@aws-sdk/client-ec2 3.935.0 → 3.937.0

package/dist-types/models/models_7.d.ts

@@ -1,11 +1,1020 @@
-import { _InstanceType, AddressAttributeName, AmdSevSnpSpecification, ArchitectureValues, BootModeValues, CapacityManagerStatus, CapacityReservationInstancePlatform, CurrencyCodeValues, HostnameType, HttpTokensState, ImdsSupportValues, InstanceAttributeName, InstanceAutoRecoveryState, InstanceBandwidthWeighting, InstanceInterruptionBehavior, InstanceMetadataEndpointState, InstanceMetadataProtocolState, InstanceMetadataTagsState, MarketType, MembershipType, ReportInstanceReasonCodes, ReportStatusType, ResetFpgaImageAttributeName, ResetImageAttributeName, RuleAction, ShutdownBehavior, SnapshotAttributeName, SnapshotState, SpotInstanceType, SSEType, Status, TpmSupportValues, TransitGatewayAttachmentResourceType, VerificationMethod } from "./enums";
-import { AddressAttribute, ByoipCidr, CapacityReservation, ClientVpnAuthorizationRuleStatus, IamInstanceProfileAssociation, IamInstanceProfileSpecification, IpPermission, NatGatewayAddress, PortRange, RouteTableAssociationState, TagSpecification, TransitGatewayMulticastDomainAssociations, TransitGatewayPeeringAttachment, TransitGatewayVpcAttachment, UnsuccessfulItem } from "./models_0";
+import { _InstanceType, AddressAttributeName, AmdSevSnpSpecification, ArchitectureValues, BootModeValues, CapacityManagerStatus, CapacityReservationInstancePlatform, CurrencyCodeValues, HostnameType, HttpTokensState, ImdsSupportValues, InstanceAttributeName, InstanceAutoRecoveryState, InstanceBandwidthWeighting, InstanceInterruptionBehavior, InstanceMetadataEndpointState, InstanceMetadataProtocolState, InstanceMetadataTagsState, InternetGatewayBlockMode, InternetGatewayExclusionMode, IpAddressType, MarketType, MembershipType, PayerResponsibility, ReportInstanceReasonCodes, ReportStatusType, ResetFpgaImageAttributeName, ResetImageAttributeName, RuleAction, ShutdownBehavior, SnapshotAttributeName, SnapshotState, SpotInstanceType, SSEType, Status, TpmSupportValues, TransitGatewayAttachmentResourceType, VerificationMethod, VpcEncryptionControlExclusionStateInput, VpcEncryptionControlMode, VpcTenancy } from "./enums";
+import { AddedPrincipal, AddressAttribute, ByoipCidr, CapacityReservation, ClientVpnAuthorizationRuleStatus, IamInstanceProfileAssociation, IamInstanceProfileSpecification, IpPermission, NatGatewayAddress, PortRange, RouteTableAssociationState, TagSpecification, TransitGatewayMulticastDomainAssociations, TransitGatewayPeeringAttachment, TransitGatewayVpcAttachment, UnsuccessfulItem, VpcEncryptionControl } from "./models_0";
 import { BlockDeviceMapping, CreditSpecificationRequest, ElasticGpuSpecification, IcmpTypeCode, InstanceIpv6Address, LocalGatewayRoute, ManagedPrefixList, OperatorRequest, Placement } from "./models_1";
-import { TransitGatewayRoute } from "./models_2";
-import { Byoasn, CapacityBlock, CapacityBlockExtension, ClientVpnConnectionStatus, Filter, InstanceState, InstanceTagNotificationAttribute, IpamPoolCidr, Monitoring } from "./models_3";
+import { DnsOptionsSpecification, IKEVersionsRequestListValue, Phase1DHGroupNumbersRequestListValue, Phase1EncryptionAlgorithmsRequestListValue, Phase1IntegrityAlgorithmsRequestListValue, Phase2DHGroupNumbersRequestListValue, Phase2EncryptionAlgorithmsRequestListValue, Phase2IntegrityAlgorithmsRequestListValue, SubnetConfiguration, TransitGatewayRoute, VpcBlockPublicAccessExclusion, VpnConnection, VpnTunnelLogOptionsSpecification } from "./models_2";
+import { AttributeBooleanValue, Byoasn, CapacityBlock, CapacityBlockExtension, ClientVpnConnectionStatus, Filter, InstanceState, InstanceTagNotificationAttribute, IpamPoolCidr, Monitoring } from "./models_3";
 import { InstanceNetworkInterfaceSpecification, NetworkInsightsAccessScopeAnalysis, NetworkInsightsAnalysis, PublicIpv4PoolRange, RunInstancesMonitoringEnabled, ScheduledInstance, SpotFleetRequestConfigData, SpotInstanceRequest, SpotPlacement } from "./models_4";
-import { Purchase } from "./models_5";
+import { Purchase, VpcBlockPublicAccessOptions } from "./models_5";
 import { CapacityReservationSpecification } from "./models_6";
+/**
+ * @public
+ */
+export interface ModifyVpcAttributeRequest {
+    /**
+     * <p>Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.</p>
+     *          <p>You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.</p>
+     * @public
+     */
+    EnableDnsHostnames?: AttributeBooleanValue | undefined;
+    /**
+     * <p>Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to
+     * 			the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP
+     * 			address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon
+     * 			provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is
+     * 			not enabled.</p>
+     *          <p>You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.</p>
+     * @public
+     */
+    EnableDnsSupport?: AttributeBooleanValue | undefined;
+    /**
+     * <p>The ID of the VPC.</p>
+     * @public
+     */
+    VpcId: string | undefined;
+    /**
+     * <p>Indicates whether Network Address Usage metrics are enabled for your VPC.</p>
+     * @public
+     */
+    EnableNetworkAddressUsageMetrics?: AttributeBooleanValue | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessExclusionRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of an exclusion.</p>
+     * @public
+     */
+    ExclusionId: string | undefined;
+    /**
+     * <p>The exclusion mode for internet gateway traffic.</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>allow-bidirectional</code>: Allow all internet traffic to and from the excluded VPCs and subnets.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>allow-egress</code>: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    InternetGatewayExclusionMode: InternetGatewayExclusionMode | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessExclusionResult {
+    /**
+     * <p>Details related to the exclusion.</p>
+     * @public
+     */
+    VpcBlockPublicAccessExclusion?: VpcBlockPublicAccessExclusion | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessOptionsRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The mode of VPC BPA.</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>off</code>: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>block-bidirectional</code>: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).</p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>block-ingress</code>: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.</p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    InternetGatewayBlockMode: InternetGatewayBlockMode | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcBlockPublicAccessOptionsResult {
+    /**
+     * <p>Details related to the VPC Block Public Access (BPA) options.</p>
+     * @public
+     */
+    VpcBlockPublicAccessOptions?: VpcBlockPublicAccessOptions | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEncryptionControlRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the VPC Encryption Control resource to modify.</p>
+     * @public
+     */
+    VpcEncryptionControlId: string | undefined;
+    /**
+     * <p>The encryption mode for the VPC Encryption Control configuration.</p>
+     * @public
+     */
+    Mode?: VpcEncryptionControlMode | undefined;
+    /**
+     * <p>Specifies whether to exclude internet gateway traffic from encryption enforcement.</p>
+     * @public
+     */
+    InternetGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.</p>
+     * @public
+     */
+    EgressOnlyInternetGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude NAT gateway traffic from encryption enforcement.</p>
+     * @public
+     */
+    NatGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude virtual private gateway traffic from encryption enforcement.</p>
+     * @public
+     */
+    VirtualPrivateGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude VPC peering connection traffic from encryption enforcement.</p>
+     * @public
+     */
+    VpcPeeringExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude Lambda function traffic from encryption enforcement.</p>
+     * @public
+     */
+    LambdaExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude VPC Lattice traffic from encryption enforcement.</p>
+     * @public
+     */
+    VpcLatticeExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+    /**
+     * <p>Specifies whether to exclude Elastic File System traffic from encryption enforcement.</p>
+     * @public
+     */
+    ElasticFileSystemExclusion?: VpcEncryptionControlExclusionStateInput | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEncryptionControlResult {
+    /**
+     * <p>Information about the VPC Encryption Control configuration.</p>
+     * @public
+     */
+    VpcEncryptionControl?: VpcEncryptionControl | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the endpoint.</p>
+     * @public
+     */
+    VpcEndpointId: string | undefined;
+    /**
+     * <p>(Gateway endpoint) Specify <code>true</code> to reset the policy document to the
+     *             default policy. The default policy allows full access to the service.</p>
+     * @public
+     */
+    ResetPolicy?: boolean | undefined;
+    /**
+     * <p>(Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. The policy must
+     *             be in valid JSON format.</p>
+     * @public
+     */
+    PolicyDocument?: string | undefined;
+    /**
+     * <p>(Gateway endpoint) The IDs of the route tables to associate with the endpoint.</p>
+     * @public
+     */
+    AddRouteTableIds?: string[] | undefined;
+    /**
+     * <p>(Gateway endpoint) The IDs of the route tables to disassociate from the endpoint.</p>
+     * @public
+     */
+    RemoveRouteTableIds?: string[] | undefined;
+    /**
+     * <p>(Interface and Gateway Load Balancer endpoints) The IDs of the subnets in which to serve the endpoint.
+     *             For a Gateway Load Balancer endpoint, you can specify only one subnet.</p>
+     * @public
+     */
+    AddSubnetIds?: string[] | undefined;
+    /**
+     * <p>(Interface endpoint) The IDs of the subnets from which to remove the endpoint.</p>
+     * @public
+     */
+    RemoveSubnetIds?: string[] | undefined;
+    /**
+     * <p>(Interface endpoint) The IDs of the security groups to associate with the endpoint network interfaces.</p>
+     * @public
+     */
+    AddSecurityGroupIds?: string[] | undefined;
+    /**
+     * <p>(Interface endpoint) The IDs of the security groups to disassociate from the endpoint network interfaces.</p>
+     * @public
+     */
+    RemoveSecurityGroupIds?: string[] | undefined;
+    /**
+     * <p>The IP address type for the endpoint.</p>
+     * @public
+     */
+    IpAddressType?: IpAddressType | undefined;
+    /**
+     * <p>The DNS options for the endpoint.</p>
+     * @public
+     */
+    DnsOptions?: DnsOptionsSpecification | undefined;
+    /**
+     * <p>(Interface endpoint) Indicates whether a private hosted zone is associated with the VPC.</p>
+     * @public
+     */
+    PrivateDnsEnabled?: boolean | undefined;
+    /**
+     * <p>The subnet configurations for the endpoint.</p>
+     * @public
+     */
+    SubnetConfigurations?: SubnetConfiguration[] | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    Return?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointConnectionNotificationRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the notification.</p>
+     * @public
+     */
+    ConnectionNotificationId: string | undefined;
+    /**
+     * <p>The ARN for the SNS topic for the notification.</p>
+     * @public
+     */
+    ConnectionNotificationArn?: string | undefined;
+    /**
+     * <p>The events for the endpoint. Valid values are <code>Accept</code>,
+     *                 <code>Connect</code>, <code>Delete</code>, and <code>Reject</code>.</p>
+     * @public
+     */
+    ConnectionEvents?: string[] | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointConnectionNotificationResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    ReturnValue?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServiceConfigurationRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the service.</p>
+     * @public
+     */
+    ServiceId: string | undefined;
+    /**
+     * <p>(Interface endpoint configuration) The private DNS name to assign to the endpoint service.</p>
+     * @public
+     */
+    PrivateDnsName?: string | undefined;
+    /**
+     * <p>(Interface endpoint configuration) Removes the private DNS name of the endpoint service.</p>
+     * @public
+     */
+    RemovePrivateDnsName?: boolean | undefined;
+    /**
+     * <p>Indicates whether requests to create an endpoint to the service must be accepted.</p>
+     * @public
+     */
+    AcceptanceRequired?: boolean | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARNs) of Network Load Balancers to add to the service
+     *             configuration.</p>
+     * @public
+     */
+    AddNetworkLoadBalancerArns?: string[] | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARNs) of Network Load Balancers to remove from the service
+     *             configuration.</p>
+     * @public
+     */
+    RemoveNetworkLoadBalancerArns?: string[] | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARNs) of Gateway Load Balancers to add to the service configuration.</p>
+     * @public
+     */
+    AddGatewayLoadBalancerArns?: string[] | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARNs) of Gateway Load Balancers to remove from the service configuration.</p>
+     * @public
+     */
+    RemoveGatewayLoadBalancerArns?: string[] | undefined;
+    /**
+     * <p>The IP address types to add to the service configuration.</p>
+     * @public
+     */
+    AddSupportedIpAddressTypes?: string[] | undefined;
+    /**
+     * <p>The IP address types to remove from the service configuration.</p>
+     * @public
+     */
+    RemoveSupportedIpAddressTypes?: string[] | undefined;
+    /**
+     * <p>The supported Regions to add to the service configuration.</p>
+     * @public
+     */
+    AddSupportedRegions?: string[] | undefined;
+    /**
+     * <p>The supported Regions to remove from the service configuration.</p>
+     * @public
+     */
+    RemoveSupportedRegions?: string[] | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServiceConfigurationResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    Return?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServicePayerResponsibilityRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the service.</p>
+     * @public
+     */
+    ServiceId: string | undefined;
+    /**
+     * <p>The entity that is responsible for the endpoint costs. The default is the endpoint owner.
+     *             If you set the payer responsibility to the service owner, you cannot set it back to the
+     *             endpoint owner.</p>
+     * @public
+     */
+    PayerResponsibility: PayerResponsibility | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServicePayerResponsibilityResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    ReturnValue?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServicePermissionsRequest {
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The ID of the service.</p>
+     * @public
+     */
+    ServiceId: string | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARN) of the principals.
+     * 	        Permissions are granted to the principals in this list.
+     * 	        To grant permissions to all principals, specify an asterisk (*).</p>
+     * @public
+     */
+    AddAllowedPrincipals?: string[] | undefined;
+    /**
+     * <p>The Amazon Resource Names (ARN) of the principals.
+     * 	        Permissions are revoked for principals in this list.</p>
+     * @public
+     */
+    RemoveAllowedPrincipals?: string[] | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcEndpointServicePermissionsResult {
+    /**
+     * <p>Information about the added principals.</p>
+     * @public
+     */
+    AddedPrincipals?: AddedPrincipal[] | undefined;
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    ReturnValue?: boolean | undefined;
+}
+/**
+ * <p>The VPC peering connection options.</p>
+ * @public
+ */
+export interface PeeringConnectionOptionsRequest {
+    /**
+     * <p>If true, enables a local VPC to resolve public DNS hostnames to private IP addresses
+     *         when queried from instances in the peer VPC.</p>
+     * @public
+     */
+    AllowDnsResolutionFromRemoteVpc?: boolean | undefined;
+    /**
+     * <p>Deprecated.</p>
+     * @public
+     */
+    AllowEgressFromLocalClassicLinkToRemoteVpc?: boolean | undefined;
+    /**
+     * <p>Deprecated.</p>
+     * @public
+     */
+    AllowEgressFromLocalVpcToRemoteClassicLink?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcPeeringConnectionOptionsRequest {
+    /**
+     * <p>The VPC peering connection options for the accepter VPC.</p>
+     * @public
+     */
+    AccepterPeeringConnectionOptions?: PeeringConnectionOptionsRequest | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>The VPC peering connection options for the requester VPC.</p>
+     * @public
+     */
+    RequesterPeeringConnectionOptions?: PeeringConnectionOptionsRequest | undefined;
+    /**
+     * <p>The ID of the VPC peering connection.</p>
+     * @public
+     */
+    VpcPeeringConnectionId: string | undefined;
+}
+/**
+ * <p>Describes the VPC peering connection options.</p>
+ * @public
+ */
+export interface PeeringConnectionOptions {
+    /**
+     * <p>If true, the public DNS hostnames of instances in the specified VPC resolve to private
+     *             IP addresses when queried from instances in the peer VPC.</p>
+     * @public
+     */
+    AllowDnsResolutionFromRemoteVpc?: boolean | undefined;
+    /**
+     * <p>Deprecated.</p>
+     * @public
+     */
+    AllowEgressFromLocalClassicLinkToRemoteVpc?: boolean | undefined;
+    /**
+     * <p>Deprecated.</p>
+     * @public
+     */
+    AllowEgressFromLocalVpcToRemoteClassicLink?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcPeeringConnectionOptionsResult {
+    /**
+     * <p>Information about the VPC peering connection options for the accepter VPC.</p>
+     * @public
+     */
+    AccepterPeeringConnectionOptions?: PeeringConnectionOptions | undefined;
+    /**
+     * <p>Information about the VPC peering connection options for the requester VPC.</p>
+     * @public
+     */
+    RequesterPeeringConnectionOptions?: PeeringConnectionOptions | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcTenancyRequest {
+    /**
+     * <p>The ID of the VPC.</p>
+     * @public
+     */
+    VpcId: string | undefined;
+    /**
+     * <p>The instance tenancy attribute for the VPC. </p>
+     * @public
+     */
+    InstanceTenancy: VpcTenancy | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpcTenancyResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, returns an
+     *             error.</p>
+     * @public
+     */
+    ReturnValue?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnConnectionRequest {
+    /**
+     * <p>The ID of the VPN connection.</p>
+     * @public
+     */
+    VpnConnectionId: string | undefined;
+    /**
+     * <p>The ID of the transit gateway.</p>
+     * @public
+     */
+    TransitGatewayId?: string | undefined;
+    /**
+     * <p>The ID of the customer gateway at your end of the VPN connection.</p>
+     * @public
+     */
+    CustomerGatewayId?: string | undefined;
+    /**
+     * <p>The ID of the virtual private gateway at the Amazon Web Services side of the VPN
+     *             connection.</p>
+     * @public
+     */
+    VpnGatewayId?: string | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually
+     *             making the request, and provides an error response. If you have the required
+     *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+     *                 <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnConnectionResult {
+    /**
+     * <p>Information about the VPN connection.</p>
+     * @public
+     */
+    VpnConnection?: VpnConnection | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnConnectionOptionsRequest {
+    /**
+     * <p>The ID of the Site-to-Site VPN connection. </p>
+     * @public
+     */
+    VpnConnectionId: string | undefined;
+    /**
+     * <p>The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.</p>
+     *          <p>Default: <code>0.0.0.0/0</code>
+     *          </p>
+     * @public
+     */
+    LocalIpv4NetworkCidr?: string | undefined;
+    /**
+     * <p>The IPv4 CIDR on the Amazon Web Services side of the VPN connection.</p>
+     *          <p>Default: <code>0.0.0.0/0</code>
+     *          </p>
+     * @public
+     */
+    RemoteIpv4NetworkCidr?: string | undefined;
+    /**
+     * <p>The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.</p>
+     *          <p>Default: <code>::/0</code>
+     *          </p>
+     * @public
+     */
+    LocalIpv6NetworkCidr?: string | undefined;
+    /**
+     * <p>The IPv6 CIDR on the Amazon Web Services side of the VPN connection.</p>
+     *          <p>Default: <code>::/0</code>
+     *          </p>
+     * @public
+     */
+    RemoteIpv6NetworkCidr?: string | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnConnectionOptionsResult {
+    /**
+     * <p>Information about the VPN connection.</p>
+     * @public
+     */
+    VpnConnection?: VpnConnection | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnTunnelCertificateRequest {
+    /**
+     * <p>The ID of the Amazon Web Services Site-to-Site VPN connection.</p>
+     * @public
+     */
+    VpnConnectionId: string | undefined;
+    /**
+     * <p>The external IP address of the VPN tunnel.</p>
+     * @public
+     */
+    VpnTunnelOutsideIpAddress: string | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually
+     *             making the request, and provides an error response. If you have the required
+     *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+     *                 <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnTunnelCertificateResult {
+    /**
+     * <p>Information about the VPN connection.</p>
+     * @public
+     */
+    VpnConnection?: VpnConnection | undefined;
+}
+/**
+ * <p>The Amazon Web Services Site-to-Site VPN tunnel options to modify.</p>
+ * @public
+ */
+export interface ModifyVpnTunnelOptionsSpecification {
+    /**
+     * <p>The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be
+     *             unique across all VPN connections that use the same virtual private gateway. </p>
+     *          <p>Constraints: A size /30 CIDR block from the <code>169.254.0.0/16</code> range. The
+     *             following CIDR blocks are reserved and cannot be used:</p>
+     *          <ul>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.0.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.1.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.2.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.3.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.4.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.5.0/30</code>
+     *                </p>
+     *             </li>
+     *             <li>
+     *                <p>
+     *                   <code>169.254.169.252/30</code>
+     *                </p>
+     *             </li>
+     *          </ul>
+     * @public
+     */
+    TunnelInsideCidr?: string | undefined;
+    /**
+     * <p>The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be
+     *             unique across all VPN connections that use the same transit gateway.</p>
+     *          <p>Constraints: A size /126 CIDR block from the local <code>fd00::/8</code> range.</p>
+     * @public
+     */
+    TunnelInsideIpv6Cidr?: string | undefined;
+    /**
+     * <p>The pre-shared key (PSK) to establish initial authentication between the virtual
+     *             private gateway and the customer gateway.</p>
+     *          <p>Constraints: Allowed characters are alphanumeric characters, periods (.), and
+     *             underscores (_). Must be between 8 and 64 characters in length and cannot start with
+     *             zero (0).</p>
+     * @public
+     */
+    PreSharedKey?: string | undefined;
+    /**
+     * <p>The lifetime for phase 1 of the IKE negotiation, in seconds.</p>
+     *          <p>Constraints: A value between 900 and 28,800.</p>
+     *          <p>Default: <code>28800</code>
+     *          </p>
+     * @public
+     */
+    Phase1LifetimeSeconds?: number | undefined;
+    /**
+     * <p>The lifetime for phase 2 of the IKE negotiation, in seconds.</p>
+     *          <p>Constraints: A value between 900 and 3,600. The value must be less than the value for
+     *                 <code>Phase1LifetimeSeconds</code>.</p>
+     *          <p>Default: <code>3600</code>
+     *          </p>
+     * @public
+     */
+    Phase2LifetimeSeconds?: number | undefined;
+    /**
+     * <p>The margin time, in seconds, before the phase 2 lifetime expires, during which the
+     *                 Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time
+     *             of the rekey is randomly selected based on the value for
+     *                 <code>RekeyFuzzPercentage</code>.</p>
+     *          <p>Constraints: A value between 60 and half of <code>Phase2LifetimeSeconds</code>.</p>
+     *          <p>Default: <code>270</code>
+     *          </p>
+     * @public
+     */
+    RekeyMarginTimeSeconds?: number | undefined;
+    /**
+     * <p>The percentage of the rekey window (determined by <code>RekeyMarginTimeSeconds</code>)
+     *             during which the rekey time is randomly selected.</p>
+     *          <p>Constraints: A value between 0 and 100.</p>
+     *          <p>Default: <code>100</code>
+     *          </p>
+     * @public
+     */
+    RekeyFuzzPercentage?: number | undefined;
+    /**
+     * <p>The number of packets in an IKE replay window.</p>
+     *          <p>Constraints: A value between 64 and 2048.</p>
+     *          <p>Default: <code>1024</code>
+     *          </p>
+     * @public
+     */
+    ReplayWindowSize?: number | undefined;
+    /**
+     * <p>The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.</p>
+     *          <p>Constraints: A value greater than or equal to 30.</p>
+     *          <p>Default: <code>40</code>
+     *          </p>
+     * @public
+     */
+    DPDTimeoutSeconds?: number | undefined;
+    /**
+     * <p>The action to take after DPD timeout occurs. Specify <code>restart</code> to restart
+     *             the IKE initiation. Specify <code>clear</code> to end the IKE session.</p>
+     *          <p>Valid Values: <code>clear</code> | <code>none</code> | <code>restart</code>
+     *          </p>
+     *          <p>Default: <code>clear</code>
+     *          </p>
+     * @public
+     */
+    DPDTimeoutAction?: string | undefined;
+    /**
+     * <p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 1
+     *             IKE negotiations.</p>
+     *          <p>Valid values: <code>AES128</code> | <code>AES256</code> | <code>AES128-GCM-16</code> |
+     *                 <code>AES256-GCM-16</code>
+     *          </p>
+     * @public
+     */
+    Phase1EncryptionAlgorithms?: Phase1EncryptionAlgorithmsRequestListValue[] | undefined;
+    /**
+     * <p>One or more encryption algorithms that are permitted for the VPN tunnel for phase 2
+     *             IKE negotiations.</p>
+     *          <p>Valid values: <code>AES128</code> | <code>AES256</code> | <code>AES128-GCM-16</code> |
+     *                 <code>AES256-GCM-16</code>
+     *          </p>
+     * @public
+     */
+    Phase2EncryptionAlgorithms?: Phase2EncryptionAlgorithmsRequestListValue[] | undefined;
+    /**
+     * <p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE
+     *             negotiations.</p>
+     *          <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> | <code>SHA2-384</code> |
+     *                 <code>SHA2-512</code>
+     *          </p>
+     * @public
+     */
+    Phase1IntegrityAlgorithms?: Phase1IntegrityAlgorithmsRequestListValue[] | undefined;
+    /**
+     * <p>One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE
+     *             negotiations.</p>
+     *          <p>Valid values: <code>SHA1</code> | <code>SHA2-256</code> | <code>SHA2-384</code> |
+     *                 <code>SHA2-512</code>
+     *          </p>
+     * @public
+     */
+    Phase2IntegrityAlgorithms?: Phase2IntegrityAlgorithmsRequestListValue[] | undefined;
+    /**
+     * <p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for
+     *             phase 1 IKE negotiations.</p>
+     *          <p>Valid values: <code>2</code> | <code>14</code> | <code>15</code> | <code>16</code> |
+     *                 <code>17</code> | <code>18</code> | <code>19</code> | <code>20</code> |
+     *                 <code>21</code> | <code>22</code> | <code>23</code> | <code>24</code>
+     *          </p>
+     * @public
+     */
+    Phase1DHGroupNumbers?: Phase1DHGroupNumbersRequestListValue[] | undefined;
+    /**
+     * <p>One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for
+     *             phase 2 IKE negotiations.</p>
+     *          <p>Valid values: <code>2</code> | <code>5</code> | <code>14</code> | <code>15</code> |
+     *                 <code>16</code> | <code>17</code> | <code>18</code> | <code>19</code> |
+     *                 <code>20</code> | <code>21</code> | <code>22</code> | <code>23</code> |
+     *                 <code>24</code>
+     *          </p>
+     * @public
+     */
+    Phase2DHGroupNumbers?: Phase2DHGroupNumbersRequestListValue[] | undefined;
+    /**
+     * <p>The IKE versions that are permitted for the VPN tunnel.</p>
+     *          <p>Valid values: <code>ikev1</code> | <code>ikev2</code>
+     *          </p>
+     * @public
+     */
+    IKEVersions?: IKEVersionsRequestListValue[] | undefined;
+    /**
+     * <p>The action to take when the establishing the tunnel for the VPN connection. By
+     *             default, your customer gateway device must initiate the IKE negotiation and bring up the
+     *             tunnel. Specify <code>start</code> for Amazon Web Services to initiate the IKE
+     *             negotiation.</p>
+     *          <p>Valid Values: <code>add</code> | <code>start</code>
+     *          </p>
+     *          <p>Default: <code>add</code>
+     *          </p>
+     * @public
+     */
+    StartupAction?: string | undefined;
+    /**
+     * <p>Options for logging VPN tunnel activity.</p>
+     * @public
+     */
+    LogOptions?: VpnTunnelLogOptionsSpecification | undefined;
+    /**
+     * <p>Turn on or off tunnel endpoint lifecycle control feature.</p>
+     * @public
+     */
+    EnableTunnelLifecycleControl?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnTunnelOptionsRequest {
+    /**
+     * <p>The ID of the Amazon Web Services Site-to-Site VPN connection.</p>
+     * @public
+     */
+    VpnConnectionId: string | undefined;
+    /**
+     * <p>The external IP address of the VPN tunnel.</p>
+     * @public
+     */
+    VpnTunnelOutsideIpAddress: string | undefined;
+    /**
+     * <p>The tunnel options to modify.</p>
+     * @public
+     */
+    TunnelOptions: ModifyVpnTunnelOptionsSpecification | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually
+     *             making the request, and provides an error response. If you have the required
+     *             permissions, the error response is <code>DryRunOperation</code>. Otherwise, it is
+     *                 <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+    /**
+     * <p>Choose whether or not to trigger immediate tunnel replacement. This is only applicable when turning on or off <code>EnableTunnelLifecycleControl</code>.</p>
+     *          <p>Valid values: <code>True</code> | <code>False</code>
+     *          </p>
+     * @public
+     */
+    SkipTunnelReplacement?: boolean | undefined;
+    /**
+     * <p>Specifies the storage mode for the pre-shared key (PSK). Valid values are <code>Standard</code> (stored in Site-to-Site VPN service) or <code>SecretsManager</code> (stored in Amazon Web Services Secrets Manager).</p>
+     * @public
+     */
+    PreSharedKeyStorage?: string | undefined;
+}
+/**
+ * @public
+ */
+export interface ModifyVpnTunnelOptionsResult {
+    /**
+     * <p>Information about the VPN connection.</p>
+     * @public
+     */
+    VpnConnection?: VpnConnection | undefined;
+}
+/**
+ * @public
+ */
+export interface MonitorInstancesRequest {
+    /**
+     * <p>The IDs of the instances.</p>
+     * @public
+     */
+    InstanceIds: string[] | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the operation, without actually making the
+     *   request, and provides an error response. If you have the required permissions, the error response is
+     *   <code>DryRunOperation</code>. Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
 /**
  * <p>Describes the monitoring of an instance.</p>
  * @public
@@ -2544,6 +3553,33 @@ export interface RestoreSnapshotTierResult {
      */
     IsPermanentRestore?: boolean | undefined;
 }
+/**
+ * @public
+ */
+export interface RestoreVolumeFromRecycleBinRequest {
+    /**
+     * <p>The ID of the volume to restore.</p>
+     * @public
+     */
+    VolumeId: string | undefined;
+    /**
+     * <p>Checks whether you have the required permissions for the action, without actually making the request,
+     *    and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>.
+     *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
+     * @public
+     */
+    DryRun?: boolean | undefined;
+}
+/**
+ * @public
+ */
+export interface RestoreVolumeFromRecycleBinResult {
+    /**
+     * <p>Returns <code>true</code> if the request succeeds; otherwise, it returns an error.</p>
+     * @public
+     */
+    Return?: boolean | undefined;
+}
 /**
  * @public
  */