cdk-docker-image-deployment 0.0.191 → 0.0.192
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +4 -4
- package/lib/destination.js +1 -1
- package/lib/docker-image-deployment.js +1 -1
- package/lib/source.js +1 -1
- package/node_modules/@types/aws-lambda/README.md +1 -1
- package/node_modules/@types/aws-lambda/package.json +2 -2
- package/node_modules/@types/aws-lambda/trigger/api-gateway-authorizer.d.ts +1 -0
- package/node_modules/aws-sdk/CHANGELOG.md +7 -1
- package/node_modules/aws-sdk/README.md +1 -1
- package/node_modules/aws-sdk/apis/application-autoscaling-2016-02-06.min.json +56 -12
- package/node_modules/aws-sdk/apis/dataexchange-2017-07-25.min.json +42 -24
- package/node_modules/aws-sdk/apis/ec2-2016-11-15.min.json +8 -1
- package/node_modules/aws-sdk/apis/keyspaces-2022-02-10.min.json +18 -0
- package/node_modules/aws-sdk/clients/applicationautoscaling.d.ts +80 -3
- package/node_modules/aws-sdk/clients/dataexchange.d.ts +16 -0
- package/node_modules/aws-sdk/clients/directconnect.d.ts +6 -6
- package/node_modules/aws-sdk/clients/ec2.d.ts +8 -0
- package/node_modules/aws-sdk/clients/iam.d.ts +14 -14
- package/node_modules/aws-sdk/clients/keyspaces.d.ts +40 -21
- package/node_modules/aws-sdk/dist/aws-sdk-core-react-native.js +1 -1
- package/node_modules/aws-sdk/dist/aws-sdk-react-native.js +5 -5
- package/node_modules/aws-sdk/dist/aws-sdk.js +67 -16
- package/node_modules/aws-sdk/dist/aws-sdk.min.js +88 -88
- package/node_modules/aws-sdk/lib/core.js +1 -1
- package/node_modules/aws-sdk/package.json +1 -1
- package/package.json +5 -5
|
@@ -1446,6 +1446,13 @@ declare namespace DataExchange {
|
|
|
1446
1446
|
}
|
|
1447
1447
|
export type JobErrorLimitName = "Assets per revision"|"Asset size in GB"|"Amazon Redshift datashare assets per revision"|"AWS Lake Formation data permission assets per revision"|"Amazon S3 data access assets per revision"|string;
|
|
1448
1448
|
export type JobErrorResourceTypes = "REVISION"|"ASSET"|"DATA_SET"|string;
|
|
1449
|
+
export type KmsKeyArn = string;
|
|
1450
|
+
export interface KmsKeyToGrant {
|
|
1451
|
+
/**
|
|
1452
|
+
* The AWS KMS CMK (Key Management System Customer Managed Key) used to encrypt S3 objects in the shared S3 Bucket. AWS Data exchange will create a KMS grant for each subscriber to allow them to access and decrypt their entitled data that is encrypted using this KMS key specified.
|
|
1453
|
+
*/
|
|
1454
|
+
KmsKeyArn: KmsKeyArn;
|
|
1455
|
+
}
|
|
1449
1456
|
export type LFPermission = "DESCRIBE"|"SELECT"|string;
|
|
1450
1457
|
export interface LFResourceDetails {
|
|
1451
1458
|
/**
|
|
@@ -1615,6 +1622,7 @@ declare namespace DataExchange {
|
|
|
1615
1622
|
export type ListOfEventActionEntry = EventActionEntry[];
|
|
1616
1623
|
export type ListOfJobEntry = JobEntry[];
|
|
1617
1624
|
export type ListOfJobError = JobError[];
|
|
1625
|
+
export type ListOfKmsKeysToGrant = KmsKeyToGrant[];
|
|
1618
1626
|
export type ListOfLFPermissions = LFPermission[];
|
|
1619
1627
|
export type ListOfLFTagValues = String[];
|
|
1620
1628
|
export type ListOfLFTags = LFTag[];
|
|
@@ -1911,6 +1919,10 @@ declare namespace DataExchange {
|
|
|
1911
1919
|
* The ARN for your Amazon S3 Access Point. Customers can also access their entitled data using the S3 Access Point ARN.
|
|
1912
1920
|
*/
|
|
1913
1921
|
S3AccessPointArn?: __string;
|
|
1922
|
+
/**
|
|
1923
|
+
* List of AWS KMS CMKs (Key Management System Customer Managed Keys) and ARNs used to encrypt S3 objects being shared in this S3 Data Access asset. Providers must include all AWS KMS keys used to encrypt these shared S3 objects.
|
|
1924
|
+
*/
|
|
1925
|
+
KmsKeysToGrant?: ListOfKmsKeysToGrant;
|
|
1914
1926
|
}
|
|
1915
1927
|
export interface S3DataAccessAssetSourceEntry {
|
|
1916
1928
|
/**
|
|
@@ -1925,6 +1937,10 @@ declare namespace DataExchange {
|
|
|
1925
1937
|
* The keys used to create the Amazon S3 data access.
|
|
1926
1938
|
*/
|
|
1927
1939
|
Keys?: ListOf__string;
|
|
1940
|
+
/**
|
|
1941
|
+
* List of AWS KMS CMKs (Key Management System Customer Managed Keys) and ARNs used to encrypt S3 objects being shared in this S3 Data Access asset.
|
|
1942
|
+
*/
|
|
1943
|
+
KmsKeysToGrant?: ListOfKmsKeysToGrant;
|
|
1928
1944
|
}
|
|
1929
1945
|
export interface S3SnapshotAsset {
|
|
1930
1946
|
/**
|
|
@@ -132,11 +132,11 @@ declare class DirectConnect extends Service {
|
|
|
132
132
|
*/
|
|
133
133
|
confirmTransitVirtualInterface(callback?: (err: AWSError, data: DirectConnect.Types.ConfirmTransitVirtualInterfaceResponse) => void): Request<DirectConnect.Types.ConfirmTransitVirtualInterfaceResponse, AWSError>;
|
|
134
134
|
/**
|
|
135
|
-
* Creates a BGP peer on the specified virtual interface. You must create a BGP peer for the corresponding address family (IPv4/IPv6) in order to access Amazon Web Services resources that also use that address family. If logical redundancy is not supported by the connection, interconnect, or LAG, the BGP peer cannot be in the same address family as an existing BGP peer on the virtual interface. When creating a IPv6 BGP peer, omit the Amazon address and customer address. IPv6 addresses are automatically assigned from the Amazon pool of IPv6 addresses; you cannot specify custom IPv6 addresses. For a public virtual interface, the Autonomous System Number (ASN) must be private or already on the allow list for the virtual interface.
|
|
135
|
+
* Creates a BGP peer on the specified virtual interface. You must create a BGP peer for the corresponding address family (IPv4/IPv6) in order to access Amazon Web Services resources that also use that address family. If logical redundancy is not supported by the connection, interconnect, or LAG, the BGP peer cannot be in the same address family as an existing BGP peer on the virtual interface. When creating a IPv6 BGP peer, omit the Amazon address and customer address. IPv6 addresses are automatically assigned from the Amazon pool of IPv6 addresses; you cannot specify custom IPv6 addresses. If you let Amazon Web Services auto-assign IPv4 addresses, a /30 CIDR will be allocated from 169.254.0.0/16. Amazon Web Services does not recommend this option if you intend to use the customer router peer IP address as the source and destination for traffic. Instead you should use RFC 1918 or other addressing, and specify the address yourself. For more information about RFC 1918 see Address Allocation for Private Internets. For a public virtual interface, the Autonomous System Number (ASN) must be private or already on the allow list for the virtual interface.
|
|
136
136
|
*/
|
|
137
137
|
createBGPPeer(params: DirectConnect.Types.CreateBGPPeerRequest, callback?: (err: AWSError, data: DirectConnect.Types.CreateBGPPeerResponse) => void): Request<DirectConnect.Types.CreateBGPPeerResponse, AWSError>;
|
|
138
138
|
/**
|
|
139
|
-
* Creates a BGP peer on the specified virtual interface. You must create a BGP peer for the corresponding address family (IPv4/IPv6) in order to access Amazon Web Services resources that also use that address family. If logical redundancy is not supported by the connection, interconnect, or LAG, the BGP peer cannot be in the same address family as an existing BGP peer on the virtual interface. When creating a IPv6 BGP peer, omit the Amazon address and customer address. IPv6 addresses are automatically assigned from the Amazon pool of IPv6 addresses; you cannot specify custom IPv6 addresses. For a public virtual interface, the Autonomous System Number (ASN) must be private or already on the allow list for the virtual interface.
|
|
139
|
+
* Creates a BGP peer on the specified virtual interface. You must create a BGP peer for the corresponding address family (IPv4/IPv6) in order to access Amazon Web Services resources that also use that address family. If logical redundancy is not supported by the connection, interconnect, or LAG, the BGP peer cannot be in the same address family as an existing BGP peer on the virtual interface. When creating a IPv6 BGP peer, omit the Amazon address and customer address. IPv6 addresses are automatically assigned from the Amazon pool of IPv6 addresses; you cannot specify custom IPv6 addresses. If you let Amazon Web Services auto-assign IPv4 addresses, a /30 CIDR will be allocated from 169.254.0.0/16. Amazon Web Services does not recommend this option if you intend to use the customer router peer IP address as the source and destination for traffic. Instead you should use RFC 1918 or other addressing, and specify the address yourself. For more information about RFC 1918 see Address Allocation for Private Internets. For a public virtual interface, the Autonomous System Number (ASN) must be private or already on the allow list for the virtual interface.
|
|
140
140
|
*/
|
|
141
141
|
createBGPPeer(callback?: (err: AWSError, data: DirectConnect.Types.CreateBGPPeerResponse) => void): Request<DirectConnect.Types.CreateBGPPeerResponse, AWSError>;
|
|
142
142
|
/**
|
|
@@ -204,11 +204,11 @@ declare class DirectConnect extends Service {
|
|
|
204
204
|
*/
|
|
205
205
|
createPublicVirtualInterface(callback?: (err: AWSError, data: DirectConnect.Types.VirtualInterface) => void): Request<DirectConnect.Types.VirtualInterface, AWSError>;
|
|
206
206
|
/**
|
|
207
|
-
* Creates a transit virtual interface. A transit virtual interface should be used to access one or more transit gateways associated with Direct Connect gateways. A transit virtual interface enables the connection of multiple VPCs attached to a transit gateway to a Direct Connect gateway. If you associate your transit gateway with one or more Direct Connect gateways, the Autonomous System Number (ASN) used by the transit gateway and the Direct Connect gateway must be different. For example, if you use the default ASN 64512 for both your the transit gateway and Direct Connect gateway, the association request fails. Setting the MTU of a virtual interface to 8500 (jumbo frames) can cause an update to the underlying physical connection if it wasn't updated to support jumbo frames. Updating the connection disrupts network connectivity for all virtual interfaces associated with the connection for up to 30 seconds. To check whether your connection supports jumbo frames, call DescribeConnections. To check whether your virtual interface supports jumbo frames, call DescribeVirtualInterfaces.
|
|
207
|
+
* Creates a transit virtual interface. A transit virtual interface should be used to access one or more transit gateways associated with Direct Connect gateways. A transit virtual interface enables the connection of multiple VPCs attached to a transit gateway to a Direct Connect gateway. If you associate your transit gateway with one or more Direct Connect gateways, the Autonomous System Number (ASN) used by the transit gateway and the Direct Connect gateway must be different. For example, if you use the default ASN 64512 for both your the transit gateway and Direct Connect gateway, the association request fails. A jumbo MTU value must be either 1500 or 8500. No other values will be accepted. Setting the MTU of a virtual interface to 8500 (jumbo frames) can cause an update to the underlying physical connection if it wasn't updated to support jumbo frames. Updating the connection disrupts network connectivity for all virtual interfaces associated with the connection for up to 30 seconds. To check whether your connection supports jumbo frames, call DescribeConnections. To check whether your virtual interface supports jumbo frames, call DescribeVirtualInterfaces.
|
|
208
208
|
*/
|
|
209
209
|
createTransitVirtualInterface(params: DirectConnect.Types.CreateTransitVirtualInterfaceRequest, callback?: (err: AWSError, data: DirectConnect.Types.CreateTransitVirtualInterfaceResult) => void): Request<DirectConnect.Types.CreateTransitVirtualInterfaceResult, AWSError>;
|
|
210
210
|
/**
|
|
211
|
-
* Creates a transit virtual interface. A transit virtual interface should be used to access one or more transit gateways associated with Direct Connect gateways. A transit virtual interface enables the connection of multiple VPCs attached to a transit gateway to a Direct Connect gateway. If you associate your transit gateway with one or more Direct Connect gateways, the Autonomous System Number (ASN) used by the transit gateway and the Direct Connect gateway must be different. For example, if you use the default ASN 64512 for both your the transit gateway and Direct Connect gateway, the association request fails. Setting the MTU of a virtual interface to 8500 (jumbo frames) can cause an update to the underlying physical connection if it wasn't updated to support jumbo frames. Updating the connection disrupts network connectivity for all virtual interfaces associated with the connection for up to 30 seconds. To check whether your connection supports jumbo frames, call DescribeConnections. To check whether your virtual interface supports jumbo frames, call DescribeVirtualInterfaces.
|
|
211
|
+
* Creates a transit virtual interface. A transit virtual interface should be used to access one or more transit gateways associated with Direct Connect gateways. A transit virtual interface enables the connection of multiple VPCs attached to a transit gateway to a Direct Connect gateway. If you associate your transit gateway with one or more Direct Connect gateways, the Autonomous System Number (ASN) used by the transit gateway and the Direct Connect gateway must be different. For example, if you use the default ASN 64512 for both your the transit gateway and Direct Connect gateway, the association request fails. A jumbo MTU value must be either 1500 or 8500. No other values will be accepted. Setting the MTU of a virtual interface to 8500 (jumbo frames) can cause an update to the underlying physical connection if it wasn't updated to support jumbo frames. Updating the connection disrupts network connectivity for all virtual interfaces associated with the connection for up to 30 seconds. To check whether your connection supports jumbo frames, call DescribeConnections. To check whether your virtual interface supports jumbo frames, call DescribeVirtualInterfaces.
|
|
212
212
|
*/
|
|
213
213
|
createTransitVirtualInterface(callback?: (err: AWSError, data: DirectConnect.Types.CreateTransitVirtualInterfaceResult) => void): Request<DirectConnect.Types.CreateTransitVirtualInterfaceResult, AWSError>;
|
|
214
214
|
/**
|
|
@@ -1558,7 +1558,7 @@ declare namespace DirectConnect {
|
|
|
1558
1558
|
*/
|
|
1559
1559
|
directConnectGatewayOwnerAccount?: OwnerAccount;
|
|
1560
1560
|
/**
|
|
1561
|
-
* The state of the association. The following are the possible values: associating: The initial state after calling CreateDirectConnectGatewayAssociation. associated: The Direct Connect gateway and virtual private gateway or transit gateway are successfully associated and ready to pass traffic. disassociating: The initial state after calling DeleteDirectConnectGatewayAssociation. disassociated: The virtual private gateway or transit gateway is disassociated from the Direct Connect gateway. Traffic flow between the Direct Connect gateway and virtual private gateway or transit gateway is stopped.
|
|
1561
|
+
* The state of the association. The following are the possible values: associating: The initial state after calling CreateDirectConnectGatewayAssociation. associated: The Direct Connect gateway and virtual private gateway or transit gateway are successfully associated and ready to pass traffic. disassociating: The initial state after calling DeleteDirectConnectGatewayAssociation. disassociated: The virtual private gateway or transit gateway is disassociated from the Direct Connect gateway. Traffic flow between the Direct Connect gateway and virtual private gateway or transit gateway is stopped. updating: The CIDR blocks for the virtual private gateway or transit gateway are currently being updated. This could be new CIDR blocks added or current CIDR blocks removed.
|
|
1562
1562
|
*/
|
|
1563
1563
|
associationState?: DirectConnectGatewayAssociationState;
|
|
1564
1564
|
/**
|
|
@@ -2319,7 +2319,7 @@ declare namespace DirectConnect {
|
|
|
2319
2319
|
*/
|
|
2320
2320
|
bgpPeers?: BGPPeerIdList;
|
|
2321
2321
|
/**
|
|
2322
|
-
* The time in minutes that the virtual interface failover test will last. Maximum value:
|
|
2322
|
+
* The time in minutes that the virtual interface failover test will last. Maximum value: 4,320 minutes (72 hours). Default: 180 minutes (3 hours).
|
|
2323
2323
|
*/
|
|
2324
2324
|
testDurationInMinutes?: TestDuration;
|
|
2325
2325
|
}
|
|
@@ -18330,12 +18330,20 @@ declare namespace EC2 {
|
|
|
18330
18330
|
* The DNS records created for the endpoint.
|
|
18331
18331
|
*/
|
|
18332
18332
|
DnsRecordIpType?: DnsRecordIpType;
|
|
18333
|
+
/**
|
|
18334
|
+
* Indicates whether to enable private DNS only for inbound endpoints.
|
|
18335
|
+
*/
|
|
18336
|
+
PrivateDnsOnlyForInboundResolverEndpoint?: Boolean;
|
|
18333
18337
|
}
|
|
18334
18338
|
export interface DnsOptionsSpecification {
|
|
18335
18339
|
/**
|
|
18336
18340
|
* The DNS records created for the endpoint.
|
|
18337
18341
|
*/
|
|
18338
18342
|
DnsRecordIpType?: DnsRecordIpType;
|
|
18343
|
+
/**
|
|
18344
|
+
* Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint.
|
|
18345
|
+
*/
|
|
18346
|
+
PrivateDnsOnlyForInboundResolverEndpoint?: Boolean;
|
|
18339
18347
|
}
|
|
18340
18348
|
export type DnsRecordIpType = "ipv4"|"dualstack"|"ipv6"|"service-defined"|string;
|
|
18341
18349
|
export interface DnsServersOptionsModifyStructure {
|
|
@@ -109,11 +109,11 @@ declare class IAM extends Service {
|
|
|
109
109
|
*/
|
|
110
110
|
createLoginProfile(callback?: (err: AWSError, data: IAM.Types.CreateLoginProfileResponse) => void): Request<IAM.Types.CreateLoginProfileResponse, AWSError>;
|
|
111
111
|
/**
|
|
112
|
-
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following: The URL of the OIDC identity provider (IdP) to trust A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider A list of thumbprints of one or more server certificates that the IdP uses You get all of this information from the OIDC IdP you want to use to access Amazon Web Services. Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation. The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.
|
|
112
|
+
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following: The URL of the OIDC identity provider (IdP) to trust A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider A list of tags that are attached to the specified IAM OIDC provider A list of thumbprints of one or more server certificates that the IdP uses You get all of this information from the OIDC IdP you want to use to access Amazon Web Services. Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation. The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.
|
|
113
113
|
*/
|
|
114
114
|
createOpenIDConnectProvider(params: IAM.Types.CreateOpenIDConnectProviderRequest, callback?: (err: AWSError, data: IAM.Types.CreateOpenIDConnectProviderResponse) => void): Request<IAM.Types.CreateOpenIDConnectProviderResponse, AWSError>;
|
|
115
115
|
/**
|
|
116
|
-
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following: The URL of the OIDC identity provider (IdP) to trust A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider A list of thumbprints of one or more server certificates that the IdP uses You get all of this information from the OIDC IdP you want to use to access Amazon Web Services. Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation. The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.
|
|
116
|
+
* Creates an IAM entity to describe an identity provider (IdP) that supports OpenID Connect (OIDC). The OIDC provider that you create with this operation can be used as a principal in a role's trust policy. Such a policy establishes a trust relationship between Amazon Web Services and the OIDC provider. If you are using an OIDC identity provider from Google, Facebook, or Amazon Cognito, you don't need to create a separate IAM identity provider. These OIDC identity providers are already built-in to Amazon Web Services and are available for your use. Instead, you can move directly to creating new roles using your identity provider. To learn more, see Creating a role for web identity or OpenID connect federation in the IAM User Guide. When you create the IAM OIDC provider, you specify the following: The URL of the OIDC identity provider (IdP) to trust A list of client IDs (also known as audiences) that identify the application or applications allowed to authenticate using the OIDC provider A list of tags that are attached to the specified IAM OIDC provider A list of thumbprints of one or more server certificates that the IdP uses You get all of this information from the OIDC IdP you want to use to access Amazon Web Services. Amazon Web Services secures communication with some OIDC identity providers (IdPs) through our library of trusted certificate authorities (CAs) instead of using a certificate thumbprint to verify your IdP server certificate. These OIDC IdPs include Google, Auth0, and those that use an Amazon S3 bucket to host a JSON Web Key Set (JWKS) endpoint. In these cases, your legacy thumbprint remains in your configuration, but is no longer used for validation. The trust for the OIDC provider is derived from the IAM provider that this operation creates. Therefore, it is best to limit access to the CreateOpenIDConnectProvider operation to highly privileged users.
|
|
117
117
|
*/
|
|
118
118
|
createOpenIDConnectProvider(callback?: (err: AWSError, data: IAM.Types.CreateOpenIDConnectProviderResponse) => void): Request<IAM.Types.CreateOpenIDConnectProviderResponse, AWSError>;
|
|
119
119
|
/**
|
|
@@ -505,11 +505,11 @@ declare class IAM extends Service {
|
|
|
505
505
|
*/
|
|
506
506
|
getOpenIDConnectProvider(callback?: (err: AWSError, data: IAM.Types.GetOpenIDConnectProviderResponse) => void): Request<IAM.Types.GetOpenIDConnectProviderResponse, AWSError>;
|
|
507
507
|
/**
|
|
508
|
-
* Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents. Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport. To call this operation, you must be signed in to the management account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining permissions using service last accessed data in the IAM User Guide. For each service that principals in an account (root
|
|
508
|
+
* Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents. Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport. To call this operation, you must be signed in to the management account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining permissions using service last accessed data in the IAM User Guide. For each service that principals in an account (root user, IAM users, or IAM roles) could access using SCPs, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, it returns the reason that it failed. By default, the list is sorted by service namespace.
|
|
509
509
|
*/
|
|
510
510
|
getOrganizationsAccessReport(params: IAM.Types.GetOrganizationsAccessReportRequest, callback?: (err: AWSError, data: IAM.Types.GetOrganizationsAccessReportResponse) => void): Request<IAM.Types.GetOrganizationsAccessReportResponse, AWSError>;
|
|
511
511
|
/**
|
|
512
|
-
* Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents. Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport. To call this operation, you must be signed in to the management account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining permissions using service last accessed data in the IAM User Guide. For each service that principals in an account (root
|
|
512
|
+
* Retrieves the service last accessed data report for Organizations that was previously generated using the GenerateOrganizationsAccessReport operation. This operation retrieves the status of your report job and the report contents. Depending on the parameters that you passed when you generated the report, the data returned could include different information. For details, see GenerateOrganizationsAccessReport. To call this operation, you must be signed in to the management account in your organization. SCPs must be enabled for your organization root. You must have permissions to perform this operation. For more information, see Refining permissions using service last accessed data in the IAM User Guide. For each service that principals in an account (root user, IAM users, or IAM roles) could access using SCPs, the operation returns details about the most recent access attempt. If there was no attempt, the service is listed without details about the most recent attempt to access the service. If the operation fails, it returns the reason that it failed. By default, the list is sorted by service namespace.
|
|
513
513
|
*/
|
|
514
514
|
getOrganizationsAccessReport(callback?: (err: AWSError, data: IAM.Types.GetOrganizationsAccessReportResponse) => void): Request<IAM.Types.GetOrganizationsAccessReportResponse, AWSError>;
|
|
515
515
|
/**
|
|
@@ -1009,11 +1009,11 @@ declare class IAM extends Service {
|
|
|
1009
1009
|
*/
|
|
1010
1010
|
tagMFADevice(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1011
1011
|
/**
|
|
1012
|
-
* Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For more information about these providers, see About web identity federation. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM
|
|
1012
|
+
* Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For more information about these providers, see About web identity federation. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an OIDC provider that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags in the IAM User Guide. If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the IAM User Guide. Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.
|
|
1013
1013
|
*/
|
|
1014
1014
|
tagOpenIDConnectProvider(params: IAM.Types.TagOpenIDConnectProviderRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1015
1015
|
/**
|
|
1016
|
-
* Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For more information about these providers, see About web identity federation. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM
|
|
1016
|
+
* Adds one or more tags to an OpenID Connect (OIDC)-compatible identity provider. For more information about these providers, see About web identity federation. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an OIDC provider that has a specified tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags in the IAM User Guide. If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the IAM User Guide. Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code.
|
|
1017
1017
|
*/
|
|
1018
1018
|
tagOpenIDConnectProvider(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1019
1019
|
/**
|
|
@@ -1049,11 +1049,11 @@ declare class IAM extends Service {
|
|
|
1049
1049
|
*/
|
|
1050
1050
|
tagServerCertificate(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1051
1051
|
/**
|
|
1052
|
-
* Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM
|
|
1052
|
+
* Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an IAM requesting user that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags in the IAM User Guide. Cost allocation - Use tags to help track which individuals and teams are using which Amazon Web Services resources. If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the IAM User Guide. Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code. For more information about tagging, see Tagging IAM identities in the IAM User Guide.
|
|
1053
1053
|
*/
|
|
1054
1054
|
tagUser(params: IAM.Types.TagUserRequest, callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1055
1055
|
/**
|
|
1056
|
-
* Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM
|
|
1056
|
+
* Adds one or more tags to an IAM user. If a tag with the same key name already exists, then that tag is overwritten with the new value. A tag consists of a key name and an associated value. By assigning tags to your resources, you can do the following: Administrative grouping and discovery - Attach tags to resources to aid in organization and search. For example, you could search for all resources with the key name Project and the value MyImportantProject. Or search for all resources with the key name Cost Center and the value 41200. Access control - Include tags in IAM identity-based and resource-based policies. You can use tags to restrict access to only an IAM requesting user that has a specified tag attached. You can also restrict access to only those resources that have a certain tag attached. For examples of policies that show how to use tags to control access, see Control access using IAM tags in the IAM User Guide. Cost allocation - Use tags to help track which individuals and teams are using which Amazon Web Services resources. If any one of the tags is invalid or if you exceed the allowed maximum number of tags, then the entire request fails and the resource is not created. For more information about tagging, see Tagging IAM resources in the IAM User Guide. Amazon Web Services always interprets the tag Value as a single string. If you need to store an array, you can store comma-separated values in the string. However, you must interpret the value in your code. For more information about tagging, see Tagging IAM identities in the IAM User Guide.
|
|
1057
1057
|
*/
|
|
1058
1058
|
tagUser(callback?: (err: AWSError, data: {}) => void): Request<{}, AWSError>;
|
|
1059
1059
|
/**
|
|
@@ -1305,7 +1305,7 @@ declare namespace IAM {
|
|
|
1305
1305
|
*/
|
|
1306
1306
|
Region?: stringType;
|
|
1307
1307
|
/**
|
|
1308
|
-
* The path of the Organizations entity (root, organizational unit, or account) from which an authenticated principal last attempted to access the service. Amazon Web Services does not report unauthenticated requests. This field is null if no principals (IAM users, IAM roles, or root
|
|
1308
|
+
* The path of the Organizations entity (root, organizational unit, or account) from which an authenticated principal last attempted to access the service. Amazon Web Services does not report unauthenticated requests. This field is null if no principals (IAM users, IAM roles, or root user) in the reported Organizations entity attempted to access the service within the tracking period.
|
|
1309
1309
|
*/
|
|
1310
1310
|
EntityPath?: organizationsEntityPathType;
|
|
1311
1311
|
/**
|
|
@@ -1313,7 +1313,7 @@ declare namespace IAM {
|
|
|
1313
1313
|
*/
|
|
1314
1314
|
LastAuthenticatedTime?: dateType;
|
|
1315
1315
|
/**
|
|
1316
|
-
* The number of accounts with authenticated principals (root
|
|
1316
|
+
* The number of accounts with authenticated principals (root user, IAM users, and IAM roles) that attempted to access the service in the tracking period.
|
|
1317
1317
|
*/
|
|
1318
1318
|
TotalAuthenticatedEntities?: integerType;
|
|
1319
1319
|
}
|
|
@@ -1568,7 +1568,7 @@ declare namespace IAM {
|
|
|
1568
1568
|
*/
|
|
1569
1569
|
ClientIDList?: clientIDListType;
|
|
1570
1570
|
/**
|
|
1571
|
-
* A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificates. Typically this list includes only one entry. However, IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain multiple thumbprints if the identity provider is rotating certificates. The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string. You must provide at least one thumbprint when creating an IAM OIDC provider. For example, assume that the OIDC provider is server.example.com and the provider stores its keys at https://keys.server.example.com/openid-connect. In that case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate used by https://keys.server.example.com. For more information about obtaining the OIDC provider thumbprint, see Obtaining the thumbprint for an OpenID Connect provider in the IAM
|
|
1571
|
+
* A list of server certificate thumbprints for the OpenID Connect (OIDC) identity provider's server certificates. Typically this list includes only one entry. However, IAM lets you have up to five thumbprints for an OIDC provider. This lets you maintain multiple thumbprints if the identity provider is rotating certificates. The server certificate thumbprint is the hex-encoded SHA-1 hash value of the X.509 certificate used by the domain where the OpenID Connect provider makes its keys available. It is always a 40-character string. You must provide at least one thumbprint when creating an IAM OIDC provider. For example, assume that the OIDC provider is server.example.com and the provider stores its keys at https://keys.server.example.com/openid-connect. In that case, the thumbprint string would be the hex-encoded SHA-1 hash value of the certificate used by https://keys.server.example.com. For more information about obtaining the OIDC provider thumbprint, see Obtaining the thumbprint for an OpenID Connect provider in the IAM user Guide.
|
|
1572
1572
|
*/
|
|
1573
1573
|
ThumbprintList: thumbprintListType;
|
|
1574
1574
|
/**
|
|
@@ -1640,7 +1640,7 @@ declare namespace IAM {
|
|
|
1640
1640
|
*/
|
|
1641
1641
|
Path?: pathType;
|
|
1642
1642
|
/**
|
|
1643
|
-
* The name of the role to create. IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both "MyResource" and "myresource".
|
|
1643
|
+
* The name of the role to create. IAM user, group, role, and policy names must be unique within the account. Names are not distinguished by case. For example, you cannot create resources named both "MyResource" and "myresource". This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
|
|
1644
1644
|
*/
|
|
1645
1645
|
RoleName: roleNameType;
|
|
1646
1646
|
/**
|
|
@@ -1760,7 +1760,7 @@ declare namespace IAM {
|
|
|
1760
1760
|
*/
|
|
1761
1761
|
Path?: pathType;
|
|
1762
1762
|
/**
|
|
1763
|
-
* The name of the virtual MFA device. Use with path to uniquely identify a virtual MFA device. This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
|
|
1763
|
+
* The name of the virtual MFA device, which must be unique. Use with path to uniquely identify a virtual MFA device. This parameter allows (through its regex pattern) a string of characters consisting of upper and lowercase alphanumeric characters with no spaces. You can also include any of the following characters: _+=,.@-
|
|
1764
1764
|
*/
|
|
1765
1765
|
VirtualMFADeviceName: virtualMFADeviceName;
|
|
1766
1766
|
/**
|
|
@@ -4181,7 +4181,7 @@ declare namespace IAM {
|
|
|
4181
4181
|
*/
|
|
4182
4182
|
Tags?: tagListType;
|
|
4183
4183
|
/**
|
|
4184
|
-
* Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked in the IAM
|
|
4184
|
+
* Contains information about the last time that an IAM role was used. This includes the date and time and the Region in which the role was last used. Activity is only reported for the trailing 400 days. This period can be shorter if your Region began supporting these features within the last year. The role might have been used more than 400 days ago. For more information, see Regions where data is tracked in the IAM user Guide.
|
|
4185
4185
|
*/
|
|
4186
4186
|
RoleLastUsed?: RoleLastUsed;
|
|
4187
4187
|
}
|
|
@@ -84,11 +84,11 @@ declare class Keyspaces extends Service {
|
|
|
84
84
|
*/
|
|
85
85
|
listTagsForResource(callback?: (err: AWSError, data: Keyspaces.Types.ListTagsForResourceResponse) => void): Request<Keyspaces.Types.ListTagsForResourceResponse, AWSError>;
|
|
86
86
|
/**
|
|
87
|
-
* Restores the specified table to the specified point in time within the earliest_restorable_timestamp and the current time. For more information about restore points, see Time window for PITR continuous backups in the Amazon Keyspaces Developer Guide.
|
|
87
|
+
* Restores the specified table to the specified point in time within the earliest_restorable_timestamp and the current time. For more information about restore points, see Time window for PITR continuous backups in the Amazon Keyspaces Developer Guide. Any number of users can execute up to 4 concurrent restores (any type of restore) in a given account. When you restore using point in time recovery, Amazon Keyspaces restores your source table's schema and data to the state based on the selected timestamp (day:hour:minute:second) to a new table. The Time to Live (TTL) settings are also restored to the state based on the selected timestamp. In addition to the table's schema, data, and TTL settings, RestoreTable restores the capacity mode, encryption, and point-in-time recovery settings from the source table. Unlike the table's schema data and TTL settings, which are restored based on the selected timestamp, these settings are always restored based on the table's settings as of the current time or when the table was deleted. You can also overwrite these settings during restore: Read/write capacity mode Provisioned throughput capacity settings Point-in-time (PITR) settings Tags For more information, see PITR restore settings in the Amazon Keyspaces Developer Guide. Note that the following settings are not restored, and you must configure them manually for the new table: Automatic scaling policies (for tables that use provisioned capacity mode) Identity and Access Management (IAM) policies Amazon CloudWatch metrics and alarms
|
|
88
88
|
*/
|
|
89
89
|
restoreTable(params: Keyspaces.Types.RestoreTableRequest, callback?: (err: AWSError, data: Keyspaces.Types.RestoreTableResponse) => void): Request<Keyspaces.Types.RestoreTableResponse, AWSError>;
|
|
90
90
|
/**
|
|
91
|
-
* Restores the specified table to the specified point in time within the earliest_restorable_timestamp and the current time. For more information about restore points, see Time window for PITR continuous backups in the Amazon Keyspaces Developer Guide.
|
|
91
|
+
* Restores the specified table to the specified point in time within the earliest_restorable_timestamp and the current time. For more information about restore points, see Time window for PITR continuous backups in the Amazon Keyspaces Developer Guide. Any number of users can execute up to 4 concurrent restores (any type of restore) in a given account. When you restore using point in time recovery, Amazon Keyspaces restores your source table's schema and data to the state based on the selected timestamp (day:hour:minute:second) to a new table. The Time to Live (TTL) settings are also restored to the state based on the selected timestamp. In addition to the table's schema, data, and TTL settings, RestoreTable restores the capacity mode, encryption, and point-in-time recovery settings from the source table. Unlike the table's schema data and TTL settings, which are restored based on the selected timestamp, these settings are always restored based on the table's settings as of the current time or when the table was deleted. You can also overwrite these settings during restore: Read/write capacity mode Provisioned throughput capacity settings Point-in-time (PITR) settings Tags For more information, see PITR restore settings in the Amazon Keyspaces Developer Guide. Note that the following settings are not restored, and you must configure them manually for the new table: Automatic scaling policies (for tables that use provisioned capacity mode) Identity and Access Management (IAM) policies Amazon CloudWatch metrics and alarms
|
|
92
92
|
*/
|
|
93
93
|
restoreTable(callback?: (err: AWSError, data: Keyspaces.Types.RestoreTableResponse) => void): Request<Keyspaces.Types.RestoreTableResponse, AWSError>;
|
|
94
94
|
/**
|
|
@@ -120,7 +120,7 @@ declare namespace Keyspaces {
|
|
|
120
120
|
export type ARN = string;
|
|
121
121
|
export interface CapacitySpecification {
|
|
122
122
|
/**
|
|
123
|
-
* The read/write throughput capacity mode for a table. The options are:
|
|
123
|
+
* The read/write throughput capacity mode for a table. The options are: throughputMode:PAY_PER_REQUEST and throughputMode:PROVISIONED - Provisioned capacity mode requires readCapacityUnits and writeCapacityUnits as input. The default is throughput_mode:PAY_PER_REQUEST. For more information, see Read/write capacity modes in the Amazon Keyspaces Developer Guide.
|
|
124
124
|
*/
|
|
125
125
|
throughputMode: ThroughputMode;
|
|
126
126
|
/**
|
|
@@ -134,7 +134,7 @@ declare namespace Keyspaces {
|
|
|
134
134
|
}
|
|
135
135
|
export interface CapacitySpecificationSummary {
|
|
136
136
|
/**
|
|
137
|
-
* The read/write throughput capacity mode for a table. The options are:
|
|
137
|
+
* The read/write throughput capacity mode for a table. The options are: throughputMode:PAY_PER_REQUEST and throughputMode:PROVISIONED - Provisioned capacity mode requires readCapacityUnits and writeCapacityUnits as input. The default is throughput_mode:PAY_PER_REQUEST. For more information, see Read/write capacity modes in the Amazon Keyspaces Developer Guide.
|
|
138
138
|
*/
|
|
139
139
|
throughputMode: ThroughputMode;
|
|
140
140
|
/**
|
|
@@ -151,6 +151,13 @@ declare namespace Keyspaces {
|
|
|
151
151
|
lastUpdateToPayPerRequestTimestamp?: Timestamp;
|
|
152
152
|
}
|
|
153
153
|
export type CapacityUnits = number;
|
|
154
|
+
export interface ClientSideTimestamps {
|
|
155
|
+
/**
|
|
156
|
+
* Shows how to enable client-side timestamps settings for the specified table.
|
|
157
|
+
*/
|
|
158
|
+
status: ClientSideTimestampsStatus;
|
|
159
|
+
}
|
|
160
|
+
export type ClientSideTimestampsStatus = "ENABLED"|string;
|
|
154
161
|
export interface ClusteringKey {
|
|
155
162
|
/**
|
|
156
163
|
* The name(s) of the clustering column(s).
|
|
@@ -205,7 +212,7 @@ declare namespace Keyspaces {
|
|
|
205
212
|
*/
|
|
206
213
|
tableName: TableName;
|
|
207
214
|
/**
|
|
208
|
-
* The schemaDefinition consists of the following parameters. For each column to be created:
|
|
215
|
+
* The schemaDefinition consists of the following parameters. For each column to be created: name - The name of the column. type - An Amazon Keyspaces data type. For more information, see Data types in the Amazon Keyspaces Developer Guide. The primary key of the table consists of the following columns: partitionKeys - The partition key can be a single column, or it can be a compound value composed of two or more columns. The partition key portion of the primary key is required and determines how Amazon Keyspaces stores your data. name - The name of each partition key column. clusteringKeys - The optional clustering column portion of your primary key determines how the data is clustered and sorted within each partition. name - The name of the clustering column. orderBy - Sets the ascendant (ASC) or descendant (DESC) order modifier. To define a column as static use staticColumns - Static columns store values that are shared by all rows in the same partition: name - The name of the column. type - An Amazon Keyspaces data type.
|
|
209
216
|
*/
|
|
210
217
|
schemaDefinition: SchemaDefinition;
|
|
211
218
|
/**
|
|
@@ -213,19 +220,19 @@ declare namespace Keyspaces {
|
|
|
213
220
|
*/
|
|
214
221
|
comment?: Comment;
|
|
215
222
|
/**
|
|
216
|
-
* Specifies the read/write throughput capacity mode for the table. The options are:
|
|
223
|
+
* Specifies the read/write throughput capacity mode for the table. The options are: throughputMode:PAY_PER_REQUEST and throughputMode:PROVISIONED - Provisioned capacity mode requires readCapacityUnits and writeCapacityUnits as input. The default is throughput_mode:PAY_PER_REQUEST. For more information, see Read/write capacity modes in the Amazon Keyspaces Developer Guide.
|
|
217
224
|
*/
|
|
218
225
|
capacitySpecification?: CapacitySpecification;
|
|
219
226
|
/**
|
|
220
|
-
* Specifies how the encryption key for encryption at rest is managed for the table. You can choose one of the following KMS key (KMS key):
|
|
227
|
+
* Specifies how the encryption key for encryption at rest is managed for the table. You can choose one of the following KMS key (KMS key): type:AWS_OWNED_KMS_KEY - This key is owned by Amazon Keyspaces. type:CUSTOMER_MANAGED_KMS_KEY - This key is stored in your account and is created, owned, and managed by you. This option requires the kms_key_identifier of the KMS key in Amazon Resource Name (ARN) format as input. The default is type:AWS_OWNED_KMS_KEY. For more information, see Encryption at rest in the Amazon Keyspaces Developer Guide.
|
|
221
228
|
*/
|
|
222
229
|
encryptionSpecification?: EncryptionSpecification;
|
|
223
230
|
/**
|
|
224
|
-
* Specifies if pointInTimeRecovery is enabled or disabled for the table. The options are:
|
|
231
|
+
* Specifies if pointInTimeRecovery is enabled or disabled for the table. The options are: status=ENABLED status=DISABLED If it's not specified, the default is status=DISABLED. For more information, see Point-in-time recovery in the Amazon Keyspaces Developer Guide.
|
|
225
232
|
*/
|
|
226
233
|
pointInTimeRecovery?: PointInTimeRecovery;
|
|
227
234
|
/**
|
|
228
|
-
* Enables Time to Live custom settings for the table. The options are:
|
|
235
|
+
* Enables Time to Live custom settings for the table. The options are: status:enabled status:disabled The default is status:disabled. After ttl is enabled, you can't disable it for the table. For more information, see Expiring data by using Amazon Keyspaces Time to Live (TTL) in the Amazon Keyspaces Developer Guide.
|
|
229
236
|
*/
|
|
230
237
|
ttl?: TimeToLive;
|
|
231
238
|
/**
|
|
@@ -236,6 +243,10 @@ declare namespace Keyspaces {
|
|
|
236
243
|
* A list of key-value pair tags to be attached to the resource. For more information, see Adding tags and labels to Amazon Keyspaces resources in the Amazon Keyspaces Developer Guide.
|
|
237
244
|
*/
|
|
238
245
|
tags?: TagList;
|
|
246
|
+
/**
|
|
247
|
+
* Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option: status: "enabled" Once client-side timestamps are enabled for a table, this setting cannot be disabled.
|
|
248
|
+
*/
|
|
249
|
+
clientSideTimestamps?: ClientSideTimestamps;
|
|
239
250
|
}
|
|
240
251
|
export interface CreateTableResponse {
|
|
241
252
|
/**
|
|
@@ -266,7 +277,7 @@ declare namespace Keyspaces {
|
|
|
266
277
|
}
|
|
267
278
|
export interface EncryptionSpecification {
|
|
268
279
|
/**
|
|
269
|
-
* The encryption option specified for the table. You can choose one of the following KMS keys (KMS keys):
|
|
280
|
+
* The encryption option specified for the table. You can choose one of the following KMS keys (KMS keys): type:AWS_OWNED_KMS_KEY - This key is owned by Amazon Keyspaces. type:CUSTOMER_MANAGED_KMS_KEY - This key is stored in your account and is created, owned, and managed by you. This option requires the kms_key_identifier of the KMS key in Amazon Resource Name (ARN) format as input. The default is type:AWS_OWNED_KMS_KEY. For more information, see Encryption at rest in the Amazon Keyspaces Developer Guide.
|
|
270
281
|
*/
|
|
271
282
|
type: EncryptionType;
|
|
272
283
|
/**
|
|
@@ -328,7 +339,7 @@ declare namespace Keyspaces {
|
|
|
328
339
|
*/
|
|
329
340
|
schemaDefinition?: SchemaDefinition;
|
|
330
341
|
/**
|
|
331
|
-
* The read/write throughput capacity mode for a table. The options are:
|
|
342
|
+
* The read/write throughput capacity mode for a table. The options are: throughputMode:PAY_PER_REQUEST throughputMode:PROVISIONED
|
|
332
343
|
*/
|
|
333
344
|
capacitySpecification?: CapacitySpecificationSummary;
|
|
334
345
|
/**
|
|
@@ -344,13 +355,17 @@ declare namespace Keyspaces {
|
|
|
344
355
|
*/
|
|
345
356
|
ttl?: TimeToLive;
|
|
346
357
|
/**
|
|
347
|
-
* The default Time to Live settings of the specified table.
|
|
358
|
+
* The default Time to Live settings in seconds of the specified table.
|
|
348
359
|
*/
|
|
349
360
|
defaultTimeToLive?: DefaultTimeToLive;
|
|
350
361
|
/**
|
|
351
362
|
* The the description of the specified table.
|
|
352
363
|
*/
|
|
353
364
|
comment?: Comment;
|
|
365
|
+
/**
|
|
366
|
+
* The client-side timestamps setting of the table.
|
|
367
|
+
*/
|
|
368
|
+
clientSideTimestamps?: ClientSideTimestamps;
|
|
354
369
|
}
|
|
355
370
|
export type KeyspaceName = string;
|
|
356
371
|
export interface KeyspaceSummary {
|
|
@@ -443,7 +458,7 @@ declare namespace Keyspaces {
|
|
|
443
458
|
export type PartitionKeyList = PartitionKey[];
|
|
444
459
|
export interface PointInTimeRecovery {
|
|
445
460
|
/**
|
|
446
|
-
* The options are:
|
|
461
|
+
* The options are: status=ENABLED status=DISABLED
|
|
447
462
|
*/
|
|
448
463
|
status: PointInTimeRecoveryStatus;
|
|
449
464
|
}
|
|
@@ -480,15 +495,15 @@ declare namespace Keyspaces {
|
|
|
480
495
|
*/
|
|
481
496
|
restoreTimestamp?: Timestamp;
|
|
482
497
|
/**
|
|
483
|
-
* Specifies the read/write throughput capacity mode for the target table. The options are:
|
|
498
|
+
* Specifies the read/write throughput capacity mode for the target table. The options are: throughputMode:PAY_PER_REQUEST throughputMode:PROVISIONED - Provisioned capacity mode requires readCapacityUnits and writeCapacityUnits as input. The default is throughput_mode:PAY_PER_REQUEST. For more information, see Read/write capacity modes in the Amazon Keyspaces Developer Guide.
|
|
484
499
|
*/
|
|
485
500
|
capacitySpecificationOverride?: CapacitySpecification;
|
|
486
501
|
/**
|
|
487
|
-
* Specifies the encryption settings for the target table. You can choose one of the following KMS key (KMS key):
|
|
502
|
+
* Specifies the encryption settings for the target table. You can choose one of the following KMS key (KMS key): type:AWS_OWNED_KMS_KEY - This key is owned by Amazon Keyspaces. type:CUSTOMER_MANAGED_KMS_KEY - This key is stored in your account and is created, owned, and managed by you. This option requires the kms_key_identifier of the KMS key in Amazon Resource Name (ARN) format as input. The default is type:AWS_OWNED_KMS_KEY. For more information, see Encryption at rest in the Amazon Keyspaces Developer Guide.
|
|
488
503
|
*/
|
|
489
504
|
encryptionSpecificationOverride?: EncryptionSpecification;
|
|
490
505
|
/**
|
|
491
|
-
* Specifies the pointInTimeRecovery settings for the target table. The options are:
|
|
506
|
+
* Specifies the pointInTimeRecovery settings for the target table. The options are: status=ENABLED status=DISABLED If it's not specified, the default is status=DISABLED. For more information, see Point-in-time recovery in the Amazon Keyspaces Developer Guide.
|
|
492
507
|
*/
|
|
493
508
|
pointInTimeRecoveryOverride?: PointInTimeRecovery;
|
|
494
509
|
/**
|
|
@@ -602,29 +617,33 @@ declare namespace Keyspaces {
|
|
|
602
617
|
*/
|
|
603
618
|
tableName: TableName;
|
|
604
619
|
/**
|
|
605
|
-
* For each column to be added to the specified table:
|
|
620
|
+
* For each column to be added to the specified table: name - The name of the column. type - An Amazon Keyspaces data type. For more information, see Data types in the Amazon Keyspaces Developer Guide.
|
|
606
621
|
*/
|
|
607
622
|
addColumns?: ColumnDefinitionList;
|
|
608
623
|
/**
|
|
609
|
-
* Modifies the read/write throughput capacity mode for the table. The options are:
|
|
624
|
+
* Modifies the read/write throughput capacity mode for the table. The options are: throughputMode:PAY_PER_REQUEST and throughputMode:PROVISIONED - Provisioned capacity mode requires readCapacityUnits and writeCapacityUnits as input. The default is throughput_mode:PAY_PER_REQUEST. For more information, see Read/write capacity modes in the Amazon Keyspaces Developer Guide.
|
|
610
625
|
*/
|
|
611
626
|
capacitySpecification?: CapacitySpecification;
|
|
612
627
|
/**
|
|
613
|
-
* Modifies the encryption settings of the table. You can choose one of the following KMS key (KMS key):
|
|
628
|
+
* Modifies the encryption settings of the table. You can choose one of the following KMS key (KMS key): type:AWS_OWNED_KMS_KEY - This key is owned by Amazon Keyspaces. type:CUSTOMER_MANAGED_KMS_KEY - This key is stored in your account and is created, owned, and managed by you. This option requires the kms_key_identifier of the KMS key in Amazon Resource Name (ARN) format as input. The default is AWS_OWNED_KMS_KEY. For more information, see Encryption at rest in the Amazon Keyspaces Developer Guide.
|
|
614
629
|
*/
|
|
615
630
|
encryptionSpecification?: EncryptionSpecification;
|
|
616
631
|
/**
|
|
617
|
-
* Modifies the pointInTimeRecovery settings of the table. The options are:
|
|
632
|
+
* Modifies the pointInTimeRecovery settings of the table. The options are: status=ENABLED status=DISABLED If it's not specified, the default is status=DISABLED. For more information, see Point-in-time recovery in the Amazon Keyspaces Developer Guide.
|
|
618
633
|
*/
|
|
619
634
|
pointInTimeRecovery?: PointInTimeRecovery;
|
|
620
635
|
/**
|
|
621
|
-
* Modifies Time to Live custom settings for the table. The options are:
|
|
636
|
+
* Modifies Time to Live custom settings for the table. The options are: status:enabled status:disabled The default is status:disabled. After ttl is enabled, you can't disable it for the table. For more information, see Expiring data by using Amazon Keyspaces Time to Live (TTL) in the Amazon Keyspaces Developer Guide.
|
|
622
637
|
*/
|
|
623
638
|
ttl?: TimeToLive;
|
|
624
639
|
/**
|
|
625
640
|
* The default Time to Live setting in seconds for the table. For more information, see Setting the default TTL value for a table in the Amazon Keyspaces Developer Guide.
|
|
626
641
|
*/
|
|
627
642
|
defaultTimeToLive?: DefaultTimeToLive;
|
|
643
|
+
/**
|
|
644
|
+
* Enables client-side timestamps for the table. By default, the setting is disabled. You can enable client-side timestamps with the following option: status: "enabled" Once client-side timestamps are enabled for a table, this setting cannot be disabled.
|
|
645
|
+
*/
|
|
646
|
+
clientSideTimestamps?: ClientSideTimestamps;
|
|
628
647
|
}
|
|
629
648
|
export interface UpdateTableResponse {
|
|
630
649
|
/**
|