resource Name
|
2945
|
+
# (ARN)][1] was not found.
|
2946
|
+
#
|
2947
|
+
#
|
2948
|
+
#
|
2949
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
1950
2950
|
#
|
1951
2951
|
# @!attribute [rw] message
|
1952
2952
|
# @return [String]
|
@@ -1962,7 +2962,7 @@ module Aws::RAM
|
|
1962
2962
|
# Describes a resource share in RAM.
|
1963
2963
|
#
|
1964
2964
|
# @!attribute [rw] resource_share_arn
|
1965
|
-
# The [Amazon
|
2965
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share
|
1966
2966
|
#
|
1967
2967
|
#
|
1968
2968
|
#
|
@@ -1981,6 +2981,12 @@ module Aws::RAM
|
|
1981
2981
|
# @!attribute [rw] allow_external_principals
|
1982
2982
|
# Indicates whether principals outside your organization in
|
1983
2983
|
# Organizations can be associated with a resource share.
|
2984
|
+
#
|
2985
|
+
# * `True` – the resource share can be shared with any Amazon Web
|
2986
|
+
# Services account.
|
2987
|
+
#
|
2988
|
+
# * `False` – the resource share can be shared with only accounts in
|
2989
|
+
# the same organization as the account that owns the resource share.
|
1984
2990
|
# @return [Boolean]
|
1985
2991
|
#
|
1986
2992
|
# @!attribute [rw] status
|
@@ -2004,25 +3010,30 @@ module Aws::RAM
|
|
2004
3010
|
# @return [Time]
|
2005
3011
|
#
|
2006
3012
|
# @!attribute [rw] feature_set
|
2007
|
-
# Indicates
|
2008
|
-
#
|
2009
|
-
#
|
2010
|
-
# *
|
2011
|
-
#
|
2012
|
-
# resource
|
2013
|
-
#
|
2014
|
-
#
|
2015
|
-
#
|
2016
|
-
#
|
2017
|
-
#
|
2018
|
-
#
|
2019
|
-
#
|
3013
|
+
# Indicates what features are available for this resource share. This
|
3014
|
+
# parameter can have one of the following values:
|
3015
|
+
#
|
3016
|
+
# * **STANDARD** – A resource share that supports all functionality.
|
3017
|
+
# These resource shares are visible to all principals you share the
|
3018
|
+
# resource share with. You can modify these resource shares in RAM
|
3019
|
+
# using the console or APIs. This resource share might have been
|
3020
|
+
# created by RAM, or it might have been **CREATED\_FROM\_POLICY**
|
3021
|
+
# and then promoted.
|
3022
|
+
#
|
3023
|
+
# * **CREATED\_FROM\_POLICY** – The customer manually shared a
|
3024
|
+
# resource by attaching a resource-based policy. That policy did not
|
3025
|
+
# match any existing managed permissions, so RAM created this
|
3026
|
+
# customer managed permission automatically on the customer's
|
3027
|
+
# behalf based on the attached policy document. This type of
|
3028
|
+
# resource share is visible only to the Amazon Web Services account
|
3029
|
+
# that created it. You can't modify it in RAM unless you promote
|
3030
|
+
# it. For more information, see
|
2020
3031
|
# PromoteResourceShareCreatedFromPolicy.
|
2021
3032
|
#
|
2022
|
-
# *
|
2023
|
-
#
|
2024
|
-
#
|
2025
|
-
#
|
3033
|
+
# * **PROMOTING\_TO\_STANDARD** – This resource share was originally
|
3034
|
+
# `CREATED_FROM_POLICY`, but the customer ran the
|
3035
|
+
# PromoteResourceShareCreatedFromPolicy and that operation is still
|
3036
|
+
# in progress. This value changes to `STANDARD` when complete.
|
2026
3037
|
# @return [String]
|
2027
3038
|
#
|
2028
3039
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ResourceShare AWS API Documentation
|
@@ -2042,11 +3053,11 @@ module Aws::RAM
|
|
2042
3053
|
include Aws::Structure
|
2043
3054
|
end
|
2044
3055
|
|
2045
|
-
# Describes an association
|
2046
|
-
# or a resource.
|
3056
|
+
# Describes an association between a resource share and either a
|
3057
|
+
# principal or a resource.
|
2047
3058
|
#
|
2048
3059
|
# @!attribute [rw] resource_share_arn
|
2049
|
-
# The [Amazon
|
3060
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share.
|
2050
3061
|
#
|
2051
3062
|
#
|
2052
3063
|
#
|
@@ -2060,14 +3071,14 @@ module Aws::RAM
|
|
2060
3071
|
# @!attribute [rw] associated_entity
|
2061
3072
|
# The associated entity. This can be either of the following:
|
2062
3073
|
#
|
2063
|
-
# * For a resource association, this is the [Amazon
|
3074
|
+
# * For a resource association, this is the [Amazon Resource Name
|
2064
3075
|
# (ARN)][1] of the resource.
|
2065
3076
|
#
|
2066
3077
|
# * For principal associations, this is one of the following:
|
2067
3078
|
#
|
2068
3079
|
# * The ID of an Amazon Web Services account
|
2069
3080
|
#
|
2070
|
-
# * The [Amazon
|
3081
|
+
# * The [Amazon Resource Name (ARN)][1] of an organization in
|
2071
3082
|
# Organizations
|
2072
3083
|
#
|
2073
3084
|
# * The ARN of an organizational unit (OU) in Organizations
|
@@ -2127,7 +3138,7 @@ module Aws::RAM
|
|
2127
3138
|
# resource share.
|
2128
3139
|
#
|
2129
3140
|
# @!attribute [rw] resource_share_invitation_arn
|
2130
|
-
# The [Amazon
|
3141
|
+
# The [Amazon Resource Name (ARN)][1] of the invitation.
|
2131
3142
|
#
|
2132
3143
|
#
|
2133
3144
|
#
|
@@ -2139,7 +3150,7 @@ module Aws::RAM
|
|
2139
3150
|
# @return [String]
|
2140
3151
|
#
|
2141
3152
|
# @!attribute [rw] resource_share_arn
|
2142
|
-
# The [Amazon
|
3153
|
+
# The [Amazon Resource Name (ARN)][1] of the resource share
|
2143
3154
|
#
|
2144
3155
|
#
|
2145
3156
|
#
|
@@ -2169,7 +3180,7 @@ module Aws::RAM
|
|
2169
3180
|
# @return [Array<Types::ResourceShareAssociation>]
|
2170
3181
|
#
|
2171
3182
|
# @!attribute [rw] receiver_arn
|
2172
|
-
# The [Amazon
|
3183
|
+
# The [Amazon Resource Name (ARN)][1] of the IAM user or role that
|
2173
3184
|
# received the invitation.
|
2174
3185
|
#
|
2175
3186
|
#
|
@@ -2193,7 +3204,8 @@ module Aws::RAM
|
|
2193
3204
|
include Aws::Structure
|
2194
3205
|
end
|
2195
3206
|
|
2196
|
-
# The specified invitation was already
|
3207
|
+
# The operation failed because the specified invitation was already
|
3208
|
+
# accepted.
|
2197
3209
|
#
|
2198
3210
|
# @!attribute [rw] message
|
2199
3211
|
# @return [String]
|
@@ -2206,7 +3218,8 @@ module Aws::RAM
|
|
2206
3218
|
include Aws::Structure
|
2207
3219
|
end
|
2208
3220
|
|
2209
|
-
# The specified invitation was already
|
3221
|
+
# The operation failed because the specified invitation was already
|
3222
|
+
# rejected.
|
2210
3223
|
#
|
2211
3224
|
# @!attribute [rw] message
|
2212
3225
|
# @return [String]
|
@@ -2219,8 +3232,12 @@ module Aws::RAM
|
|
2219
3232
|
include Aws::Structure
|
2220
3233
|
end
|
2221
3234
|
|
2222
|
-
# The specified Amazon Resource Name
|
2223
|
-
# found.
|
3235
|
+
# The operation failed because the specified [Amazon Resource Name
|
3236
|
+
# (ARN)][1] for an invitation was not found.
|
3237
|
+
#
|
3238
|
+
#
|
3239
|
+
#
|
3240
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
2224
3241
|
#
|
2225
3242
|
# @!attribute [rw] message
|
2226
3243
|
# @return [String]
|
@@ -2233,7 +3250,8 @@ module Aws::RAM
|
|
2233
3250
|
include Aws::Structure
|
2234
3251
|
end
|
2235
3252
|
|
2236
|
-
# The specified invitation is
|
3253
|
+
# The operation failed because the specified invitation is past its
|
3254
|
+
# expiration date and time.
|
2237
3255
|
#
|
2238
3256
|
# @!attribute [rw] message
|
2239
3257
|
# @return [String]
|
@@ -2246,8 +3264,13 @@ module Aws::RAM
|
|
2246
3264
|
include Aws::Structure
|
2247
3265
|
end
|
2248
3266
|
|
2249
|
-
#
|
2250
|
-
# account.
|
3267
|
+
# The operation failed because it would exceed the limit for resource
|
3268
|
+
# shares for your account. To view the limits for your Amazon Web
|
3269
|
+
# Services account, see the [RAM page in the Service Quotas console][1].
|
3270
|
+
#
|
3271
|
+
#
|
3272
|
+
#
|
3273
|
+
# [1]: https://console.aws.amazon.com/servicequotas/home/services/ram/quotas
|
2251
3274
|
#
|
2252
3275
|
# @!attribute [rw] message
|
2253
3276
|
# @return [String]
|
@@ -2260,10 +3283,10 @@ module Aws::RAM
|
|
2260
3283
|
include Aws::Structure
|
2261
3284
|
end
|
2262
3285
|
|
2263
|
-
# Information about
|
3286
|
+
# Information about a RAM managed permission.
|
2264
3287
|
#
|
2265
3288
|
# @!attribute [rw] arn
|
2266
|
-
# The [Amazon
|
3289
|
+
# The [Amazon Resource Name (ARN)][1] of this RAM managed permission.
|
2267
3290
|
#
|
2268
3291
|
#
|
2269
3292
|
#
|
@@ -2271,12 +3294,12 @@ module Aws::RAM
|
|
2271
3294
|
# @return [String]
|
2272
3295
|
#
|
2273
3296
|
# @!attribute [rw] version
|
2274
|
-
# The version of the permission
|
3297
|
+
# The version of the permission described in this response.
|
2275
3298
|
# @return [String]
|
2276
3299
|
#
|
2277
3300
|
# @!attribute [rw] default_version
|
2278
3301
|
# Specifies whether the version of the permission represented in this
|
2279
|
-
#
|
3302
|
+
# response is the default version for this permission.
|
2280
3303
|
# @return [Boolean]
|
2281
3304
|
#
|
2282
3305
|
# @!attribute [rw] name
|
@@ -2304,10 +3327,71 @@ module Aws::RAM
|
|
2304
3327
|
#
|
2305
3328
|
# @!attribute [rw] is_resource_type_default
|
2306
3329
|
# Specifies whether the version of the permission represented in this
|
2307
|
-
#
|
3330
|
+
# response is the default version for all resources of this resource
|
2308
3331
|
# type.
|
2309
3332
|
# @return [Boolean]
|
2310
3333
|
#
|
3334
|
+
# @!attribute [rw] permission_type
|
3335
|
+
# The type of managed permission. This can be one of the following
|
3336
|
+
# values:
|
3337
|
+
#
|
3338
|
+
# * `AWS_MANAGED` – Amazon Web Services created and manages this
|
3339
|
+
# managed permission. You can associate it with your resource
|
3340
|
+
# shares, but you can't modify it.
|
3341
|
+
#
|
3342
|
+
# * `CUSTOMER_MANAGED` – You, or another principal in your account
|
3343
|
+
# created this managed permission. You can associate it with your
|
3344
|
+
# resource shares and create new versions that have different
|
3345
|
+
# permissions.
|
3346
|
+
# @return [String]
|
3347
|
+
#
|
3348
|
+
# @!attribute [rw] feature_set
|
3349
|
+
# Indicates what features are available for this resource share. This
|
3350
|
+
# parameter can have one of the following values:
|
3351
|
+
#
|
3352
|
+
# * **STANDARD** – A resource share that supports all functionality.
|
3353
|
+
# These resource shares are visible to all principals you share the
|
3354
|
+
# resource share with. You can modify these resource shares in RAM
|
3355
|
+
# using the console or APIs. This resource share might have been
|
3356
|
+
# created by RAM, or it might have been **CREATED\_FROM\_POLICY**
|
3357
|
+
# and then promoted.
|
3358
|
+
#
|
3359
|
+
# * **CREATED\_FROM\_POLICY** – The customer manually shared a
|
3360
|
+
# resource by attaching a resource-based policy. That policy did not
|
3361
|
+
# match any existing managed permissions, so RAM created this
|
3362
|
+
# customer managed permission automatically on the customer's
|
3363
|
+
# behalf based on the attached policy document. This type of
|
3364
|
+
# resource share is visible only to the Amazon Web Services account
|
3365
|
+
# that created it. You can't modify it in RAM unless you promote
|
3366
|
+
# it. For more information, see
|
3367
|
+
# PromoteResourceShareCreatedFromPolicy.
|
3368
|
+
#
|
3369
|
+
# * **PROMOTING\_TO\_STANDARD** – This resource share was originally
|
3370
|
+
# `CREATED_FROM_POLICY`, but the customer ran the
|
3371
|
+
# PromoteResourceShareCreatedFromPolicy and that operation is still
|
3372
|
+
# in progress. This value changes to `STANDARD` when complete.
|
3373
|
+
# @return [String]
|
3374
|
+
#
|
3375
|
+
# @!attribute [rw] status
|
3376
|
+
# The current status of the association between the permission and the
|
3377
|
+
# resource share. The following are the possible values:
|
3378
|
+
#
|
3379
|
+
# * `ATTACHABLE` – This permission or version can be associated with
|
3380
|
+
# resource shares.
|
3381
|
+
#
|
3382
|
+
# * `UNATTACHABLE` – This permission or version can't currently be
|
3383
|
+
# associated with resource shares.
|
3384
|
+
#
|
3385
|
+
# * `DELETING` – This permission or version is in the process of being
|
3386
|
+
# deleted.
|
3387
|
+
#
|
3388
|
+
# * `DELETED` – This permission or version is deleted.
|
3389
|
+
# @return [String]
|
3390
|
+
#
|
3391
|
+
# @!attribute [rw] tags
|
3392
|
+
# The tag key and value pairs attached to the resource share.
|
3393
|
+
# @return [Array<Types::Tag>]
|
3394
|
+
#
|
2311
3395
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ResourceSharePermissionDetail AWS API Documentation
|
2312
3396
|
#
|
2313
3397
|
class ResourceSharePermissionDetail < Struct.new(
|
@@ -2319,16 +3403,19 @@ module Aws::RAM
|
|
2319
3403
|
:permission,
|
2320
3404
|
:creation_time,
|
2321
3405
|
:last_updated_time,
|
2322
|
-
:is_resource_type_default
|
3406
|
+
:is_resource_type_default,
|
3407
|
+
:permission_type,
|
3408
|
+
:feature_set,
|
3409
|
+
:status,
|
3410
|
+
:tags)
|
2323
3411
|
SENSITIVE = []
|
2324
3412
|
include Aws::Structure
|
2325
3413
|
end
|
2326
3414
|
|
2327
|
-
# Information about an RAM permission
|
2328
|
-
# share and any of its resources of a specified type.
|
3415
|
+
# Information about an RAM permission.
|
2329
3416
|
#
|
2330
3417
|
# @!attribute [rw] arn
|
2331
|
-
# The [Amazon
|
3418
|
+
# The [Amazon Resource Name (ARN)][1] of the permission you want
|
2332
3419
|
# information about.
|
2333
3420
|
#
|
2334
3421
|
#
|
@@ -2337,20 +3424,23 @@ module Aws::RAM
|
|
2337
3424
|
# @return [String]
|
2338
3425
|
#
|
2339
3426
|
# @!attribute [rw] version
|
2340
|
-
# The version of the permission
|
3427
|
+
# The version of the permission associated with this resource share.
|
2341
3428
|
# @return [String]
|
2342
3429
|
#
|
2343
3430
|
# @!attribute [rw] default_version
|
2344
|
-
# Specifies whether the version of the permission
|
2345
|
-
#
|
3431
|
+
# Specifies whether the version of the managed permission used by this
|
3432
|
+
# resource share is the default version for this managed permission.
|
2346
3433
|
# @return [Boolean]
|
2347
3434
|
#
|
2348
3435
|
# @!attribute [rw] name
|
2349
|
-
# The name of this permission.
|
3436
|
+
# The name of this managed permission.
|
2350
3437
|
# @return [String]
|
2351
3438
|
#
|
2352
3439
|
# @!attribute [rw] resource_type
|
2353
|
-
# The type of resource to which this permission applies.
|
3440
|
+
# The type of resource to which this permission applies. This takes
|
3441
|
+
# the form of: `service-code`:`resource-code`, and is
|
3442
|
+
# case-insensitive. For example, an Amazon EC2 Subnet would be
|
3443
|
+
# represented by the string `ec2:subnet`.
|
2354
3444
|
# @return [String]
|
2355
3445
|
#
|
2356
3446
|
# @!attribute [rw] status
|
@@ -2366,11 +3456,57 @@ module Aws::RAM
|
|
2366
3456
|
# @return [Time]
|
2367
3457
|
#
|
2368
3458
|
# @!attribute [rw] is_resource_type_default
|
2369
|
-
# Specifies whether the
|
2370
|
-
#
|
2371
|
-
# type.
|
3459
|
+
# Specifies whether the managed permission associated with this
|
3460
|
+
# resource share is the default managed permission for all resources
|
3461
|
+
# of this resource type.
|
2372
3462
|
# @return [Boolean]
|
2373
3463
|
#
|
3464
|
+
# @!attribute [rw] permission_type
|
3465
|
+
# The type of managed permission. This can be one of the following
|
3466
|
+
# values:
|
3467
|
+
#
|
3468
|
+
# * `AWS_MANAGED` – Amazon Web Services created and manages this
|
3469
|
+
# managed permission. You can associate it with your resource
|
3470
|
+
# shares, but you can't modify it.
|
3471
|
+
#
|
3472
|
+
# * `CUSTOMER_MANAGED` – You, or another principal in your account
|
3473
|
+
# created this managed permission. You can associate it with your
|
3474
|
+
# resource shares and create new versions that have different
|
3475
|
+
# permissions.
|
3476
|
+
# @return [String]
|
3477
|
+
#
|
3478
|
+
# @!attribute [rw] feature_set
|
3479
|
+
# Indicates what features are available for this resource share. This
|
3480
|
+
# parameter can have one of the following values:
|
3481
|
+
#
|
3482
|
+
# * **STANDARD** – A resource share that supports all functionality.
|
3483
|
+
# These resource shares are visible to all principals you share the
|
3484
|
+
# resource share with. You can modify these resource shares in RAM
|
3485
|
+
# using the console or APIs. This resource share might have been
|
3486
|
+
# created by RAM, or it might have been **CREATED\_FROM\_POLICY**
|
3487
|
+
# and then promoted.
|
3488
|
+
#
|
3489
|
+
# * **CREATED\_FROM\_POLICY** – The customer manually shared a
|
3490
|
+
# resource by attaching a resource-based policy. That policy did not
|
3491
|
+
# match any existing managed permissions, so RAM created this
|
3492
|
+
# customer managed permission automatically on the customer's
|
3493
|
+
# behalf based on the attached policy document. This type of
|
3494
|
+
# resource share is visible only to the Amazon Web Services account
|
3495
|
+
# that created it. You can't modify it in RAM unless you promote
|
3496
|
+
# it. For more information, see
|
3497
|
+
# PromoteResourceShareCreatedFromPolicy.
|
3498
|
+
#
|
3499
|
+
# * **PROMOTING\_TO\_STANDARD** – This resource share was originally
|
3500
|
+
# `CREATED_FROM_POLICY`, but the customer ran the
|
3501
|
+
# PromoteResourceShareCreatedFromPolicy and that operation is still
|
3502
|
+
# in progress. This value changes to `STANDARD` when complete.
|
3503
|
+
# @return [String]
|
3504
|
+
#
|
3505
|
+
# @!attribute [rw] tags
|
3506
|
+
# A list of the tag key value pairs currently attached to the
|
3507
|
+
# permission.
|
3508
|
+
# @return [Array<Types::Tag>]
|
3509
|
+
#
|
2374
3510
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/ResourceSharePermissionSummary AWS API Documentation
|
2375
3511
|
#
|
2376
3512
|
class ResourceSharePermissionSummary < Struct.new(
|
@@ -2382,13 +3518,16 @@ module Aws::RAM
|
|
2382
3518
|
:status,
|
2383
3519
|
:creation_time,
|
2384
3520
|
:last_updated_time,
|
2385
|
-
:is_resource_type_default
|
3521
|
+
:is_resource_type_default,
|
3522
|
+
:permission_type,
|
3523
|
+
:feature_set,
|
3524
|
+
:tags)
|
2386
3525
|
SENSITIVE = []
|
2387
3526
|
include Aws::Structure
|
2388
3527
|
end
|
2389
3528
|
|
2390
|
-
# The service could not respond to the
|
2391
|
-
# problem.
|
3529
|
+
# The operation failed because the service could not respond to the
|
3530
|
+
# request due to an internal problem. Try again later.
|
2392
3531
|
#
|
2393
3532
|
# @!attribute [rw] message
|
2394
3533
|
# @return [String]
|
@@ -2405,7 +3544,10 @@ module Aws::RAM
|
|
2405
3544
|
# Services service to which resources of that type belong.
|
2406
3545
|
#
|
2407
3546
|
# @!attribute [rw] resource_type
|
2408
|
-
# The type of the resource.
|
3547
|
+
# The type of the resource. This takes the form of:
|
3548
|
+
# `service-code`:`resource-code`, and is case-insensitive. For
|
3549
|
+
# example, an Amazon EC2 Subnet would be represented by the string
|
3550
|
+
# `ec2:subnet`.
|
2409
3551
|
# @return [String]
|
2410
3552
|
#
|
2411
3553
|
# @!attribute [rw] service_name
|
@@ -2434,7 +3576,8 @@ module Aws::RAM
|
|
2434
3576
|
include Aws::Structure
|
2435
3577
|
end
|
2436
3578
|
|
2437
|
-
# The service
|
3579
|
+
# The operation failed because the service isn't available. Try again
|
3580
|
+
# later.
|
2438
3581
|
#
|
2439
3582
|
# @!attribute [rw] message
|
2440
3583
|
# @return [String]
|
@@ -2447,6 +3590,72 @@ module Aws::RAM
|
|
2447
3590
|
include Aws::Structure
|
2448
3591
|
end
|
2449
3592
|
|
3593
|
+
# @!attribute [rw] permission_arn
|
3594
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the customer
|
3595
|
+
# managed permission whose default version you want to change.
|
3596
|
+
#
|
3597
|
+
#
|
3598
|
+
#
|
3599
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3600
|
+
# @return [String]
|
3601
|
+
#
|
3602
|
+
# @!attribute [rw] permission_version
|
3603
|
+
# Specifies the version number that you want to designate as the
|
3604
|
+
# default for customer managed permission. To see a list of all
|
3605
|
+
# available version numbers, use ListPermissionVersions.
|
3606
|
+
# @return [Integer]
|
3607
|
+
#
|
3608
|
+
# @!attribute [rw] client_token
|
3609
|
+
# Specifies a unique, case-sensitive identifier that you provide to
|
3610
|
+
# ensure the idempotency of the request. This lets you safely retry
|
3611
|
+
# the request without accidentally performing the same operation a
|
3612
|
+
# second time. Passing the same value to a later call to an operation
|
3613
|
+
# requires that you also pass the same value for all other parameters.
|
3614
|
+
# We recommend that you use a [UUID type of value.][1].
|
3615
|
+
#
|
3616
|
+
# If you don't provide this value, then Amazon Web Services generates
|
3617
|
+
# a random one for you.
|
3618
|
+
#
|
3619
|
+
# If you retry the operation with the same `ClientToken`, but with
|
3620
|
+
# different parameters, the retry fails with an
|
3621
|
+
# `IdempotentParameterMismatch` error.
|
3622
|
+
#
|
3623
|
+
#
|
3624
|
+
#
|
3625
|
+
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|
3626
|
+
# @return [String]
|
3627
|
+
#
|
3628
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/SetDefaultPermissionVersionRequest AWS API Documentation
|
3629
|
+
#
|
3630
|
+
class SetDefaultPermissionVersionRequest < Struct.new(
|
3631
|
+
:permission_arn,
|
3632
|
+
:permission_version,
|
3633
|
+
:client_token)
|
3634
|
+
SENSITIVE = []
|
3635
|
+
include Aws::Structure
|
3636
|
+
end
|
3637
|
+
|
3638
|
+
# @!attribute [rw] return_value
|
3639
|
+
# A boolean value that indicates whether the operation was successful.
|
3640
|
+
# @return [Boolean]
|
3641
|
+
#
|
3642
|
+
# @!attribute [rw] client_token
|
3643
|
+
# The idempotency identifier associated with this request. If you want
|
3644
|
+
# to repeat the same operation in an idempotent manner then you must
|
3645
|
+
# include this value in the `clientToken` request parameter of that
|
3646
|
+
# later call. All other parameters must also have the same values that
|
3647
|
+
# you used in the first call.
|
3648
|
+
# @return [String]
|
3649
|
+
#
|
3650
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/SetDefaultPermissionVersionResponse AWS API Documentation
|
3651
|
+
#
|
3652
|
+
class SetDefaultPermissionVersionResponse < Struct.new(
|
3653
|
+
:return_value,
|
3654
|
+
:client_token)
|
3655
|
+
SENSITIVE = []
|
3656
|
+
include Aws::Structure
|
3657
|
+
end
|
3658
|
+
|
2450
3659
|
# A structure containing a tag. A tag is metadata that you can attach to
|
2451
3660
|
# your resources to help organize and categorize them. You can also use
|
2452
3661
|
# them to help you secure your resources. For more information, see
|
@@ -2502,7 +3711,8 @@ module Aws::RAM
|
|
2502
3711
|
include Aws::Structure
|
2503
3712
|
end
|
2504
3713
|
|
2505
|
-
#
|
3714
|
+
# The operation failed because it would exceed the limit for tags for
|
3715
|
+
# your Amazon Web Services account.
|
2506
3716
|
#
|
2507
3717
|
# @!attribute [rw] message
|
2508
3718
|
# @return [String]
|
@@ -2515,7 +3725,8 @@ module Aws::RAM
|
|
2515
3725
|
include Aws::Structure
|
2516
3726
|
end
|
2517
3727
|
|
2518
|
-
# The specified tag key is a reserved word
|
3728
|
+
# The operation failed because the specified tag key is a reserved word
|
3729
|
+
# and can't be used.
|
2519
3730
|
#
|
2520
3731
|
# @!attribute [rw] message
|
2521
3732
|
# @return [String]
|
@@ -2529,8 +3740,9 @@ module Aws::RAM
|
|
2529
3740
|
end
|
2530
3741
|
|
2531
3742
|
# @!attribute [rw] resource_share_arn
|
2532
|
-
# Specifies the [Amazon
|
2533
|
-
# that you want to add tags to.
|
3743
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
3744
|
+
# that you want to add tags to. You must specify *either*
|
3745
|
+
# `resourceShareArn`, or `resourceArn`, but not both.
|
2534
3746
|
#
|
2535
3747
|
#
|
2536
3748
|
#
|
@@ -2543,11 +3755,22 @@ module Aws::RAM
|
|
2543
3755
|
# but can be an empty string.
|
2544
3756
|
# @return [Array<Types::Tag>]
|
2545
3757
|
#
|
3758
|
+
# @!attribute [rw] resource_arn
|
3759
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
3760
|
+
# permission that you want to add tags to. You must specify *either*
|
3761
|
+
# `resourceArn`, or `resourceShareArn`, but not both.
|
3762
|
+
#
|
3763
|
+
#
|
3764
|
+
#
|
3765
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3766
|
+
# @return [String]
|
3767
|
+
#
|
2546
3768
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/TagResourceRequest AWS API Documentation
|
2547
3769
|
#
|
2548
3770
|
class TagResourceRequest < Struct.new(
|
2549
3771
|
:resource_share_arn,
|
2550
|
-
:tags
|
3772
|
+
:tags,
|
3773
|
+
:resource_arn)
|
2551
3774
|
SENSITIVE = []
|
2552
3775
|
include Aws::Structure
|
2553
3776
|
end
|
@@ -2556,8 +3779,8 @@ module Aws::RAM
|
|
2556
3779
|
#
|
2557
3780
|
class TagResourceResponse < Aws::EmptyStructure; end
|
2558
3781
|
|
2559
|
-
#
|
2560
|
-
# operation. Please try again later.
|
3782
|
+
# The operation failed because it exceeded the rate at which you are
|
3783
|
+
# allowed to perform this operation. Please try again later.
|
2561
3784
|
#
|
2562
3785
|
# @!attribute [rw] message
|
2563
3786
|
# @return [String]
|
@@ -2570,7 +3793,7 @@ module Aws::RAM
|
|
2570
3793
|
include Aws::Structure
|
2571
3794
|
end
|
2572
3795
|
|
2573
|
-
#
|
3796
|
+
# The operation failed because a specified resource couldn't be found.
|
2574
3797
|
#
|
2575
3798
|
# @!attribute [rw] message
|
2576
3799
|
# @return [String]
|
@@ -2583,10 +3806,27 @@ module Aws::RAM
|
|
2583
3806
|
include Aws::Structure
|
2584
3807
|
end
|
2585
3808
|
|
3809
|
+
# There isn't an existing managed permission defined in RAM that has
|
3810
|
+
# the same IAM permissions as the resource-based policy attached to the
|
3811
|
+
# resource. You should first run PromotePermissionCreatedFromPolicy to
|
3812
|
+
# create that managed permission.
|
3813
|
+
#
|
3814
|
+
# @!attribute [rw] message
|
3815
|
+
# @return [String]
|
3816
|
+
#
|
3817
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/UnmatchedPolicyPermissionException AWS API Documentation
|
3818
|
+
#
|
3819
|
+
class UnmatchedPolicyPermissionException < Struct.new(
|
3820
|
+
:message)
|
3821
|
+
SENSITIVE = []
|
3822
|
+
include Aws::Structure
|
3823
|
+
end
|
3824
|
+
|
2586
3825
|
# @!attribute [rw] resource_share_arn
|
2587
|
-
# Specifies the [Amazon
|
3826
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
2588
3827
|
# that you want to remove tags from. The tags are removed from the
|
2589
|
-
# resource share, not the resources in the resource share.
|
3828
|
+
# resource share, not the resources in the resource share. You must
|
3829
|
+
# specify either `resourceShareArn`, or `resourceArn`, but not both.
|
2590
3830
|
#
|
2591
3831
|
#
|
2592
3832
|
#
|
@@ -2597,11 +3837,22 @@ module Aws::RAM
|
|
2597
3837
|
# Specifies a list of one or more tag keys that you want to remove.
|
2598
3838
|
# @return [Array<String>]
|
2599
3839
|
#
|
3840
|
+
# @!attribute [rw] resource_arn
|
3841
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the managed
|
3842
|
+
# permission that you want to remove tags from. You must specify
|
3843
|
+
# either `resourceArn`, or `resourceShareArn`, but not both.
|
3844
|
+
#
|
3845
|
+
#
|
3846
|
+
#
|
3847
|
+
# [1]: https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html
|
3848
|
+
# @return [String]
|
3849
|
+
#
|
2600
3850
|
# @see http://docs.aws.amazon.com/goto/WebAPI/ram-2018-01-04/UntagResourceRequest AWS API Documentation
|
2601
3851
|
#
|
2602
3852
|
class UntagResourceRequest < Struct.new(
|
2603
3853
|
:resource_share_arn,
|
2604
|
-
:tag_keys
|
3854
|
+
:tag_keys,
|
3855
|
+
:resource_arn)
|
2605
3856
|
SENSITIVE = []
|
2606
3857
|
include Aws::Structure
|
2607
3858
|
end
|
@@ -2611,7 +3862,7 @@ module Aws::RAM
|
|
2611
3862
|
class UntagResourceResponse < Aws::EmptyStructure; end
|
2612
3863
|
|
2613
3864
|
# @!attribute [rw] resource_share_arn
|
2614
|
-
# Specifies the [Amazon
|
3865
|
+
# Specifies the [Amazon Resource Name (ARN)][1] of the resource share
|
2615
3866
|
# that you want to modify.
|
2616
3867
|
#
|
2617
3868
|
#
|
@@ -2640,6 +3891,10 @@ module Aws::RAM
|
|
2640
3891
|
# If you don't provide this value, then Amazon Web Services generates
|
2641
3892
|
# a random one for you.
|
2642
3893
|
#
|
3894
|
+
# If you retry the operation with the same `ClientToken`, but with
|
3895
|
+
# different parameters, the retry fails with an
|
3896
|
+
# `IdempotentParameterMismatch` error.
|
3897
|
+
#
|
2643
3898
|
#
|
2644
3899
|
#
|
2645
3900
|
# [1]: https://wikipedia.org/wiki/Universally_unique_identifier
|