aws-sdk-rolesanywhere 1.2.0 → 1.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: d8fc32554c5ce8e1e992e6c136ebe43e8c447b707b12e86409b150b3794a5493
-  data.tar.gz: 2c113fcbbe164db3e5280ff6bc4cce89cf162c05ae9bae84bf1518bc4eabcafd
+  metadata.gz: b6b5ec07044d62d0cea7db2734e163429a7948f6864a374e1ae7df957c0a942d
+  data.tar.gz: 4c81452a2f2e804a5ce7d2e59725f9e6b61cda6c86377bd243fce04657b0133c
 SHA512:
-  metadata.gz: 8578981d91f8b426c86a13492ad052b080b3d544160e7ddbf95424366624a58cf45ea676a0fb9b4befc058ba15bd3c9e21cbf1cafbfc9e795ed43721572953e3
-  data.tar.gz: ea39267068ae8b94bc7f8dd136f9269a950f6ca093ae83c5c5427caf295625d7ac8731e9645e276936967a869b39a8909713a0743be249e38ab5991ffc6f9399
+  metadata.gz: 7aa625a2156e3a938fdc2ee4b84fd1d54b072c9436b57b5e4550317e585dd790865d2c1afd4e89906302fdfbdb5efae3de01c3390e24ae5aa53d5c137e05d39c
+  data.tar.gz: f3e81287e28ddc89ea13b62e7c98acdcb122137b20d6d097cf1fd944c249d4f2bf26e169c4c4e85d747cfe3ebbb0793a44bec966c5299ca3da7637c938e5f68c

data/CHANGELOG.md

@@ -1,6 +1,11 @@
 Unreleased Changes
 ------------------
 
+1.3.0 (2023-05-15)
+------------------
+
+* Feature - Adds support for custom notification settings in a trust anchor. Introduces PutNotificationSettings and ResetNotificationSettings API's. Updates DurationSeconds max value to 3600.
+
 1.2.0 (2023-01-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.2.0
+1.3.0

data/lib/aws-sdk-rolesanywhere/client.rb

@@ -368,10 +368,9 @@ module Aws::RolesAnywhere
 
     # @!group API Operations
 
-    # Creates a profile. A profile is configuration resource to list the
-    # roles that RolesAnywhere service is trusted to assume. In addition, by
-    # applying a profile you can intersect permissions with IAM managed
-    # policies.
+    # Creates a *profile*, a list of the roles that Roles Anywhere service
+    # is trusted to assume. You use profiles to intersect permissions with
+    # IAM managed policies.
     #
     # <b>Required permissions: </b> `rolesanywhere:CreateProfile`.
     #
@@ -389,20 +388,12 @@ module Aws::RolesAnywhere
     #   The name of the profile.
     #
     # @option params [Boolean] :require_instance_properties
-    #   Specifies whether instance properties are required in
-    #   [CreateSession][1] requests with this profile.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   Specifies whether instance properties are required in temporary
+    #   credential requests with this profile.
     #
     # @option params [required, Array<String>] :role_arns
-    #   A list of IAM roles that this profile can assume in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   A list of IAM roles that this profile can assume in a temporary
+    #   credential request.
     #
     # @option params [String] :session_policy
     #   A session policy that applies to the trust boundary of the vended
@@ -459,14 +450,12 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Creates a trust anchor. You establish trust between IAM Roles Anywhere
-    # and your certificate authority (CA) by configuring a trust anchor. A
-    # Trust Anchor is defined either as a reference to a AWS Certificate
-    # Manager Private Certificate Authority (ACM PCA), or by uploading a
-    # Certificate Authority (CA) certificate. Your AWS workloads can
-    # authenticate with the trust anchor using certificates issued by the
-    # trusted Certificate Authority (CA) in exchange for temporary AWS
-    # credentials.
+    # Creates a trust anchor to establish trust between IAM Roles Anywhere
+    # and your certificate authority (CA). You can define a trust anchor as
+    # a reference to an Private Certificate Authority (Private CA) or by
+    # uploading a CA certificate. Your Amazon Web Services workloads can
+    # authenticate with the trust anchor using certificates issued by the CA
+    # in exchange for temporary Amazon Web Services credentials.
     #
     # <b>Required permissions: </b> `rolesanywhere:CreateTrustAnchor`.
     #
@@ -476,6 +465,9 @@ module Aws::RolesAnywhere
     # @option params [required, String] :name
     #   The name of the trust anchor.
     #
+    # @option params [Array<Types::NotificationSetting>] :notification_settings
+    #   A list of notification settings to be associated to the trust anchor.
+    #
     # @option params [required, Types::Source] :source
     #   The trust anchor type and its related certificate data.
     #
@@ -491,10 +483,18 @@ module Aws::RolesAnywhere
     #   resp = client.create_trust_anchor({
     #     enabled: false,
     #     name: "ResourceName", # required
+    #     notification_settings: [
+    #       {
+    #         channel: "ALL", # accepts ALL
+    #         enabled: false, # required
+    #         event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
+    #         threshold: 1,
+    #       },
+    #     ],
     #     source: { # required
     #       source_data: {
     #         acm_pca_arn: "String",
-    #         x509_certificate_data: "String",
+    #         x509_certificate_data: "SourceDataX509CertificateDataString",
     #       },
     #       source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY
     #     },
@@ -511,6 +511,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -629,6 +635,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -682,15 +694,11 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Disables a profile. When disabled, [CreateSession][1] requests with
+    # Disables a profile. When disabled, temporary credential requests with
     # this profile fail.
     #
     # <b>Required permissions: </b> `rolesanywhere:DisableProfile`.
     #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
-    #
     # @option params [required, String] :profile_id
     #   The unique identifier of the profile.
     #
@@ -730,15 +738,11 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Disables a trust anchor. When disabled, [CreateSession][1] requests
+    # Disables a trust anchor. When disabled, temporary credential requests
     # specifying this trust anchor are unauthorized.
     #
     # <b>Required permissions: </b> `rolesanywhere:DisableTrustAnchor`.
     #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
-    #
     # @option params [required, String] :trust_anchor_id
     #   The unique identifier of the trust anchor.
     #
@@ -757,6 +761,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -812,15 +822,10 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Enables the roles in a profile to receive session credentials in
-    # [CreateSession][1].
+    # Enables temporary credential requests for a profile.
     #
     # <b>Required permissions: </b> `rolesanywhere:EnableProfile`.
     #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
-    #
     # @option params [required, String] :profile_id
     #   The unique identifier of the profile.
     #
@@ -883,6 +888,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -979,11 +990,11 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Gets a Subject. A Subject associates a certificate identity with
-    # authentication attempts by CreateSession. The Subject resources stores
-    # audit information such as status of the last authentication attempt,
-    # the certificate data used in the attempt, and the last time the
-    # associated identity attempted authentication.
+    # Gets a *subject*, which associates a certificate identity with
+    # authentication attempts. The subject stores auditing information such
+    # as the status of the last authentication attempt, the certificate data
+    # used in the attempt, and the last time the associated identity
+    # attempted authentication.
     #
     # <b>Required permissions: </b> `rolesanywhere:GetSubject`.
     #
@@ -1053,6 +1064,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -1069,15 +1086,15 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Imports the certificate revocation list (CRL). CRl is a list of
+    # Imports the certificate revocation list (CRL). A CRL is a list of
     # certificates that have been revoked by the issuing certificate
-    # Authority (CA). IAM Roles Anywhere validates against the crl list
-    # before issuing credentials.
+    # Authority (CA). IAM Roles Anywhere validates against the CRL before
+    # issuing credentials.
     #
     # <b>Required permissions: </b> `rolesanywhere:ImportCrl`.
     #
     # @option params [required, String, StringIO, File] :crl_data
-    #   The x509 v3 specified certificate revocation list
+    #   The x509 v3 specified certificate revocation list (CRL).
     #
     # @option params [Boolean] :enabled
     #   Specifies whether the certificate revocation list (CRL) is enabled.
@@ -1131,15 +1148,15 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Lists all Crls in the authenticated account and Amazon Web Services
-    # Region.
+    # Lists all certificate revocation lists (CRL) in the authenticated
+    # account and Amazon Web Services Region.
     #
     # <b>Required permissions: </b> `rolesanywhere:ListCrls`.
     #
     # @option params [String] :next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next results,
-    #   call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #
     # @option params [Integer] :page_size
     #   The number of resources in the paginated list.
@@ -1187,8 +1204,8 @@ module Aws::RolesAnywhere
     #
     # @option params [String] :next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next results,
-    #   call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #
     # @option params [Integer] :page_size
     #   The number of resources in the paginated list.
@@ -1242,8 +1259,8 @@ module Aws::RolesAnywhere
     #
     # @option params [String] :next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next results,
-    #   call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #
     # @option params [Integer] :page_size
     #   The number of resources in the paginated list.
@@ -1322,8 +1339,8 @@ module Aws::RolesAnywhere
     #
     # @option params [String] :next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next results,
-    #   call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #
     # @option params [Integer] :page_size
     #   The number of resources in the paginated list.
@@ -1349,6 +1366,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchors[0].created_at #=> Time
     #   resp.trust_anchors[0].enabled #=> Boolean
     #   resp.trust_anchors[0].name #=> String
+    #   resp.trust_anchors[0].notification_settings #=> Array
+    #   resp.trust_anchors[0].notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchors[0].notification_settings[0].configured_by #=> String
+    #   resp.trust_anchors[0].notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchors[0].notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchors[0].notification_settings[0].threshold #=> Integer
     #   resp.trust_anchors[0].source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchors[0].source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchors[0].source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -1365,6 +1388,121 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
+    # Attaches a list of *notification settings* to a trust anchor.
+    #
+    # A notification setting includes information such as event name,
+    # threshold, status of the notification setting, and the channel to
+    # notify.
+    #
+    # <b>Required permissions: </b> `rolesanywhere:PutNotificationSettings`.
+    #
+    # @option params [required, Array<Types::NotificationSetting>] :notification_settings
+    #   A list of notification settings to be associated to the trust anchor.
+    #
+    # @option params [required, String] :trust_anchor_id
+    #   The unique identifier of the trust anchor.
+    #
+    # @return [Types::PutNotificationSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::PutNotificationSettingsResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_notification_settings({
+    #     notification_settings: [ # required
+    #       {
+    #         channel: "ALL", # accepts ALL
+    #         enabled: false, # required
+    #         event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
+    #         threshold: 1,
+    #       },
+    #     ],
+    #     trust_anchor_id: "Uuid", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.trust_anchor.created_at #=> Time
+    #   resp.trust_anchor.enabled #=> Boolean
+    #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
+    #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
+    #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
+    #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
+    #   resp.trust_anchor.trust_anchor_arn #=> String
+    #   resp.trust_anchor.trust_anchor_id #=> String
+    #   resp.trust_anchor.updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutNotificationSettings AWS API Documentation
+    #
+    # @overload put_notification_settings(params = {})
+    # @param [Hash] params ({})
+    def put_notification_settings(params = {}, options = {})
+      req = build_request(:put_notification_settings, params)
+      req.send_request(options)
+    end
+
+    # Resets the *custom notification setting* to IAM Roles Anywhere default
+    # setting.
+    #
+    # <b>Required permissions: </b>
+    # `rolesanywhere:ResetNotificationSettings`.
+    #
+    # @option params [required, Array<Types::NotificationSettingKey>] :notification_setting_keys
+    #   A list of notification setting keys to reset. A notification setting
+    #   key includes the event and the channel.
+    #
+    # @option params [required, String] :trust_anchor_id
+    #   The unique identifier of the trust anchor.
+    #
+    # @return [Types::ResetNotificationSettingsResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ResetNotificationSettingsResponse#trust_anchor #trust_anchor} => Types::TrustAnchorDetail
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.reset_notification_settings({
+    #     notification_setting_keys: [ # required
+    #       {
+    #         channel: "ALL", # accepts ALL
+    #         event: "CA_CERTIFICATE_EXPIRY", # required, accepts CA_CERTIFICATE_EXPIRY, END_ENTITY_CERTIFICATE_EXPIRY
+    #       },
+    #     ],
+    #     trust_anchor_id: "Uuid", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.trust_anchor.created_at #=> Time
+    #   resp.trust_anchor.enabled #=> Boolean
+    #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
+    #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
+    #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
+    #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
+    #   resp.trust_anchor.trust_anchor_arn #=> String
+    #   resp.trust_anchor.trust_anchor_id #=> String
+    #   resp.trust_anchor.updated_at #=> Time
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ResetNotificationSettings AWS API Documentation
+    #
+    # @overload reset_notification_settings(params = {})
+    # @param [Hash] params ({})
+    def reset_notification_settings(params = {}, options = {})
+      req = build_request(:reset_notification_settings, params)
+      req.send_request(options)
+    end
+
     # Attaches tags to a resource.
     #
     # <b>Required permissions: </b> `rolesanywhere:TagResource`.
@@ -1426,15 +1564,15 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Updates the certificate revocation list (CRL). CRl is a list of
+    # Updates the certificate revocation list (CRL). A CRL is a list of
     # certificates that have been revoked by the issuing certificate
-    # Authority (CA). IAM Roles Anywhere validates against the crl list
-    # before issuing credentials.
+    # authority (CA). IAM Roles Anywhere validates against the CRL before
+    # issuing credentials.
     #
     # <b>Required permissions: </b> `rolesanywhere:UpdateCrl`.
     #
     # @option params [String, StringIO, File] :crl_data
-    #   The x509 v3 specified certificate revocation list
+    #   The x509 v3 specified certificate revocation list (CRL).
     #
     # @option params [required, String] :crl_id
     #   The unique identifier of the certificate revocation list (CRL).
@@ -1474,10 +1612,9 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Updates the profile. A profile is configuration resource to list the
-    # roles that RolesAnywhere service is trusted to assume. In addition, by
-    # applying a profile you can scope-down permissions with IAM managed
-    # policies.
+    # Updates a *profile*, a list of the roles that IAM Roles Anywhere
+    # service is trusted to assume. You use profiles to intersect
+    # permissions with IAM managed policies.
     #
     # <b>Required permissions: </b> `rolesanywhere:UpdateProfile`.
     #
@@ -1495,12 +1632,8 @@ module Aws::RolesAnywhere
     #   The unique identifier of the profile.
     #
     # @option params [Array<String>] :role_arns
-    #   A list of IAM roles that this profile can assume in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   A list of IAM roles that this profile can assume in a temporary
+    #   credential request.
     #
     # @option params [String] :session_policy
     #   A session policy that applies to the trust boundary of the vended
@@ -1547,14 +1680,13 @@ module Aws::RolesAnywhere
       req.send_request(options)
     end
 
-    # Updates the trust anchor.You establish trust between IAM Roles
-    # Anywhere and your certificate authority (CA) by configuring a trust
-    # anchor. A Trust Anchor is defined either as a reference to a AWS
-    # Certificate Manager Private Certificate Authority (ACM PCA), or by
-    # uploading a Certificate Authority (CA) certificate. Your AWS workloads
-    # can authenticate with the trust anchor using certificates issued by
-    # the trusted Certificate Authority (CA) in exchange for temporary AWS
-    # credentials.
+    # Updates a trust anchor. You establish trust between IAM Roles Anywhere
+    # and your certificate authority (CA) by configuring a trust anchor. You
+    # can define a trust anchor as a reference to an Private Certificate
+    # Authority (Private CA) or by uploading a CA certificate. Your Amazon
+    # Web Services workloads can authenticate with the trust anchor using
+    # certificates issued by the CA in exchange for temporary Amazon Web
+    # Services credentials.
     #
     # <b>Required permissions: </b> `rolesanywhere:UpdateTrustAnchor`.
     #
@@ -1578,7 +1710,7 @@ module Aws::RolesAnywhere
     #     source: {
     #       source_data: {
     #         acm_pca_arn: "String",
-    #         x509_certificate_data: "String",
+    #         x509_certificate_data: "SourceDataX509CertificateDataString",
     #       },
     #       source_type: "AWS_ACM_PCA", # accepts AWS_ACM_PCA, CERTIFICATE_BUNDLE, SELF_SIGNED_REPOSITORY
     #     },
@@ -1590,6 +1722,12 @@ module Aws::RolesAnywhere
     #   resp.trust_anchor.created_at #=> Time
     #   resp.trust_anchor.enabled #=> Boolean
     #   resp.trust_anchor.name #=> String
+    #   resp.trust_anchor.notification_settings #=> Array
+    #   resp.trust_anchor.notification_settings[0].channel #=> String, one of "ALL"
+    #   resp.trust_anchor.notification_settings[0].configured_by #=> String
+    #   resp.trust_anchor.notification_settings[0].enabled #=> Boolean
+    #   resp.trust_anchor.notification_settings[0].event #=> String, one of "CA_CERTIFICATE_EXPIRY", "END_ENTITY_CERTIFICATE_EXPIRY"
+    #   resp.trust_anchor.notification_settings[0].threshold #=> Integer
     #   resp.trust_anchor.source.source_data.acm_pca_arn #=> String
     #   resp.trust_anchor.source.source_data.x509_certificate_data #=> String
     #   resp.trust_anchor.source.source_type #=> String, one of "AWS_ACM_PCA", "CERTIFICATE_BUNDLE", "SELF_SIGNED_REPOSITORY"
@@ -1619,7 +1757,7 @@ module Aws::RolesAnywhere
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-rolesanywhere'
-      context[:gem_version] = '1.2.0'
+      context[:gem_version] = '1.3.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-rolesanywhere/client_api.rb

@@ -43,10 +43,25 @@ module Aws::RolesAnywhere
     ListTrustAnchorsResponse = Shapes::StructureShape.new(name: 'ListTrustAnchorsResponse')
     ManagedPolicyList = Shapes::ListShape.new(name: 'ManagedPolicyList')
     ManagedPolicyListMemberString = Shapes::StringShape.new(name: 'ManagedPolicyListMemberString')
+    NotificationChannel = Shapes::StringShape.new(name: 'NotificationChannel')
+    NotificationEvent = Shapes::StringShape.new(name: 'NotificationEvent')
+    NotificationSetting = Shapes::StructureShape.new(name: 'NotificationSetting')
+    NotificationSettingDetail = Shapes::StructureShape.new(name: 'NotificationSettingDetail')
+    NotificationSettingDetailConfiguredByString = Shapes::StringShape.new(name: 'NotificationSettingDetailConfiguredByString')
+    NotificationSettingDetailThresholdInteger = Shapes::IntegerShape.new(name: 'NotificationSettingDetailThresholdInteger')
+    NotificationSettingDetails = Shapes::ListShape.new(name: 'NotificationSettingDetails')
+    NotificationSettingKey = Shapes::StructureShape.new(name: 'NotificationSettingKey')
+    NotificationSettingKeys = Shapes::ListShape.new(name: 'NotificationSettingKeys')
+    NotificationSettingThresholdInteger = Shapes::IntegerShape.new(name: 'NotificationSettingThresholdInteger')
+    NotificationSettings = Shapes::ListShape.new(name: 'NotificationSettings')
     ProfileArn = Shapes::StringShape.new(name: 'ProfileArn')
     ProfileDetail = Shapes::StructureShape.new(name: 'ProfileDetail')
     ProfileDetailResponse = Shapes::StructureShape.new(name: 'ProfileDetailResponse')
     ProfileDetails = Shapes::ListShape.new(name: 'ProfileDetails')
+    PutNotificationSettingsRequest = Shapes::StructureShape.new(name: 'PutNotificationSettingsRequest')
+    PutNotificationSettingsResponse = Shapes::StructureShape.new(name: 'PutNotificationSettingsResponse')
+    ResetNotificationSettingsRequest = Shapes::StructureShape.new(name: 'ResetNotificationSettingsRequest')
+    ResetNotificationSettingsResponse = Shapes::StructureShape.new(name: 'ResetNotificationSettingsResponse')
     ResourceName = Shapes::StringShape.new(name: 'ResourceName')
     ResourceNotFoundException = Shapes::StructureShape.new(name: 'ResourceNotFoundException')
     RoleArn = Shapes::StringShape.new(name: 'RoleArn')
@@ -57,6 +72,7 @@ module Aws::RolesAnywhere
     ScalarTrustAnchorRequest = Shapes::StructureShape.new(name: 'ScalarTrustAnchorRequest')
     Source = Shapes::StructureShape.new(name: 'Source')
     SourceData = Shapes::UnionShape.new(name: 'SourceData')
+    SourceDataX509CertificateDataString = Shapes::StringShape.new(name: 'SourceDataX509CertificateDataString')
     String = Shapes::StringShape.new(name: 'String')
     SubjectDetail = Shapes::StructureShape.new(name: 'SubjectDetail')
     SubjectDetailResponse = Shapes::StructureShape.new(name: 'SubjectDetailResponse')
@@ -102,6 +118,7 @@ module Aws::RolesAnywhere
 
     CreateTrustAnchorRequest.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled"))
     CreateTrustAnchorRequest.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, required: true, location_name: "name"))
+    CreateTrustAnchorRequest.add_member(:notification_settings, Shapes::ShapeRef.new(shape: NotificationSettings, location_name: "notificationSettings"))
     CreateTrustAnchorRequest.add_member(:source, Shapes::ShapeRef.new(shape: Source, required: true, location_name: "source"))
     CreateTrustAnchorRequest.add_member(:tags, Shapes::ShapeRef.new(shape: TagList, location_name: "tags"))
     CreateTrustAnchorRequest.struct_class = Types::CreateTrustAnchorRequest
@@ -176,6 +193,29 @@ module Aws::RolesAnywhere
 
     ManagedPolicyList.member = Shapes::ShapeRef.new(shape: ManagedPolicyListMemberString)
 
+    NotificationSetting.add_member(:channel, Shapes::ShapeRef.new(shape: NotificationChannel, location_name: "channel"))
+    NotificationSetting.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "enabled"))
+    NotificationSetting.add_member(:event, Shapes::ShapeRef.new(shape: NotificationEvent, required: true, location_name: "event"))
+    NotificationSetting.add_member(:threshold, Shapes::ShapeRef.new(shape: NotificationSettingThresholdInteger, location_name: "threshold"))
+    NotificationSetting.struct_class = Types::NotificationSetting
+
+    NotificationSettingDetail.add_member(:channel, Shapes::ShapeRef.new(shape: NotificationChannel, location_name: "channel"))
+    NotificationSettingDetail.add_member(:configured_by, Shapes::ShapeRef.new(shape: NotificationSettingDetailConfiguredByString, location_name: "configuredBy"))
+    NotificationSettingDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, required: true, location_name: "enabled"))
+    NotificationSettingDetail.add_member(:event, Shapes::ShapeRef.new(shape: NotificationEvent, required: true, location_name: "event"))
+    NotificationSettingDetail.add_member(:threshold, Shapes::ShapeRef.new(shape: NotificationSettingDetailThresholdInteger, location_name: "threshold"))
+    NotificationSettingDetail.struct_class = Types::NotificationSettingDetail
+
+    NotificationSettingDetails.member = Shapes::ShapeRef.new(shape: NotificationSettingDetail)
+
+    NotificationSettingKey.add_member(:channel, Shapes::ShapeRef.new(shape: NotificationChannel, location_name: "channel"))
+    NotificationSettingKey.add_member(:event, Shapes::ShapeRef.new(shape: NotificationEvent, required: true, location_name: "event"))
+    NotificationSettingKey.struct_class = Types::NotificationSettingKey
+
+    NotificationSettingKeys.member = Shapes::ShapeRef.new(shape: NotificationSettingKey)
+
+    NotificationSettings.member = Shapes::ShapeRef.new(shape: NotificationSetting)
+
     ProfileDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt"))
     ProfileDetail.add_member(:created_by, Shapes::ShapeRef.new(shape: String, location_name: "createdBy"))
     ProfileDetail.add_member(:duration_seconds, Shapes::ShapeRef.new(shape: Integer, location_name: "durationSeconds"))
@@ -195,6 +235,20 @@ module Aws::RolesAnywhere
 
     ProfileDetails.member = Shapes::ShapeRef.new(shape: ProfileDetail)
 
+    PutNotificationSettingsRequest.add_member(:notification_settings, Shapes::ShapeRef.new(shape: NotificationSettings, required: true, location_name: "notificationSettings"))
+    PutNotificationSettingsRequest.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location_name: "trustAnchorId"))
+    PutNotificationSettingsRequest.struct_class = Types::PutNotificationSettingsRequest
+
+    PutNotificationSettingsResponse.add_member(:trust_anchor, Shapes::ShapeRef.new(shape: TrustAnchorDetail, required: true, location_name: "trustAnchor"))
+    PutNotificationSettingsResponse.struct_class = Types::PutNotificationSettingsResponse
+
+    ResetNotificationSettingsRequest.add_member(:notification_setting_keys, Shapes::ShapeRef.new(shape: NotificationSettingKeys, required: true, location_name: "notificationSettingKeys"))
+    ResetNotificationSettingsRequest.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, required: true, location_name: "trustAnchorId"))
+    ResetNotificationSettingsRequest.struct_class = Types::ResetNotificationSettingsRequest
+
+    ResetNotificationSettingsResponse.add_member(:trust_anchor, Shapes::ShapeRef.new(shape: TrustAnchorDetail, required: true, location_name: "trustAnchor"))
+    ResetNotificationSettingsResponse.struct_class = Types::ResetNotificationSettingsResponse
+
     ResourceNotFoundException.add_member(:message, Shapes::ShapeRef.new(shape: String, location_name: "message"))
     ResourceNotFoundException.struct_class = Types::ResourceNotFoundException
 
@@ -217,7 +271,7 @@ module Aws::RolesAnywhere
     Source.struct_class = Types::Source
 
     SourceData.add_member(:acm_pca_arn, Shapes::ShapeRef.new(shape: String, location_name: "acmPcaArn"))
-    SourceData.add_member(:x509_certificate_data, Shapes::ShapeRef.new(shape: String, location_name: "x509CertificateData"))
+    SourceData.add_member(:x509_certificate_data, Shapes::ShapeRef.new(shape: SourceDataX509CertificateDataString, location_name: "x509CertificateData"))
     SourceData.add_member(:unknown, Shapes::ShapeRef.new(shape: nil, location_name: 'unknown'))
     SourceData.add_member_subclass(:acm_pca_arn, Types::SourceData::AcmPcaArn)
     SourceData.add_member_subclass(:x509_certificate_data, Types::SourceData::X509CertificateData)
@@ -269,6 +323,7 @@ module Aws::RolesAnywhere
     TrustAnchorDetail.add_member(:created_at, Shapes::ShapeRef.new(shape: SyntheticTimestamp_date_time, location_name: "createdAt"))
     TrustAnchorDetail.add_member(:enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "enabled"))
     TrustAnchorDetail.add_member(:name, Shapes::ShapeRef.new(shape: ResourceName, location_name: "name"))
+    TrustAnchorDetail.add_member(:notification_settings, Shapes::ShapeRef.new(shape: NotificationSettingDetails, location_name: "notificationSettings"))
     TrustAnchorDetail.add_member(:source, Shapes::ShapeRef.new(shape: Source, location_name: "source"))
     TrustAnchorDetail.add_member(:trust_anchor_arn, Shapes::ShapeRef.new(shape: String, location_name: "trustAnchorArn"))
     TrustAnchorDetail.add_member(:trust_anchor_id, Shapes::ShapeRef.new(shape: Uuid, location_name: "trustAnchorId"))
@@ -556,6 +611,28 @@ module Aws::RolesAnywhere
         )
       end)
 
+      api.add_operation(:put_notification_settings, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "PutNotificationSettings"
+        o.http_method = "PATCH"
+        o.http_request_uri = "/put-notifications-settings"
+        o.input = Shapes::ShapeRef.new(shape: PutNotificationSettingsRequest)
+        o.output = Shapes::ShapeRef.new(shape: PutNotificationSettingsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
+      api.add_operation(:reset_notification_settings, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ResetNotificationSettings"
+        o.http_method = "PATCH"
+        o.http_request_uri = "/reset-notifications-settings"
+        o.input = Shapes::ShapeRef.new(shape: ResetNotificationSettingsRequest)
+        o.output = Shapes::ShapeRef.new(shape: ResetNotificationSettingsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: ValidationException)
+        o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: AccessDeniedException)
+      end)
+
       api.add_operation(:tag_resource, Seahorse::Model::Operation.new.tap do |o|
         o.name = "TagResource"
         o.http_method = "POST"

data/lib/aws-sdk-rolesanywhere/endpoint_provider.rb

@@ -14,36 +14,39 @@ module Aws::RolesAnywhere
       use_dual_stack = parameters.use_dual_stack
       use_fips = parameters.use_fips
       endpoint = parameters.endpoint
-      if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
-        if Aws::Endpoints::Matchers.set?(endpoint) && (url = Aws::Endpoints::Matchers.parse_url(endpoint))
-          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-            raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
-          end
-          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-            raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
-          end
-          return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
-        end
-        if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
-          end
-          raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
-        end
+      if Aws::Endpoints::Matchers.set?(endpoint)
         if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
-            return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
-          end
-          raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
         end
         if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
-          if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
-            return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+          raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
+        end
+        return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
+      end
+      if Aws::Endpoints::Matchers.set?(region)
+        if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
+              return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
+          end
+          if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
+            if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
+              return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
+            end
+            raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
           end
-          raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
+          return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
         end
-        return Aws::Endpoints::Endpoint.new(url: "https://rolesanywhere.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
       end
+      raise ArgumentError, "Invalid Configuration: Missing Region"
       raise ArgumentError, 'No endpoint could be resolved'
 
     end

data/lib/aws-sdk-rolesanywhere/endpoints.rb

@@ -305,6 +305,34 @@ module Aws::RolesAnywhere
       end
     end
 
+    class PutNotificationSettings
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::RolesAnywhere::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
+    class ResetNotificationSettings
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::RolesAnywhere::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class TagResource
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-rolesanywhere/plugins/endpoints.rb

@@ -98,6 +98,10 @@ module Aws::RolesAnywhere
             Aws::RolesAnywhere::Endpoints::ListTagsForResource.build(context)
           when :list_trust_anchors
             Aws::RolesAnywhere::Endpoints::ListTrustAnchors.build(context)
+          when :put_notification_settings
+            Aws::RolesAnywhere::Endpoints::PutNotificationSettings.build(context)
+          when :reset_notification_settings
+            Aws::RolesAnywhere::Endpoints::ResetNotificationSettings.build(context)
           when :tag_resource
             Aws::RolesAnywhere::Endpoints::TagResource.build(context)
           when :untag_resource

data/lib/aws-sdk-rolesanywhere/types.rb

@@ -41,21 +41,13 @@ module Aws::RolesAnywhere
     #   @return [String]
     #
     # @!attribute [rw] require_instance_properties
-    #   Specifies whether instance properties are required in
-    #   [CreateSession][1] requests with this profile.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   Specifies whether instance properties are required in temporary
+    #   credential requests with this profile.
     #   @return [Boolean]
     #
     # @!attribute [rw] role_arns
-    #   A list of IAM roles that this profile can assume in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   A list of IAM roles that this profile can assume in a temporary
+    #   credential request.
     #   @return [Array<String>]
     #
     # @!attribute [rw] session_policy
@@ -90,6 +82,11 @@ module Aws::RolesAnywhere
     #   The name of the trust anchor.
     #   @return [String]
     #
+    # @!attribute [rw] notification_settings
+    #   A list of notification settings to be associated to the trust
+    #   anchor.
+    #   @return [Array<Types::NotificationSetting>]
+    #
     # @!attribute [rw] source
     #   The trust anchor type and its related certificate data.
     #   @return [Types::Source]
@@ -103,28 +100,22 @@ module Aws::RolesAnywhere
     class CreateTrustAnchorRequest < Struct.new(
       :enabled,
       :name,
+      :notification_settings,
       :source,
       :tags)
       SENSITIVE = []
       include Aws::Structure
     end
 
-    # A record of a presented X509 credential to [CreateSession][1].
-    #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    # A record of a presented X509 credential from a temporary credential
+    # request.
     #
     # @!attribute [rw] enabled
     #   Indicates whether the credential is enabled.
     #   @return [Boolean]
     #
     # @!attribute [rw] failed
-    #   Indicates whether the [CreateSession][1] operation was successful.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   Indicates whether the temporary credential request was successful.
     #   @return [Boolean]
     #
     # @!attribute [rw] issuer
@@ -134,11 +125,7 @@ module Aws::RolesAnywhere
     #
     # @!attribute [rw] seen_at
     #   The ISO-8601 time stamp of when the certificate was last used in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   temporary credential request.
     #   @return [Time]
     #
     # @!attribute [rw] serial_number
@@ -230,7 +217,7 @@ module Aws::RolesAnywhere
     end
 
     # @!attribute [rw] crl_data
-    #   The x509 v3 specified certificate revocation list
+    #   The x509 v3 specified certificate revocation list (CRL).
     #   @return [String]
     #
     # @!attribute [rw] enabled
@@ -266,11 +253,7 @@ module Aws::RolesAnywhere
     # authenticating instance.
     #
     # @!attribute [rw] failed
-    #   Indicates whether the [CreateSession][1] operation was successful.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   Indicates whether the temporary credential request was successful.
     #   @return [Boolean]
     #
     # @!attribute [rw] properties
@@ -279,11 +262,7 @@ module Aws::RolesAnywhere
     #
     # @!attribute [rw] seen_at
     #   The ISO-8601 time stamp of when the certificate was last used in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   temporary credential request.
     #   @return [Time]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/InstanceProperty AWS API Documentation
@@ -302,8 +281,8 @@ module Aws::RolesAnywhere
     #
     # @!attribute [rw] next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next
-    #   results, call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ListCrlsResponse AWS API Documentation
@@ -317,8 +296,8 @@ module Aws::RolesAnywhere
 
     # @!attribute [rw] next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next
-    #   results, call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #   @return [String]
     #
     # @!attribute [rw] profiles
@@ -336,8 +315,8 @@ module Aws::RolesAnywhere
 
     # @!attribute [rw] next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next
-    #   results, call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #   @return [String]
     #
     # @!attribute [rw] page_size
@@ -355,8 +334,8 @@ module Aws::RolesAnywhere
 
     # @!attribute [rw] next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next
-    #   results, call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #   @return [String]
     #
     # @!attribute [rw] subjects
@@ -398,8 +377,8 @@ module Aws::RolesAnywhere
 
     # @!attribute [rw] next_token
     #   A token that indicates where the output should continue from, if a
-    #   previous operation did not show all results. To get the next
-    #   results, call the operation again with this value.
+    #   previous request did not show all results. To get the next results,
+    #   make the request again with this value.
     #   @return [String]
     #
     # @!attribute [rw] trust_anchors
@@ -415,6 +394,114 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
 
+    # Customizable notification settings that will be applied to
+    # notification events. IAM Roles Anywhere consumes these settings while
+    # notifying across multiple channels - CloudWatch metrics, EventBridge,
+    # and Health Dashboard.
+    #
+    # @!attribute [rw] channel
+    #   The specified channel of notification. IAM Roles Anywhere uses
+    #   CloudWatch metrics, EventBridge, and Health Dashboard to notify for
+    #   an event.
+    #
+    #   <note markdown="1"> In the absence of a specific channel, IAM Roles Anywhere applies
+    #   this setting to 'ALL' channels.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @!attribute [rw] enabled
+    #   Indicates whether the notification setting is enabled.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] event
+    #   The event to which this notification setting is applied.
+    #   @return [String]
+    #
+    # @!attribute [rw] threshold
+    #   The number of days before a notification event. This value is
+    #   required for a notification setting that is enabled.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/NotificationSetting AWS API Documentation
+    #
+    class NotificationSetting < Struct.new(
+      :channel,
+      :enabled,
+      :event,
+      :threshold)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The state of a notification setting.
+    #
+    # A notification setting includes information such as event name,
+    # threshold, status of the notification setting, and the channel to
+    # notify.
+    #
+    # @!attribute [rw] channel
+    #   The specified channel of notification. IAM Roles Anywhere uses
+    #   CloudWatch metrics, EventBridge, and Health Dashboard to notify for
+    #   an event.
+    #
+    #   <note markdown="1"> In the absence of a specific channel, IAM Roles Anywhere applies
+    #   this setting to 'ALL' channels.
+    #
+    #    </note>
+    #   @return [String]
+    #
+    # @!attribute [rw] configured_by
+    #   The principal that configured the notification setting. For default
+    #   settings configured by IAM Roles Anywhere, the value is
+    #   `rolesanywhere.amazonaws.com`, and for customized notifications
+    #   settings, it is the respective account ID.
+    #   @return [String]
+    #
+    # @!attribute [rw] enabled
+    #   Indicates whether the notification setting is enabled.
+    #   @return [Boolean]
+    #
+    # @!attribute [rw] event
+    #   The event to which this notification setting is applied.
+    #   @return [String]
+    #
+    # @!attribute [rw] threshold
+    #   The number of days before a notification event.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/NotificationSettingDetail AWS API Documentation
+    #
+    class NotificationSettingDetail < Struct.new(
+      :channel,
+      :configured_by,
+      :enabled,
+      :event,
+      :threshold)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A notification setting key to reset. A notification setting key
+    # includes the event and the channel.
+    #
+    # @!attribute [rw] channel
+    #   The specified channel of notification.
+    #   @return [String]
+    #
+    # @!attribute [rw] event
+    #   The notification setting event to reset.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/NotificationSettingKey AWS API Documentation
+    #
+    class NotificationSettingKey < Struct.new(
+      :channel,
+      :event)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The state of the profile after a read or write operation.
     #
     # @!attribute [rw] created_at
@@ -451,21 +538,13 @@ module Aws::RolesAnywhere
     #   @return [String]
     #
     # @!attribute [rw] require_instance_properties
-    #   Specifies whether instance properties are required in
-    #   [CreateSession][1] requests with this profile.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   Specifies whether instance properties are required in temporary
+    #   credential requests with this profile.
     #   @return [Boolean]
     #
     # @!attribute [rw] role_arns
-    #   A list of IAM roles that this profile can assume in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   A list of IAM roles that this profile can assume in a temporary
+    #   credential request.
     #   @return [Array<String>]
     #
     # @!attribute [rw] session_policy
@@ -508,6 +587,66 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
 
+    # @!attribute [rw] notification_settings
+    #   A list of notification settings to be associated to the trust
+    #   anchor.
+    #   @return [Array<Types::NotificationSetting>]
+    #
+    # @!attribute [rw] trust_anchor_id
+    #   The unique identifier of the trust anchor.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutNotificationSettingsRequest AWS API Documentation
+    #
+    class PutNotificationSettingsRequest < Struct.new(
+      :notification_settings,
+      :trust_anchor_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] trust_anchor
+    #   The state of the trust anchor after a read or write operation.
+    #   @return [Types::TrustAnchorDetail]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/PutNotificationSettingsResponse AWS API Documentation
+    #
+    class PutNotificationSettingsResponse < Struct.new(
+      :trust_anchor)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] notification_setting_keys
+    #   A list of notification setting keys to reset. A notification setting
+    #   key includes the event and the channel.
+    #   @return [Array<Types::NotificationSettingKey>]
+    #
+    # @!attribute [rw] trust_anchor_id
+    #   The unique identifier of the trust anchor.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ResetNotificationSettingsRequest AWS API Documentation
+    #
+    class ResetNotificationSettingsRequest < Struct.new(
+      :notification_setting_keys,
+      :trust_anchor_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] trust_anchor
+    #   The state of the trust anchor after a read or write operation.
+    #   @return [Types::TrustAnchorDetail]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/rolesanywhere-2018-05-10/ResetNotificationSettingsResponse AWS API Documentation
+    #
+    class ResetNotificationSettingsResponse < Struct.new(
+      :trust_anchor)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The resource could not be found.
     #
     # @!attribute [rw] message
@@ -595,14 +734,9 @@ module Aws::RolesAnywhere
     # @note SourceData is a union - when returned from an API call exactly one value will be set and the returned type will be a subclass of SourceData corresponding to the set member.
     #
     # @!attribute [rw] acm_pca_arn
-    #   The root certificate of the Certificate Manager Private Certificate
-    #   Authority specified by this ARN is used in trust validation for
-    #   [CreateSession][1] operations. Included for trust anchors of type
-    #   `AWS_ACM_PCA`.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   The root certificate of the Private Certificate Authority specified
+    #   by this ARN is used in trust validation for temporary credential
+    #   requests. Included for trust anchors of type `AWS_ACM_PCA`.
     #   @return [String]
     #
     # @!attribute [rw] x509_certificate_data
@@ -633,7 +767,7 @@ module Aws::RolesAnywhere
     #
     # @!attribute [rw] credentials
     #   The temporary session credentials vended at the last authenticating
-    #   call with this Subject.
+    #   call with this subject.
     #   @return [Array<Types::CredentialSummary>]
     #
     # @!attribute [rw] enabled
@@ -645,7 +779,7 @@ module Aws::RolesAnywhere
     #   @return [Array<Types::InstanceProperty>]
     #
     # @!attribute [rw] last_seen_at
-    #   The ISO-8601 timestamp of the last time this Subject requested
+    #   The ISO-8601 timestamp of the last time this subject requested
     #   temporary session credentials.
     #   @return [Time]
     #
@@ -693,29 +827,20 @@ module Aws::RolesAnywhere
       include Aws::Structure
     end
 
-    # A summary representation of Subject resources returned in read
-    # operations; primarily ListSubjects.
+    # A summary representation of subjects.
     #
     # @!attribute [rw] created_at
     #   The ISO-8601 time stamp of when the certificate was first used in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   temporary credential request.
     #   @return [Time]
     #
     # @!attribute [rw] enabled
-    #   The enabled status of the Subject.
+    #   The enabled status of the subject.
     #   @return [Boolean]
     #
     # @!attribute [rw] last_seen_at
     #   The ISO-8601 time stamp of when the certificate was last used in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   temporary credential request.
     #   @return [Time]
     #
     # @!attribute [rw] subject_arn
@@ -815,6 +940,11 @@ module Aws::RolesAnywhere
     #   The name of the trust anchor.
     #   @return [String]
     #
+    # @!attribute [rw] notification_settings
+    #   A list of notification settings to be associated to the trust
+    #   anchor.
+    #   @return [Array<Types::NotificationSettingDetail>]
+    #
     # @!attribute [rw] source
     #   The trust anchor type and its related certificate data.
     #   @return [Types::Source]
@@ -837,6 +967,7 @@ module Aws::RolesAnywhere
       :created_at,
       :enabled,
       :name,
+      :notification_settings,
       :source,
       :trust_anchor_arn,
       :trust_anchor_id,
@@ -879,7 +1010,7 @@ module Aws::RolesAnywhere
     class UntagResourceResponse < Aws::EmptyStructure; end
 
     # @!attribute [rw] crl_data
-    #   The x509 v3 specified certificate revocation list
+    #   The x509 v3 specified certificate revocation list (CRL).
     #   @return [String]
     #
     # @!attribute [rw] crl_id
@@ -918,12 +1049,8 @@ module Aws::RolesAnywhere
     #   @return [String]
     #
     # @!attribute [rw] role_arns
-    #   A list of IAM roles that this profile can assume in a
-    #   [CreateSession][1] operation.
-    #
-    #
-    #
-    #   [1]: https://docs.aws.amazon.com/rolesanywhere/latest/APIReference/API_CreateSession.html
+    #   A list of IAM roles that this profile can assume in a temporary
+    #   credential request.
     #   @return [Array<String>]
     #
     # @!attribute [rw] session_policy

data/lib/aws-sdk-rolesanywhere.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-rolesanywhere/customizations'
 # @!group service
 module Aws::RolesAnywhere
 
-  GEM_VERSION = '1.2.0'
+  GEM_VERSION = '1.3.0'
 
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-rolesanywhere
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.3.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-01-18 00:00:00.000000000 Z
+date: 2023-05-15 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core