RubyGems - aws-sdk-rolesanywhere - Versions diffs - 1.14.0 → 1.16.0 - Mend

aws-sdk-rolesanywhere 1.14.0 → 1.16.0

Files changed (12) hide show

checksums.yaml +4 -4
data/CHANGELOG.md +10 -0
data/VERSION +1 -1
data/lib/aws-sdk-rolesanywhere/client.rb +214 -46
data/lib/aws-sdk-rolesanywhere/client_api.rb +63 -0
data/lib/aws-sdk-rolesanywhere/endpoints.rb +28 -0
data/lib/aws-sdk-rolesanywhere/plugins/endpoints.rb +4 -0
data/lib/aws-sdk-rolesanywhere/types.rb +113 -0
data/lib/aws-sdk-rolesanywhere.rb +1 -1
data/sig/client.rbs +28 -0
data/sig/types.rbs +36 -0
metadata +4 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 10a15c0fede13d1ad9028644bbe1245bfe12a1cfa85b63c219a142fb3b1d6d17
-  data.tar.gz: ba0ce7465c77413722107c92e2d866e7fae8dee5ac4d079013176f3d46420f12
+  metadata.gz: 0e368e10ead923bb5aec3e3a5869b4527c597ddaf3d6d71c212b198eeadc1955
+  data.tar.gz: 2c398846cd5c1876d8f73a21aa674dd8553cc4f494ab3fc01815572f552d86b1
 SHA512:
-  metadata.gz: 2bb3a55c995dff380338a622791b2a0c38f450682d89135cab40663502828b9030cbb21c89a6285b1f3875c2dfe48330405dec03903eb3b0592e6e703b5e960b
-  data.tar.gz: 34376dc34533a016ebb285b2e7c98bada99ce344a9868e5af12c12d7d5eb89bb30b56394b16187dd3c8e3fa46fd4ea9d7062ac82d699dc48d99f926b2186bebf
+  metadata.gz: 35f45cfd854a9ec41f5c7acdcc712307dc8f551ff9876666446d3458030fc421ec7db639369365871337418d400debd846d4dd0a37e4aa28cfca6e0cc413ee6f
+  data.tar.gz: b75bc73b02c10f45c9979ea7c71b5437cf30418850550f2c5954a2a686f7ef97041d07db7d12d302298316f22c08d84c3248ec75b02f8e7ef45daa37c8b23185

data/CHANGELOG.md CHANGED Viewed

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
+1.16.0 (2024-04-25)
+------------------
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+1.15.0 (2024-04-18)
+------------------
+* Feature - This release introduces the PutAttributeMapping and DeleteAttributeMapping APIs. IAM Roles Anywhere now provides the capability to define a set of mapping rules, allowing customers to specify which data is extracted from their X.509 end-entity certificates.
 1.14.0 (2024-04-02)
 ------------------

data/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- 1.14.0
1	+ 1.16.0

data/lib/aws-sdk-rolesanywhere/client.rb CHANGED Viewed

@@ -22,6 +22,7 @@ require 'aws-sdk-core/plugins/endpoint_pattern.rb'
 require 'aws-sdk-core/plugins/response_paging.rb'
 require 'aws-sdk-core/plugins/stub_responses.rb'
 require 'aws-sdk-core/plugins/idempotency_token.rb'
+require 'aws-sdk-core/plugins/invocation_id.rb'
 require 'aws-sdk-core/plugins/jsonvalue_converter.rb'
 require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
@@ -72,6 +73,7 @@ module Aws::RolesAnywhere
     add_plugin(Aws::Plugins::ResponsePaging)
     add_plugin(Aws::Plugins::StubResponses)
     add_plugin(Aws::Plugins::IdempotencyToken)
+    add_plugin(Aws::Plugins::InvocationId)
     add_plugin(Aws::Plugins::JsonvalueConverter)
     add_plugin(Aws::Plugins::ClientMetricsPlugin)
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
@@ -196,10 +198,17 @@ module Aws::RolesAnywhere
     #     When set to 'true' the request body will not be compressed
     #     for supported operations.
     #
-    #   @option options [String] :endpoint
-    #     The client endpoint is normally constructed from the `:region`
-    #     option. You should only configure an `:endpoint` when connecting
-    #     to test or custom endpoints. This should be a valid HTTP(S) URI.
+    #   @option options [String, URI::HTTPS, URI::HTTP] :endpoint
+    #     Normally you should not configure the `:endpoint` option
+    #     directly. This is normally constructed from the `:region`
+    #     option. Configuring `:endpoint` is normally reserved for
+    #     connecting to test or custom endpoints. The endpoint should
+    #     be a URI formatted like:
+    #
+    #         'http://example.com'
+    #         'https://example.com'
+    #         'http://example.com:123'
+    #
     #
     #   @option options [Integer] :endpoint_cache_max_entries (1000)
     #     Used for the maximum size limit of the LRU cache storing endpoints data
@@ -337,50 +346,65 @@ module Aws::RolesAnywhere
     #   @option options [Aws::RolesAnywhere::EndpointProvider] :endpoint_provider
     #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::RolesAnywhere::EndpointParameters`
     #
-    #   @option options [URI::HTTP,String] :http_proxy A proxy to send
-    #     requests through.  Formatted like 'http://proxy.com:123'.
-    #
-    #   @option options [Float] :http_open_timeout (15) The number of
-    #     seconds to wait when opening a HTTP session before raising a
-    #     `Timeout::Error`.
-    #
-    #   @option options [Float] :http_read_timeout (60) The default
-    #     number of seconds to wait for response data.  This value can
-    #     safely be set per-request on the session.
-    #
-    #   @option options [Float] :http_idle_timeout (5) The number of
-    #     seconds a connection is allowed to sit idle before it is
-    #     considered stale.  Stale connections are closed and removed
-    #     from the pool before making a request.
-    #
-    #   @option options [Float] :http_continue_timeout (1) The number of
-    #     seconds to wait for a 100-continue response before sending the
-    #     request body.  This option has no effect unless the request has
-    #     "Expect" header set to "100-continue".  Defaults to `nil` which
-    #     disables this behaviour.  This value can safely be set per
-    #     request on the session.
-    #
-    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
-    #     in seconds.
+    #   @option options [Float] :http_continue_timeout (1)
+    #     The number of seconds to wait for a 100-continue response before sending the
+    #     request body.  This option has no effect unless the request has "Expect"
+    #     header set to "100-continue".  Defaults to `nil` which  disables this
+    #     behaviour.  This value can safely be set per request on the session.
+    #
+    #   @option options [Float] :http_idle_timeout (5)
+    #     The number of seconds a connection is allowed to sit idle before it
+    #     is considered stale.  Stale connections are closed and removed from the
+    #     pool before making a request.
+    #
+    #   @option options [Float] :http_open_timeout (15)
+    #     The default number of seconds to wait for response data.
+    #     This value can safely be set per-request on the session.
+    #
+    #   @option options [URI::HTTP,String] :http_proxy
+    #     A proxy to send requests through.  Formatted like 'http://proxy.com:123'.
+    #
+    #   @option options [Float] :http_read_timeout (60)
+    #     The default number of seconds to wait for response data.
+    #     This value can safely be set per-request on the session.
+    #
+    #   @option options [Boolean] :http_wire_trace (false)
+    #     When `true`,  HTTP debug output will be sent to the `:logger`.
+    #
+    #   @option options [Proc] :on_chunk_received
+    #     When a Proc object is provided, it will be used as callback when each chunk
+    #     of the response body is received. It provides three arguments: the chunk,
+    #     the number of bytes received, and the total number of
+    #     bytes in the response (or nil if the server did not send a `content-length`).
+    #
+    #   @option options [Proc] :on_chunk_sent
+    #     When a Proc object is provided, it will be used as callback when each chunk
+    #     of the request body is sent. It provides three arguments: the chunk,
+    #     the number of bytes read from the body, and the total number of
+    #     bytes in the body.
+    #
+    #   @option options [Boolean] :raise_response_errors (true)
+    #     When `true`, response errors are raised.
+    #
+    #   @option options [String] :ssl_ca_bundle
+    #     Full path to the SSL certificate authority bundle file that should be used when
+    #     verifying peer certificates.  If you do not pass `:ssl_ca_bundle` or
+    #     `:ssl_ca_directory` the the system default will be used if available.
+    #
+    #   @option options [String] :ssl_ca_directory
+    #     Full path of the directory that contains the unbundled SSL certificate
+    #     authority files for verifying peer certificates.  If you do
+    #     not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the system
+    #     default will be used if available.
     #
-    #   @option options [Boolean] :http_wire_trace (false) When `true`,
-    #     HTTP debug output will be sent to the `:logger`.
+    #   @option options [String] :ssl_ca_store
+    #     Sets the X509::Store to verify peer certificate.
     #
-    #   @option options [Boolean] :ssl_verify_peer (true) When `true`,
-    #     SSL peer certificates are verified when establishing a
-    #     connection.
+    #   @option options [Float] :ssl_timeout
+    #     Sets the SSL timeout in seconds
     #
-    #   @option options [String] :ssl_ca_bundle Full path to the SSL
-    #     certificate authority bundle file that should be used when
-    #     verifying peer certificates.  If you do not pass
-    #     `:ssl_ca_bundle` or `:ssl_ca_directory` the the system default
-    #     will be used if available.
-    #
-    #   @option options [String] :ssl_ca_directory Full path of the
-    #     directory that contains the unbundled SSL certificate
-    #     authority files for verifying peer certificates.  If you do
-    #     not pass `:ssl_ca_bundle` or `:ssl_ca_directory` the the
-    #     system default will be used if available.
+    #   @option options [Boolean] :ssl_verify_peer (true)
+    #     When `true`, SSL peer certificates are verified when establishing a connection.
     #
     def initialize(*args)
       super
@@ -453,6 +477,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -560,6 +588,62 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
+    # Delete an entry from the attribute mapping rules enforced by a given
+    # profile.
+    #
+    # @option params [required, String] :certificate_field
+    #   Fields (x509Subject, x509Issuer and x509SAN) within X.509
+    #   certificates.
+    #
+    # @option params [required, String] :profile_id
+    #   The unique identifier of the profile.
+    #
+    # @option params [Array<String>] :specifiers
+    #   A list of specifiers of a certificate field; for example, CN, OU, UID
+    #   from a Subject.
+    #
+    # @return [Types::DeleteAttributeMappingResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DeleteAttributeMappingResponse#profile #profile} => Types::ProfileDetail
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_attribute_mapping({
+    #     certificate_field: "x509Subject", # required, accepts x509Subject, x509Issuer, x509SAN
+    #     profile_id: "Uuid", # required
+    #     specifiers: ["String"],
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
+    #   resp.profile.created_at #=> Time
+    #   resp.profile.created_by #=> String
+    #   resp.profile.duration_seconds #=> Integer
+    #   resp.profile.enabled #=> Boolean
+    #   resp.profile.managed_policy_arns #=> Array
+    #   resp.profile.managed_policy_arns[0] #=> String
+    #   resp.profile.name #=> String
+    #   resp.profile.profile_arn #=> String
+    #   resp.profile.profile_id #=> String
+    #   resp.profile.require_instance_properties #=> Boolean
+    #   resp.profile.role_arns #=> Array
+    #   resp.profile.role_arns[0] #=> String
+    #   resp.profile.session_policy #=> String
+    #   resp.profile.updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteAttributeMapping AWS API Documentation
+    #
+    # @overload delete_attribute_mapping(params = {})
+    # @param [Hash] params ({})
+    def delete_attribute_mapping(params = {}, options = {})
+      req = build_request(:delete_attribute_mapping, params)
+      req.send_request(options)
+    end
     # Deletes a certificate revocation list (CRL).
     #
     # <b>Required permissions: </b> `rolesanywhere:DeleteCrl`.
@@ -616,6 +700,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -741,6 +829,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -868,6 +960,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -993,6 +1089,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -1256,6 +1356,10 @@ module Aws::RolesAnywhere
     #
     #   resp.next_token #=> String
     #   resp.profiles #=> Array
+    #   resp.profiles[0].attribute_mappings #=> Array
+    #   resp.profiles[0].attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profiles[0].attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profiles[0].attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profiles[0].created_at #=> Time
     #   resp.profiles[0].created_by #=> String
     #   resp.profiles[0].duration_seconds #=> Integer
@@ -1416,6 +1520,66 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
+    # Put an entry in the attribute mapping rules that will be enforced by a
+    # given profile. A mapping specifies a certificate field and one or more
+    # specifiers that have contextual meanings.
+    #
+    # @option params [required, String] :certificate_field
+    #   Fields (x509Subject, x509Issuer and x509SAN) within X.509
+    #   certificates.
+    #
+    # @option params [required, Array<Types::MappingRule>] :mapping_rules
+    #   A list of mapping entries for every supported specifier or sub-field.
+    #
+    # @option params [required, String] :profile_id
+    #   The unique identifier of the profile.
+    #
+    # @return [Types::PutAttributeMappingResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutAttributeMappingResponse#profile #profile} => Types::ProfileDetail
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_attribute_mapping({
+    #     certificate_field: "x509Subject", # required, accepts x509Subject, x509Issuer, x509SAN
+    #     mapping_rules: [ # required
+    #       {
+    #         specifier: "MappingRuleSpecifierString", # required
+    #       },
+    #     ],
+    #     profile_id: "Uuid", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
+    #   resp.profile.created_at #=> Time
+    #   resp.profile.created_by #=> String
+    #   resp.profile.duration_seconds #=> Integer
+    #   resp.profile.enabled #=> Boolean
+    #   resp.profile.managed_policy_arns #=> Array
+    #   resp.profile.managed_policy_arns[0] #=> String
+    #   resp.profile.name #=> String
+    #   resp.profile.profile_arn #=> String
+    #   resp.profile.profile_id #=> String
+    #   resp.profile.require_instance_properties #=> Boolean
+    #   resp.profile.role_arns #=> Array
+    #   resp.profile.role_arns[0] #=> String
+    #   resp.profile.session_policy #=> String
+    #   resp.profile.updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutAttributeMapping AWS API Documentation
+    #
+    # @overload put_attribute_mapping(params = {})
+    # @param [Hash] params ({})
+    def put_attribute_mapping(params = {}, options = {})
+      req = build_request(:put_attribute_mapping, params)
+      req.send_request(options)
+    end
     # Attaches a list of *notification settings* to a trust anchor.
     #
     # A notification setting includes information such as event name,
@@ -1691,6 +1855,10 @@ module Aws::RolesAnywhere
     #
     # @example Response structure
     #
+    #   resp.profile.attribute_mappings #=> Array
+    #   resp.profile.attribute_mappings[0].certificate_field #=> String, one of "x509Subject", "x509Issuer", "x509SAN"
+    #   resp.profile.attribute_mappings[0].mapping_rules #=> Array
+    #   resp.profile.attribute_mappings[0].mapping_rules[0].specifier #=> String
     #   resp.profile.created_at #=> Time
     #   resp.profile.created_by #=> String
     #   resp.profile.duration_seconds #=> Integer
@@ -1792,7 +1960,7 @@ module Aws::RolesAnywhere
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-rolesanywhere'
-      context[:gem_version] = '1.14.0'
+      context[:gem_version] = '1.16.0'
       Seahorse::Client::Request.new(handlers, context)
     end

data/lib/aws-sdk-rolesanywhere/client_api.rb CHANGED Viewed

@@ -15,8 +15,11 @@ module Aws::RolesAnywhere
     AccessDeniedException = Shapes::StructureShape.new(name: 'AccessDeniedException')
     AmazonResourceName = Shapes::StringShape.new(name: 'AmazonResourceName')
+    AttributeMapping = Shapes::StructureShape.new(name: 'AttributeMapping')
+    AttributeMappings = Shapes::ListShape.new(name: 'AttributeMappings')
     Blob = Shapes::BlobShape.new(name: 'Blob')
     Boolean = Shapes::BooleanShape.new(name: 'Boolean')
+    CertificateField = Shapes::StringShape.new(name: 'CertificateField')
     CreateProfileRequest = Shapes::StructureShape.new(name: 'CreateProfileRequest')
     CreateProfileRequestDurationSecondsInteger = Shapes::IntegerShape.new(name: 'CreateProfileRequestDurationSecondsInteger')
     CreateTrustAnchorRequest = Shapes::StructureShape.new(name: 'CreateTrustAnchorRequest')
@@ -25,6 +28,8 @@ module Aws::RolesAnywhere
     CrlDetail = Shapes::StructureShape.new(name: 'CrlDetail')
     CrlDetailResponse = Shapes::StructureShape.new(name: 'CrlDetailResponse')
     CrlDetails = Shapes::ListShape.new(name: 'CrlDetails')
+    DeleteAttributeMappingRequest = Shapes::StructureShape.new(name: 'DeleteAttributeMappingRequest')
+    DeleteAttributeMappingResponse = Shapes::StructureShape.new(name: 'DeleteAttributeMappingResponse')
     ImportCrlRequest = Shapes::StructureShape.new(name: 'ImportCrlRequest')
     ImportCrlRequestCrlDataBlob = Shapes::BlobShape.new(name: 'ImportCrlRequestCrlDataBlob')
     InstanceProperties = Shapes::ListShape.new(name: 'InstanceProperties')
@@ -43,6 +48,9 @@ module Aws::RolesAnywhere
     ListTrustAnchorsResponse = Shapes::StructureShape.new(name: 'ListTrustAnchorsResponse')
     ManagedPolicyList = Shapes::ListShape.new(name: 'ManagedPolicyList')
     ManagedPolicyListMemberString = Shapes::StringShape.new(name: 'ManagedPolicyListMemberString')
+    MappingRule = Shapes::StructureShape.new(name: 'MappingRule')
+    MappingRuleSpecifierString = Shapes::StringShape.new(name: 'MappingRuleSpecifierString')
+    MappingRules = Shapes::ListShape.new(name: 'MappingRules')
     NotificationChannel = Shapes::StringShape.new(name: 'NotificationChannel')
     NotificationEvent = Shapes::StringShape.new(name: 'NotificationEvent')
     NotificationSetting = Shapes::StructureShape.new(name: 'NotificationSetting')
@@ -58,6 +66,8 @@ module Aws::RolesAnywhere
     ProfileDetail = Shapes::StructureShape.new(name: 'ProfileDetail')
     ProfileDetailResponse = Shapes::StructureShape.new(name: 'ProfileDetailResponse')
     ProfileDetails = Shapes::ListShape.new(name: 'ProfileDetails')
+    PutAttributeMappingRequest = Shapes::StructureShape.new(name: 'PutAttributeMappingRequest')
+    PutAttributeMappingResponse = Shapes::StructureShape.new(name: 'PutAttributeMappingResponse')
     PutNotificationSettingsRequest = Shapes::StructureShape.new(name: 'PutNotificationSettingsRequest')
     PutNotificationSettingsResponse = Shapes::StructureShape.new(name: 'PutNotificationSettingsResponse')
     ResetNotificationSettingsRequest = Shapes::StructureShape.new(name: 'ResetNotificationSettingsRequest')
@@ -73,6 +83,7 @@ module Aws::RolesAnywhere
     Source = Shapes::StructureShape.new(name: 'Source')
     SourceData = Shapes::UnionShape.new(name: 'SourceData')
     SourceDataX509CertificateDataString = Shapes::StringShape.new(name: 'SourceDataX509CertificateDataString')
+    SpecifierList = Shapes::ListShape.new(name: 'SpecifierList')
     String = Shapes::StringShape.new(name: 'String')
     SubjectDetail = Shapes::StructureShape.new(name: 'SubjectDetail')
     SubjectDetailResponse = Shapes::StructureShape.new(name: 'SubjectDetailResponse')
@@ -106,6 +117,12 @@ module Aws::RolesAnywhere
     AccessDeniedException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     AccessDeniedException.struct_class = Types::AccessDeniedException
+    AttributeMapping.add_member(:certificate_field, Shapes::ShapeRef.new(shape: CertificateField, location_name: "certificateField"))
+    AttributeMapping.add_member(:mapping_rules, Shapes::ShapeRef.new(shape: MappingRules, location_name: "mappingRules"))
+    AttributeMapping.struct_class = Types::AttributeMapping
+    AttributeMappings.member = Shapes::ShapeRef.new(shape: AttributeMapping)
     CreateProfileRequest.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: CreateProfileRequestDurationSecondsInteger, location_name: "durationSeconds"))
     CreateProfileRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled"))
     CreateProfileRequest.add_member(:managed_policy_arns, Shapes::ShapeRef.new(shape: ManagedPolicyList, location_name: "managedPolicyArns"))
@@ -148,6 +165,14 @@ module Aws::RolesAnywhere
     CrlDetails.member = Shapes::ShapeRef.new(shape: CrlDetail)
+    DeleteAttributeMappingRequest.add_member(:certificate_field, Shapes::ShapeRef.new(shape: CertificateField, required: true, location: "querystring", location_name: "certificateField"))
+    DeleteAttributeMappingRequest.add_member(:profile_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "profileId"))
+    DeleteAttributeMappingRequest.add_member(:specifiers, Shapes::ShapeRef.new(shape: SpecifierList, location: "querystring", location_name: "specifiers"))
+    DeleteAttributeMappingRequest.struct_class = Types::DeleteAttributeMappingRequest
+    DeleteAttributeMappingResponse.add_member(:profile, Shapes::ShapeRef.new(shape: ProfileDetail, required: true, location_name: "profile"))
+    DeleteAttributeMappingResponse.struct_class = Types::DeleteAttributeMappingResponse
     ImportCrlRequest.add_member(:crl_data, Shapes::ShapeRef.new(shape: ImportCrlRequestCrlDataBlob, required: true, location_name: "crlData"))
     ImportCrlRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled"))
     ImportCrlRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "name"))
@@ -193,6 +218,11 @@ module Aws::RolesAnywhere
     ManagedPolicyList.member = Shapes::ShapeRef.new(shape: ManagedPolicyListMemberString)
+    MappingRule.add_member(:specifier, Shapes::ShapeRef.new(shape: MappingRuleSpecifierString, required: true, location_name: "specifier"))
+    MappingRule.struct_class = Types::MappingRule
+    MappingRules.member = Shapes::ShapeRef.new(shape: MappingRule)
     NotificationSetting.add_member(:channel, Shapes::ShapeRef.new(shape: NotificationChannel, location_name: "channel"))
     NotificationSetting.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "enabled"))
     NotificationSetting.add_member(:event, Shapes::ShapeRef.new(shape: NotificationEvent, required: true, location_name: "event"))
@@ -216,6 +246,7 @@ module Aws::RolesAnywhere
     NotificationSettings.member = Shapes::ShapeRef.new(shape: NotificationSetting)
+    ProfileDetail.add_member(:attribute_mappings, Shapes::ShapeRef.new(shape: AttributeMappings, location_name: "attributeMappings"))
     ProfileDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt"))
     ProfileDetail.add_member(:created_by, Shapes::ShapeRef.new(shape: String, location_name: "createdBy"))
     ProfileDetail.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: Integer, location_name: "durationSeconds"))
@@ -235,6 +266,14 @@ module Aws::RolesAnywhere
     ProfileDetails.member = Shapes::ShapeRef.new(shape: ProfileDetail)
+    PutAttributeMappingRequest.add_member(:certificate_field, Shapes::ShapeRef.new(shape: CertificateField, required: true, location_name: "certificateField"))
+    PutAttributeMappingRequest.add_member(:mapping_rules, Shapes::ShapeRef.new(shape: MappingRules, required: true, location_name: "mappingRules"))
+    PutAttributeMappingRequest.add_member(:profile_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location: "uri", location_name: "profileId"))
+    PutAttributeMappingRequest.struct_class = Types::PutAttributeMappingRequest
+    PutAttributeMappingResponse.add_member(:profile, Shapes::ShapeRef.new(shape: ProfileDetail, required: true, location_name: "profile"))
+    PutAttributeMappingResponse.struct_class = Types::PutAttributeMappingResponse
     PutNotificationSettingsRequest.add_member(:notification_settings, Shapes::ShapeRef.new(shape: NotificationSettings, required: true, location_name: "notificationSettings"))
     PutNotificationSettingsRequest.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location_name: "trustAnchorId"))
     PutNotificationSettingsRequest.struct_class = Types::PutNotificationSettingsRequest
@@ -278,6 +317,8 @@ module Aws::RolesAnywhere
     SourceData.add_member_subclass(:unknown, Types::SourceData::Unknown)
     SourceData.struct_class = Types::SourceData
+    SpecifierList.member = Shapes::ShapeRef.new(shape: String)
     SubjectDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt"))
     SubjectDetail.add_member(:credentials, Shapes::ShapeRef.new(shape: CredentialSummaries, location_name: "credentials"))
     SubjectDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled"))
@@ -400,6 +441,17 @@ module Aws::RolesAnywhere
         o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
       end)
+      api.add_operation(:delete_attribute_mapping, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "DeleteAttributeMapping"
+        o.http_method = "DELETE"
+        o.http_request_uri = "/profiles/{profileId}/mappings"
+        o.input = Shapes::ShapeRef.new(shape: DeleteAttributeMappingRequest)
+        o.output = Shapes::ShapeRef.new(shape: DeleteAttributeMappingResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
       api.add_operation(:delete_crl, Seahorse::Model::Operation.new.tap do |o|
         o.name = "DeleteCrl"
         o.http_method = "DELETE"
@@ -611,6 +663,17 @@ module Aws::RolesAnywhere
         )
       end)
+      api.add_operation(:put_attribute_mapping, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutAttributeMapping"
+        o.http_method = "PUT"
+        o.http_request_uri = "/profiles/{profileId}/mappings"
+        o.input = Shapes::ShapeRef.new(shape: PutAttributeMappingRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutAttributeMappingResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
       api.add_operation(:put_notification_settings, Seahorse::Model::Operation.new.tap do |o|
         o.name = "PutNotificationSettings"
         o.http_method = "PATCH"

data/lib/aws-sdk-rolesanywhere/endpoints.rb CHANGED Viewed

@@ -40,6 +40,20 @@ module Aws::RolesAnywhere
       end
     end
+    class DeleteAttributeMapping
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::RolesAnywhere::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
     class DeleteCrl
       def self.build(context)
         unless context.config.regional_endpoint
@@ -306,6 +320,20 @@ module Aws::RolesAnywhere
       end
     end
+    class PutAttributeMapping
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::RolesAnywhere::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
     class PutNotificationSettings
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-rolesanywhere/plugins/endpoints.rb CHANGED Viewed

@@ -62,6 +62,8 @@ module Aws::RolesAnywhere
             Aws::RolesAnywhere::Endpoints::CreateProfile.build(context)
           when :create_trust_anchor
             Aws::RolesAnywhere::Endpoints::CreateTrustAnchor.build(context)
+          when :delete_attribute_mapping
+            Aws::RolesAnywhere::Endpoints::DeleteAttributeMapping.build(context)
           when :delete_crl
             Aws::RolesAnywhere::Endpoints::DeleteCrl.build(context)
           when :delete_profile
@@ -100,6 +102,8 @@ module Aws::RolesAnywhere
             Aws::RolesAnywhere::Endpoints::ListTagsForResource.build(context)
           when :list_trust_anchors
             Aws::RolesAnywhere::Endpoints::ListTrustAnchors.build(context)
+          when :put_attribute_mapping
+            Aws::RolesAnywhere::Endpoints::PutAttributeMapping.build(context)
           when :put_notification_settings
             Aws::RolesAnywhere::Endpoints::PutNotificationSettings.build(context)
           when :reset_notification_settings

data/lib/aws-sdk-rolesanywhere/types.rb CHANGED Viewed

@@ -23,6 +23,27 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
+    # A mapping applied to the authenticating end-entity certificate.
+    #
+    # @!attribute [rw] certificate_field
+    #   Fields (x509Subject, x509Issuer and x509SAN) within X.509
+    #   certificates.
+    #   @return [String]
+    #
+    # @!attribute [rw] mapping_rules
+    #   A list of mapping entries for every supported specifier or
+    #   sub-field.
+    #   @return [Array<Types::MappingRule>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/AttributeMapping AWS API Documentation
+    #
+    class AttributeMapping < Struct.new(
+      :certificate_field,
+      :mapping_rules)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] duration_seconds
     #   Used to determine how long sessions vended using this profile are
     #   valid for. See the `Expiration` section of the [CreateSession API
@@ -223,6 +244,42 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
+    # @!attribute [rw] certificate_field
+    #   Fields (x509Subject, x509Issuer and x509SAN) within X.509
+    #   certificates.
+    #   @return [String]
+    #
+    # @!attribute [rw] profile_id
+    #   The unique identifier of the profile.
+    #   @return [String]
+    #
+    # @!attribute [rw] specifiers
+    #   A list of specifiers of a certificate field; for example, CN, OU,
+    #   UID from a Subject.
+    #   @return [Array<String>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteAttributeMappingRequest AWS API Documentation
+    #
+    class DeleteAttributeMappingRequest < Struct.new(
+      :certificate_field,
+      :profile_id,
+      :specifiers)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] profile
+    #   The state of the profile after a read or write operation.
+    #   @return [Types::ProfileDetail]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/DeleteAttributeMappingResponse AWS API Documentation
+    #
+    class DeleteAttributeMappingResponse < Struct.new(
+      :profile)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] crl_data
     #   The x509 v3 specified certificate revocation list (CRL).
     #   @return [String]
@@ -401,6 +458,21 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
+    # A single mapping entry for each supported specifier or sub-field.
+    #
+    # @!attribute [rw] specifier
+    #   Specifier within a certificate field, such as CN, OU, or UID from
+    #   the Subject field.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/MappingRule AWS API Documentation
+    #
+    class MappingRule < Struct.new(
+      :specifier)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # Customizable notification settings that will be applied to
     # notification events. IAM Roles Anywhere consumes these settings while
     # notifying across multiple channels - CloudWatch metrics, EventBridge,
@@ -511,6 +583,10 @@ module Aws::RolesAnywhere
     # The state of the profile after a read or write operation.
     #
+    # @!attribute [rw] attribute_mappings
+    #   A mapping applied to the authenticating end-entity certificate.
+    #   @return [Array<Types::AttributeMapping>]
+    #
     # @!attribute [rw] created_at
     #   The ISO-8601 timestamp when the profile was created.
     #   @return [Time]
@@ -573,6 +649,7 @@ module Aws::RolesAnywhere
     # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ProfileDetail AWS API Documentation
     #
     class ProfileDetail < Struct.new(
+      :attribute_mappings,
       :created_at,
       :created_by,
       :duration_seconds,
@@ -601,6 +678,42 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
+    # @!attribute [rw] certificate_field
+    #   Fields (x509Subject, x509Issuer and x509SAN) within X.509
+    #   certificates.
+    #   @return [String]
+    #
+    # @!attribute [rw] mapping_rules
+    #   A list of mapping entries for every supported specifier or
+    #   sub-field.
+    #   @return [Array<Types::MappingRule>]
+    #
+    # @!attribute [rw] profile_id
+    #   The unique identifier of the profile.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutAttributeMappingRequest AWS API Documentation
+    #
+    class PutAttributeMappingRequest < Struct.new(
+      :certificate_field,
+      :mapping_rules,
+      :profile_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+    # @!attribute [rw] profile
+    #   The state of the profile after a read or write operation.
+    #   @return [Types::ProfileDetail]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutAttributeMappingResponse AWS API Documentation
+    #
+    class PutAttributeMappingResponse < Struct.new(
+      :profile)
+      SENSITIVE = []
+      include Aws::Structure
+    end
     # @!attribute [rw] notification_settings
     #   A list of notification settings to be associated to the trust
     #   anchor.

data/lib/aws-sdk-rolesanywhere.rb CHANGED Viewed

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-rolesanywhere/customizations'
 # @!group service
 module Aws::RolesAnywhere
-  GEM_VERSION = '1.14.0'
+  GEM_VERSION = '1.16.0'
 end

data/sig/client.rbs CHANGED Viewed

@@ -126,6 +126,18 @@ module Aws
                                ) -> _CreateTrustAnchorResponseSuccess
                              | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _CreateTrustAnchorResponseSuccess
+      interface _DeleteAttributeMappingResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::DeleteAttributeMappingResponse]
+        def profile: () -> Types::ProfileDetail
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/RolesAnywhere/Client.html#delete_attribute_mapping-instance_method
+      def delete_attribute_mapping: (
+                                      certificate_field: ("x509Subject" | "x509Issuer" | "x509SAN"),
+                                      profile_id: ::String,
+                                      ?specifiers: Array[::String]
+                                    ) -> _DeleteAttributeMappingResponseSuccess
+                                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteAttributeMappingResponseSuccess
       interface _DeleteCrlResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::CrlDetailResponse]
         def crl: () -> Types::CrlDetail
@@ -333,6 +345,22 @@ module Aws
                               ) -> _ListTrustAnchorsResponseSuccess
                             | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListTrustAnchorsResponseSuccess
+      interface _PutAttributeMappingResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::PutAttributeMappingResponse]
+        def profile: () -> Types::ProfileDetail
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/RolesAnywhere/Client.html#put_attribute_mapping-instance_method
+      def put_attribute_mapping: (
+                                   certificate_field: ("x509Subject" | "x509Issuer" | "x509SAN"),
+                                   mapping_rules: Array[
+                                     {
+                                       specifier: ::String
+                                     },
+                                   ],
+                                   profile_id: ::String
+                                 ) -> _PutAttributeMappingResponseSuccess
+                               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutAttributeMappingResponseSuccess
       interface _PutNotificationSettingsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::PutNotificationSettingsResponse]
         def trust_anchor: () -> Types::TrustAnchorDetail

data/sig/types.rbs CHANGED Viewed

@@ -13,6 +13,12 @@ module Aws::RolesAnywhere
       SENSITIVE: []
     end
+    class AttributeMapping
+      attr_accessor certificate_field: ("x509Subject" | "x509Issuer" | "x509SAN")
+      attr_accessor mapping_rules: ::Array[Types::MappingRule]
+      SENSITIVE: []
+    end
     class CreateProfileRequest
       attr_accessor duration_seconds: ::Integer
       attr_accessor enabled: bool
@@ -61,6 +67,18 @@ module Aws::RolesAnywhere
       SENSITIVE: []
     end
+    class DeleteAttributeMappingRequest
+      attr_accessor certificate_field: ("x509Subject" | "x509Issuer" | "x509SAN")
+      attr_accessor profile_id: ::String
+      attr_accessor specifiers: ::Array[::String]
+      SENSITIVE: []
+    end
+    class DeleteAttributeMappingResponse
+      attr_accessor profile: Types::ProfileDetail
+      SENSITIVE: []
+    end
     class ImportCrlRequest
       attr_accessor crl_data: ::String
       attr_accessor enabled: bool
@@ -117,6 +135,11 @@ module Aws::RolesAnywhere
       SENSITIVE: []
     end
+    class MappingRule
+      attr_accessor specifier: ::String
+      SENSITIVE: []
+    end
     class NotificationSetting
       attr_accessor channel: ("ALL")
       attr_accessor enabled: bool
@@ -141,6 +164,7 @@ module Aws::RolesAnywhere
     end
     class ProfileDetail
+      attr_accessor attribute_mappings: ::Array[Types::AttributeMapping]
       attr_accessor created_at: ::Time
       attr_accessor created_by: ::String
       attr_accessor duration_seconds: ::Integer
@@ -161,6 +185,18 @@ module Aws::RolesAnywhere
       SENSITIVE: []
     end
+    class PutAttributeMappingRequest
+      attr_accessor certificate_field: ("x509Subject" | "x509Issuer" | "x509SAN")
+      attr_accessor mapping_rules: ::Array[Types::MappingRule]
+      attr_accessor profile_id: ::String
+      SENSITIVE: []
+    end
+    class PutAttributeMappingResponse
+      attr_accessor profile: Types::ProfileDetail
+      SENSITIVE: []
+    end
     class PutNotificationSettingsRequest
       attr_accessor notification_settings: ::Array[Types::NotificationSetting]
       attr_accessor trust_anchor_id: ::String

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-rolesanywhere
 version: !ruby/object:Gem::Version
-  version: 1.14.0
+  version: 1.16.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2024-04-02 00:00:00.000000000 Z
+date: 2024-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core
@@ -19,7 +19,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.191.0
+        version: 3.193.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -29,7 +29,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.191.0
+        version: 3.193.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement