@aws-sdk/client-ec2 3.624.0 → 3.629.0

package/dist-types/models/models_6.d.ts

@@ -1,9 +1,72 @@
-import { _InstanceType, AccessScopeAnalysisFinding, AddedPrincipal, AddIpamOperatingRegion, AddPrefixListEntry, AddressAttribute, Affinity, ApplianceModeSupportValue, AutoPlacement, DnsSupportValue, EnaSrdSpecification, EndDateType, HostMaintenance, HostRecovery, InstanceEventWindow, IpamPoolAllocation, Ipv6SupportValue, SecurityGroupReferencingSupportValue, SubnetAssociation, Tag, TagSpecification, TargetConfigurationRequest, TransitGatewayAssociationState, TransitGatewayAttachmentResourceType, TransitGatewayPolicyTableAssociation, TransitGatewayVpcAttachment, UnsuccessfulItem, VerifiedAccessInstance, VerifiedAccessSseSpecificationResponse, VerifiedAccessTrustProvider } from "./models_0";
+import { _InstanceType, AccessScopeAnalysisFinding, AddedPrincipal, AddIpamOperatingRegion, AddPrefixListEntry, AddressAttribute, Affinity, ApplianceModeSupportValue, AutoPlacement, DnsSupportValue, EnaSrdSpecification, EndDateType, HostMaintenance, HostRecovery, InstanceEventWindow, InstanceMatchCriteria, IpamPoolAllocation, Ipv6SupportValue, SecurityGroupReferencingSupportValue, SubnetAssociation, Tag, TagSpecification, TargetConfigurationRequest, TransitGatewayAssociationState, TransitGatewayAttachmentResourceType, TransitGatewayPolicyTableAssociation, TransitGatewayVpcAttachment, UnsuccessfulItem, VerifiedAccessInstance, VerifiedAccessSseSpecificationResponse, VerifiedAccessTrustProvider } from "./models_0";
 import { AttributeValue, CapacityReservationPreference, CapacityReservationTarget, ClientConnectOptions, ClientLoginBannerOptions, ConnectionLogOptions, ConnectionTrackingSpecificationRequest, DiskImageFormat, FleetExcessCapacityTerminationPolicy, FleetLaunchTemplateConfigRequest, HostnameType, InstanceEventWindowTimeRangeRequest, InstanceRequirementsRequest, Ipam, IpamPool, IpamResourceDiscovery, IpamResourceTag, IpamScope, IpamTier, LaunchTemplate, LocalGatewayRoute, ManagedPrefixList, NetworkInsightsAccessScopeContent, Placement, PlatformValues, RequestIpamResourceTag, ResponseLaunchTemplateData, SelfServicePortal, ShutdownBehavior, TargetCapacitySpecificationRequest, TargetCapacityUnitType, VolumeType } from "./models_1";
-import { AutoAcceptSharedAttachmentsValue, DefaultRouteTableAssociationValue, DefaultRouteTablePropagationValue, DnsOptionsSpecification, IKEVersionsRequestListValue, IpAddressType, PayerResponsibility, Phase1DHGroupNumbersRequestListValue, Phase1EncryptionAlgorithmsRequestListValue, Phase1IntegrityAlgorithmsRequestListValue, Phase2DHGroupNumbersRequestListValue, Phase2EncryptionAlgorithmsRequestListValue, Phase2IntegrityAlgorithmsRequestListValue, SubnetCidrReservation, SubnetConfiguration, TrafficDirection, TrafficMirrorFilter, TrafficMirrorFilterRule, TrafficMirrorNetworkService, TrafficMirrorPortRangeRequest, TrafficMirrorRuleAction, TrafficMirrorSession, TransitGateway, TransitGatewayPrefixListReference, VerifiedAccessEndpoint, VerifiedAccessEndpointProtocol, VerifiedAccessGroup, VerifiedAccessSseSpecificationRequest, VpnConnection, VpnEcmpSupportValue, VpnTunnelLogOptionsSpecification } from "./models_2";
-import { ArchitectureValues, BootModeValues, ConversionTask, Filter, FpgaImageAttribute, FpgaImageAttributeName, IpamPoolCidr, LaunchPermission, PermissionGroup, VirtualizationType } from "./models_3";
-import { AnalysisStatus, ArchitectureType, AttributeBooleanValue, CreateVolumePermission, ExcessCapacityTerminationPolicy, HttpTokensState, ImportImageLicenseConfigurationResponse, InstanceAttributeName, InstanceAutoRecoveryState, InstanceMetadataEndpointState, InstanceMetadataOptionsResponse, InstanceMetadataProtocolState, InstanceMetadataTagsState, InstanceStatusEvent, LaunchTemplateConfig, LockState, ReservedInstancesConfiguration, SnapshotAttributeName, SnapshotDetail, SnapshotTaskDetail } from "./models_4";
-import { EkPubKeyFormat, EkPubKeyType, InstanceFamilyCreditSpecification, SnapshotBlockPublicAccessState, TransitGatewayPropagationState, UnlimitedSupportedInstanceFamily, VerifiedAccessInstanceLoggingConfiguration, VolumeModification } from "./models_5";
+import { AutoAcceptSharedAttachmentsValue, DefaultRouteTableAssociationValue, DefaultRouteTablePropagationValue, DnsOptionsSpecification, IpAddressType, PayerResponsibility, SubnetCidrReservation, SubnetConfiguration, TrafficDirection, TrafficMirrorFilter, TrafficMirrorFilterRule, TrafficMirrorNetworkService, TrafficMirrorPortRangeRequest, TrafficMirrorRuleAction, TrafficMirrorSession, TransitGateway, TransitGatewayPrefixListReference, VerifiedAccessEndpoint, VerifiedAccessEndpointProtocol, VerifiedAccessGroup, VerifiedAccessSseSpecificationRequest, VpnConnection, VpnEcmpSupportValue } from "./models_2";
+import { ArchitectureValues, BootModeValues, ConversionTask, Filter, FpgaImageAttribute, FpgaImageAttributeName, IpamPoolCidr, LaunchPermission, PermissionGroup } from "./models_3";
+import { AnalysisStatus, ArchitectureType, AttributeBooleanValue, CreateVolumePermission, ExcessCapacityTerminationPolicy, HttpTokensState, ImportImageLicenseConfigurationResponse, InstanceAttributeName, InstanceAutoRecoveryState, InstanceMetadataEndpointState, InstanceMetadataOptionsResponse, InstanceMetadataProtocolState, InstanceMetadataTagsState, InstanceStatusEvent, LaunchTemplateConfig, LockState, ReservedInstancesConfiguration, SnapshotAttributeName, SnapshotDetail, SnapshotTaskDetail, VirtualizationType } from "./models_4";
+import { InstanceFamilyCreditSpecification, InstanceMetadataDefaultsResponse, SnapshotBlockPublicAccessState, TransitGatewayPropagationState, UnlimitedSupportedInstanceFamily, VerifiedAccessInstanceLoggingConfiguration, VolumeModification } from "./models_5";
+/**
+ * @public
+ */
+export interface GetInstanceMetadataDefaultsResult {
+    /**
+     * <p>The account-level default IMDS settings.</p>
+     * @public
+     */
+    AccountLevel?: InstanceMetadataDefaultsResponse;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const EkPubKeyFormat: {
+    readonly der: "der";
+    readonly tpmt: "tpmt";
+};
+/**
+ * @public
+ */
+export type EkPubKeyFormat = (typeof EkPubKeyFormat)[keyof typeof EkPubKeyFormat];
+/**
+ * @public
+ * @enum
+ */
+export declare const EkPubKeyType: {
+    readonly ECC_SEC_P384: "ecc-sec-p384";
+    readonly RSA_2048: "rsa-2048";
+};
+/**
+ * @public
+ */
+export type EkPubKeyType = (typeof EkPubKeyType)[keyof typeof EkPubKeyType];
+/**
+ * @public
+ */
+export interface GetInstanceTpmEkPubRequest {
+    /**
+     * <p>The ID of the instance for which to get the public endorsement key.</p>
+     * @public
+     */
+    InstanceId: string | undefined;
+    /**
+     * <p>The required public endorsement key type.</p>
+     * @public
+     */
+    KeyType: EkPubKeyType | undefined;
+    /**
+     * <p>The required public endorsement key format. Specify <code>der</code> for a DER-encoded public
+     *             key that is compatible with OpenSSL. Specify <code>tpmt</code> for a TPM 2.0 format that is
+     *             compatible with tpm2-tools. The returned key is base64 encoded.</p>
+     * @public
+     */
+    KeyFormat: EkPubKeyFormat | undefined;
+    /**
+     * <p>Specify this parameter to verify whether the request will succeed, without actually making the
+     *             request. If the request will succeed, the response is <code>DryRunOperation</code>. Otherwise,
+     *             the response is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean;
+}
 /**
  * @public
  */
@@ -716,6 +779,19 @@ export interface GetIpamDiscoveredResourceCidrsRequest {
      */
     MaxResults?: number;
 }
+/**
+ * @public
+ * @enum
+ */
+export declare const IpamResourceCidrIpSource: {
+    readonly amazon: "amazon";
+    readonly byoip: "byoip";
+    readonly none: "none";
+};
+/**
+ * @public
+ */
+export type IpamResourceCidrIpSource = (typeof IpamResourceCidrIpSource)[keyof typeof IpamResourceCidrIpSource];
 /**
  * @public
  * @enum
@@ -774,6 +850,11 @@ export interface IpamDiscoveredResourceCidr {
      * @public
      */
     ResourceCidr?: string;
+    /**
+     * <p>The source that allocated the IP address space. <code>byoip</code> or <code>amazon</code> indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). <code>none</code> indicates private space.</p>
+     * @public
+     */
+    IpSource?: IpamResourceCidrIpSource;
     /**
      * <p>The resource type.</p>
      * @public
@@ -4009,6 +4090,16 @@ export interface ModifyCapacityReservationRequest {
      * @public
      */
     AdditionalInfo?: string;
+    /**
+     * <p>
+     * 			The matching criteria (instance eligibility) that you want to use in the modified Capacity Reservation. If you change the instance eligibility of an existing Capacity Reservation from <code>targeted</code> to <code>open</code>,
+     * 			any running instances that match the attributes of the Capacity Reservation, have the <code>CapacityReservationPreference</code> set to <code>open</code>, and
+     * 			are not yet running in the Capacity Reservation, will automatically use the modified Capacity Reservation.
+     * 		</p>
+     *          <p>To modify the instance eligibility, the Capacity Reservation must be completely idle (zero usage).</p>
+     * @public
+     */
+    InstanceMatchCriteria?: InstanceMatchCriteria;
 }
 /**
  * @public
@@ -5538,6 +5629,11 @@ export interface ModifyIpamRequest {
      * @public
      */
     Tier?: IpamTier;
+    /**
+     * <p>Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.</p>
+     * @public
+     */
+    EnablePrivateGua?: boolean;
 }
 /**
  * @public
@@ -8102,294 +8198,6 @@ export interface ModifyVpnTunnelCertificateRequest {
      */
     DryRun?: boolean;
 }
-/**
- * @public
- */
-export interface ModifyVpnTunnelCertificateResult {
-    /**
-     * <p>Information about the VPN connection.</p>
-     * @public
-     */
-    VpnConnection?: VpnConnection;
-}
-/**
- * <p>The Amazon Web Services Site-to-Site VPN tunnel options to modify.</p>
- * @public
- */
-export interface ModifyVpnTunnelOptionsSpecification {
-    /**
-     * <p>The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be
-     *             unique across all VPN connections that use the same virtual private gateway. </p>
-     *          <p>Constraints: A size /30 CIDR block from the <code>169.254.0.0/16</code> range. The
-     *             following CIDR blocks are reserved and cannot be used:</p>
-     *          <ul>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.0.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.1.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.2.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.3.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.4.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.5.0/30</code>
-     *                </p>
-     *             </li>
-     *             <li>
-     *                <p>
-     *                   <code>169.254.169.252/30</code>
-     *                </p>
-     *             </li>
-     *          </ul>
-     * @public
-     */
-    TunnelInsideCidr?: string;
-    /**
-     * <p>The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be
-     *             unique across all VPN connections that use the same transit gateway.</p>
-     *          <p>Constraints: A size /126 CIDR block from the local <code>fd00::/8</code> range.</p>
-     * @public
-     */
-    TunnelInsideIpv6Cidr?: string;
-    /**
-     * <p>The pre-shared key (PSK) to establish initial authentication between the virtual
-     *             private gateway and the customer gateway.</p>
-     *          <p>Constraints: Allowed characters are alphanumeric characters, periods (.), and
-     *             underscores (_). Must be between 8 and 64 characters in length and cannot start with
-     *             zero (0).</p>
-     * @public
-     */
-    PreSharedKey?: string;
-    /**
-     * <p>The lifetime for phase 1 of the IKE negotiation, in seconds.</p>
-     *          <p>Constraints: A value between 900 and 28,800.</p>
-     *          <p>Default: <code>28800</code>
-     *          </p>
-     * @public
-     */
-    Phase1LifetimeSeconds?: number;
-    /**
-     * <p>The lifetime for phase 2 of the IKE negotiation, in seconds.</p>
-     *          <p>Constraints: A value between 900 and 3,600. The value must be less than the value for
-     *                 <code>Phase1LifetimeSeconds</code>.</p>
-     *          <p>Default: <code>3600</code>
-     *          </p>
-     * @public
-     */
-    Phase2LifetimeSeconds?: number;
-    /**
-     * <p>The margin time, in seconds, before the phase 2 lifetime expires, during which the
-     *                 Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time
-     *             of the rekey is randomly selected based on the value for
-     *                 <code>RekeyFuzzPercentage</code>.</p>
-     *          <p>Constraints: A value between 60 and half of <code>Phase2LifetimeSeconds</code>.</p>
-     *          <p>Default: <code>270</code>
-     *          </p>
-     * @public
-     */
-    RekeyMarginTimeSeconds?: number;
-    /**
-     * <p>The percentage of the rekey window (determined by <code>RekeyMarginTimeSeconds</code>)
-     *             during which the rekey time is randomly selected.</p>
-     *          <p>Constraints: A value between 0 and 100.</p>
-     *          <p>Default: <code>100</code>
-     *          </p>
-     * @public
-     */
-    RekeyFuzzPercentage?: number;
-    /**
-     * <p>The number of packets in an IKE replay window.</p>
-     *          <p>Constraints: A value between 64 and 2048.</p>
-     *          <p>Default: <code>1024</code>
-     *          </p>
-     * @public
-     */
-    ReplayWindowSize?: number;
-    /**
-     * <p>The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.</p>
-     *          <p>Constraints: A value greater than or equal to 30.</p>
-     *          <p>Default: <code>40</code>
-     *          </p>
-     * @public
-     */
-    DPDTimeoutSeconds?: number;
-    /**
-     * <p>The action to take after DPD timeout occurs. Specify <code>restart</code> to restart
-     *             the IKE initiation. Specify <code>clear</code> to end the IKE session.</p>
-     *          <p>Valid Values: <code>clear</code> | <code>none</code> | <code>restart</code>
-     *          </p>
-     *          <p>Default: <code>clear</code>
-     *          </p>
-     * @public
-     */
-    DPDTimeoutAction?: string;
-    /**
-     * <p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 1
-     *             IKE negotiations.</p>
-     *          <p>Valid values: <code>AES128</code> | <code>AES256</code> | <code>AES128-GCM-16</code> |
-     *                 <code>AES256-GCM-16</code>
-     *          </p>
-     * @public
-     */
-    Phase1EncryptionAlgorithms?: Phase1EncryptionAlgorithmsRequestListValue[];
-    /**
-     * <p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 2
-     *             IKE negotiations.</p>
-     *          <p>Valid values: <code>AES128</code> | <code>AES256</code> | <code>AES128-GCM-16</code> |
-     *                 <code>AES256-GCM-16</code>
-     *          </p>
-     * @public
-     */
-    Phase2EncryptionAlgorithms?: Phase2EncryptionAlgorithmsRequestListValue[];
-    /**
-     * <p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE
-     *             negotiations.</p>
-     *          <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> | <code>SHA2-384</code> |
-     *                 <code>SHA2-512</code>
-     *          </p>
-     * @public
-     */
-    Phase1IntegrityAlgorithms?: Phase1IntegrityAlgorithmsRequestListValue[];
-    /**
-     * <p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE
-     *             negotiations.</p>
-     *          <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> | <code>SHA2-384</code> |
-     *                 <code>SHA2-512</code>
-     *          </p>
-     * @public
-     */
-    Phase2IntegrityAlgorithms?: Phase2IntegrityAlgorithmsRequestListValue[];
-    /**
-     * <p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for
-     *             phase 1 IKE negotiations.</p>
-     *          <p>Valid values: <code>2</code> | <code>14</code> | <code>15</code> | <code>16</code> |
-     *                 <code>17</code> | <code>18</code> | <code>19</code> | <code>20</code> |
-     *                 <code>21</code> | <code>22</code> | <code>23</code> | <code>24</code>
-     *          </p>
-     * @public
-     */
-    Phase1DHGroupNumbers?: Phase1DHGroupNumbersRequestListValue[];
-    /**
-     * <p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for
-     *             phase 2 IKE negotiations.</p>
-     *          <p>Valid values: <code>2</code> | <code>5</code> | <code>14</code> | <code>15</code> |
-     *                 <code>16</code> | <code>17</code> | <code>18</code> | <code>19</code> |
-     *                 <code>20</code> | <code>21</code> | <code>22</code> | <code>23</code> |
-     *                 <code>24</code>
-     *          </p>
-     * @public
-     */
-    Phase2DHGroupNumbers?: Phase2DHGroupNumbersRequestListValue[];
-    /**
-     * <p>The IKE versions that are permitted for the VPN tunnel.</p>
-     *          <p>Valid values: <code>ikev1</code> | <code>ikev2</code>
-     *          </p>
-     * @public
-     */
-    IKEVersions?: IKEVersionsRequestListValue[];
-    /**
-     * <p>The action to take when the establishing the tunnel for the VPN connection. By
-     *             default, your customer gateway device must initiate the IKE negotiation and bring up the
-     *             tunnel. Specify <code>start</code> for Amazon Web Services to initiate the IKE
-     *             negotiation.</p>
-     *          <p>Valid Values: <code>add</code> | <code>start</code>
-     *          </p>
-     *          <p>Default: <code>add</code>
-     *          </p>
-     * @public
-     */
-    StartupAction?: string;
-    /**
-     * <p>Options for logging VPN tunnel activity.</p>
-     * @public
-     */
-    LogOptions?: VpnTunnelLogOptionsSpecification;
-    /**
-     * <p>Turn on or off tunnel endpoint lifecycle control feature.</p>
-     * @public
-     */
-    EnableTunnelLifecycleControl?: boolean;
-}
-/**
- * @public
- */
-export interface ModifyVpnTunnelOptionsRequest {
-    /**
-     * <p>The ID of the Amazon Web Services Site-to-Site VPN connection.</p>
-     * @public
-     */
-    VpnConnectionId: string | undefined;
-    /**
-     * <p>The external IP address of the VPN tunnel.</p>
-     * @public
-     */
-    VpnTunnelOutsideIpAddress: string | undefined;
-    /**
-     * <p>The tunnel options to modify.</p>
-     * @public
-     */
-    TunnelOptions: ModifyVpnTunnelOptionsSpecification | undefined;
-    /**
-     * <p>Checks whether you have the required permissions for the action, without actually
-     *             making the request, and provides an error response. If you have the required
-     *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
-     *                 <code>UnauthorizedOperation</code>.</p>
-     * @public
-     */
-    DryRun?: boolean;
-    /**
-     * <p>Choose whether or not to trigger immediate tunnel replacement. This is only applicable when turning on or off <code>EnableTunnelLifecycleControl</code>.</p>
-     *          <p>Valid values: <code>True</code> | <code>False</code>
-     *          </p>
-     * @public
-     */
-    SkipTunnelReplacement?: boolean;
-}
-/**
- * @public
- */
-export interface ModifyVpnTunnelOptionsResult {
-    /**
-     * <p>Information about the VPN connection.</p>
-     * @public
-     */
-    VpnConnection?: VpnConnection;
-}
-/**
- * @public
- */
-export interface MonitorInstancesRequest {
-    /**
-     * <p>The IDs of the instances.</p>
-     * @public
-     */
-    InstanceIds: string[] | undefined;
-    /**
-     * <p>Checks whether you have the required permissions for the action, without actually making the request,
-     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
-     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
-     * @public
-     */
-    DryRun?: boolean;
-}
 /**
  * @internal
  */
@@ -8482,19 +8290,3 @@ export declare const ModifyVpnConnectionResultFilterSensitiveLog: (obj: ModifyVp
  * @internal
  */
 export declare const ModifyVpnConnectionOptionsResultFilterSensitiveLog: (obj: ModifyVpnConnectionOptionsResult) => any;
-/**
- * @internal
- */
-export declare const ModifyVpnTunnelCertificateResultFilterSensitiveLog: (obj: ModifyVpnTunnelCertificateResult) => any;
-/**
- * @internal
- */
-export declare const ModifyVpnTunnelOptionsSpecificationFilterSensitiveLog: (obj: ModifyVpnTunnelOptionsSpecification) => any;
-/**
- * @internal
- */
-export declare const ModifyVpnTunnelOptionsRequestFilterSensitiveLog: (obj: ModifyVpnTunnelOptionsRequest) => any;
-/**
- * @internal
- */
-export declare const ModifyVpnTunnelOptionsResultFilterSensitiveLog: (obj: ModifyVpnTunnelOptionsResult) => any;