diff --git a/.changes/2.1317.0.json b/.changes/2.1317.0.json new file mode 100644 index 0000000000..9bd2444749 --- /dev/null +++ b/.changes/2.1317.0.json @@ -0,0 +1,12 @@ +[ + { + "type": "feature", + "category": "EMR", + "description": "This release provides customers the ability to define a timeout period for procuring capacity during a resize operation for Instance Fleet clusters. Customers can specify this timeout using the ResizeSpecifications parameter supported by RunJobFlow, ModifyInstanceFleet and AddInstanceFleet APIs." + }, + { + "type": "feature", + "category": "Grafana", + "description": "With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces" + } +] \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index 9f85e04561..54b60c6f89 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,7 +1,11 @@ # Changelog for AWS SDK for JavaScript - + +## 2.1317.0 +* feature: EMR: This release provides customers the ability to define a timeout period for procuring capacity during a resize operation for Instance Fleet clusters. Customers can specify this timeout using the ResizeSpecifications parameter supported by RunJobFlow, ModifyInstanceFleet and AddInstanceFleet APIs. +* feature: Grafana: With this release Amazon Managed Grafana now supports inbound Network Access Control that helps you to restrict user access to your Grafana workspaces + ## 2.1316.0 * feature: CloudTrail: This release adds an InsufficientEncryptionPolicyException type to the StartImport endpoint * feature: FraudDetector: This release introduces Lists feature which allows customers to reference a set of values in Fraud Detector's rules. With Lists, customers can dynamically manage these attributes in real time. Lists can be created/deleted and its contents can be modified using the Fraud Detector API. diff --git a/README.md b/README.md index 1bf0c69781..adb16d72ac 100644 --- a/README.md +++ b/README.md @@ -57,7 +57,7 @@ for further details. To use the SDK in the browser, simply add the following script tag to your HTML pages: - + You can also build a custom browser SDK with your specified set of AWS services. This can allow you to reduce the SDK's size, specify different API versions of diff --git a/apis/elasticmapreduce-2009-03-31.min.json b/apis/elasticmapreduce-2009-03-31.min.json index 0ad6cce883..c500a4e809 100644 --- a/apis/elasticmapreduce-2009-03-31.min.json +++ b/apis/elasticmapreduce-2009-03-31.min.json @@ -45,7 +45,7 @@ ], "members": { "InstanceGroups": { - "shape": "Sy" + "shape": "S11" }, "JobFlowId": {} } @@ -72,7 +72,7 @@ "members": { "JobFlowId": {}, "Steps": { - "shape": "S1j" + "shape": "S1m" }, "ExecutionRoleArn": {} } @@ -81,7 +81,7 @@ "type": "structure", "members": { "StepIds": { - "shape": "S1s" + "shape": "S1v" } } } @@ -96,7 +96,7 @@ "members": { "ResourceId": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" } } }, @@ -115,7 +115,7 @@ "members": { "ClusterId": {}, "StepIds": { - "shape": "S1s" + "shape": "S1v" }, "StepCancellationOption": {} } @@ -182,7 +182,7 @@ "AuthMode": {}, "VpcId": {}, "SubnetIds": { - "shape": "S2a" + "shape": "S2d" }, "ServiceRole": {}, "UserRole": {}, @@ -192,7 +192,7 @@ "IdpAuthUrl": {}, "IdpRelayStateParameterName": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" } } }, @@ -281,7 +281,7 @@ "Id": {}, "Name": {}, "Status": { - "shape": "S2m" + "shape": "S2p" }, "Ec2InstanceAttributes": { "type": "structure", @@ -289,21 +289,21 @@ "Ec2KeyName": {}, "Ec2SubnetId": {}, "RequestedEc2SubnetIds": { - "shape": "S2s" + "shape": "S2v" }, "Ec2AvailabilityZone": {}, "RequestedEc2AvailabilityZones": { - "shape": "S2s" + "shape": "S2v" }, "IamInstanceProfile": {}, "EmrManagedMasterSecurityGroup": {}, "EmrManagedSlaveSecurityGroup": {}, "ServiceAccessSecurityGroup": {}, "AdditionalMasterSecurityGroups": { - "shape": "S2t" + "shape": "S2w" }, "AdditionalSlaveSecurityGroups": { - "shape": "S2t" + "shape": "S2w" } } }, @@ -323,10 +323,10 @@ "type": "boolean" }, "Applications": { - "shape": "S2w" + "shape": "S2z" }, "Tags": { - "shape": "S1v" + "shape": "S1y" }, "ServiceRole": {}, "NormalizedInstanceHours": { @@ -345,7 +345,7 @@ }, "RepoUpgradeOnBoot": {}, "KerberosAttributes": { - "shape": "S30" + "shape": "S33" }, "ClusterArn": {}, "OutpostArn": {}, @@ -353,7 +353,7 @@ "type": "integer" }, "PlacementGroups": { - "shape": "S32" + "shape": "S35" }, "OSReleaseLabel": {} } @@ -372,7 +372,7 @@ "type": "timestamp" }, "JobFlowIds": { - "shape": "S1q" + "shape": "S1t" }, "JobFlowStates": { "type": "list", @@ -487,7 +487,7 @@ "Ec2KeyName": {}, "Ec2SubnetId": {}, "Placement": { - "shape": "S3g" + "shape": "S3j" }, "KeepJobFlowAliveWhenNoSteps": { "type": "boolean" @@ -508,7 +508,7 @@ ], "members": { "StepConfig": { - "shape": "S1k" + "shape": "S1n" }, "ExecutionStatusDetail": { "type": "structure", @@ -539,13 +539,13 @@ "type": "structure", "members": { "BootstrapActionConfig": { - "shape": "S3n" + "shape": "S3q" } } } }, "SupportedProducts": { - "shape": "S3p" + "shape": "S3s" }, "VisibleToAllUsers": { "type": "boolean" @@ -580,7 +580,7 @@ "NotebookExecutionId": {}, "EditorId": {}, "ExecutionEngine": { - "shape": "S3t" + "shape": "S3w" }, "NotebookExecutionName": {}, "NotebookParams": {}, @@ -596,7 +596,7 @@ "LastStateChangeReason": {}, "NotebookInstanceSecurityGroupId": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" } } } @@ -683,11 +683,11 @@ "Id": {}, "Name": {}, "Config": { - "shape": "S48" + "shape": "S4b" }, "ActionOnFailure": {}, "Status": { - "shape": "S49" + "shape": "S4c" }, "ExecutionRoleArn": {} } @@ -718,7 +718,7 @@ "AuthMode": {}, "VpcId": {}, "SubnetIds": { - "shape": "S2a" + "shape": "S2d" }, "ServiceRole": {}, "UserRole": {}, @@ -732,7 +732,7 @@ "IdpAuthUrl": {}, "IdpRelayStateParameterName": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" } } } @@ -753,7 +753,7 @@ "type": "structure", "members": { "AutoTerminationPolicy": { - "shape": "S4k" + "shape": "S4n" } } } @@ -771,7 +771,7 @@ ], "members": { "BlockPublicAccessConfiguration": { - "shape": "S4o" + "shape": "S4r" }, "BlockPublicAccessConfigurationMetadata": { "type": "structure", @@ -838,7 +838,7 @@ "type": "structure", "members": { "ManagedScalingPolicy": { - "shape": "S4z" + "shape": "S52" } } } @@ -901,7 +901,7 @@ "Name": {}, "ScriptPath": {}, "Args": { - "shape": "S2t" + "shape": "S2w" } } } @@ -938,7 +938,7 @@ "Id": {}, "Name": {}, "Status": { - "shape": "S2m" + "shape": "S2p" }, "NormalizedInstanceHours": { "type": "integer" @@ -1030,7 +1030,7 @@ "shape": "Si" }, "EbsBlockDevices": { - "shape": "S5q" + "shape": "S5t" }, "EbsOptimized": { "type": "boolean" @@ -1041,6 +1041,9 @@ }, "LaunchSpecifications": { "shape": "Sl" + }, + "ResizeSpecifications": { + "shape": "Su" } } } @@ -1120,16 +1123,16 @@ "type": "long" }, "EbsBlockDevices": { - "shape": "S5q" + "shape": "S5t" }, "EbsOptimized": { "type": "boolean" }, "ShrinkPolicy": { - "shape": "S62" + "shape": "S65" }, "AutoScalingPolicy": { - "shape": "S66" + "shape": "S69" }, "CustomAmiId": {} } @@ -1284,7 +1287,7 @@ "type": "structure", "members": { "ReleaseLabels": { - "shape": "S2t" + "shape": "S2w" }, "NextToken": {} } @@ -1329,7 +1332,7 @@ "member": {} }, "StepIds": { - "shape": "S1q" + "shape": "S1t" }, "Marker": {} } @@ -1345,11 +1348,11 @@ "Id": {}, "Name": {}, "Config": { - "shape": "S48" + "shape": "S4b" }, "ActionOnFailure": {}, "Status": { - "shape": "S49" + "shape": "S4c" } } } @@ -1464,6 +1467,9 @@ }, "TargetSpotCapacity": { "type": "integer" + }, + "ResizeSpecifications": { + "shape": "Su" } } } @@ -1492,7 +1498,7 @@ "member": {} }, "ShrinkPolicy": { - "shape": "S62" + "shape": "S65" }, "ReconfigurationType": {}, "Configurations": { @@ -1516,7 +1522,7 @@ "ClusterId": {}, "InstanceGroupId": {}, "AutoScalingPolicy": { - "shape": "S12" + "shape": "S15" } } }, @@ -1526,7 +1532,7 @@ "ClusterId": {}, "InstanceGroupId": {}, "AutoScalingPolicy": { - "shape": "S66" + "shape": "S69" }, "ClusterArn": {} } @@ -1541,7 +1547,7 @@ "members": { "ClusterId": {}, "AutoTerminationPolicy": { - "shape": "S4k" + "shape": "S4n" } } }, @@ -1558,7 +1564,7 @@ ], "members": { "BlockPublicAccessConfiguration": { - "shape": "S4o" + "shape": "S4r" } } }, @@ -1577,7 +1583,7 @@ "members": { "ClusterId": {}, "ManagedScalingPolicy": { - "shape": "S4z" + "shape": "S52" } } }, @@ -1643,7 +1649,7 @@ "members": { "ResourceId": {}, "TagKeys": { - "shape": "S2t" + "shape": "S2w" } } }, @@ -1675,7 +1681,7 @@ "type": "integer" }, "InstanceGroups": { - "shape": "Sy" + "shape": "S11" }, "InstanceFleets": { "type": "list", @@ -1685,7 +1691,7 @@ }, "Ec2KeyName": {}, "Placement": { - "shape": "S3g" + "shape": "S3j" }, "KeepJobFlowAliveWhenNoSteps": { "type": "boolean" @@ -1696,30 +1702,30 @@ "HadoopVersion": {}, "Ec2SubnetId": {}, "Ec2SubnetIds": { - "shape": "S2s" + "shape": "S2v" }, "EmrManagedMasterSecurityGroup": {}, "EmrManagedSlaveSecurityGroup": {}, "ServiceAccessSecurityGroup": {}, "AdditionalMasterSecurityGroups": { - "shape": "S84" + "shape": "S87" }, "AdditionalSlaveSecurityGroups": { - "shape": "S84" + "shape": "S87" } } }, "Steps": { - "shape": "S1j" + "shape": "S1m" }, "BootstrapActions": { "type": "list", "member": { - "shape": "S3n" + "shape": "S3q" } }, "SupportedProducts": { - "shape": "S3p" + "shape": "S3s" }, "NewSupportedProducts": { "type": "list", @@ -1728,13 +1734,13 @@ "members": { "Name": {}, "Args": { - "shape": "S1q" + "shape": "S1t" } } } }, "Applications": { - "shape": "S2w" + "shape": "S2z" }, "Configurations": { "shape": "Si" @@ -1745,7 +1751,7 @@ "JobFlowRole": {}, "ServiceRole": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" }, "SecurityConfiguration": {}, "AutoScalingRole": {}, @@ -1756,19 +1762,19 @@ }, "RepoUpgradeOnBoot": {}, "KerberosAttributes": { - "shape": "S30" + "shape": "S33" }, "StepConcurrencyLevel": { "type": "integer" }, "ManagedScalingPolicy": { - "shape": "S4z" + "shape": "S52" }, "PlacementGroupConfigs": { - "shape": "S32" + "shape": "S35" }, "AutoTerminationPolicy": { - "shape": "S4k" + "shape": "S4n" }, "OSReleaseLabel": {} } @@ -1790,7 +1796,7 @@ ], "members": { "JobFlowIds": { - "shape": "S1q" + "shape": "S1t" }, "TerminationProtected": { "type": "boolean" @@ -1807,7 +1813,7 @@ ], "members": { "JobFlowIds": { - "shape": "S1q" + "shape": "S1t" }, "VisibleToAllUsers": { "type": "boolean" @@ -1830,12 +1836,12 @@ "NotebookExecutionName": {}, "NotebookParams": {}, "ExecutionEngine": { - "shape": "S3t" + "shape": "S3w" }, "ServiceRole": {}, "NotebookInstanceSecurityGroupId": {}, "Tags": { - "shape": "S1v" + "shape": "S1y" } } }, @@ -1865,7 +1871,7 @@ ], "members": { "JobFlowIds": { - "shape": "S1q" + "shape": "S1t" } } } @@ -1881,7 +1887,7 @@ "Name": {}, "Description": {}, "SubnetIds": { - "shape": "S2a" + "shape": "S2d" }, "DefaultS3Location": {} } @@ -1948,6 +1954,9 @@ }, "LaunchSpecifications": { "shape": "Sl" + }, + "ResizeSpecifications": { + "shape": "Su" } } }, @@ -2054,7 +2063,34 @@ } } }, - "Sy": { + "Su": { + "type": "structure", + "members": { + "SpotResizeSpecification": { + "type": "structure", + "required": [ + "TimeoutDurationMinutes" + ], + "members": { + "TimeoutDurationMinutes": { + "type": "integer" + } + } + }, + "OnDemandResizeSpecification": { + "type": "structure", + "required": [ + "TimeoutDurationMinutes" + ], + "members": { + "TimeoutDurationMinutes": { + "type": "integer" + } + } + } + } + }, + "S11": { "type": "list", "member": { "type": "structure", @@ -2079,13 +2115,13 @@ "shape": "Sa" }, "AutoScalingPolicy": { - "shape": "S12" + "shape": "S15" }, "CustomAmiId": {} } } }, - "S12": { + "S15": { "type": "structure", "required": [ "Constraints", @@ -2093,14 +2129,14 @@ ], "members": { "Constraints": { - "shape": "S13" + "shape": "S16" }, "Rules": { - "shape": "S14" + "shape": "S17" } } }, - "S13": { + "S16": { "type": "structure", "required": [ "MinCapacity", @@ -2115,7 +2151,7 @@ } } }, - "S14": { + "S17": { "type": "list", "member": { "type": "structure", @@ -2197,13 +2233,13 @@ } } }, - "S1j": { + "S1m": { "type": "list", "member": { - "shape": "S1k" + "shape": "S1n" } }, - "S1k": { + "S1n": { "type": "structure", "required": [ "Name", @@ -2231,21 +2267,21 @@ "Jar": {}, "MainClass": {}, "Args": { - "shape": "S1q" + "shape": "S1t" } } } } }, - "S1q": { + "S1t": { "type": "list", "member": {} }, - "S1s": { + "S1v": { "type": "list", "member": {} }, - "S1v": { + "S1y": { "type": "list", "member": { "type": "structure", @@ -2255,11 +2291,11 @@ } } }, - "S2a": { + "S2d": { "type": "list", "member": {} }, - "S2m": { + "S2p": { "type": "structure", "members": { "State": {}, @@ -2286,15 +2322,15 @@ } } }, - "S2s": { + "S2v": { "type": "list", "member": {} }, - "S2t": { + "S2w": { "type": "list", "member": {} }, - "S2w": { + "S2z": { "type": "list", "member": { "type": "structure", @@ -2302,7 +2338,7 @@ "Name": {}, "Version": {}, "Args": { - "shape": "S2t" + "shape": "S2w" }, "AdditionalInfo": { "shape": "Sk" @@ -2310,7 +2346,7 @@ } } }, - "S30": { + "S33": { "type": "structure", "required": [ "Realm", @@ -2324,7 +2360,7 @@ "ADDomainJoinPassword": {} } }, - "S32": { + "S35": { "type": "list", "member": { "type": "structure", @@ -2337,16 +2373,16 @@ } } }, - "S3g": { + "S3j": { "type": "structure", "members": { "AvailabilityZone": {}, "AvailabilityZones": { - "shape": "S2s" + "shape": "S2v" } } }, - "S3n": { + "S3q": { "type": "structure", "required": [ "Name", @@ -2362,17 +2398,17 @@ "members": { "Path": {}, "Args": { - "shape": "S1q" + "shape": "S1t" } } } } }, - "S3p": { + "S3s": { "type": "list", "member": {} }, - "S3t": { + "S3w": { "type": "structure", "required": [ "Id" @@ -2383,7 +2419,7 @@ "MasterInstanceSecurityGroupId": {} } }, - "S48": { + "S4b": { "type": "structure", "members": { "Jar": {}, @@ -2392,11 +2428,11 @@ }, "MainClass": {}, "Args": { - "shape": "S2t" + "shape": "S2w" } } }, - "S49": { + "S4c": { "type": "structure", "members": { "State": {}, @@ -2431,7 +2467,7 @@ } } }, - "S4k": { + "S4n": { "type": "structure", "members": { "IdleTimeout": { @@ -2439,7 +2475,7 @@ } } }, - "S4o": { + "S4r": { "type": "structure", "required": [ "BlockPublicSecurityGroupRules" @@ -2467,7 +2503,7 @@ } } }, - "S4z": { + "S52": { "type": "structure", "members": { "ComputeLimits": { @@ -2495,7 +2531,7 @@ } } }, - "S5q": { + "S5t": { "type": "list", "member": { "type": "structure", @@ -2507,7 +2543,7 @@ } } }, - "S62": { + "S65": { "type": "structure", "members": { "DecommissionTimeout": { @@ -2517,10 +2553,10 @@ "type": "structure", "members": { "InstancesToTerminate": { - "shape": "S64" + "shape": "S67" }, "InstancesToProtect": { - "shape": "S64" + "shape": "S67" }, "InstanceTerminationTimeout": { "type": "integer" @@ -2529,11 +2565,11 @@ } } }, - "S64": { + "S67": { "type": "list", "member": {} }, - "S66": { + "S69": { "type": "structure", "members": { "Status": { @@ -2550,14 +2586,14 @@ } }, "Constraints": { - "shape": "S13" + "shape": "S16" }, "Rules": { - "shape": "S14" + "shape": "S17" } } }, - "S84": { + "S87": { "type": "list", "member": {} } diff --git a/apis/elasticmapreduce-2009-03-31.normal.json b/apis/elasticmapreduce-2009-03-31.normal.json index 218757270b..93c1ff3fd2 100644 --- a/apis/elasticmapreduce-2009-03-31.normal.json +++ b/apis/elasticmapreduce-2009-03-31.normal.json @@ -448,7 +448,7 @@ "shape": "InvalidRequestException" } ], - "documentation": "
Provides Temporary, basic HTTP credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username-based and password-based authentication.
" + "documentation": "Provides temporary, HTTP basic credentials that are associated with a given runtime IAM role and used by a cluster with fine-grained access control activated. You can use these credentials to connect to cluster endpoints that support username and password authentication.
" }, "GetManagedScalingPolicy": { "name": "GetManagedScalingPolicy", @@ -2525,7 +2525,7 @@ "members": { "Credentials": { "shape": "Credentials", - "documentation": "The credentials that you can use to connect to cluster endpoints that support username-based and password-based authentication.
" + "documentation": "The credentials that you can use to connect to cluster endpoints that support username and password authentication.
" }, "ExpiresAt": { "shape": "Date", @@ -2745,6 +2745,10 @@ "LaunchSpecifications": { "shape": "InstanceFleetProvisioningSpecifications", "documentation": "Describes the launch specification for an instance fleet.
" + }, + "ResizeSpecifications": { + "shape": "InstanceFleetResizingSpecifications", + "documentation": "The resize specification for the instance fleet.
" } }, "documentation": "Describes an instance fleet, which is a group of EC2 instances that host a particular node type (master, core, or task) in an Amazon EMR cluster. Instance fleets can consist of a mix of instance types and On-Demand and Spot Instances, which are provisioned to meet a defined target capacity.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.
The launch specification for the instance fleet.
" + }, + "ResizeSpecifications": { + "shape": "InstanceFleetResizingSpecifications", + "documentation": "The resize specification for the instance fleet.
" } }, "documentation": "The configuration that defines an instance fleet.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.
The target capacity of Spot units for the instance fleet. For more information, see InstanceFleetConfig$TargetSpotCapacity.
" + }, + "ResizeSpecifications": { + "shape": "InstanceFleetResizingSpecifications", + "documentation": "The resize specification for the instance fleet.
" } }, "documentation": "Configuration parameters for an instance fleet modification request.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions.
The launch specification for Spot Instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
" + "documentation": "The launch specification for Spot instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
" }, "OnDemandSpecification": { "shape": "OnDemandProvisioningSpecification", "documentation": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR version 5.12.1 and later.
The launch specification for Spot Instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. On-Demand and Spot Instance allocation strategies are available in Amazon EMR version 5.12.1 and later.
The launch specification for Spot Instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. On-Demand and Spot instance allocation strategies are available in Amazon EMR version 5.12.1 and later.
The resize specification for Spot Instances in the instance fleet, which contains the resize timeout period.
" + }, + "OnDemandResizeSpecification": { + "shape": "OnDemandResizingSpecification", + "documentation": "The resize specification for On-Demand Instances in the instance fleet, which contains the resize timeout period.
" + } + }, + "documentation": "The resize specification for On-Demand and Spot Instances in the fleet.
" }, "InstanceFleetState": { "type": "string", @@ -4448,6 +4474,19 @@ }, "documentation": "The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR versions 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR version 5.12.1 and later.
On-Demand resize timeout in minutes. If On-Demand Instances are not provisioned within this time, the resize workflow stops. The minimum value is 5 minutes, and the maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.
" + } + }, + "documentation": "The resize specification for On-Demand Instances in the instance fleet, which contains the resize timeout period.
" + }, "OptionalArnType": { "type": "string", "max": 2048, @@ -5180,7 +5219,7 @@ "members": { "TimeoutDurationMinutes": { "shape": "WholeNumber", - "documentation": "The spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the TimeOutAction
is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.
The Spot provisioning timeout period in minutes. If Spot Instances are not provisioned within this time period, the TimeOutAction
is taken. Minimum value is 5 and maximum value is 1440. The timeout applies only during initial provisioning, when the cluster is first created.
Spot resize timeout in minutes. If Spot Instances are not provisioned within this time, the resize workflow will stop provisioning of Spot instances. Minimum value is 5 minutes and maximum value is 10,080 minutes (7 days). The timeout applies to all resize workflows on the Instance Fleet. The resize could be triggered by Amazon EMR Managed Scaling or by the customer (via Amazon EMR Console, Amazon EMR CLI modify-instance-fleet or Amazon EMR SDK ModifyInstanceFleet API) or by Amazon EMR due to Amazon EC2 Spot Reclamation.
" + } + }, + "documentation": "The resize specification for Spot Instances in the instance fleet, which contains the resize timeout period.
" + }, "StartNotebookExecutionInput": { "type": "structure", "required": [ diff --git a/apis/grafana-2020-08-18.min.json b/apis/grafana-2020-08-18.min.json index 7c01691e88..fe0799f093 100644 --- a/apis/grafana-2020-08-18.min.json +++ b/apis/grafana-2020-08-18.min.json @@ -69,16 +69,19 @@ "configuration": { "jsonvalue": true }, + "networkAccessControl": { + "shape": "Sj" + }, "organizationRoleName": { - "shape": "Sl" + "shape": "Sq" }, "permissionType": {}, "stackSetName": {}, "tags": { - "shape": "Sr" + "shape": "Sw" }, "vpcConfiguration": { - "shape": "Su" + "shape": "Sz" }, "workspaceDataSources": { "shape": "Sc" @@ -90,13 +93,13 @@ "shape": "Si" }, "workspaceNotificationDestinations": { - "shape": "Sj" + "shape": "So" }, "workspaceOrganizationalUnits": { - "shape": "Sm" + "shape": "Sr" }, "workspaceRoleArn": { - "shape": "Sz" + "shape": "S14" } } }, @@ -276,7 +279,7 @@ ], "members": { "authentication": { - "shape": "S1i" + "shape": "S1n" } } } @@ -403,7 +406,7 @@ "members": { "role": {}, "user": { - "shape": "S2a" + "shape": "S2f" } } } @@ -433,7 +436,7 @@ "type": "structure", "members": { "tags": { - "shape": "Sr" + "shape": "Sw" } } } @@ -498,11 +501,11 @@ "shape": "Si" }, "notificationDestinations": { - "shape": "Sj" + "shape": "So" }, "status": {}, "tags": { - "shape": "Sr" + "shape": "Sw" } } } @@ -527,7 +530,7 @@ "locationName": "resourceArn" }, "tags": { - "shape": "Sr" + "shape": "Sw" } } }, @@ -583,7 +586,7 @@ "updateInstructionBatch": { "type": "list", "member": { - "shape": "S2p" + "shape": "S2u" } }, "workspaceId": { @@ -609,7 +612,7 @@ ], "members": { "causedBy": { - "shape": "S2p" + "shape": "S2u" }, "code": { "type": "integer" @@ -634,16 +637,22 @@ ], "members": { "accountAccessType": {}, + "networkAccessControl": { + "shape": "Sj" + }, "organizationRoleName": { - "shape": "Sl" + "shape": "Sq" }, "permissionType": {}, + "removeNetworkAccessConfiguration": { + "type": "boolean" + }, "removeVpcConfiguration": { "type": "boolean" }, "stackSetName": {}, "vpcConfiguration": { - "shape": "Su" + "shape": "Sz" }, "workspaceDataSources": { "shape": "Sc" @@ -659,13 +668,13 @@ "shape": "Si" }, "workspaceNotificationDestinations": { - "shape": "Sj" + "shape": "So" }, "workspaceOrganizationalUnits": { - "shape": "Sm" + "shape": "Sr" }, "workspaceRoleArn": { - "shape": "Sz" + "shape": "S14" } } }, @@ -697,7 +706,7 @@ "shape": "S8" }, "samlConfiguration": { - "shape": "S1m" + "shape": "S1r" }, "workspaceId": { "location": "uri", @@ -712,7 +721,7 @@ ], "members": { "authentication": { - "shape": "S1i" + "shape": "S1n" } } } @@ -791,26 +800,29 @@ "name": { "shape": "Si" }, - "notificationDestinations": { + "networkAccessControl": { "shape": "Sj" }, + "notificationDestinations": { + "shape": "So" + }, "organizationRoleName": { - "shape": "Sl" + "shape": "Sq" }, "organizationalUnits": { - "shape": "Sm" + "shape": "Sr" }, "permissionType": {}, "stackSetName": {}, "status": {}, "tags": { - "shape": "Sr" + "shape": "Sw" }, "vpcConfiguration": { - "shape": "Su" + "shape": "Sz" }, "workspaceRoleArn": { - "shape": "Sz" + "shape": "S14" } } }, @@ -843,24 +855,41 @@ "sensitive": true }, "Sj": { + "type": "structure", + "required": [ + "prefixListIds", + "vpceIds" + ], + "members": { + "prefixListIds": { + "type": "list", + "member": {} + }, + "vpceIds": { + "type": "list", + "member": {} + } + } + }, + "So": { "type": "list", "member": {} }, - "Sl": { + "Sq": { "type": "string", "sensitive": true }, - "Sm": { + "Sr": { "type": "list", "member": {}, "sensitive": true }, - "Sr": { + "Sw": { "type": "map", "key": {}, "value": {} }, - "Su": { + "Sz": { "type": "structure", "required": [ "securityGroupIds", @@ -877,11 +906,11 @@ } } }, - "Sz": { + "S14": { "type": "string", "sensitive": true }, - "S1i": { + "S1n": { "type": "structure", "required": [ "providers" @@ -903,14 +932,14 @@ ], "members": { "configuration": { - "shape": "S1m" + "shape": "S1r" }, "status": {} } } } }, - "S1m": { + "S1r": { "type": "structure", "required": [ "idpMetadata" @@ -946,20 +975,20 @@ "type": "structure", "members": { "admin": { - "shape": "S1v" + "shape": "S20" }, "editor": { - "shape": "S1v" + "shape": "S20" } } } } }, - "S1v": { + "S20": { "type": "list", "member": {} }, - "S2a": { + "S2f": { "type": "structure", "required": [ "id", @@ -970,7 +999,7 @@ "type": {} } }, - "S2p": { + "S2u": { "type": "structure", "required": [ "action", @@ -983,7 +1012,7 @@ "users": { "type": "list", "member": { - "shape": "S2a" + "shape": "S2f" } } } diff --git a/apis/grafana-2020-08-18.normal.json b/apis/grafana-2020-08-18.normal.json index a9fab7626f..2f0b581e09 100644 --- a/apis/grafana-2020-08-18.normal.json +++ b/apis/grafana-2020-08-18.normal.json @@ -855,6 +855,10 @@ "documentation": "The configuration string for the workspace that you create. For more information about the format and configuration options available, see Working in your Grafana workspace.
", "jsonvalue": true }, + "networkAccessControl": { + "shape": "NetworkAccessConfiguration", + "documentation": "Configuration for network access to your workspace.
When this is configured, only listed IP addresses and VPC endpoints will be able to access your workspace. Standard Grafana authentication and authorization will still be required.
If this is not configured, or is removed, then all IP addresses and VPC endpoints will be allowed. Standard Grafana authentication and authorization will still be required.
" + }, "organizationRoleName": { "shape": "OrganizationRoleName", "documentation": "The name of an IAM role that already exists to use with Organizations to access Amazon Web Services data sources and notification channels in other accounts in an organization.
" @@ -1289,6 +1293,24 @@ "LoginValidityDuration": { "type": "integer" }, + "NetworkAccessConfiguration": { + "type": "structure", + "required": [ + "prefixListIds", + "vpceIds" + ], + "members": { + "prefixListIds": { + "shape": "PrefixListIds", + "documentation": "An array of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration then no IP addresses will be allowed to access the workspace. You create a prefix list using the Amazon VPC console.
Prefix list IDs have the format pl-1a2b3c4d
.
For more information about prefix lists, see Group CIDR blocks using managed prefix listsin the Amazon Virtual Private Cloud User Guide.
" + }, + "vpceIds": { + "shape": "VpceIds", + "documentation": "An array of Amazon VPC endpoint IDs for the workspace. You can create VPC endpoints to your Amazon Managed Grafana workspace for access from within a VPC. If a NetworkAccessConfiguration
is specified then only VPC endpoints specified here will be allowed to access the workspace.
VPC endpoint IDs have the format vpce-1a2b3c4d
.
For more information about creating an interface VPC endpoint, see Interface VPC endpoints in the Amazon Managed Grafana User Guide.
The only VPC endpoints that can be specified here are interface VPC endpoints for Grafana workspaces (using the com.amazonaws.[region].grafana-workspace
service endpoint). Other VPC endpoints will be ignored.
The configuration settings for in-bound network access to your workspace.
When this is configured, only listed IP addresses and VPC endpoints will be able to access your workspace. Standard Grafana authentication and authorization will still be required.
If this is not configured, or is removed, then all IP addresses and VPC endpoints will be allowed. Standard Grafana authentication and authorization will still be required.
" + }, "NotificationDestinationType": { "type": "string", "enum": [ @@ -1356,6 +1378,17 @@ "SERVICE_MANAGED" ] }, + "PrefixListId": { + "type": "string", + "max": 100, + "min": 1 + }, + "PrefixListIds": { + "type": "list", + "member": { + "shape": "PrefixListId" + } + }, "Role": { "type": "string", "enum": [ @@ -1733,13 +1766,21 @@ "shape": "AccountAccessType", "documentation": "Specifies whether the workspace can access Amazon Web Services resources in this Amazon Web Services account only, or whether it can also access Amazon Web Services resources in other accounts in the same organization. If you specify ORGANIZATION
, you must specify which organizational units the workspace can access in the workspaceOrganizationalUnits
parameter.
The configuration settings for network access to your workspace.
When this is configured, only listed IP addresses and VPC endpoints will be able to access your workspace. Standard Grafana authentication and authorization will still be required.
If this is not configured, or is removed, then all IP addresses and VPC endpoints will be allowed. Standard Grafana authentication and authorization will still be required.
" + }, "organizationRoleName": { "shape": "OrganizationRoleName", "documentation": "The name of an IAM role that already exists to use to access resources through Organizations.
" }, "permissionType": { "shape": "PermissionType", - "documentation": "If you specify Service Managed
, Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.
If you specify CUSTOMER_MANAGED
, you will manage those roles and permissions yourself. If you are creating this workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services accounts in the organization, you must choose CUSTOMER_MANAGED
.
For more information, see Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and notification channels
" + "documentation": "If you specify SERVICE_MANAGED
, Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.
If you specify CUSTOMER_MANAGED
, you will manage those roles and permissions yourself. If you are creating this workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services accounts in the organization, you must choose CUSTOMER_MANAGED
.
For more information, see Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and notification channels
" + }, + "removeNetworkAccessConfiguration": { + "shape": "Boolean", + "documentation": "Whether to remove the network access configuration from the workspace.
Setting this to true
and providing a networkAccessControl
to set will return an error.
If you remove this configuration by setting this to true
, then all IP addresses and VPC endpoints will be allowed. Standard Grafana authentication and authorization will still be required.
The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect.
" + "documentation": "The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.
" }, "subnetIds": { "shape": "SubnetIds", - "documentation": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect.
" + "documentation": "The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. Duplicates not allowed.
" } }, - "documentation": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.
" + "documentation": "The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to.
Provided securityGroupIds
and subnetIds
must be part of the same VPC.
The name of the workspace.
" }, + "networkAccessControl": { + "shape": "NetworkAccessConfiguration", + "documentation": "The configuration settings for network access to your workspace.
" + }, "notificationDestinations": { "shape": "NotificationDestinationsList", "documentation": "The Amazon Web Services notification channels that Amazon Managed Grafana can automatically create IAM roles and permissions for, to allow Amazon Managed Grafana to use these channels.
" @@ -1929,7 +1985,7 @@ }, "permissionType": { "shape": "PermissionType", - "documentation": "If this is Service Managed
, Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.
If this is CUSTOMER_MANAGED
, you manage those roles and permissions yourself. If you are creating this workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services accounts in the organization, you must choose CUSTOMER_MANAGED
.
For more information, see Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and notification channels
" + "documentation": "If this is SERVICE_MANAGED
, Amazon Managed Grafana automatically creates the IAM roles and provisions the permissions that the workspace needs to use Amazon Web Services data sources and notification channels.
If this is CUSTOMER_MANAGED
, you manage those roles and permissions yourself. If you are creating this workspace in a member account of an organization and that account is not a delegated administrator account, and you want the workspace to access data sources in other Amazon Web Services accounts in the organization, you must choose CUSTOMER_MANAGED
.
For more information, see Amazon Managed Grafana permissions and policies for Amazon Web Services data sources and notification channels
" }, "stackSetName": { "shape": "StackSetName", diff --git a/apis/ivs-2020-07-14.normal.json b/apis/ivs-2020-07-14.normal.json index 4d4385798a..a537d7363a 100644 --- a/apis/ivs-2020-07-14.normal.json +++ b/apis/ivs-2020-07-14.normal.json @@ -2293,5 +2293,5 @@ "type": "string" } }, - "documentation": "Introduction
The Amazon Interactive Video Service (IVS) API is REST compatible, using a standard HTTP API and an Amazon Web Services EventBridge event stream for responses. JSON is used for both requests and responses, including errors.
The API is an Amazon Web Services regional service. For a list of supported regions and Amazon IVS HTTPS service endpoints, see the Amazon IVS page in the Amazon Web Services General Reference.
All API request parameters and URLs are case sensitive.
For a summary of notable documentation changes in each release, see Document History.
Allowed Header Values
Accept:
application/json
Accept-Encoding:
gzip, deflate
Content-Type:
application/json
Resources
The following resources contain information about your IVS live stream (see Getting Started with Amazon IVS):
Channel — Stores configuration data related to your live stream. You first create a channel and then use the channel’s stream key to start your live stream. See the Channel endpoints for more information.
Stream key — An identifier assigned by Amazon IVS when you create a channel, which is then used to authorize streaming. See the StreamKey endpoints for more information. Treat the stream key like a secret, since it allows anyone to stream to the channel.
Playback key pair — Video playback may be restricted using playback-authorization tokens, which use public-key encryption. A playback key pair is the public-private pair of keys used to sign and validate the playback-authorization token. See the PlaybackKeyPair endpoints for more information.
Recording configuration — Stores configuration related to recording a live stream and where to store the recorded content. Multiple channels can reference the same recording configuration. See the Recording Configuration endpoints for more information.
Tagging
A tag is a metadata label that you assign to an Amazon Web Services resource. A tag comprises a key and a value, both set by you. For example, you might set a tag as topic:nature
to label a particular video category. See Tagging Amazon Web Services Resources for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.
Tags can help you identify and organize your Amazon Web Services resources. For example, you can use the same tag for different resources to indicate that they are related. You can also use tags to manage access (see Access Tags).
The Amazon IVS API has these tag-related endpoints: TagResource, UntagResource, and ListTagsForResource. The following resources support tagging: Channels, Stream Keys, Playback Key Pairs, and Recording Configurations.
At most 50 tags can be applied to a resource.
Authentication versus Authorization
Note the differences between these concepts:
Authentication is about verifying identity. You need to be authenticated to sign Amazon IVS API requests.
Authorization is about granting permissions. Your IAM roles need to have permissions for Amazon IVS API requests. In addition, authorization is needed to view Amazon IVS private channels. (Private channels are channels that are enabled for \"playback authorization.\")
Authentication
All Amazon IVS API requests must be authenticated with a signature. The Amazon Web Services Command-Line Interface (CLI) and Amazon IVS Player SDKs take care of signing the underlying API calls for you. However, if your application calls the Amazon IVS API directly, it’s your responsibility to sign the requests.
You generate a signature using valid Amazon Web Services credentials that have permission to perform the requested action. For example, you must sign PutMetadata requests with a signature generated from an IAM user account that has the ivs:PutMetadata
permission.
For more information:
Authentication and generating signatures — See Authenticating Requests (Amazon Web Services Signature Version 4) in the Amazon Web Services General Reference.
Managing Amazon IVS permissions — See Identity and Access Management on the Security page of the Amazon IVS User Guide.
Amazon Resource Names (ARNs)
ARNs uniquely identify AWS resources. An ARN is required when you need to specify a resource unambiguously across all of AWS, such as in IAM policies and API calls. For more information, see Amazon Resource Names in the AWS General Reference.
Channel Endpoints
CreateChannel — Creates a new channel and an associated stream key to start streaming.
GetChannel — Gets the channel configuration for the specified channel ARN.
BatchGetChannel — Performs GetChannel on multiple ARNs simultaneously.
ListChannels — Gets summary information about all channels in your account, in the Amazon Web Services region where the API request is processed. This list can be filtered to match a specified name or recording-configuration ARN. Filters are mutually exclusive and cannot be used together. If you try to use both filters, you will get an error (409 Conflict Exception).
UpdateChannel — Updates a channel's configuration. This does not affect an ongoing stream of this channel. You must stop and restart the stream for the changes to take effect.
DeleteChannel — Deletes the specified channel.
StreamKey Endpoints
CreateStreamKey — Creates a stream key, used to initiate a stream, for the specified channel ARN.
GetStreamKey — Gets stream key information for the specified ARN.
BatchGetStreamKey — Performs GetStreamKey on multiple ARNs simultaneously.
ListStreamKeys — Gets summary information about stream keys for the specified channel.
DeleteStreamKey — Deletes the stream key for the specified ARN, so it can no longer be used to stream.
Stream Endpoints
GetStream — Gets information about the active (live) stream on a specified channel.
GetStreamSession — Gets metadata on a specified stream.
ListStreams — Gets summary information about live streams in your account, in the Amazon Web Services region where the API request is processed.
ListStreamSessions — Gets a summary of current and previous streams for a specified channel in your account, in the AWS region where the API request is processed.
StopStream — Disconnects the incoming RTMPS stream for the specified channel. Can be used in conjunction with DeleteStreamKey to prevent further streaming to a channel.
PutMetadata — Inserts metadata into the active stream of the specified channel. At most 5 requests per second per channel are allowed, each with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we recommend batching your data into a single PutMetadata call.) At most 155 requests per second per account are allowed.
PlaybackKeyPair Endpoints
For more information, see Setting Up Private Channels in the Amazon IVS User Guide.
ImportPlaybackKeyPair — Imports the public portion of a new key pair and returns its arn
and fingerprint
. The privateKey
can then be used to generate viewer authorization tokens, to grant viewers access to private channels (channels enabled for playback authorization).
GetPlaybackKeyPair — Gets a specified playback authorization key pair and returns the arn
and fingerprint
. The privateKey
held by the caller can be used to generate viewer authorization tokens, to grant viewers access to private channels.
ListPlaybackKeyPairs — Gets summary information about playback key pairs.
DeletePlaybackKeyPair — Deletes a specified authorization key pair. This invalidates future viewer tokens generated using the key pair’s privateKey
.
RecordingConfiguration Endpoints
CreateRecordingConfiguration — Creates a new recording configuration, used to enable recording to Amazon S3.
GetRecordingConfiguration — Gets the recording-configuration metadata for the specified ARN.
ListRecordingConfigurations — Gets summary information about all recording configurations in your account, in the Amazon Web Services region where the API request is processed.
DeleteRecordingConfiguration — Deletes the recording configuration for the specified ARN.
Amazon Web Services Tags Endpoints
TagResource — Adds or updates tags for the Amazon Web Services resource with the specified ARN.
UntagResource — Removes tags from the resource with the specified ARN.
ListTagsForResource — Gets information about Amazon Web Services tags for the specified ARN.
Introduction
The Amazon Interactive Video Service (IVS) API is REST compatible, using a standard HTTP API and an Amazon Web Services EventBridge event stream for responses. JSON is used for both requests and responses, including errors.
The API is an Amazon Web Services regional service. For a list of supported regions and Amazon IVS HTTPS service endpoints, see the Amazon IVS page in the Amazon Web Services General Reference.
All API request parameters and URLs are case sensitive.
For a summary of notable documentation changes in each release, see Document History.
Allowed Header Values
Accept:
application/json
Accept-Encoding:
gzip, deflate
Content-Type:
application/json
Resources
The following resources contain information about your IVS live stream (see Getting Started with Amazon IVS):
Channel — Stores configuration data related to your live stream. You first create a channel and then use the channel’s stream key to start your live stream. See the Channel endpoints for more information.
Stream key — An identifier assigned by Amazon IVS when you create a channel, which is then used to authorize streaming. See the StreamKey endpoints for more information. Treat the stream key like a secret, since it allows anyone to stream to the channel.
Playback key pair — Video playback may be restricted using playback-authorization tokens, which use public-key encryption. A playback key pair is the public-private pair of keys used to sign and validate the playback-authorization token. See the PlaybackKeyPair endpoints for more information.
Recording configuration — Stores configuration related to recording a live stream and where to store the recorded content. Multiple channels can reference the same recording configuration. See the Recording Configuration endpoints for more information.
Tagging
A tag is a metadata label that you assign to an Amazon Web Services resource. A tag comprises a key and a value, both set by you. For example, you might set a tag as topic:nature
to label a particular video category. See Tagging Amazon Web Services Resources for more information, including restrictions that apply to tags and \"Tag naming limits and requirements\"; Amazon IVS has no service-specific constraints beyond what is documented there.
Tags can help you identify and organize your Amazon Web Services resources. For example, you can use the same tag for different resources to indicate that they are related. You can also use tags to manage access (see Access Tags).
The Amazon IVS API has these tag-related endpoints: TagResource, UntagResource, and ListTagsForResource. The following resources support tagging: Channels, Stream Keys, Playback Key Pairs, and Recording Configurations.
At most 50 tags can be applied to a resource.
Authentication versus Authorization
Note the differences between these concepts:
Authentication is about verifying identity. You need to be authenticated to sign Amazon IVS API requests.
Authorization is about granting permissions. Your IAM roles need to have permissions for Amazon IVS API requests. In addition, authorization is needed to view Amazon IVS private channels. (Private channels are channels that are enabled for \"playback authorization.\")
Authentication
All Amazon IVS API requests must be authenticated with a signature. The Amazon Web Services Command-Line Interface (CLI) and Amazon IVS Player SDKs take care of signing the underlying API calls for you. However, if your application calls the Amazon IVS API directly, it’s your responsibility to sign the requests.
You generate a signature using valid Amazon Web Services credentials that have permission to perform the requested action. For example, you must sign PutMetadata requests with a signature generated from a user account that has the ivs:PutMetadata
permission.
For more information:
Authentication and generating signatures — See Authenticating Requests (Amazon Web Services Signature Version 4) in the Amazon Web Services General Reference.
Managing Amazon IVS permissions — See Identity and Access Management on the Security page of the Amazon IVS User Guide.
Amazon Resource Names (ARNs)
ARNs uniquely identify AWS resources. An ARN is required when you need to specify a resource unambiguously across all of AWS, such as in IAM policies and API calls. For more information, see Amazon Resource Names in the AWS General Reference.
Channel Endpoints
CreateChannel — Creates a new channel and an associated stream key to start streaming.
GetChannel — Gets the channel configuration for the specified channel ARN.
BatchGetChannel — Performs GetChannel on multiple ARNs simultaneously.
ListChannels — Gets summary information about all channels in your account, in the Amazon Web Services region where the API request is processed. This list can be filtered to match a specified name or recording-configuration ARN. Filters are mutually exclusive and cannot be used together. If you try to use both filters, you will get an error (409 Conflict Exception).
UpdateChannel — Updates a channel's configuration. This does not affect an ongoing stream of this channel. You must stop and restart the stream for the changes to take effect.
DeleteChannel — Deletes the specified channel.
StreamKey Endpoints
CreateStreamKey — Creates a stream key, used to initiate a stream, for the specified channel ARN.
GetStreamKey — Gets stream key information for the specified ARN.
BatchGetStreamKey — Performs GetStreamKey on multiple ARNs simultaneously.
ListStreamKeys — Gets summary information about stream keys for the specified channel.
DeleteStreamKey — Deletes the stream key for the specified ARN, so it can no longer be used to stream.
Stream Endpoints
GetStream — Gets information about the active (live) stream on a specified channel.
GetStreamSession — Gets metadata on a specified stream.
ListStreams — Gets summary information about live streams in your account, in the Amazon Web Services region where the API request is processed.
ListStreamSessions — Gets a summary of current and previous streams for a specified channel in your account, in the AWS region where the API request is processed.
StopStream — Disconnects the incoming RTMPS stream for the specified channel. Can be used in conjunction with DeleteStreamKey to prevent further streaming to a channel.
PutMetadata — Inserts metadata into the active stream of the specified channel. At most 5 requests per second per channel are allowed, each with a maximum 1 KB payload. (If 5 TPS is not sufficient for your needs, we recommend batching your data into a single PutMetadata call.) At most 155 requests per second per account are allowed.
PlaybackKeyPair Endpoints
For more information, see Setting Up Private Channels in the Amazon IVS User Guide.
ImportPlaybackKeyPair — Imports the public portion of a new key pair and returns its arn
and fingerprint
. The privateKey
can then be used to generate viewer authorization tokens, to grant viewers access to private channels (channels enabled for playback authorization).
GetPlaybackKeyPair — Gets a specified playback authorization key pair and returns the arn
and fingerprint
. The privateKey
held by the caller can be used to generate viewer authorization tokens, to grant viewers access to private channels.
ListPlaybackKeyPairs — Gets summary information about playback key pairs.
DeletePlaybackKeyPair — Deletes a specified authorization key pair. This invalidates future viewer tokens generated using the key pair’s privateKey
.
RecordingConfiguration Endpoints
CreateRecordingConfiguration — Creates a new recording configuration, used to enable recording to Amazon S3.
GetRecordingConfiguration — Gets the recording-configuration metadata for the specified ARN.
ListRecordingConfigurations — Gets summary information about all recording configurations in your account, in the Amazon Web Services region where the API request is processed.
DeleteRecordingConfiguration — Deletes the recording configuration for the specified ARN.
Amazon Web Services Tags Endpoints
TagResource — Adds or updates tags for the Amazon Web Services resource with the specified ARN.
UntagResource — Removes tags from the resource with the specified ARN.
ListTagsForResource — Gets information about Amazon Web Services tags for the specified ARN.
The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
Details for your use of the account takeover prevention managed rule group, AWSManagedRulesATPRuleSet
. This configuration is used in ManagedRuleGroupConfig
.
Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet
. Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests. This configuration replaces the individual configuration fields in ManagedRuleGroupConfig
and provides additional feature configuration.
For information about using the ATP managed rule group, see WAF Fraud Control account takeover prevention (ATP) rule group and WAF Fraud Control account takeover prevention (ATP) in the WAF Developer Guide.
" + "documentation": "Additional configuration for using the account takeover prevention (ATP) managed rule group, AWSManagedRulesATPRuleSet
. Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
This configuration replaces the individual configuration fields in ManagedRuleGroupConfig
and provides additional feature configuration.
For information about using the ATP managed rule group, see WAF Fraud Control account takeover prevention (ATP) rule group and WAF Fraud Control account takeover prevention (ATP) in the WAF Developer Guide.
" } }, "documentation": "Additional information that's used by a managed rule group. Many managed rule groups don't require this.
Use the AWSManagedRulesATPRuleSet
configuration object for the account takeover prevention managed rule group, to provide information such as the sign-in page of your application and the type of content to accept or reject from the client.
Use the AWSManagedRulesBotControlRuleSet
configuration object to configure the protection level that you want the Bot Control rule group to use.
For example specifications, see the examples section of CreateWebACL.
" @@ -5079,7 +5079,7 @@ "documentation": "Configures inspection of the response JSON.
" } }, - "documentation": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
This is part of the AWSManagedRulesATPRuleSet
configuration in ManagedRuleGroupConfig
.
Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.
" + "documentation": "The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates.
The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that submit too many failed login attempts in a short amount of time.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
This is part of the AWSManagedRulesATPRuleSet
configuration in ManagedRuleGroupConfig
.
Enable login response inspection by configuring exactly one component of the response to inspect. You can't configure more than one. If you don't configure any of the response inspection options, response inspection is disabled.
" }, "ResponseInspectionBodyContains": { "type": "structure", @@ -5097,7 +5097,7 @@ "documentation": "Strings in the body of the response that indicate a failed login attempt. To be counted as a failed login, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings.
JSON example: \"FailureStrings\": [ \"Login failed\" ]
Configures inspection of the response body. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Configures inspection of the response body. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
Values in the response header with the specified name that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"FailureValues\": [ \"LoginFailed\", \"Failed login\" ]
Configures inspection of the response header. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Configures inspection of the response header. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
Values for the specified identifier in the response JSON that indicate a failed login attempt. To be counted as a failed login, the value must be an exact match, including case. Each value must be unique among the success and failure values.
JSON example: \"FailureValues\": [ \"False\", \"Failed\" ]
Configures inspection of the response JSON. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Configures inspection of the response JSON. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
Status codes in the response that indicate a failed login attempt. To be counted as a failed login, the response status code must match one of these. Each code must be unique among the success and failure status codes.
JSON example: \"FailureCodes\": [ 400, 404 ]
Configures inspection of the response status code. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Configures inspection of the response status code. This is part of the ResponseInspection
configuration for AWSManagedRulesATPRuleSet
.
Response inspection is available only in web ACLs that protect Amazon CloudFront distributions.
For regional web ACLs in Region US East (N. Virginia) us-east-1, it's possible to configure response inspection through the APIs, but ATP response inspection will not be enabled. You can only use the response inspection capabilities of the ATP managed rule group in web ACLs that protect CloudFront distributions.
>1,l=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=a?0:s-1,y=a?1:-1,b=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(n=isNaN(t)?1:0,o=m):(o=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-o))<1&&(o--,u*=2),t+=o+c>=1?l/u:l*Math.pow(2,1-c),t*u>=2&&(o++,u/=2),o+c>=m?(n=0,o=m):o+c>=1?(n=(t*u-1)*Math.pow(2,i),o+=c):(n=t*Math.pow(2,c-1)*Math.pow(2,i),o=0));i>=8;e[r+d]=255&n,d+=y,n/=256,i-=8);for(o=o<0;e[r+d]=255&o,d+=y,o/=256,p-=8);e[r+d-y]|=128*b}},{}],438:[function(e,t,r){var a={}.toString;t.exports=Array.isArray||function(e){return"[object Array]"==a.call(e)}},{}],439:[function(e,t,r){!function(e){"use strict";function t(e){return null!==e&&"[object Array]"===Object.prototype.toString.call(e)}function r(e){return null!==e&&"[object Object]"===Object.prototype.toString.call(e)}function a(e,i){if(e===i)return!0;if(Object.prototype.toString.call(e)!==Object.prototype.toString.call(i))return!1;if(!0===t(e)){if(e.length!==i.length)return!1;for(var s=0;s =0?this.expression(e):"Lbracket"===t?(this._match("Lbracket"),this._parseMultiselectList()):"Lbrace"===t?(this._match("Lbrace"),this._parseMultiselectHash()):void 0},_parseProjectionRHS:function(e){var t;if(P[this._lookahead(0)]<10)t={type:"Identity"};else if("Lbracket"===this._lookahead(0))t=this.expression(e);else if("Filter"===this._lookahead(0))t=this.expression(e);else{if("Dot"!==this._lookahead(0)){var r=this._lookaheadToken(0),a=new Error("Sytanx error, unexpected token: "+r.value+"("+r.type+")");throw a.name="ParserError",a}this._match("Dot"),t=this._parseDotRHS(e)}return t},_parseMultiselectList:function(){for(var e=[];"Rbracket"!==this._lookahead(0);){var t=this.expression(0);if(e.push(t),"Comma"===this._lookahead(0)&&(this._match("Comma"),"Rbracket"===this._lookahead(0)))throw new Error("Unexpected token Rbracket")}return this._match("Rbracket"),{type:"MultiSelectList",children:e}},_parseMultiselectHash:function(){for(var e,t,r,a,i=[],s=["UnquotedIdentifier","QuotedIdentifier"];;){if(e=this._lookaheadToken(0),s.indexOf(e.type)<0)throw new Error("Expecting an identifier token, got: "+e.type);if(t=e.value,this._advance(),this._match("Colon"),r=this.expression(0),a={type:"KeyValuePair",name:t,value:r},i.push(a),"Comma"===this._lookahead(0))this._match("Comma");else if("Rbrace"===this._lookahead(0)){this._match("Rbrace");break}}return{type:"MultiSelectHash",children:i}}},c.prototype={search:function(e,t){return this.visit(e,t)},visit:function(e,o){var n,u,p,m,c,l,d,y,b;switch(e.type){case"Field":return null!==o&&r(o)?(l=o[e.name],void 0===l?null:l):null;case"Subexpression":for(p=this.visit(e.children[0],o),b=1;b G((f-r)/g)&&i("overflow"),r+=(p-t)*g,t=p,u=0;u =0?(c=b.substr(0,S),l=b.substr(S+1)):(c=b,l=""),d=decodeURIComponent(c),y=decodeURIComponent(l),a(o,d)?i(o[d])?o[d].push(y):o[d]=[o[d],y]:o[d]=y}return o};var i=Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)}},{}],443:[function(e,t,r){"use strict";function a(e,t){if(e.map)return e.map(t);for(var r=[],a=0;a >1,l=23===i?Math.pow(2,-24)-Math.pow(2,-77):0,d=a?0:s-1,y=a?1:-1,b=t<0||0===t&&1/t<0?1:0;for(t=Math.abs(t),isNaN(t)||t===1/0?(n=isNaN(t)?1:0,o=m):(o=Math.floor(Math.log(t)/Math.LN2),t*(u=Math.pow(2,-o))<1&&(o--,u*=2),t+=o+c>=1?l/u:l*Math.pow(2,1-c),t*u>=2&&(o++,u/=2),o+c>=m?(n=0,o=m):o+c>=1?(n=(t*u-1)*Math.pow(2,i),o+=c):(n=t*Math.pow(2,c-1)*Math.pow(2,i),o=0));i>=8;e[r+d]=255&n,d+=y,n/=256,i-=8);for(o=o<0;e[r+d]=255&o,d+=y,o/=256,p-=8);e[r+d-y]|=128*b}},{}],438:[function(e,t,r){var a={}.toString;t.exports=Array.isArray||function(e){return"[object Array]"==a.call(e)}},{}],439:[function(e,t,r){!function(e){"use strict";function t(e){return null!==e&&"[object Array]"===Object.prototype.toString.call(e)}function r(e){return null!==e&&"[object Object]"===Object.prototype.toString.call(e)}function a(e,i){if(e===i)return!0;if(Object.prototype.toString.call(e)!==Object.prototype.toString.call(i))return!1;if(!0===t(e)){if(e.length!==i.length)return!1;for(var s=0;s =0?this.expression(e):"Lbracket"===t?(this._match("Lbracket"),this._parseMultiselectList()):"Lbrace"===t?(this._match("Lbrace"),this._parseMultiselectHash()):void 0},_parseProjectionRHS:function(e){var t;if(P[this._lookahead(0)]<10)t={type:"Identity"};else if("Lbracket"===this._lookahead(0))t=this.expression(e);else if("Filter"===this._lookahead(0))t=this.expression(e);else{if("Dot"!==this._lookahead(0)){var r=this._lookaheadToken(0),a=new Error("Sytanx error, unexpected token: "+r.value+"("+r.type+")");throw a.name="ParserError",a}this._match("Dot"),t=this._parseDotRHS(e)}return t},_parseMultiselectList:function(){for(var e=[];"Rbracket"!==this._lookahead(0);){var t=this.expression(0);if(e.push(t),"Comma"===this._lookahead(0)&&(this._match("Comma"),"Rbracket"===this._lookahead(0)))throw new Error("Unexpected token Rbracket")}return this._match("Rbracket"),{type:"MultiSelectList",children:e}},_parseMultiselectHash:function(){for(var e,t,r,a,i=[],s=["UnquotedIdentifier","QuotedIdentifier"];;){if(e=this._lookaheadToken(0),s.indexOf(e.type)<0)throw new Error("Expecting an identifier token, got: "+e.type);if(t=e.value,this._advance(),this._match("Colon"),r=this.expression(0),a={type:"KeyValuePair",name:t,value:r},i.push(a),"Comma"===this._lookahead(0))this._match("Comma");else if("Rbrace"===this._lookahead(0)){this._match("Rbrace");break}}return{type:"MultiSelectHash",children:i}}},c.prototype={search:function(e,t){return this.visit(e,t)},visit:function(e,o){var n,u,p,m,c,l,d,y,b;switch(e.type){case"Field":return null!==o&&r(o)?(l=o[e.name],void 0===l?null:l):null;case"Subexpression":for(p=this.visit(e.children[0],o),b=1;b G((f-r)/g)&&i("overflow"),r+=(p-t)*g,t=p,u=0;u =0?(c=b.substr(0,S),l=b.substr(S+1)):(c=b,l=""),d=decodeURIComponent(c),y=decodeURIComponent(l),a(o,d)?i(o[d])?o[d].push(y):o[d]=[o[d],y]:o[d]=y}return o};var i=Array.isArray||function(e){return"[object Array]"===Object.prototype.toString.call(e)}},{}],443:[function(e,t,r){"use strict";function a(e,t){if(e.map)return e.map(t);for(var r=[],a=0;a=55296&&t<=56319&&i65535&&(e-=65536,t+=w(e>>>10&1023|55296),e=56320|1023&e),t+=w(e)}).join("")}function p(e){return e-48<10?e-22:e-65<26?e-65:e-97<26?e-97:T}function m(e,t){return e+22+75*(e<26)-((0!=t)<<5)}function c(e,t,r){var a=0;for(e=r?G(e/R):e>>1,e+=G(e/t);e>L*k>>1;a+=T)e=G(e/L);return G(a+(L+1)*e/(e+A))}function l(e){var t,r,a,s,o,n,m,l,d,y,b=[],S=e.length,g=0,h=v,N=D;for(r=e.lastIndexOf(P),r<0&&(r=0),a=0;a=S&&i("invalid-input"),l=p(e.charCodeAt(s++)),(l>=T||l>G((f-g)/n))&&i("overflow"),g+=l*n,d=m<=N?C:m>=N+k?k:m-N,!(l=t&&bf&&i("overflow"),b==t){for(l=r,d=T;y=d<=o?C:d>=o+k?k:d-o,!(l=0&&delete e.httpRequest.headers["Content-Length"]}function i(e){var t=new l,r=e.service.api.operations[e.operation].input;if(r.payload){var a={},i=r.members[r.payload];a=e.params[r.payload],"structure"===i.type?(e.httpRequest.body=t.build(a||{},i),s(e)):void 0!==a&&(e.httpRequest.body=a,("binary"===i.type||i.isStreaming)&&s(e,!0))}else e.httpRequest.body=t.build(e.params,r),s(e)}function s(e,t){if(!e.httpRequest.headers["Content-Type"]){var r=t?"binary/octet-stream":"application/json";e.httpRequest.headers["Content-Type"]=r}}function o(e){m.buildRequest(e),y.indexOf(e.httpRequest.method)<0&&i(e)}function n(e){c.extractError(e)}function u(e){m.extractData(e);var t,r=e.request,a=r.service.api.operations[r.operation],i=r.service.api.operations[r.operation].output||{};a.hasEventOutput;if(i.payload){var s=i.members[i.payload],o=e.httpResponse.body;if(s.isEventStream)t=new d,e.data[payload]=p.createEventStream(2===AWS.HttpClient.streamsApiVersion?e.httpResponse.stream:o,t,s);else if("structure"===s.type||"list"===s.type){var t=new d;e.data[i.payload]=t.parse(o,s)}else"binary"===s.type||s.isStreaming?e.data[i.payload]=o:e.data[i.payload]=s.toType(o)}else{var n=e.data;c.extractData(e),e.data=p.merge(n,e.data)}}var p=e("../util"),m=e("./rest"),c=e("./json"),l=e("../json/builder"),d=e("../json/parser"),y=["GET","HEAD","DELETE"];t.exports={buildRequest:o,extractError:n,extractData:u,unsetContentLength:a}},{"../json/builder":369,"../json/parser":370,"../util":423,"./json":381,"./rest":383}],385:[function(e,t,r){function a(e){var t=e.service.api.operations[e.operation].input,r=new n.XML.Builder,a=e.params,i=t.payload;if(i){var s=t.members[i];if(void 0===(a=a[i]))return;if("structure"===s.type){var o=s.name;e.httpRequest.body=r.toXML(a,s,o,!0)}else e.httpRequest.body=a}else e.httpRequest.body=r.toXML(a,t,t.name||t.shape||u.string.upperFirst(e.operation)+"Request")}function i(e){p.buildRequest(e),["GET","HEAD"].indexOf(e.httpRequest.method)<0&&a(e)}function s(e){p.extractError(e);var t;try{t=(new n.XML.Parser).parse(e.httpResponse.body.toString())}catch(r){t={Code:e.httpResponse.statusCode,Message:e.httpResponse.statusMessage}}t.Errors&&(t=t.Errors),t.Error&&(t=t.Error),t.Code?e.error=u.error(new Error,{code:t.Code,message:t.Message}):e.error=u.error(new Error,{code:e.httpResponse.statusCode,message:null})}function o(e){p.extractData(e);var t,r=e.request,a=e.httpResponse.body,i=r.service.api.operations[r.operation],s=i.output,o=(i.hasEventOutput,s.payload);if(o){var m=s.members[o];m.isEventStream?(t=new n.XML.Parser,e.data[o]=u.createEventStream(2===n.HttpClient.streamsApiVersion?e.httpResponse.stream:e.httpResponse.body,t,m)):"structure"===m.type?(t=new n.XML.Parser,e.data[o]=t.parse(a.toString(),m)):"binary"===m.type||m.isStreaming?e.data[o]=a:e.data[o]=m.toType(a)}else if(a.length>0){t=new n.XML.Parser;var c=t.parse(a.toString(),s);u.update(e.data,c)}}var n=e("../core"),u=e("../util"),p=e("./rest");t.exports={buildRequest:i,extractError:s,extractData:o}},{"../core":345,"../util":423,"./rest":383}],386:[function(e,t,r){function a(){}function i(e){return e.isQueryName||"ec2"!==e.api.protocol?e.name:e.name[0].toUpperCase()+e.name.substr(1)}function s(e,t,r,a){p.each(r.members,function(r,s){var o=t[r];if(null!==o&&void 0!==o){var n=i(s);n=e?e+"."+n:n,u(n,o,s,a)}})}function o(e,t,r,a){var i=1;p.each(t,function(t,s){var o=r.flattened?".":".entry.",n=o+i+++".",p=n+(r.key.name||"key"),m=n+(r.value.name||"value");u(e+p,t,r.key,a),u(e+m,s,r.value,a)})}function n(e,t,r,a){var s=r.member||{};if(0===t.length)return void a.call(this,e,null);p.arrayEach(t,function(t,o){var n="."+(o+1);if("ec2"===r.api.protocol)n+="";else if(r.flattened){if(s.name){var p=e.split(".");p.pop(),p.push(i(s)),e=p.join(".")}}else n="."+(s.name?s.name:"member")+n;u(e+n,t,s,a)})}function u(e,t,r,a){null!==t&&void 0!==t&&("structure"===r.type?s(e,t,r,a):"list"===r.type?n(e,t,r,a):"map"===r.type?o(e,t,r,a):a(e,r.toWireFormat(t).toString()))}var p=e("../util");a.prototype.serialize=function(e,t,r){s("",e,t,r)},t.exports=a},{"../util":423}],387:[function(e,t,r){var a=e("../core"),i=null,s={signatureVersion:"v4",signingName:"rds-db",operations:{}},o={region:"string",hostname:"string",port:"number",username:"string"};a.RDS.Signer=a.util.inherit({constructor:function(e){this.options=e||{}},convertUrlToAuthToken:function(e){if(0===e.indexOf("https://"))return e.substring("https://".length)},getAuthToken:function(e,t){"function"==typeof e&&void 0===t&&(t=e,e={});var r=this,o="function"==typeof t;e=a.util.merge(this.options,e);var n=this.validateAuthTokenOptions(e);if(!0!==n){if(o)return t(n,null);throw n}var u={region:e.region,endpoint:new a.Endpoint(e.hostname+":"+e.port),paramValidation:!1,signatureVersion:"v4"};e.credentials&&(u.credentials=e.credentials),i=new a.Service(u),i.api=s;var p=i.makeRequest();if(this.modifyRequestForAuthToken(p,e),!o){var m=p.presign(900);return this.convertUrlToAuthToken(m)}p.presign(900,function(e,a){a&&(a=r.convertUrlToAuthToken(a)),t(e,a)})},modifyRequestForAuthToken:function(e,t){e.on("build",e.buildAsGet),e.httpRequest.body=a.util.queryParamsToString({Action:"connect",DBUser:t.username})},validateAuthTokenOptions:function(e){var t="";e=e||{};for(var r in o)Object.prototype.hasOwnProperty.call(o,r)&&typeof e[r]!==o[r]&&(t+="option '"+r+"' should have been type '"+o[r]+"', was '"+typeof e[r]+"'.\n");return!t.length||a.util.error(new Error,{code:"InvalidParameter",message:t})}})},{"../core":345}],388:[function(e,t,r){t.exports={now:function(){return"undefined"!=typeof performance&&"function"==typeof performance.now?performance.now():Date.now()}}},{}],389:[function(e,t,r){function a(e){return"string"==typeof e&&(e.startsWith("fips-")||e.endsWith("-fips"))}function i(e){return"string"==typeof e&&["aws-global","aws-us-gov-global"].includes(e)}function s(e){return["fips-aws-global","aws-fips","aws-global"].includes(e)?"us-east-1":["fips-aws-us-gov-global","aws-us-gov-global"].includes(e)?"us-gov-west-1":e.replace(/fips-(dkr-|prod-)?|-fips/,"")}t.exports={isFipsRegion:a,isGlobalRegion:i,getRealRegion:s}},{}],390:[function(e,t,r){function a(e){if(!e)return null;var t=e.split("-");return t.length<3?null:t.slice(0,t.length-2).join("-")+"-*"}function i(e){var t=e.config.region,r=a(t),i=e.api.endpointPrefix;return[[t,i],[r,i],[t,"*"],[r,"*"],["*",i],["*","*"]].map(function(e){return e[0]&&e[1]?e.join("/"):null})}function s(e,t){u.each(t,function(t,r){"globalEndpoint"!==t&&(void 0!==e.config[t]&&null!==e.config[t]||(e.config[t]=r))})}function o(e){for(var t=i(e),r=e.config.useFipsEndpoint,a=e.config.useDualstackEndpoint,o=0;o=a())throw new RangeError("Attempt to allocate Buffer larger than maximum size: 0x"+a().toString(16)+" bytes");return 0|e}function b(e){return+e!=e&&(e=0),s.alloc(+e)}function S(e,t){if(s.isBuffer(e))return e.length;if("undefined"!=typeof ArrayBuffer&&"function"==typeof ArrayBuffer.isView&&(ArrayBuffer.isView(e)||e instanceof ArrayBuffer))return e.byteLength;"string"!=typeof e&&(e=""+e);var r=e.length;if(0===r)return 0;for(var a=!1;;)switch(t){case"ascii":case"latin1":case"binary":return r;case"utf8":case"utf-8":case void 0:return K(e).length;case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return 2*r;case"hex":return r>>>1;case"base64":return H(e).length;default:if(a)return K(e).length;t=(""+t).toLowerCase(),a=!0}}function g(e,t,r){var a=!1;if((void 0===t||t<0)&&(t=0),t>this.length)return"";if((void 0===r||r>this.length)&&(r=this.length),r<=0)return"";if(r>>>=0,t>>>=0,r<=t)return"";for(e||(e="utf8");;)switch(e){case"hex":return E(this,t,r);case"utf8":case"utf-8":return v(this,t,r);case"ascii":return x(this,t,r);case"latin1":case"binary":return q(this,t,r);case"base64":return D(this,t,r);case"ucs2":case"ucs-2":case"utf16le":case"utf-16le":return M(this,t,r);default:if(a)throw new TypeError("Unknown encoding: "+e);e=(e+"").toLowerCase(),a=!0}}function h(e,t,r){var a=e[t];e[t]=e[r],e[r]=a}function N(e,t,r,a,i){if(0===e.length)return-1;if("string"==typeof r?(a=r,r=0):r>2147483647?r=2147483647:r<-2147483648&&(r=-2147483648),r=+r,isNaN(r)&&(r=i?0:e.length-1),r<0&&(r=e.length+r),r>=e.length){if(i)return-1;r=e.length-1}else if(r<0){if(!i)return-1;r=0}if("string"==typeof t&&(t=s.from(t,a)),s.isBuffer(t))return 0===t.length?-1:I(e,t,r,a,i);if("number"==typeof t)return t&=255,s.TYPED_ARRAY_SUPPORT&&"function"==typeof Uint8Array.prototype.indexOf?i?Uint8Array.prototype.indexOf.call(e,t,r):Uint8Array.prototype.lastIndexOf.call(e,t,r):I(e,[t],r,a,i);throw new TypeError("val must be string, number or Buffer")}function I(e,t,r,a,i){function s(e,t){return 1===o?e[t]:e.readUInt16BE(t*o)}var o=1,n=e.length,u=t.length;if(void 0!==a&&("ucs2"===(a=String(a).toLowerCase())||"ucs-2"===a||"utf16le"===a||"utf-16le"===a)){if(e.length<2||t.length<2)return-1;o=2,n/=2,u/=2,r/=2}var p;if(i){var m=-1;for(p=r;p>>8*(a?i:1-i)}function B(e,t,r,a){t<0&&(t=4294967295+t+1);for(var i=0,s=Math.min(e.length-r,4);i>>8*(a?i:3-i)&255}function U(e,t,r,a,i,s){if(r+a>e.length)throw new RangeError("Index out of range");if(r<0)throw new RangeError("Index out of range")}function _(e,t,r,a,i){return i||U(e,t,r,4,3.4028234663852886e38,-3.4028234663852886e38),X.write(e,t,r,a,23,4),r+4}function F(e,t,r,a,i){return i||U(e,t,r,8,1.7976931348623157e308,-1.7976931348623157e308),X.write(e,t,r,a,52,8),r+8}function O(e){if(e=V(e).replace(ee,""),e.length<2)return"";for(;e.length%4!=0;)e+="=";return e}function V(e){return e.trim?e.trim():e.replace(/^\s+|\s+$/g,"")}function z(e){return e<16?"0"+e.toString(16):e.toString(16)}function K(e,t){t=t||1/0;for(var r,a=e.length,i=null,s=[],o=0;o55295&&r<57344){if(!i){if(r>56319){(t-=3)>-1&&s.push(239,191,189);continue}if(o+1===a){(t-=3)>-1&&s.push(239,191,189);continue}i=r;continue}if(r<56320){(t-=3)>-1&&s.push(239,191,189),i=r;continue}r=65536+(i-55296<<10|r-56320)}else i&&(t-=3)>-1&&s.push(239,191,189);if(i=null,r<128){if((t-=1)<0)break;s.push(r)}else if(r<2048){if((t-=2)<0)break;s.push(r>>6|192,63&r|128)}else if(r<65536){if((t-=3)<0)break;s.push(r>>12|224,r>>6&63|128,63&r|128)}else{if(!(r<1114112))throw new Error("Invalid code point");if((t-=4)<0)break;s.push(r>>18|240,r>>12&63|128,r>>6&63|128,63&r|128)}}return s}function j(e){for(var t=[],r=0;r=55296&&t<=56319&&i65535&&(e-=65536,t+=w(e>>>10&1023|55296),e=56320|1023&e),t+=w(e)}).join("")}function p(e){return e-48<10?e-22:e-65<26?e-65:e-97<26?e-97:T}function m(e,t){return e+22+75*(e<26)-((0!=t)<<5)}function c(e,t,r){var a=0;for(e=r?G(e/R):e>>1,e+=G(e/t);e>L*k>>1;a+=T)e=G(e/L);return G(a+(L+1)*e/(e+A))}function l(e){var t,r,a,s,o,n,m,l,d,y,b=[],S=e.length,g=0,h=v,N=D;for(r=e.lastIndexOf(P),r<0&&(r=0),a=0;a=S&&i("invalid-input"),l=p(e.charCodeAt(s++)),(l>=T||l>G((f-g)/n))&&i("overflow"),g+=l*n,d=m<=N?C:m>=N+k?k:m-N,!(l=t&&bf&&i("overflow"),b==t){for(l=r,d=T;y=d<=o?C:d>=o+k?k:d-o,!(l