aws-sdk-workmail 1.77.0 → 1.79.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 14e2c310d438a458e97af4e5bffd2c2b826c1f7e289be42c6883f75afe426ba9
-  data.tar.gz: aea1f7bc557d4e76a82a419e44c9c26c2ed10faf21b9be3bfb1df84345494f52
+  metadata.gz: 65117c95e556a0f6cdfe141710fdc66c2b4938c4d931239ad384386e400b5f89
+  data.tar.gz: a5b04f80143c25ed20fcfc7a5146d5c8989da19ab1fdf1c35f74477d84655ca2
 SHA512:
-  metadata.gz: da12839f7620e252b4e0f2344f3018782d848cb3272b3ecbef3b5971053376c403cb3481113d021491e4362f616d1ee18d8921c131d5cab9f6b6a7d3b280c900
-  data.tar.gz: dc3ba1ae61b489f3b5b34f54dd0ea920413eedae9444453445c382472880984869cd64f055f54b0084beace5cc86badc968058dfa33dd941edca712de02c869a
+  metadata.gz: '074741287bd633d8ead3655706fbec6b9b159528c67c2f45dde3d671db8e53977d8ab5933bfa517b333098f0ad96de93455c97c282b96778fff7fc1db763276e'
+  data.tar.gz: 303dbf122f0b97e06a3012d7260927e028a28ddff4ba1c6fe2b2f47a75082d72039073542ed4d8513ac6cb27a5f7a823fb9e8901e4307f2df5d691faad2037d0

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.79.0 (2025-01-15)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.78.0 (2024-10-30)
+------------------
+
+* Feature - This release adds support for Multi-Factor Authentication (MFA) and Personal Access Tokens through integration with AWS IAM Identity Center.
+
 1.77.0 (2024-10-18)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.77.0
+1.79.0

data/lib/aws-sdk-workmail/client.rb

@@ -257,11 +257,34 @@ module Aws::WorkMail
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [String] :request_checksum_calculation ("when_supported")
+    #     Determines when a checksum will be calculated for request payloads. Values are:
+    #
+    #     * `when_supported` - (default) When set, a checksum will be
+    #       calculated for all request payloads of operations modeled with the
+    #       `httpChecksum` trait where `requestChecksumRequired` is `true` and/or a
+    #       `requestAlgorithmMember` is modeled.
+    #     * `when_required` - When set, a checksum will only be calculated for
+    #       request payloads of operations modeled with the  `httpChecksum` trait where
+    #       `requestChecksumRequired` is `true` or where a `requestAlgorithmMember`
+    #       is modeled and supplied.
+    #
     #   @option options [Integer] :request_min_compression_size_bytes (10240)
     #     The minimum size in bytes that triggers compression for request
     #     bodies. The value must be non-negative integer value between 0
     #     and 10485780 bytes inclusive.
     #
+    #   @option options [String] :response_checksum_validation ("when_supported")
+    #     Determines when checksum validation will be performed on response payloads. Values are:
+    #
+    #     * `when_supported` - (default) When set, checksum validation is performed on all
+    #       response payloads of operations modeled with the `httpChecksum` trait where
+    #       `responseAlgorithms` is modeled, except when no modeled checksum algorithms
+    #       are supported.
+    #     * `when_required` - When set, checksum validation is not performed on
+    #       response payloads of operations unless the checksum algorithm is supported and
+    #       the `requestValidationModeMember` member is set to `ENABLED`.
+    #
     #   @option options [Proc] :retry_backoff
     #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
     #     This option is only used in the `legacy` retry mode.
@@ -751,6 +774,48 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Creates the WorkMail application in IAM Identity Center that can be
+    # used later in the WorkMail - IdC integration. For more information,
+    # see PutIdentityProviderConfiguration. This action does not affect the
+    # authentication settings for any WorkMail organizations.
+    #
+    # @option params [required, String] :name
+    #   The name of the IAM Identity Center application.
+    #
+    # @option params [required, String] :instance_arn
+    #   The Amazon Resource Name (ARN) of the instance.
+    #
+    # @option params [String] :client_token
+    #   The idempotency token associated with the request.
+    #
+    #   **A suitable default value is auto-generated.** You should normally
+    #   not need to pass this option.**
+    #
+    # @return [Types::CreateIdentityCenterApplicationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateIdentityCenterApplicationResponse#application_arn #application_arn} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_identity_center_application({
+    #     name: "IdentityCenterApplicationName", # required
+    #     instance_arn: "InstanceArn", # required
+    #     client_token: "IdempotencyClientToken",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.application_arn #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/CreateIdentityCenterApplication AWS API Documentation
+    #
+    # @overload create_identity_center_application(params = {})
+    # @param [Hash] params ({})
+    def create_identity_center_application(params = {}, options = {})
+      req = build_request(:create_identity_center_application, params)
+      req.send_request(options)
+    end
+
     # Creates an impersonation role for the given WorkMail organization.
     #
     # *Idempotency* ensures that an API request completes no more than one
@@ -1064,6 +1129,11 @@ module Aws::WorkMail
     #   If this parameter is enabled, the user will be hidden from the address
     #   book.
     #
+    # @option params [String] :identity_provider_user_id
+    #   User ID from the IAM Identity Center. If this parameter is empty it
+    #   will be updated automatically when the user logs in for the first time
+    #   to the mailbox associated with WorkMail.
+    #
     # @return [Types::CreateUserResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::CreateUserResponse#user_id #user_id} => String
@@ -1079,6 +1149,7 @@ module Aws::WorkMail
     #     first_name: "UserAttribute",
     #     last_name: "UserAttribute",
     #     hidden_from_global_address_list: false,
+    #     identity_provider_user_id: "IdentityProviderUserId",
     #   })
     #
     # @example Response structure
@@ -1247,6 +1318,55 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Deletes the IAM Identity Center application from WorkMail. This action
+    # does not affect the authentication settings for any WorkMail
+    # organizations.
+    #
+    # @option params [required, String] :application_arn
+    #   The Amazon Resource Name (ARN) of the application.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_identity_center_application({
+    #     application_arn: "ApplicationArn", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteIdentityCenterApplication AWS API Documentation
+    #
+    # @overload delete_identity_center_application(params = {})
+    # @param [Hash] params ({})
+    def delete_identity_center_application(params = {}, options = {})
+      req = build_request(:delete_identity_center_application, params)
+      req.send_request(options)
+    end
+
+    # Disables the integration between IdC and WorkMail. Authentication will
+    # continue with the directory as it was before the IdC integration. You
+    # might have to reset your directory passwords and reconfigure your
+    # desktop and mobile email clients.
+    #
+    # @option params [required, String] :organization_id
+    #   The Organization ID.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_identity_provider_configuration({
+    #     organization_id: "OrganizationId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeleteIdentityProviderConfiguration AWS API Documentation
+    #
+    # @overload delete_identity_provider_configuration(params = {})
+    # @param [Hash] params ({})
+    def delete_identity_provider_configuration(params = {}, options = {})
+      req = build_request(:delete_identity_provider_configuration, params)
+      req.send_request(options)
+    end
+
     # Deletes an impersonation role for the given WorkMail organization.
     #
     # @option params [required, String] :organization_id
@@ -1432,6 +1552,10 @@ module Aws::WorkMail
     #   Deletes a WorkMail organization even if the organization has enabled
     #   users.
     #
+    # @option params [Boolean] :delete_identity_center_application
+    #   Deletes IAM Identity Center application for WorkMail. This action does
+    #   not affect authentication settings for any organization.
+    #
     # @return [Types::DeleteOrganizationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::DeleteOrganizationResponse#organization_id #organization_id} => String
@@ -1444,6 +1568,7 @@ module Aws::WorkMail
     #     organization_id: "OrganizationId", # required
     #     delete_directory: false, # required
     #     force_delete: false,
+    #     delete_identity_center_application: false,
     #   })
     #
     # @example Response structure
@@ -1460,6 +1585,33 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Deletes the Personal Access Token from the provided WorkMail
+    # Organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Organization ID.
+    #
+    # @option params [required, String] :personal_access_token_id
+    #   The Personal Access Token ID.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_personal_access_token({
+    #     organization_id: "OrganizationId", # required
+    #     personal_access_token_id: "PersonalAccessTokenId", # required
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DeletePersonalAccessToken AWS API Documentation
+    #
+    # @overload delete_personal_access_token(params = {})
+    # @param [Hash] params ({})
+    def delete_personal_access_token(params = {}, options = {})
+      req = build_request(:delete_personal_access_token, params)
+      req.send_request(options)
+    end
+
     # Deletes the specified resource.
     #
     # @option params [required, String] :organization_id
@@ -1752,6 +1904,41 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Returns detailed information on the current IdC setup for the WorkMail
+    # organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Organization ID.
+    #
+    # @return [Types::DescribeIdentityProviderConfigurationResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::DescribeIdentityProviderConfigurationResponse#authentication_mode #authentication_mode} => String
+    #   * {Types::DescribeIdentityProviderConfigurationResponse#identity_center_configuration #identity_center_configuration} => Types::IdentityCenterConfiguration
+    #   * {Types::DescribeIdentityProviderConfigurationResponse#personal_access_token_configuration #personal_access_token_configuration} => Types::PersonalAccessTokenConfiguration
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.describe_identity_provider_configuration({
+    #     organization_id: "OrganizationId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.authentication_mode #=> String, one of "IDENTITY_PROVIDER_ONLY", "IDENTITY_PROVIDER_AND_DIRECTORY"
+    #   resp.identity_center_configuration.instance_arn #=> String
+    #   resp.identity_center_configuration.application_arn #=> String
+    #   resp.personal_access_token_configuration.status #=> String, one of "ACTIVE", "INACTIVE"
+    #   resp.personal_access_token_configuration.lifetime_in_days #=> Integer
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DescribeIdentityProviderConfiguration AWS API Documentation
+    #
+    # @overload describe_identity_provider_configuration(params = {})
+    # @param [Hash] params ({})
+    def describe_identity_provider_configuration(params = {}, options = {})
+      req = build_request(:describe_identity_provider_configuration, params)
+      req.send_request(options)
+    end
+
     # Lists the settings in a DMARC policy for a specified organization.
     #
     # @option params [required, String] :organization_id
@@ -1988,6 +2175,8 @@ module Aws::WorkMail
     #   * {Types::DescribeUserResponse#department #department} => String
     #   * {Types::DescribeUserResponse#country #country} => String
     #   * {Types::DescribeUserResponse#office #office} => String
+    #   * {Types::DescribeUserResponse#identity_provider_user_id #identity_provider_user_id} => String
+    #   * {Types::DescribeUserResponse#identity_provider_identity_store_id #identity_provider_identity_store_id} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -2021,6 +2210,8 @@ module Aws::WorkMail
     #   resp.department #=> String
     #   resp.country #=> String
     #   resp.office #=> String
+    #   resp.identity_provider_user_id #=> String
+    #   resp.identity_provider_identity_store_id #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/DescribeUser AWS API Documentation
     #
@@ -2525,6 +2716,52 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Requests details of a specific Personal Access Token within the
+    # WorkMail organization.
+    #
+    # @option params [required, String] :organization_id
+    #   The Organization ID.
+    #
+    # @option params [required, String] :personal_access_token_id
+    #   The Personal Access Token ID.
+    #
+    # @return [Types::GetPersonalAccessTokenMetadataResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#personal_access_token_id #personal_access_token_id} => String
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#user_id #user_id} => String
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#name #name} => String
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#date_created #date_created} => Time
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#date_last_used #date_last_used} => Time
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#expires_time #expires_time} => Time
+    #   * {Types::GetPersonalAccessTokenMetadataResponse#scopes #scopes} => Array<String>
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_personal_access_token_metadata({
+    #     organization_id: "OrganizationId", # required
+    #     personal_access_token_id: "PersonalAccessTokenId", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.personal_access_token_id #=> String
+    #   resp.user_id #=> String
+    #   resp.name #=> String
+    #   resp.date_created #=> Time
+    #   resp.date_last_used #=> Time
+    #   resp.expires_time #=> Time
+    #   resp.scopes #=> Array
+    #   resp.scopes[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/GetPersonalAccessTokenMetadata AWS API Documentation
+    #
+    # @overload get_personal_access_token_metadata(params = {})
+    # @param [Hash] params ({})
+    def get_personal_access_token_metadata(params = {}, options = {})
+      req = build_request(:get_personal_access_token_metadata, params)
+      req.send_request(options)
+    end
+
     # Lists the access control rules for the specified organization.
     #
     # @option params [required, String] :organization_id
@@ -3213,6 +3450,58 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Returns a summary of your Personal Access Tokens.
+    #
+    # @option params [required, String] :organization_id
+    #   The Organization ID.
+    #
+    # @option params [String] :user_id
+    #   The WorkMail User ID.
+    #
+    # @option params [String] :next_token
+    #   The token from the previous response to query the next page.
+    #
+    # @option params [Integer] :max_results
+    #   The maximum amount of items that should be returned in a response.
+    #
+    # @return [Types::ListPersonalAccessTokensResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListPersonalAccessTokensResponse#next_token #next_token} => String
+    #   * {Types::ListPersonalAccessTokensResponse#personal_access_token_summaries #personal_access_token_summaries} => Array<Types::PersonalAccessTokenSummary>
+    #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_personal_access_tokens({
+    #     organization_id: "OrganizationId", # required
+    #     user_id: "EntityIdentifier",
+    #     next_token: "NextToken",
+    #     max_results: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.next_token #=> String
+    #   resp.personal_access_token_summaries #=> Array
+    #   resp.personal_access_token_summaries[0].personal_access_token_id #=> String
+    #   resp.personal_access_token_summaries[0].user_id #=> String
+    #   resp.personal_access_token_summaries[0].name #=> String
+    #   resp.personal_access_token_summaries[0].date_created #=> Time
+    #   resp.personal_access_token_summaries[0].date_last_used #=> Time
+    #   resp.personal_access_token_summaries[0].expires_time #=> Time
+    #   resp.personal_access_token_summaries[0].scopes #=> Array
+    #   resp.personal_access_token_summaries[0].scopes[0] #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListPersonalAccessTokens AWS API Documentation
+    #
+    # @overload list_personal_access_tokens(params = {})
+    # @param [Hash] params ({})
+    def list_personal_access_tokens(params = {}, options = {})
+      req = build_request(:list_personal_access_tokens, params)
+      req.send_request(options)
+    end
+
     # Lists the delegates associated with a resource. Users and groups can
     # be resource delegates and answer requests on behalf of the resource.
     #
@@ -3393,6 +3682,7 @@ module Aws::WorkMail
     #       display_name_prefix: "UserAttribute",
     #       primary_email_prefix: "String",
     #       state: "ENABLED", # accepts ENABLED, DISABLED, DELETED
+    #       identity_provider_user_id_prefix: "IdentityProviderUserIdPrefix",
     #     },
     #   })
     #
@@ -3407,6 +3697,8 @@ module Aws::WorkMail
     #   resp.users[0].user_role #=> String, one of "USER", "RESOURCE", "SYSTEM_USER", "REMOTE_USER"
     #   resp.users[0].enabled_date #=> Time
     #   resp.users[0].disabled_date #=> Time
+    #   resp.users[0].identity_provider_user_id #=> String
+    #   resp.users[0].identity_provider_identity_store_id #=> String
     #   resp.next_token #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/ListUsers AWS API Documentation
@@ -3526,6 +3818,51 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
+    # Enables integration between IAM Identity Center (IdC) and WorkMail to
+    # proxy authentication requests for mailbox users. You can connect your
+    # IdC directory or your external directory to WorkMail through IdC and
+    # manage access to WorkMail mailboxes in a single place. For enhanced
+    # protection, you could enable Multifactor Authentication (MFA) and
+    # Personal Access Tokens.
+    #
+    # @option params [required, String] :organization_id
+    #   The ID of the WorkMail Organization.
+    #
+    # @option params [required, String] :authentication_mode
+    #   The authentication mode used in WorkMail.
+    #
+    # @option params [required, Types::IdentityCenterConfiguration] :identity_center_configuration
+    #   The details of the IAM Identity Center configuration.
+    #
+    # @option params [required, Types::PersonalAccessTokenConfiguration] :personal_access_token_configuration
+    #   The details of the Personal Access Token configuration.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.put_identity_provider_configuration({
+    #     organization_id: "OrganizationId", # required
+    #     authentication_mode: "IDENTITY_PROVIDER_ONLY", # required, accepts IDENTITY_PROVIDER_ONLY, IDENTITY_PROVIDER_AND_DIRECTORY
+    #     identity_center_configuration: { # required
+    #       instance_arn: "InstanceArn", # required
+    #       application_arn: "ApplicationArn", # required
+    #     },
+    #     personal_access_token_configuration: { # required
+    #       status: "ACTIVE", # required, accepts ACTIVE, INACTIVE
+    #       lifetime_in_days: 1,
+    #     },
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/PutIdentityProviderConfiguration AWS API Documentation
+    #
+    # @overload put_identity_provider_configuration(params = {})
+    # @param [Hash] params ({})
+    def put_identity_provider_configuration(params = {}, options = {})
+      req = build_request(:put_identity_provider_configuration, params)
+      req.send_request(options)
+    end
+
     # Enables or disables a DMARC policy for a given organization.
     #
     # @option params [required, String] :organization_id
@@ -4113,7 +4450,7 @@ module Aws::WorkMail
       req.send_request(options)
     end
 
-    # Updates attibutes in a group.
+    # Updates attributes in a group.
     #
     # @option params [required, String] :organization_id
     #   The identifier for the organization under which the group exists.
@@ -4487,7 +4824,7 @@ module Aws::WorkMail
     #   Updates the user's company.
     #
     # @option params [String] :zip_code
-    #   Updates the user's zipcode.
+    #   Updates the user's zip code.
     #
     # @option params [String] :department
     #   Updates the user's department.
@@ -4498,6 +4835,11 @@ module Aws::WorkMail
     # @option params [String] :office
     #   Updates the user's office.
     #
+    # @option params [String] :identity_provider_user_id
+    #   User ID from the IAM Identity Center. If this parameter is empty it
+    #   will be updated automatically when the user logs in for the first time
+    #   to the mailbox associated with WorkMail.
+    #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
     # @example Request syntax with placeholder values
@@ -4520,6 +4862,7 @@ module Aws::WorkMail
     #     department: "UserAttribute",
     #     country: "UserAttribute",
     #     office: "UserAttribute",
+    #     identity_provider_user_id: "IdentityProviderUserIdForUpdate",
     #   })
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/workmail-2017-10-01/UpdateUser AWS API Documentation
@@ -4549,7 +4892,7 @@ module Aws::WorkMail
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-workmail'
-      context[:gem_version] = '1.77.0'
+      context[:gem_version] = '1.79.0'
       Seahorse::Client::Request.new(handlers, context)
     end