mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-09 16:00:22 +00:00
rebase: bump github.com/aws/aws-sdk-go from 1.44.249 to 1.44.254
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.249 to 1.44.254. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.249...v1.44.254) --- updated-dependencies: - dependency-name: github.com/aws/aws-sdk-go dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
parent
6a4f847af6
commit
3d6cdce353
2
go.mod
2
go.mod
@ -4,7 +4,7 @@ go 1.19
|
||||
|
||||
require (
|
||||
github.com/IBM/keyprotect-go-client v0.10.0
|
||||
github.com/aws/aws-sdk-go v1.44.249
|
||||
github.com/aws/aws-sdk-go v1.44.254
|
||||
github.com/aws/aws-sdk-go-v2/service/sts v1.18.10
|
||||
github.com/ceph/ceph-csi/api v0.0.0-00010101000000-000000000000
|
||||
// TODO: API for managing subvolume metadata and snapshot metadata requires `ceph_ci_untested` build-tag
|
||||
|
4
go.sum
4
go.sum
@ -155,8 +155,8 @@ github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a h1:idn718Q4
|
||||
github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY=
|
||||
github.com/aws/aws-sdk-go v1.25.37/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.25.41/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/aws/aws-sdk-go v1.44.249 h1:UbUvh/oYHdAD3vZjNi316M0NIupJsrqAcJckVuhaCB8=
|
||||
github.com/aws/aws-sdk-go v1.44.249/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go v1.44.254 h1:8baW4yal2xGiM/Wm5/ZU10drS8sd+BVjMjPFjJx2ooc=
|
||||
github.com/aws/aws-sdk-go v1.44.254/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.0 h1:882kkTpSFhdgYRKVZ/VCgf7sd0ru57p2JCxz4/oN5RY=
|
||||
github.com/aws/aws-sdk-go-v2 v1.18.0/go.mod h1:uzbQtefpm44goOPmdKyAlXSNcwlRgF3ePWVW6EtJvvw=
|
||||
github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.33 h1:kG5eQilShqmJbv11XL1VpyDbaEJzWxd4zRiCG30GSn4=
|
||||
|
296
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
296
vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go
generated
vendored
@ -3365,6 +3365,9 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
}: endpoint{},
|
||||
@ -3715,12 +3718,6 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.ca-central-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
@ -3745,51 +3742,6 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "eu-west-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "fips-ca-central-1",
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.ca-central-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "ca-central-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-east-1",
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-east-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-east-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-east-2",
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-east-2.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-east-2",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-west-1",
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-west-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-west-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-west-2",
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-west-2.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-west-2",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoint{},
|
||||
@ -3802,39 +3754,15 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-east-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-east-2.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-west-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "autoscaling-fips.us-west-2.amazonaws.com",
|
||||
},
|
||||
},
|
||||
},
|
||||
"autoscaling-plans": service{
|
||||
@ -10877,6 +10805,9 @@ var awsPartition = partition{
|
||||
},
|
||||
"emr-serverless": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "ap-east-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-northeast-1",
|
||||
}: endpoint{},
|
||||
@ -10961,6 +10892,9 @@ var awsPartition = partition{
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "me-south-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "sa-east-1",
|
||||
}: endpoint{},
|
||||
@ -14815,6 +14749,12 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.ca-central-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
@ -14839,6 +14779,51 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "eu-west-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "fips-ca-central-1",
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.ca-central-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "ca-central-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-east-1",
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-east-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-east-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-east-2",
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-east-2.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-east-2",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-west-1",
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-west-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-west-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-us-west-2",
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-west-2.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-west-2",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "me-central-1",
|
||||
}: endpoint{},
|
||||
@ -14851,15 +14836,39 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-east-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-east-2.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-west-1.amazonaws.com",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka-fips.us-west-2.amazonaws.com",
|
||||
},
|
||||
},
|
||||
},
|
||||
"kafkaconnect": service{
|
||||
@ -19503,6 +19512,40 @@ var awsPartition = partition{
|
||||
},
|
||||
},
|
||||
},
|
||||
"osis": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "ap-northeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-central-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-west-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "eu-west-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-east-2",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "us-west-2",
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"outposts": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
@ -21855,16 +21898,6 @@ var awsPartition = partition{
|
||||
},
|
||||
},
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "af-south-1",
|
||||
}: endpoint{
|
||||
Hostname: "resource-explorer-2.af-south-1.api.aws",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "ap-east-1",
|
||||
}: endpoint{
|
||||
Hostname: "resource-explorer-2.ap-east-1.api.aws",
|
||||
},
|
||||
endpointKey{
|
||||
Region: "ap-northeast-1",
|
||||
}: endpoint{
|
||||
@ -22295,6 +22328,9 @@ var awsPartition = partition{
|
||||
endpointKey{
|
||||
Region: "ap-southeast-3",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ap-southeast-4",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "ca-central-1",
|
||||
}: endpoint{},
|
||||
@ -28832,6 +28868,14 @@ var awsPartition = partition{
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-il-central-1",
|
||||
}: endpoint{
|
||||
Hostname: "waf-regional-fips.il-central-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "il-central-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-me-central-1",
|
||||
}: endpoint{
|
||||
@ -29538,6 +29582,14 @@ var awsPartition = partition{
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-il-central-1",
|
||||
}: endpoint{
|
||||
Hostname: "wafv2-fips.il-central-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "il-central-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "fips-me-central-1",
|
||||
}: endpoint{
|
||||
@ -31262,6 +31314,16 @@ var awscnPartition = partition{
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"license-manager-linux-subscriptions": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "cn-north-1",
|
||||
}: endpoint{},
|
||||
endpointKey{
|
||||
Region: "cn-northwest-1",
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"logs": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
@ -35161,10 +35223,56 @@ var awsusgovPartition = partition{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "us-gov-east-1",
|
||||
}: endpoint{},
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-east-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-east-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-gov-east-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-east-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-east-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-gov-east-1-fips",
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-east-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-east-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-gov-west-1",
|
||||
}: endpoint{},
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-west-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-west-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-gov-west-1",
|
||||
Variant: fipsVariant,
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-west-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-west-1",
|
||||
},
|
||||
},
|
||||
endpointKey{
|
||||
Region: "us-gov-west-1-fips",
|
||||
}: endpoint{
|
||||
Hostname: "kafka.us-gov-west-1.amazonaws.com",
|
||||
CredentialScope: credentialScope{
|
||||
Region: "us-gov-west-1",
|
||||
},
|
||||
Deprecated: boxedTrue,
|
||||
},
|
||||
},
|
||||
},
|
||||
"kendra": service{
|
||||
@ -38030,6 +38138,13 @@ var awsisoPartition = partition{
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"athena": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "us-iso-east-1",
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"autoscaling": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
@ -39244,6 +39359,13 @@ var awsisobPartition = partition{
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"secretsmanager": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
Region: "us-isob-east-1",
|
||||
}: endpoint{},
|
||||
},
|
||||
},
|
||||
"snowball": service{
|
||||
Endpoints: serviceEndpoints{
|
||||
endpointKey{
|
||||
|
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
2
vendor/github.com/aws/aws-sdk-go/aws/version.go
generated
vendored
@ -5,4 +5,4 @@ package aws
|
||||
const SDKName = "aws-sdk-go"
|
||||
|
||||
// SDKVersion is the version of this SDK
|
||||
const SDKVersion = "1.44.249"
|
||||
const SDKVersion = "1.44.254"
|
||||
|
292
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
292
vendor/github.com/aws/aws-sdk-go/service/ec2/api.go
generated
vendored
@ -44635,10 +44635,10 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput
|
||||
// only one attribute at a time.
|
||||
//
|
||||
// Note: Using this action to change the security groups associated with an
|
||||
// elastic network interface (ENI) attached to an instance in a VPC can result
|
||||
// in an error if the instance has more than one ENI. To change the security
|
||||
// groups associated with an ENI attached to an instance that has multiple ENIs,
|
||||
// we recommend that you use the ModifyNetworkInterfaceAttribute action.
|
||||
// elastic network interface (ENI) attached to an instance can result in an
|
||||
// error if the instance has more than one ENI. To change the security groups
|
||||
// associated with an ENI attached to an instance that has multiple ENIs, we
|
||||
// recommend that you use the ModifyNetworkInterfaceAttribute action.
|
||||
//
|
||||
// To modify some attributes, the instance must be stopped. For more information,
|
||||
// see Modify a stopped instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html)
|
||||
@ -46037,10 +46037,6 @@ func (c *EC2) ModifyReservedInstancesRequest(input *ModifyReservedInstancesInput
|
||||
// For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html)
|
||||
// in the Amazon EC2 User Guide.
|
||||
//
|
||||
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
|
||||
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
|
||||
// in the Amazon Elastic Compute Cloud User Guide.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
// the error.
|
||||
@ -49242,10 +49238,6 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn
|
||||
// and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html)
|
||||
// in the Amazon EC2 User Guide.
|
||||
//
|
||||
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
|
||||
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
|
||||
// in the Amazon Elastic Compute Cloud User Guide.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
// the error.
|
||||
@ -51216,10 +51208,6 @@ func (c *EC2) RequestSpotInstancesRequest(input *RequestSpotInstancesInput) (req
|
||||
// see Which is the best Spot request method to use? (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use)
|
||||
// in the Amazon EC2 User Guide for Linux Instances.
|
||||
//
|
||||
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
|
||||
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
|
||||
// in the Amazon EC2 User Guide for Linux Instances.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
// the error.
|
||||
@ -52481,20 +52469,13 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques
|
||||
// You can specify a number of options, or leave the default options. The following
|
||||
// rules apply:
|
||||
//
|
||||
// - [EC2-VPC] If you don't specify a subnet ID, we choose a default subnet
|
||||
// from your default VPC for you. If you don't have a default VPC, you must
|
||||
// specify a subnet ID in the request.
|
||||
// - If you don't specify a subnet ID, we choose a default subnet from your
|
||||
// default VPC for you. If you don't have a default VPC, you must specify
|
||||
// a subnet ID in the request.
|
||||
//
|
||||
// - [EC2-Classic] If don't specify an Availability Zone, we choose one for
|
||||
// you.
|
||||
//
|
||||
// - Some instance types must be launched into a VPC. If you do not have
|
||||
// a default VPC, or if you do not specify a subnet ID, the request fails.
|
||||
// For more information, see Instance types available only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types).
|
||||
//
|
||||
// - [EC2-VPC] All instances have a network interface with a primary private
|
||||
// IPv4 address. If you don't specify this address, we choose one from the
|
||||
// IPv4 range of your subnet.
|
||||
// - All instances have a network interface with a primary private IPv4 address.
|
||||
// If you don't specify this address, we choose one from the IPv4 range of
|
||||
// your subnet.
|
||||
//
|
||||
// - Not all instance types support IPv6 addresses. For more information,
|
||||
// see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html).
|
||||
@ -52528,10 +52509,6 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques
|
||||
// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html),
|
||||
// and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html).
|
||||
//
|
||||
// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic
|
||||
// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html)
|
||||
// in the Amazon EC2 User Guide.
|
||||
//
|
||||
// Returns awserr.Error for service API and SDK errors. Use runtime type assertions
|
||||
// with awserr.Error's Code and Message methods to get detailed information about
|
||||
// the error.
|
||||
@ -62958,7 +62935,7 @@ type CancelSpotInstanceRequestsInput struct {
|
||||
// it is UnauthorizedOperation.
|
||||
DryRun *bool `locationName:"dryRun" type:"boolean"`
|
||||
|
||||
// One or more Spot Instance request IDs.
|
||||
// The IDs of the Spot Instance requests.
|
||||
//
|
||||
// SpotInstanceRequestIds is a required field
|
||||
SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list" required:"true"`
|
||||
@ -63011,7 +62988,7 @@ func (s *CancelSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*string)
|
||||
type CancelSpotInstanceRequestsOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// One or more Spot Instance requests.
|
||||
// The Spot Instance requests.
|
||||
CancelledSpotInstanceRequests []*CancelledSpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"`
|
||||
}
|
||||
|
||||
@ -66780,6 +66757,9 @@ func (s *CopySnapshotOutput) SetTags(v []*Tag) *CopySnapshotOutput {
|
||||
type CpuOptions struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Indicates whether the instance is enabled for AMD SEV-SNP.
|
||||
AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"`
|
||||
|
||||
// The number of CPU cores for the instance.
|
||||
CoreCount *int64 `locationName:"coreCount" type:"integer"`
|
||||
|
||||
@ -66805,6 +66785,12 @@ func (s CpuOptions) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetAmdSevSnp sets the AmdSevSnp field's value.
|
||||
func (s *CpuOptions) SetAmdSevSnp(v string) *CpuOptions {
|
||||
s.AmdSevSnp = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCoreCount sets the CoreCount field's value.
|
||||
func (s *CpuOptions) SetCoreCount(v int64) *CpuOptions {
|
||||
s.CoreCount = &v
|
||||
@ -66822,6 +66808,10 @@ func (s *CpuOptions) SetThreadsPerCore(v int64) *CpuOptions {
|
||||
type CpuOptionsRequest struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is
|
||||
// supported with M6a, R6a, and C6a instance types only.
|
||||
AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"`
|
||||
|
||||
// The number of CPU cores for the instance.
|
||||
CoreCount *int64 `type:"integer"`
|
||||
|
||||
@ -66848,6 +66838,12 @@ func (s CpuOptionsRequest) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetAmdSevSnp sets the AmdSevSnp field's value.
|
||||
func (s *CpuOptionsRequest) SetAmdSevSnp(v string) *CpuOptionsRequest {
|
||||
s.AmdSevSnp = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCoreCount sets the CoreCount field's value.
|
||||
func (s *CpuOptionsRequest) SetCoreCount(v int64) *CpuOptionsRequest {
|
||||
s.CoreCount = &v
|
||||
@ -94409,8 +94405,8 @@ type DescribeInstanceTypesInput struct {
|
||||
|
||||
// One or more filters. Filter names and values are case-sensitive.
|
||||
//
|
||||
// * auto-recovery-supported - Indicates whether auto recovery is supported
|
||||
// (true | false).
|
||||
// * auto-recovery-supported - Indicates whether Amazon CloudWatch action
|
||||
// based recovery is supported (true | false).
|
||||
//
|
||||
// * bare-metal - Indicates whether it is a bare metal instance type (true
|
||||
// | false).
|
||||
@ -94699,12 +94695,6 @@ type DescribeInstancesInput struct {
|
||||
//
|
||||
// * dns-name - The public DNS name of the instance.
|
||||
//
|
||||
// * group-id - The ID of the security group for the instance. EC2-Classic
|
||||
// only.
|
||||
//
|
||||
// * group-name - The name of the security group for the instance. EC2-Classic
|
||||
// only.
|
||||
//
|
||||
// * hibernation-options.configured - A Boolean that indicates whether the
|
||||
// instance is enabled for hibernation. A value of true means that the instance
|
||||
// is enabled for hibernation.
|
||||
@ -99709,16 +99699,11 @@ type DescribeReservedInstancesInput struct {
|
||||
//
|
||||
// * scope - The scope of the Reserved Instance (Region or Availability Zone).
|
||||
//
|
||||
// * product-description - The Reserved Instance product platform description.
|
||||
// Instances that include (Amazon VPC) in the product platform description
|
||||
// will only be displayed to EC2-Classic account holders and are for use
|
||||
// with Amazon VPC (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux | SUSE
|
||||
// Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise Linux
|
||||
// (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows
|
||||
// | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with
|
||||
// SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows
|
||||
// with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise
|
||||
// | Windows with SQL Server Enterprise (Amazon VPC)).
|
||||
// * product-description - The Reserved Instance product platform description
|
||||
// (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web
|
||||
// | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux
|
||||
// | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server
|
||||
// Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise).
|
||||
//
|
||||
// * reserved-instances-id - The ID of the Reserved Instance.
|
||||
//
|
||||
@ -99920,9 +99905,6 @@ type DescribeReservedInstancesModificationsInput struct {
|
||||
// * modification-result.target-configuration.instance-type - The instance
|
||||
// type of the new Reserved Instances.
|
||||
//
|
||||
// * modification-result.target-configuration.platform - The network platform
|
||||
// of the new Reserved Instances (EC2-Classic | EC2-VPC).
|
||||
//
|
||||
// * reserved-instances-id - The ID of the Reserved Instances modified.
|
||||
//
|
||||
// * reserved-instances-modification-id - The ID of the modification request.
|
||||
@ -100051,16 +100033,11 @@ type DescribeReservedInstancesOfferingsInput struct {
|
||||
// all offerings from both Amazon Web Services and the Reserved Instance
|
||||
// Marketplace are listed.
|
||||
//
|
||||
// * product-description - The Reserved Instance product platform description.
|
||||
// Instances that include (Amazon VPC) in the product platform description
|
||||
// will only be displayed to EC2-Classic account holders and are for use
|
||||
// with Amazon VPC. (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux |
|
||||
// SUSE Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise
|
||||
// Linux (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows
|
||||
// | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with
|
||||
// SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows
|
||||
// with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise
|
||||
// | Windows with SQL Server Enterprise (Amazon VPC))
|
||||
// * product-description - The Reserved Instance product platform description
|
||||
// (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web
|
||||
// | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux
|
||||
// | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server
|
||||
// Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise).
|
||||
//
|
||||
// * reserved-instances-offering-id - The Reserved Instances offering ID.
|
||||
//
|
||||
@ -100521,8 +100498,6 @@ type DescribeScheduledInstanceAvailabilityInput struct {
|
||||
//
|
||||
// * instance-type - The instance type (for example, c4.large).
|
||||
//
|
||||
// * network-platform - The network platform (EC2-Classic or EC2-VPC).
|
||||
//
|
||||
// * platform - The platform (Linux/UNIX or Windows).
|
||||
Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"`
|
||||
|
||||
@ -100703,8 +100678,6 @@ type DescribeScheduledInstancesInput struct {
|
||||
//
|
||||
// * instance-type - The instance type (for example, c4.large).
|
||||
//
|
||||
// * network-platform - The network platform (EC2-Classic or EC2-VPC).
|
||||
//
|
||||
// * platform - The platform (Linux/UNIX or Windows).
|
||||
Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"`
|
||||
|
||||
@ -102176,7 +102149,7 @@ type DescribeSpotInstanceRequestsInput struct {
|
||||
// it is UnauthorizedOperation.
|
||||
DryRun *bool `locationName:"dryRun" type:"boolean"`
|
||||
|
||||
// One or more filters.
|
||||
// The filters.
|
||||
//
|
||||
// * availability-zone-group - The Availability Zone group.
|
||||
//
|
||||
@ -102293,7 +102266,7 @@ type DescribeSpotInstanceRequestsInput struct {
|
||||
// from the end of the items returned by the previous request.
|
||||
NextToken *string `type:"string"`
|
||||
|
||||
// One or more Spot Instance request IDs.
|
||||
// The IDs of the Spot Instance requests.
|
||||
SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list"`
|
||||
}
|
||||
|
||||
@ -102353,7 +102326,7 @@ type DescribeSpotInstanceRequestsOutput struct {
|
||||
// value is null when there are no more items to return.
|
||||
NextToken *string `locationName:"nextToken" type:"string"`
|
||||
|
||||
// One or more Spot Instance requests.
|
||||
// The Spot Instance requests.
|
||||
SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"`
|
||||
}
|
||||
|
||||
@ -102404,7 +102377,7 @@ type DescribeSpotPriceHistoryInput struct {
|
||||
// the price history data, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ).
|
||||
EndTime *time.Time `locationName:"endTime" type:"timestamp"`
|
||||
|
||||
// One or more filters.
|
||||
// The filters.
|
||||
//
|
||||
// * availability-zone - The Availability Zone for which prices should be
|
||||
// returned.
|
||||
@ -127925,7 +127898,7 @@ type Instance struct {
|
||||
// The monitoring for the instance.
|
||||
Monitoring *Monitoring `locationName:"monitoring" type:"structure"`
|
||||
|
||||
// [EC2-VPC] The network interfaces for the instance.
|
||||
// The network interfaces for the instance.
|
||||
NetworkInterfaces []*InstanceNetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"`
|
||||
|
||||
// The Amazon Resource Name (ARN) of the Outpost.
|
||||
@ -127942,14 +127915,14 @@ type Instance struct {
|
||||
// in the Amazon EC2 User Guide.
|
||||
PlatformDetails *string `locationName:"platformDetails" type:"string"`
|
||||
|
||||
// (IPv4 only) The private DNS hostname name assigned to the instance. This
|
||||
// [IPv4 only] The private DNS hostname name assigned to the instance. This
|
||||
// DNS hostname can only be used inside the Amazon EC2 network. This name is
|
||||
// not available until the instance enters the running state.
|
||||
//
|
||||
// [EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private
|
||||
// DNS hostnames if you've enabled DNS resolution and DNS hostnames in your
|
||||
// VPC. If you are not using the Amazon-provided DNS server in your VPC, your
|
||||
// custom domain name servers must resolve the hostname as appropriate.
|
||||
// The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames
|
||||
// if you've enabled DNS resolution and DNS hostnames in your VPC. If you are
|
||||
// not using the Amazon-provided DNS server in your VPC, your custom domain
|
||||
// name servers must resolve the hostname as appropriate.
|
||||
PrivateDnsName *string `locationName:"privateDnsName" type:"string"`
|
||||
|
||||
// The options for the instance hostname.
|
||||
@ -127961,9 +127934,9 @@ type Instance struct {
|
||||
// The product codes attached to this instance, if applicable.
|
||||
ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"`
|
||||
|
||||
// (IPv4 only) The public DNS name assigned to the instance. This name is not
|
||||
// available until the instance enters the running state. For EC2-VPC, this
|
||||
// name is only available if you've enabled DNS hostnames for your VPC.
|
||||
// [IPv4 only] The public DNS name assigned to the instance. This name is not
|
||||
// available until the instance enters the running state. This name is only
|
||||
// available if you've enabled DNS hostnames for your VPC.
|
||||
PublicDnsName *string `locationName:"dnsName" type:"string"`
|
||||
|
||||
// The public IPv4 address, or the Carrier IP address assigned to the instance,
|
||||
@ -128005,7 +127978,7 @@ type Instance struct {
|
||||
// The reason for the most recent state transition. This might be an empty string.
|
||||
StateTransitionReason *string `locationName:"reason" type:"string"`
|
||||
|
||||
// [EC2-VPC] The ID of the subnet in which the instance is running.
|
||||
// The ID of the subnet in which the instance is running.
|
||||
SubnetId *string `locationName:"subnetId" type:"string"`
|
||||
|
||||
// Any tags assigned to the instance.
|
||||
@ -128027,7 +128000,7 @@ type Instance struct {
|
||||
// The virtualization type of the instance.
|
||||
VirtualizationType *string `locationName:"virtualizationType" type:"string" enum:"VirtualizationType"`
|
||||
|
||||
// [EC2-VPC] The ID of the VPC in which the instance is running.
|
||||
// The ID of the VPC in which the instance is running.
|
||||
VpcId *string `locationName:"vpcId" type:"string"`
|
||||
}
|
||||
|
||||
@ -131820,7 +131793,7 @@ func (s *InstanceTagNotificationAttribute) SetInstanceTagKeys(v []*string) *Inst
|
||||
type InstanceTypeInfo struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Indicates whether auto recovery is supported.
|
||||
// Indicates whether Amazon CloudWatch action based recovery is supported.
|
||||
AutoRecoverySupported *bool `locationName:"autoRecoverySupported" type:"boolean"`
|
||||
|
||||
// Indicates whether the instance is a bare metal instance type.
|
||||
@ -134896,7 +134869,7 @@ type LaunchSpecification struct {
|
||||
// Deprecated.
|
||||
AddressingType *string `locationName:"addressingType" type:"string"`
|
||||
|
||||
// One or more block device mapping entries.
|
||||
// The block device mapping entries.
|
||||
BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"`
|
||||
|
||||
// Indicates whether the instance is optimized for EBS I/O. This optimization
|
||||
@ -134926,8 +134899,8 @@ type LaunchSpecification struct {
|
||||
// Describes the monitoring of an instance.
|
||||
Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"`
|
||||
|
||||
// One or more network interfaces. If you specify a network interface, you must
|
||||
// specify subnet IDs and security group IDs using the network interface.
|
||||
// The network interfaces. If you specify a network interface, you must specify
|
||||
// subnet IDs and security group IDs using the network interface.
|
||||
NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"`
|
||||
|
||||
// The placement information for the instance.
|
||||
@ -134936,9 +134909,7 @@ type LaunchSpecification struct {
|
||||
// The ID of the RAM disk.
|
||||
RamdiskId *string `locationName:"ramdiskId" type:"string"`
|
||||
|
||||
// One or more security groups. When requesting instances in a VPC, you must
|
||||
// specify the IDs of the security groups. When requesting instances in EC2-Classic,
|
||||
// you can specify the names or the IDs of the security groups.
|
||||
// The IDs of the security groups.
|
||||
SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"`
|
||||
|
||||
// The ID of the subnet in which to launch the instance.
|
||||
@ -135476,6 +135447,9 @@ func (s *LaunchTemplateConfig) SetOverrides(v []*LaunchTemplateOverrides) *Launc
|
||||
type LaunchTemplateCpuOptions struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Indicates whether the instance is enabled for AMD SEV-SNP.
|
||||
AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"`
|
||||
|
||||
// The number of CPU cores for the instance.
|
||||
CoreCount *int64 `locationName:"coreCount" type:"integer"`
|
||||
|
||||
@ -135501,6 +135475,12 @@ func (s LaunchTemplateCpuOptions) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetAmdSevSnp sets the AmdSevSnp field's value.
|
||||
func (s *LaunchTemplateCpuOptions) SetAmdSevSnp(v string) *LaunchTemplateCpuOptions {
|
||||
s.AmdSevSnp = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCoreCount sets the CoreCount field's value.
|
||||
func (s *LaunchTemplateCpuOptions) SetCoreCount(v int64) *LaunchTemplateCpuOptions {
|
||||
s.CoreCount = &v
|
||||
@ -135518,6 +135498,10 @@ func (s *LaunchTemplateCpuOptions) SetThreadsPerCore(v int64) *LaunchTemplateCpu
|
||||
type LaunchTemplateCpuOptionsRequest struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is
|
||||
// supported with M6a, R6a, and C6a instance types only.
|
||||
AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"`
|
||||
|
||||
// The number of CPU cores for the instance.
|
||||
CoreCount *int64 `type:"integer"`
|
||||
|
||||
@ -135544,6 +135528,12 @@ func (s LaunchTemplateCpuOptionsRequest) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetAmdSevSnp sets the AmdSevSnp field's value.
|
||||
func (s *LaunchTemplateCpuOptionsRequest) SetAmdSevSnp(v string) *LaunchTemplateCpuOptionsRequest {
|
||||
s.AmdSevSnp = &v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCoreCount sets the CoreCount field's value.
|
||||
func (s *LaunchTemplateCpuOptionsRequest) SetCoreCount(v int64) *LaunchTemplateCpuOptionsRequest {
|
||||
s.CoreCount = &v
|
||||
@ -137087,8 +137077,8 @@ type LaunchTemplatePlacement struct {
|
||||
// Reserved for future use.
|
||||
SpreadDomain *string `locationName:"spreadDomain" type:"string"`
|
||||
|
||||
// The tenancy of the instance (if the instance is running in a VPC). An instance
|
||||
// with a tenancy of dedicated runs on single-tenant hardware.
|
||||
// The tenancy of the instance. An instance with a tenancy of dedicated runs
|
||||
// on single-tenant hardware.
|
||||
Tenancy *string `locationName:"tenancy" type:"string" enum:"Tenancy"`
|
||||
}
|
||||
|
||||
@ -137196,8 +137186,8 @@ type LaunchTemplatePlacementRequest struct {
|
||||
// Reserved for future use.
|
||||
SpreadDomain *string `type:"string"`
|
||||
|
||||
// The tenancy of the instance (if the instance is running in a VPC). An instance
|
||||
// with a tenancy of dedicated runs on single-tenant hardware.
|
||||
// The tenancy of the instance. An instance with a tenancy of dedicated runs
|
||||
// on single-tenant hardware.
|
||||
Tenancy *string `type:"string" enum:"Tenancy"`
|
||||
}
|
||||
|
||||
@ -141282,10 +141272,9 @@ type ModifyInstanceAttributeInput struct {
|
||||
// a PV instance can make it unreachable.
|
||||
EnaSupport *AttributeBooleanValue `locationName:"enaSupport" type:"structure"`
|
||||
|
||||
// [EC2-VPC] Replaces the security groups of the instance with the specified
|
||||
// security groups. You must specify at least one security group, even if it's
|
||||
// just the default security group for the VPC. You must specify the security
|
||||
// group ID, not the security group name.
|
||||
// Replaces the security groups of the instance with the specified security
|
||||
// groups. You must specify the ID of at least one security group, even if it's
|
||||
// just the default security group for the VPC.
|
||||
Groups []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"`
|
||||
|
||||
// The ID of the instance.
|
||||
@ -152800,8 +152789,8 @@ type Placement struct {
|
||||
// Reserved for future use.
|
||||
SpreadDomain *string `locationName:"spreadDomain" type:"string"`
|
||||
|
||||
// The tenancy of the instance (if the instance is running in a VPC). An instance
|
||||
// with a tenancy of dedicated runs on single-tenant hardware.
|
||||
// The tenancy of the instance. An instance with a tenancy of dedicated runs
|
||||
// on single-tenant hardware.
|
||||
//
|
||||
// This parameter is not supported for CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet).
|
||||
// The host tenancy is not supported for ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
|
||||
@ -153804,6 +153793,10 @@ type ProcessorInfo struct {
|
||||
// The architectures supported by the instance type.
|
||||
SupportedArchitectures []*string `locationName:"supportedArchitectures" locationNameList:"item" type:"list" enum:"ArchitectureType"`
|
||||
|
||||
// Indicates whether the instance type supports AMD SEV-SNP. If the request
|
||||
// returns amd-sev-snp, AMD SEV-SNP is supported. Otherwise, it is not supported.
|
||||
SupportedFeatures []*string `locationName:"supportedFeatures" locationNameList:"item" type:"list" enum:"SupportedAdditionalProcessorFeature"`
|
||||
|
||||
// The speed of the processor, in GHz.
|
||||
SustainedClockSpeedInGhz *float64 `locationName:"sustainedClockSpeedInGhz" type:"double"`
|
||||
}
|
||||
@ -153832,6 +153825,12 @@ func (s *ProcessorInfo) SetSupportedArchitectures(v []*string) *ProcessorInfo {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetSupportedFeatures sets the SupportedFeatures field's value.
|
||||
func (s *ProcessorInfo) SetSupportedFeatures(v []*string) *ProcessorInfo {
|
||||
s.SupportedFeatures = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetSustainedClockSpeedInGhz sets the SustainedClockSpeedInGhz field's value.
|
||||
func (s *ProcessorInfo) SetSustainedClockSpeedInGhz(v float64) *ProcessorInfo {
|
||||
s.SustainedClockSpeedInGhz = &v
|
||||
@ -158263,8 +158262,14 @@ type RequestLaunchTemplateData struct {
|
||||
//
|
||||
// * resolve:ssm:parameter-name:label
|
||||
//
|
||||
// For more information, see Use a Systems Manager parameter to find an AMI
|
||||
// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI)
|
||||
// * resolve:ssm:public-parameter
|
||||
//
|
||||
// Currently, EC2 Fleet and Spot Fleet do not support specifying a Systems Manager
|
||||
// parameter. If the launch template will be used by an EC2 Fleet or Spot Fleet,
|
||||
// you must specify the AMI ID.
|
||||
//
|
||||
// For more information, see Use a Systems Manager parameter instead of an AMI
|
||||
// ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id)
|
||||
// in the Amazon Elastic Compute Cloud User Guide.
|
||||
ImageId *string `type:"string"`
|
||||
|
||||
@ -158934,7 +158939,7 @@ func (s *RequestSpotInstancesInput) SetValidUntil(v time.Time) *RequestSpotInsta
|
||||
type RequestSpotInstancesOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// One or more Spot Instance requests.
|
||||
// The Spot Instance requests.
|
||||
SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"`
|
||||
}
|
||||
|
||||
@ -158969,8 +158974,8 @@ type RequestSpotLaunchSpecification struct {
|
||||
// Deprecated.
|
||||
AddressingType *string `locationName:"addressingType" type:"string"`
|
||||
|
||||
// One or more block device mapping entries. You can't specify both a snapshot
|
||||
// ID and an encryption value. This is because only blank volumes can be encrypted
|
||||
// The block device mapping entries. You can't specify both a snapshot ID and
|
||||
// an encryption value. This is because only blank volumes can be encrypted
|
||||
// on creation. If a snapshot is the basis for a volume, it is not blank and
|
||||
// its encryption status is used for the volume encryption status.
|
||||
BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"`
|
||||
@ -159004,8 +159009,8 @@ type RequestSpotLaunchSpecification struct {
|
||||
// Default: Disabled
|
||||
Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"`
|
||||
|
||||
// One or more network interfaces. If you specify a network interface, you must
|
||||
// specify subnet IDs and security group IDs using the network interface.
|
||||
// The network interfaces. If you specify a network interface, you must specify
|
||||
// subnet IDs and security group IDs using the network interface.
|
||||
NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"NetworkInterface" locationNameList:"item" type:"list"`
|
||||
|
||||
// The placement information for the instance.
|
||||
@ -159014,12 +159019,10 @@ type RequestSpotLaunchSpecification struct {
|
||||
// The ID of the RAM disk.
|
||||
RamdiskId *string `locationName:"ramdiskId" type:"string"`
|
||||
|
||||
// One or more security group IDs.
|
||||
// The IDs of the security groups.
|
||||
SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"`
|
||||
|
||||
// One or more security groups. When requesting instances in a VPC, you must
|
||||
// specify the IDs of the security groups. When requesting instances in EC2-Classic,
|
||||
// you can specify the names or the IDs of the security groups.
|
||||
// Not supported.
|
||||
SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"item" type:"list"`
|
||||
|
||||
// The ID of the subnet in which to launch the instance.
|
||||
@ -159169,7 +159172,7 @@ func (s *RequestSpotLaunchSpecification) SetUserData(v string) *RequestSpotLaunc
|
||||
type Reservation struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// [EC2-Classic only] The security groups.
|
||||
// Not supported.
|
||||
Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"`
|
||||
|
||||
// The instances.
|
||||
@ -159689,8 +159692,7 @@ type ReservedInstancesConfiguration struct {
|
||||
// The instance type for the modified Reserved Instances.
|
||||
InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"`
|
||||
|
||||
// The network platform of the modified Reserved Instances, which is either
|
||||
// EC2-Classic or EC2-VPC.
|
||||
// The network platform of the modified Reserved Instances.
|
||||
Platform *string `locationName:"platform" type:"string"`
|
||||
|
||||
// Whether the Reserved Instance is applied to instances in a Region or instances
|
||||
@ -163052,9 +163054,9 @@ type RunInstancesInput struct {
|
||||
// Default: m1.small
|
||||
InstanceType *string `type:"string" enum:"InstanceType"`
|
||||
|
||||
// [EC2-VPC] The number of IPv6 addresses to associate with the primary network
|
||||
// interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.
|
||||
// You cannot specify this option and the option to assign specific IPv6 addresses
|
||||
// The number of IPv6 addresses to associate with the primary network interface.
|
||||
// Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You
|
||||
// cannot specify this option and the option to assign specific IPv6 addresses
|
||||
// in the same request. You can specify this option if you've specified a minimum
|
||||
// number of instances to launch.
|
||||
//
|
||||
@ -163062,10 +163064,10 @@ type RunInstancesInput struct {
|
||||
// request.
|
||||
Ipv6AddressCount *int64 `type:"integer"`
|
||||
|
||||
// [EC2-VPC] The IPv6 addresses from the range of the subnet to associate with
|
||||
// the primary network interface. You cannot specify this option and the option
|
||||
// to assign a number of IPv6 addresses in the same request. You cannot specify
|
||||
// this option if you've specified a minimum number of instances to launch.
|
||||
// The IPv6 addresses from the range of the subnet to associate with the primary
|
||||
// network interface. You cannot specify this option and the option to assign
|
||||
// a number of IPv6 addresses in the same request. You cannot specify this option
|
||||
// if you've specified a minimum number of instances to launch.
|
||||
//
|
||||
// You cannot specify this option and the network interfaces option in the same
|
||||
// request.
|
||||
@ -163139,8 +163141,8 @@ type RunInstancesInput struct {
|
||||
// the subnet.
|
||||
PrivateDnsNameOptions *PrivateDnsNameOptionsRequest `type:"structure"`
|
||||
|
||||
// [EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4
|
||||
// address range of the subnet.
|
||||
// The primary IPv4 address. You must specify a value from the IPv4 address
|
||||
// range of the subnet.
|
||||
//
|
||||
// Only one private IP address can be designated as primary. You can't specify
|
||||
// this option if you've specified the option to designate a private IP address
|
||||
@ -163168,7 +163170,7 @@ type RunInstancesInput struct {
|
||||
// as part of the network interface.
|
||||
SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"`
|
||||
|
||||
// [EC2-Classic, default VPC] The names of the security groups.
|
||||
// [Default VPC] The names of the security groups.
|
||||
//
|
||||
// If you specify a network interface, you must specify any security groups
|
||||
// as part of the network interface.
|
||||
@ -163176,7 +163178,7 @@ type RunInstancesInput struct {
|
||||
// Default: Amazon EC2 uses the default security group.
|
||||
SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"`
|
||||
|
||||
// [EC2-VPC] The ID of the subnet to launch the instance into.
|
||||
// The ID of the subnet to launch the instance into.
|
||||
//
|
||||
// If you specify a network interface, you must specify any subnets as part
|
||||
// of the network interface.
|
||||
@ -163844,7 +163846,7 @@ type ScheduledInstance struct {
|
||||
// The instance type.
|
||||
InstanceType *string `locationName:"instanceType" type:"string"`
|
||||
|
||||
// The network platform (EC2-Classic or EC2-VPC).
|
||||
// The network platform.
|
||||
NetworkPlatform *string `locationName:"networkPlatform" type:"string"`
|
||||
|
||||
// The time for the next schedule to start.
|
||||
@ -164009,7 +164011,7 @@ type ScheduledInstanceAvailability struct {
|
||||
// The minimum term. The only possible value is 365 days.
|
||||
MinTermDurationInDays *int64 `locationName:"minTermDurationInDays" type:"integer"`
|
||||
|
||||
// The network platform (EC2-Classic or EC2-VPC).
|
||||
// The network platform.
|
||||
NetworkPlatform *string `locationName:"networkPlatform" type:"string"`
|
||||
|
||||
// The platform (Linux/UNIX or Windows).
|
||||
@ -167498,9 +167500,7 @@ type SpotFleetLaunchSpecification struct {
|
||||
// Resource Center and search for the kernel ID.
|
||||
RamdiskId *string `locationName:"ramdiskId" type:"string"`
|
||||
|
||||
// One or more security groups. When requesting instances in a VPC, you must
|
||||
// specify the IDs of the security groups. When requesting instances in EC2-Classic,
|
||||
// you can specify the names or the IDs of the security groups.
|
||||
// The security groups.
|
||||
SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"`
|
||||
|
||||
// The maximum price per unit hour that you are willing to pay for a Spot Instance.
|
||||
@ -181242,6 +181242,22 @@ func AllowsMultipleInstanceTypes_Values() []string {
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// AmdSevSnpSpecificationEnabled is a AmdSevSnpSpecification enum value
|
||||
AmdSevSnpSpecificationEnabled = "enabled"
|
||||
|
||||
// AmdSevSnpSpecificationDisabled is a AmdSevSnpSpecification enum value
|
||||
AmdSevSnpSpecificationDisabled = "disabled"
|
||||
)
|
||||
|
||||
// AmdSevSnpSpecification_Values returns all elements of the AmdSevSnpSpecification enum
|
||||
func AmdSevSnpSpecification_Values() []string {
|
||||
return []string{
|
||||
AmdSevSnpSpecificationEnabled,
|
||||
AmdSevSnpSpecificationDisabled,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// AnalysisStatusRunning is a AnalysisStatus enum value
|
||||
AnalysisStatusRunning = "running"
|
||||
@ -189198,6 +189214,18 @@ func SummaryStatus_Values() []string {
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// SupportedAdditionalProcessorFeatureAmdSevSnp is a SupportedAdditionalProcessorFeature enum value
|
||||
SupportedAdditionalProcessorFeatureAmdSevSnp = "amd-sev-snp"
|
||||
)
|
||||
|
||||
// SupportedAdditionalProcessorFeature_Values returns all elements of the SupportedAdditionalProcessorFeature enum
|
||||
func SupportedAdditionalProcessorFeature_Values() []string {
|
||||
return []string{
|
||||
SupportedAdditionalProcessorFeatureAmdSevSnp,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// TargetCapacityUnitTypeVcpu is a TargetCapacityUnitType enum value
|
||||
TargetCapacityUnitTypeVcpu = "vcpu"
|
||||
|
449
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
449
vendor/github.com/aws/aws-sdk-go/service/kms/api.go
generated
vendored
@ -1458,11 +1458,16 @@ func (c *KMS) DecryptRequest(input *DecryptInput) (req *request.Request, output
|
||||
// see Best practices for IAM policies (https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policies-best-practices)
|
||||
// in the Key Management Service Developer Guide.
|
||||
//
|
||||
// Applications in Amazon Web Services Nitro Enclaves can call this operation
|
||||
// by using the Amazon Web Services Nitro Enclaves Development Kit (https://github.com/aws/aws-nitro-enclaves-sdk-c).
|
||||
// For information about the supporting parameters, see How Amazon Web Services
|
||||
// Nitro Enclaves use KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// Decrypt also supports Amazon Web Services Nitro Enclaves (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html),
|
||||
// which provide an isolated compute environment in Amazon EC2. To call Decrypt
|
||||
// for a Nitro enclave, use the Amazon Web Services Nitro Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK. Use the Recipient parameter to provide the
|
||||
// attestation document for the enclave. Instead of the plaintext data, the
|
||||
// response includes the plaintext data encrypted with the public key from the
|
||||
// attestation document (CiphertextForRecipient).For information about the interaction
|
||||
// between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services
|
||||
// Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide..
|
||||
//
|
||||
// The KMS key that you use for this operation must be in a compatible key state.
|
||||
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
||||
@ -3375,11 +3380,18 @@ func (c *KMS) GenerateDataKeyRequest(input *GenerateDataKeyInput) (req *request.
|
||||
// For more information, see Encryption Context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)
|
||||
// in the Key Management Service Developer Guide.
|
||||
//
|
||||
// Applications in Amazon Web Services Nitro Enclaves can call this operation
|
||||
// by using the Amazon Web Services Nitro Enclaves Development Kit (https://github.com/aws/aws-nitro-enclaves-sdk-c).
|
||||
// For information about the supporting parameters, see How Amazon Web Services
|
||||
// Nitro Enclaves use KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// GenerateDataKey also supports Amazon Web Services Nitro Enclaves (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html),
|
||||
// which provide an isolated compute environment in Amazon EC2. To call GenerateDataKey
|
||||
// for an Amazon Web Services Nitro enclave, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK. Use the Recipient parameter to provide the
|
||||
// attestation document for the enclave. GenerateDataKey returns a copy of the
|
||||
// data key encrypted under the specified KMS key, as usual. But instead of
|
||||
// a plaintext copy of the data key, the response includes a copy of the data
|
||||
// key encrypted under the public key from the attestation document (CiphertextForRecipient).
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide..
|
||||
//
|
||||
// The KMS key that you use for this operation must be in a compatible key state.
|
||||
// For details, see Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
|
||||
@ -3599,6 +3611,20 @@ func (c *KMS) GenerateDataKeyPairRequest(input *GenerateDataKeyPairInput) (req *
|
||||
// The private key is a DER-encoded PKCS8 PrivateKeyInfo, as specified in RFC
|
||||
// 5958 (https://tools.ietf.org/html/rfc5958).
|
||||
//
|
||||
// GenerateDataKeyPair also supports Amazon Web Services Nitro Enclaves (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html),
|
||||
// which provide an isolated compute environment in Amazon EC2. To call GenerateDataKeyPair
|
||||
// for an Amazon Web Services Nitro enclave, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK. Use the Recipient parameter to provide the
|
||||
// attestation document for the enclave. GenerateDataKeyPair returns the public
|
||||
// data key and a copy of the private data key encrypted under the specified
|
||||
// KMS key, as usual. But instead of a plaintext copy of the private data key
|
||||
// (PrivateKeyPlaintext), the response includes a copy of the private data key
|
||||
// encrypted under the public key from the attestation document (CiphertextForRecipient).
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide..
|
||||
//
|
||||
// You can use an optional encryption context to add additional security to
|
||||
// the encryption operation. If you specify an EncryptionContext, you must specify
|
||||
// the same encryption context (a case-sensitive exact match) when decrypting
|
||||
@ -3987,7 +4013,7 @@ func (c *KMS) GenerateDataKeyWithoutPlaintextRequest(input *GenerateDataKeyWitho
|
||||
// keys, use the KeySpec parameter.
|
||||
//
|
||||
// To generate an SM4 data key (China Regions only), specify a KeySpec value
|
||||
// of AES_128 or NumberOfBytes value of 128. The symmetric encryption key used
|
||||
// of AES_128 or NumberOfBytes value of 16. The symmetric encryption key used
|
||||
// in China Regions to encrypt your data key is an SM4 encryption key.
|
||||
//
|
||||
// If the operation succeeds, you will find the encrypted copy of the data key
|
||||
@ -4320,10 +4346,15 @@ func (c *KMS) GenerateRandomRequest(input *GenerateRandomInput) (req *request.Re
|
||||
// string in the CloudHSM cluster associated with an CloudHSM key store, use
|
||||
// the CustomKeyStoreId parameter.
|
||||
//
|
||||
// Applications in Amazon Web Services Nitro Enclaves can call this operation
|
||||
// by using the Amazon Web Services Nitro Enclaves Development Kit (https://github.com/aws/aws-nitro-enclaves-sdk-c).
|
||||
// For information about the supporting parameters, see How Amazon Web Services
|
||||
// Nitro Enclaves use KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// GenerateRandom also supports Amazon Web Services Nitro Enclaves (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave.html),
|
||||
// which provide an isolated compute environment in Amazon EC2. To call GenerateRandom
|
||||
// for a Nitro enclave, use the Amazon Web Services Nitro Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK. Use the Recipient parameter to provide the
|
||||
// attestation document for the enclave. Instead of plaintext bytes, the response
|
||||
// includes the plaintext bytes encrypted under the public key from the attestation
|
||||
// document (CiphertextForRecipient).For information about the interaction between
|
||||
// KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro
|
||||
// Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
//
|
||||
// For more information about entropy and random number generation, see Key
|
||||
@ -9620,6 +9651,9 @@ type CreateAliasInput struct {
|
||||
// Specifies the alias name. This value must begin with alias/ followed by a
|
||||
// name, such as alias/ExampleAlias.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// The AliasName value must be string of 1-256 characters. It can contain only
|
||||
// alphanumeric characters, forward slashes (/), underscores (_), and dashes
|
||||
// (-). The alias name cannot begin with alias/aws/. The alias/aws/ prefix is
|
||||
@ -9741,6 +9775,9 @@ type CreateCustomKeyStoreInput struct {
|
||||
// in your Amazon Web Services account and Region. This parameter is required
|
||||
// for all custom key stores.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// CustomKeyStoreName is a required field
|
||||
CustomKeyStoreName *string `min:"1" type:"string" required:"true"`
|
||||
|
||||
@ -10036,19 +10073,13 @@ type CreateGrantInput struct {
|
||||
|
||||
// Specifies a grant constraint.
|
||||
//
|
||||
// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant
|
||||
// constraints. Each constraint value can include up to 8 encryption context
|
||||
// pairs. The encryption context value in each constraint cannot exceed 384
|
||||
// characters. For information about grant constraints, see Using grant constraints
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints)
|
||||
// in the Key Management Service Developer Guide. For more information about
|
||||
// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)
|
||||
// in the Key Management Service Developer Guide .
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// The encryption context grant constraints allow the permissions in the grant
|
||||
// only when the encryption context in the request matches (EncryptionContextEquals)
|
||||
// or includes (EncryptionContextSubset) the encryption context specified in
|
||||
// this structure.
|
||||
// KMS supports the EncryptionContextEquals and EncryptionContextSubset grant
|
||||
// constraints, which allow the permissions in the grant only when the encryption
|
||||
// context in the request matches (EncryptionContextEquals) or includes (EncryptionContextSubset)
|
||||
// the encryption context specified in the constraint.
|
||||
//
|
||||
// The encryption context grant constraints are supported only on grant operations
|
||||
// (https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations)
|
||||
@ -10060,8 +10091,15 @@ type CreateGrantInput struct {
|
||||
// permission have an equally strict or stricter encryption context constraint.
|
||||
//
|
||||
// You cannot use an encryption context grant constraint for cryptographic operations
|
||||
// with asymmetric KMS keys or HMAC KMS keys. These keys don't support an encryption
|
||||
// context.
|
||||
// with asymmetric KMS keys or HMAC KMS keys. Operations with these keys don't
|
||||
// support an encryption context.
|
||||
//
|
||||
// Each constraint value can include up to 8 encryption context pairs. The encryption
|
||||
// context value in each constraint cannot exceed 384 characters. For information
|
||||
// about grant constraints, see Using grant constraints (https://docs.aws.amazon.com/kms/latest/developerguide/create-grant-overview.html#grant-constraints)
|
||||
// in the Key Management Service Developer Guide. For more information about
|
||||
// encryption context, see Encryption context (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context)
|
||||
// in the Key Management Service Developer Guide .
|
||||
Constraints *GrantConstraints `type:"structure"`
|
||||
|
||||
// A list of grant tokens.
|
||||
@ -10104,6 +10142,9 @@ type CreateGrantInput struct {
|
||||
// A friendly name for the grant. Use this value to prevent the unintended creation
|
||||
// of duplicate grants when retrying this request.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// When this value is absent, all CreateGrant requests result in a new grant
|
||||
// with a unique GrantId even if all the supplied parameters are identical.
|
||||
// This can result in unintended duplicates when you retry the CreateGrant request.
|
||||
@ -10323,10 +10364,12 @@ type CreateKeyInput struct {
|
||||
// Deprecated: This parameter has been deprecated. Instead, use the KeySpec parameter.
|
||||
CustomerMasterKeySpec *string `deprecated:"true" type:"string" enum:"CustomerMasterKeySpec"`
|
||||
|
||||
// A description of the KMS key.
|
||||
// A description of the KMS key. Use a description that helps you decide whether
|
||||
// the KMS key is appropriate for a task. The default value is an empty string
|
||||
// (no description).
|
||||
//
|
||||
// Use a description that helps you decide whether the KMS key is appropriate
|
||||
// for a task. The default value is an empty string (no description).
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// To set or change the description after the key is created, use UpdateKeyDescription.
|
||||
Description *string `type:"string"`
|
||||
@ -10468,6 +10511,9 @@ type CreateKeyInput struct {
|
||||
// Assigns one or more tags to the KMS key. Use this parameter to tag the KMS
|
||||
// key when it is created. To tag an existing KMS key, use the TagResource operation.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// Tagging or untagging a KMS key can allow or deny permission to the KMS key.
|
||||
// For details, see ABAC for KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
@ -11288,6 +11334,27 @@ type DecryptInput struct {
|
||||
// To get the key ID and key ARN for a KMS key, use ListKeys or DescribeKey.
|
||||
// To get the alias name and alias ARN, use ListAliases.
|
||||
KeyId *string `min:"1" type:"string"`
|
||||
|
||||
// A signed attestation document (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave-how.html#term-attestdoc)
|
||||
// from an Amazon Web Services Nitro enclave and the encryption algorithm to
|
||||
// use with the enclave's public key. The only valid encryption algorithm is
|
||||
// RSAES_OAEP_SHA_256.
|
||||
//
|
||||
// This parameter only supports attestation documents for Amazon Web Services
|
||||
// Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK.
|
||||
//
|
||||
// When you use this parameter, instead of returning the plaintext data, KMS
|
||||
// encrypts the plaintext data with the public key in the attestation document,
|
||||
// and returns the resulting ciphertext in the CiphertextForRecipient field
|
||||
// in the response. This ciphertext can be decrypted only with the private key
|
||||
// in the enclave. The Plaintext field in the response is null or empty.
|
||||
//
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
Recipient *RecipientInfo `type:"structure"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
@ -11320,6 +11387,11 @@ func (s *DecryptInput) Validate() error {
|
||||
if s.KeyId != nil && len(*s.KeyId) < 1 {
|
||||
invalidParams.Add(request.NewErrParamMinLen("KeyId", 1))
|
||||
}
|
||||
if s.Recipient != nil {
|
||||
if err := s.Recipient.Validate(); err != nil {
|
||||
invalidParams.AddNested("Recipient", err.(request.ErrInvalidParams))
|
||||
}
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
@ -11357,9 +11429,26 @@ func (s *DecryptInput) SetKeyId(v string) *DecryptInput {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRecipient sets the Recipient field's value.
|
||||
func (s *DecryptInput) SetRecipient(v *RecipientInfo) *DecryptInput {
|
||||
s.Recipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
type DecryptOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The plaintext data encrypted with the public key in the attestation document.
|
||||
//
|
||||
// This field is included in the response only when the Recipient parameter
|
||||
// in the request includes a valid attestation document from an Amazon Web Services
|
||||
// Nitro enclave. For information about the interaction between KMS and Amazon
|
||||
// Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses
|
||||
// KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// CiphertextForRecipient is automatically base64 encoded/decoded by the SDK.
|
||||
CiphertextForRecipient []byte `min:"1" type:"blob"`
|
||||
|
||||
// The encryption algorithm that was used to decrypt the ciphertext.
|
||||
EncryptionAlgorithm *string `type:"string" enum:"EncryptionAlgorithmSpec"`
|
||||
|
||||
@ -11370,6 +11459,9 @@ type DecryptOutput struct {
|
||||
// Decrypted plaintext data. When you use the HTTP API or the Amazon Web Services
|
||||
// CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
|
||||
//
|
||||
// If the response includes the CiphertextForRecipient field, the Plaintext
|
||||
// field is null or empty.
|
||||
//
|
||||
// Plaintext is a sensitive parameter and its value will be
|
||||
// replaced with "sensitive" in string returned by DecryptOutput's
|
||||
// String and GoString methods.
|
||||
@ -11396,6 +11488,12 @@ func (s DecryptOutput) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetCiphertextForRecipient sets the CiphertextForRecipient field's value.
|
||||
func (s *DecryptOutput) SetCiphertextForRecipient(v []byte) *DecryptOutput {
|
||||
s.CiphertextForRecipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetEncryptionAlgorithm sets the EncryptionAlgorithm field's value.
|
||||
func (s *DecryptOutput) SetEncryptionAlgorithm(v string) *DecryptOutput {
|
||||
s.EncryptionAlgorithm = &v
|
||||
@ -12461,6 +12559,9 @@ type EncryptInput struct {
|
||||
// with a symmetric encryption KMS key. The standard asymmetric encryption algorithms
|
||||
// and HMAC algorithms that KMS uses do not support an encryption context.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// An encryption context is a collection of non-secret key-value pairs that
|
||||
// represent additional authenticated data. When you use an encryption context
|
||||
// to encrypt data, you must specify the same (an exact case-sensitive match)
|
||||
@ -12713,6 +12814,9 @@ type GenerateDataKeyInput struct {
|
||||
// Specifies the encryption context that will be used when encrypting the data
|
||||
// key.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// An encryption context is a collection of non-secret key-value pairs that
|
||||
// represent additional authenticated data. When you use an encryption context
|
||||
// to encrypt data, you must specify the same (an exact case-sensitive match)
|
||||
@ -12773,6 +12877,29 @@ type GenerateDataKeyInput struct {
|
||||
// You must specify either the KeySpec or the NumberOfBytes parameter (but not
|
||||
// both) in every GenerateDataKey request.
|
||||
NumberOfBytes *int64 `min:"1" type:"integer"`
|
||||
|
||||
// A signed attestation document (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave-how.html#term-attestdoc)
|
||||
// from an Amazon Web Services Nitro enclave and the encryption algorithm to
|
||||
// use with the enclave's public key. The only valid encryption algorithm is
|
||||
// RSAES_OAEP_SHA_256.
|
||||
//
|
||||
// This parameter only supports attestation documents for Amazon Web Services
|
||||
// Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK.
|
||||
//
|
||||
// When you use this parameter, instead of returning the plaintext data key,
|
||||
// KMS encrypts the plaintext data key under the public key in the attestation
|
||||
// document, and returns the resulting ciphertext in the CiphertextForRecipient
|
||||
// field in the response. This ciphertext can be decrypted only with the private
|
||||
// key in the enclave. The CiphertextBlob field in the response contains a copy
|
||||
// of the data key encrypted under the KMS key specified by the KeyId parameter.
|
||||
// The Plaintext field in the response is null or empty.
|
||||
//
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
Recipient *RecipientInfo `type:"structure"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
@ -12805,6 +12932,11 @@ func (s *GenerateDataKeyInput) Validate() error {
|
||||
if s.NumberOfBytes != nil && *s.NumberOfBytes < 1 {
|
||||
invalidParams.Add(request.NewErrParamMinValue("NumberOfBytes", 1))
|
||||
}
|
||||
if s.Recipient != nil {
|
||||
if err := s.Recipient.Validate(); err != nil {
|
||||
invalidParams.AddNested("Recipient", err.(request.ErrInvalidParams))
|
||||
}
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
@ -12842,6 +12974,12 @@ func (s *GenerateDataKeyInput) SetNumberOfBytes(v int64) *GenerateDataKeyInput {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRecipient sets the Recipient field's value.
|
||||
func (s *GenerateDataKeyInput) SetRecipient(v *RecipientInfo) *GenerateDataKeyInput {
|
||||
s.Recipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
type GenerateDataKeyOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
@ -12850,6 +12988,19 @@ type GenerateDataKeyOutput struct {
|
||||
// CiphertextBlob is automatically base64 encoded/decoded by the SDK.
|
||||
CiphertextBlob []byte `min:"1" type:"blob"`
|
||||
|
||||
// The plaintext data key encrypted with the public key from the Nitro enclave.
|
||||
// This ciphertext can be decrypted only by using a private key in the Nitro
|
||||
// enclave.
|
||||
//
|
||||
// This field is included in the response only when the Recipient parameter
|
||||
// in the request includes a valid attestation document from an Amazon Web Services
|
||||
// Nitro enclave. For information about the interaction between KMS and Amazon
|
||||
// Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses
|
||||
// KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// CiphertextForRecipient is automatically base64 encoded/decoded by the SDK.
|
||||
CiphertextForRecipient []byte `min:"1" type:"blob"`
|
||||
|
||||
// The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN))
|
||||
// of the KMS key that encrypted the data key.
|
||||
KeyId *string `min:"1" type:"string"`
|
||||
@ -12859,6 +13010,9 @@ type GenerateDataKeyOutput struct {
|
||||
// this data key to encrypt your data outside of KMS. Then, remove it from memory
|
||||
// as soon as possible.
|
||||
//
|
||||
// If the response includes the CiphertextForRecipient field, the Plaintext
|
||||
// field is null or empty.
|
||||
//
|
||||
// Plaintext is a sensitive parameter and its value will be
|
||||
// replaced with "sensitive" in string returned by GenerateDataKeyOutput's
|
||||
// String and GoString methods.
|
||||
@ -12891,6 +13045,12 @@ func (s *GenerateDataKeyOutput) SetCiphertextBlob(v []byte) *GenerateDataKeyOutp
|
||||
return s
|
||||
}
|
||||
|
||||
// SetCiphertextForRecipient sets the CiphertextForRecipient field's value.
|
||||
func (s *GenerateDataKeyOutput) SetCiphertextForRecipient(v []byte) *GenerateDataKeyOutput {
|
||||
s.CiphertextForRecipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetKeyId sets the KeyId field's value.
|
||||
func (s *GenerateDataKeyOutput) SetKeyId(v string) *GenerateDataKeyOutput {
|
||||
s.KeyId = &v
|
||||
@ -12909,6 +13069,9 @@ type GenerateDataKeyPairInput struct {
|
||||
// Specifies the encryption context that will be used when encrypting the private
|
||||
// key in the data key pair.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// An encryption context is a collection of non-secret key-value pairs that
|
||||
// represent additional authenticated data. When you use an encryption context
|
||||
// to encrypt data, you must specify the same (an exact case-sensitive match)
|
||||
@ -12966,6 +13129,30 @@ type GenerateDataKeyPairInput struct {
|
||||
//
|
||||
// KeyPairSpec is a required field
|
||||
KeyPairSpec *string `type:"string" required:"true" enum:"DataKeyPairSpec"`
|
||||
|
||||
// A signed attestation document (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave-how.html#term-attestdoc)
|
||||
// from an Amazon Web Services Nitro enclave and the encryption algorithm to
|
||||
// use with the enclave's public key. The only valid encryption algorithm is
|
||||
// RSAES_OAEP_SHA_256.
|
||||
//
|
||||
// This parameter only supports attestation documents for Amazon Web Services
|
||||
// Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK.
|
||||
//
|
||||
// When you use this parameter, instead of returning a plaintext copy of the
|
||||
// private data key, KMS encrypts the plaintext private data key under the public
|
||||
// key in the attestation document, and returns the resulting ciphertext in
|
||||
// the CiphertextForRecipient field in the response. This ciphertext can be
|
||||
// decrypted only with the private key in the enclave. The CiphertextBlob field
|
||||
// in the response contains a copy of the private data key encrypted under the
|
||||
// KMS key specified by the KeyId parameter. The PrivateKeyPlaintext field in
|
||||
// the response is null or empty.
|
||||
//
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
Recipient *RecipientInfo `type:"structure"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
@ -12998,6 +13185,11 @@ func (s *GenerateDataKeyPairInput) Validate() error {
|
||||
if s.KeyPairSpec == nil {
|
||||
invalidParams.Add(request.NewErrParamRequired("KeyPairSpec"))
|
||||
}
|
||||
if s.Recipient != nil {
|
||||
if err := s.Recipient.Validate(); err != nil {
|
||||
invalidParams.AddNested("Recipient", err.(request.ErrInvalidParams))
|
||||
}
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
@ -13029,9 +13221,28 @@ func (s *GenerateDataKeyPairInput) SetKeyPairSpec(v string) *GenerateDataKeyPair
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRecipient sets the Recipient field's value.
|
||||
func (s *GenerateDataKeyPairInput) SetRecipient(v *RecipientInfo) *GenerateDataKeyPairInput {
|
||||
s.Recipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
type GenerateDataKeyPairOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The plaintext private data key encrypted with the public key from the Nitro
|
||||
// enclave. This ciphertext can be decrypted only by using a private key in
|
||||
// the Nitro enclave.
|
||||
//
|
||||
// This field is included in the response only when the Recipient parameter
|
||||
// in the request includes a valid attestation document from an Amazon Web Services
|
||||
// Nitro enclave. For information about the interaction between KMS and Amazon
|
||||
// Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses
|
||||
// KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// CiphertextForRecipient is automatically base64 encoded/decoded by the SDK.
|
||||
CiphertextForRecipient []byte `min:"1" type:"blob"`
|
||||
|
||||
// The Amazon Resource Name (key ARN (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-ARN))
|
||||
// of the KMS key that encrypted the private key.
|
||||
KeyId *string `min:"1" type:"string"`
|
||||
@ -13047,6 +13258,9 @@ type GenerateDataKeyPairOutput struct {
|
||||
// The plaintext copy of the private key. When you use the HTTP API or the Amazon
|
||||
// Web Services CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
|
||||
//
|
||||
// If the response includes the CiphertextForRecipient field, the PrivateKeyPlaintext
|
||||
// field is null or empty.
|
||||
//
|
||||
// PrivateKeyPlaintext is a sensitive parameter and its value will be
|
||||
// replaced with "sensitive" in string returned by GenerateDataKeyPairOutput's
|
||||
// String and GoString methods.
|
||||
@ -13078,6 +13292,12 @@ func (s GenerateDataKeyPairOutput) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetCiphertextForRecipient sets the CiphertextForRecipient field's value.
|
||||
func (s *GenerateDataKeyPairOutput) SetCiphertextForRecipient(v []byte) *GenerateDataKeyPairOutput {
|
||||
s.CiphertextForRecipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetKeyId sets the KeyId field's value.
|
||||
func (s *GenerateDataKeyPairOutput) SetKeyId(v string) *GenerateDataKeyPairOutput {
|
||||
s.KeyId = &v
|
||||
@ -13114,6 +13334,9 @@ type GenerateDataKeyPairWithoutPlaintextInput struct {
|
||||
// Specifies the encryption context that will be used when encrypting the private
|
||||
// key in the data key pair.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// An encryption context is a collection of non-secret key-value pairs that
|
||||
// represent additional authenticated data. When you use an encryption context
|
||||
// to encrypt data, you must specify the same (an exact case-sensitive match)
|
||||
@ -13303,6 +13526,9 @@ type GenerateDataKeyWithoutPlaintextInput struct {
|
||||
// Specifies the encryption context that will be used when encrypting the data
|
||||
// key.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// An encryption context is a collection of non-secret key-value pairs that
|
||||
// represent additional authenticated data. When you use an encryption context
|
||||
// to encrypt data, you must specify the same (an exact case-sensitive match)
|
||||
@ -13649,6 +13875,27 @@ type GenerateRandomInput struct {
|
||||
|
||||
// The length of the random byte string. This parameter is required.
|
||||
NumberOfBytes *int64 `min:"1" type:"integer"`
|
||||
|
||||
// A signed attestation document (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave-how.html#term-attestdoc)
|
||||
// from an Amazon Web Services Nitro enclave and the encryption algorithm to
|
||||
// use with the enclave's public key. The only valid encryption algorithm is
|
||||
// RSAES_OAEP_SHA_256.
|
||||
//
|
||||
// This parameter only supports attestation documents for Amazon Web Services
|
||||
// Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro
|
||||
// Enclaves SDK (https://docs.aws.amazon.com/enclaves/latest/user/developing-applications.html#sdk)
|
||||
// or any Amazon Web Services SDK.
|
||||
//
|
||||
// When you use this parameter, instead of returning plaintext bytes, KMS encrypts
|
||||
// the plaintext bytes under the public key in the attestation document, and
|
||||
// returns the resulting ciphertext in the CiphertextForRecipient field in the
|
||||
// response. This ciphertext can be decrypted only with the private key in the
|
||||
// enclave. The Plaintext field in the response is null or empty.
|
||||
//
|
||||
// For information about the interaction between KMS and Amazon Web Services
|
||||
// Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
Recipient *RecipientInfo `type:"structure"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
@ -13678,6 +13925,11 @@ func (s *GenerateRandomInput) Validate() error {
|
||||
if s.NumberOfBytes != nil && *s.NumberOfBytes < 1 {
|
||||
invalidParams.Add(request.NewErrParamMinValue("NumberOfBytes", 1))
|
||||
}
|
||||
if s.Recipient != nil {
|
||||
if err := s.Recipient.Validate(); err != nil {
|
||||
invalidParams.AddNested("Recipient", err.(request.ErrInvalidParams))
|
||||
}
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
@ -13697,12 +13949,34 @@ func (s *GenerateRandomInput) SetNumberOfBytes(v int64) *GenerateRandomInput {
|
||||
return s
|
||||
}
|
||||
|
||||
// SetRecipient sets the Recipient field's value.
|
||||
func (s *GenerateRandomInput) SetRecipient(v *RecipientInfo) *GenerateRandomInput {
|
||||
s.Recipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
type GenerateRandomOutput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The plaintext random bytes encrypted with the public key from the Nitro enclave.
|
||||
// This ciphertext can be decrypted only by using a private key in the Nitro
|
||||
// enclave.
|
||||
//
|
||||
// This field is included in the response only when the Recipient parameter
|
||||
// in the request includes a valid attestation document from an Amazon Web Services
|
||||
// Nitro enclave. For information about the interaction between KMS and Amazon
|
||||
// Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses
|
||||
// KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
// CiphertextForRecipient is automatically base64 encoded/decoded by the SDK.
|
||||
CiphertextForRecipient []byte `min:"1" type:"blob"`
|
||||
|
||||
// The random byte string. When you use the HTTP API or the Amazon Web Services
|
||||
// CLI, the value is Base64-encoded. Otherwise, it is not Base64-encoded.
|
||||
//
|
||||
// If the response includes the CiphertextForRecipient field, the Plaintext
|
||||
// field is null or empty.
|
||||
//
|
||||
// Plaintext is a sensitive parameter and its value will be
|
||||
// replaced with "sensitive" in string returned by GenerateRandomOutput's
|
||||
// String and GoString methods.
|
||||
@ -13729,6 +14003,12 @@ func (s GenerateRandomOutput) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// SetCiphertextForRecipient sets the CiphertextForRecipient field's value.
|
||||
func (s *GenerateRandomOutput) SetCiphertextForRecipient(v []byte) *GenerateRandomOutput {
|
||||
s.CiphertextForRecipient = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetPlaintext sets the Plaintext field's value.
|
||||
func (s *GenerateRandomOutput) SetPlaintext(v []byte) *GenerateRandomOutput {
|
||||
s.Plaintext = v
|
||||
@ -17376,6 +17656,9 @@ type ReEncryptInput struct {
|
||||
|
||||
// Specifies that encryption context to use when the reencrypting the data.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// A destination encryption context is valid only when the destination KMS key
|
||||
// is a symmetric encryption KMS key. The standard ciphertext format for asymmetric
|
||||
// KMS keys does not include fields for metadata.
|
||||
@ -17647,6 +17930,71 @@ func (s *ReEncryptOutput) SetSourceKeyId(v string) *ReEncryptOutput {
|
||||
return s
|
||||
}
|
||||
|
||||
// Contains information about the party that receives the response from the
|
||||
// API operation.
|
||||
//
|
||||
// This data type is designed to support Amazon Web Services Nitro Enclaves,
|
||||
// which lets you create an isolated compute environment in Amazon EC2. For
|
||||
// information about the interaction between KMS and Amazon Web Services Nitro
|
||||
// Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS (https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
type RecipientInfo struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
// The attestation document for an Amazon Web Services Nitro Enclave. This document
|
||||
// includes the enclave's public key.
|
||||
// AttestationDocument is automatically base64 encoded/decoded by the SDK.
|
||||
AttestationDocument []byte `min:"1" type:"blob"`
|
||||
|
||||
// The encryption algorithm that KMS should use with the public key for an Amazon
|
||||
// Web Services Nitro Enclave to encrypt plaintext values for the response.
|
||||
// The only valid value is RSAES_OAEP_SHA_256.
|
||||
KeyEncryptionAlgorithm *string `type:"string" enum:"KeyEncryptionMechanism"`
|
||||
}
|
||||
|
||||
// String returns the string representation.
|
||||
//
|
||||
// API parameter values that are decorated as "sensitive" in the API will not
|
||||
// be included in the string output. The member name will be present, but the
|
||||
// value will be replaced with "sensitive".
|
||||
func (s RecipientInfo) String() string {
|
||||
return awsutil.Prettify(s)
|
||||
}
|
||||
|
||||
// GoString returns the string representation.
|
||||
//
|
||||
// API parameter values that are decorated as "sensitive" in the API will not
|
||||
// be included in the string output. The member name will be present, but the
|
||||
// value will be replaced with "sensitive".
|
||||
func (s RecipientInfo) GoString() string {
|
||||
return s.String()
|
||||
}
|
||||
|
||||
// Validate inspects the fields of the type to determine if they are valid.
|
||||
func (s *RecipientInfo) Validate() error {
|
||||
invalidParams := request.ErrInvalidParams{Context: "RecipientInfo"}
|
||||
if s.AttestationDocument != nil && len(s.AttestationDocument) < 1 {
|
||||
invalidParams.Add(request.NewErrParamMinLen("AttestationDocument", 1))
|
||||
}
|
||||
|
||||
if invalidParams.Len() > 0 {
|
||||
return invalidParams
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
// SetAttestationDocument sets the AttestationDocument field's value.
|
||||
func (s *RecipientInfo) SetAttestationDocument(v []byte) *RecipientInfo {
|
||||
s.AttestationDocument = v
|
||||
return s
|
||||
}
|
||||
|
||||
// SetKeyEncryptionAlgorithm sets the KeyEncryptionAlgorithm field's value.
|
||||
func (s *RecipientInfo) SetKeyEncryptionAlgorithm(v string) *RecipientInfo {
|
||||
s.KeyEncryptionAlgorithm = &v
|
||||
return s
|
||||
}
|
||||
|
||||
type ReplicateKeyInput struct {
|
||||
_ struct{} `type:"structure"`
|
||||
|
||||
@ -17666,6 +18014,9 @@ type ReplicateKeyInput struct {
|
||||
|
||||
// A description of the KMS key. The default value is an empty string (no description).
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// The description is not a shared property of multi-Region keys. You can specify
|
||||
// the same description or a different description for each key in a set of
|
||||
// related multi-Region keys. KMS does not synchronize this property.
|
||||
@ -17762,6 +18113,9 @@ type ReplicateKeyInput struct {
|
||||
// KMS key when it is created. To tag an existing KMS key, use the TagResource
|
||||
// operation.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// Tagging or untagging a KMS key can allow or deny permission to the KMS key.
|
||||
// For details, see ABAC for KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)
|
||||
// in the Key Management Service Developer Guide.
|
||||
@ -18517,6 +18871,9 @@ func (s *SignOutput) SetSigningAlgorithm(v string) *SignOutput {
|
||||
// A key-value pair. A tag consists of a tag key and a tag value. Tag keys and
|
||||
// tag values are both required, but tag values can be empty (null) strings.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// For information about the rules that apply to tag keys and tag values, see
|
||||
// User-Defined Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html)
|
||||
// in the Amazon Web Services Billing and Cost Management User Guide.
|
||||
@ -18665,10 +19022,11 @@ type TagResourceInput struct {
|
||||
// KeyId is a required field
|
||||
KeyId *string `min:"1" type:"string" required:"true"`
|
||||
|
||||
// One or more tags.
|
||||
// One or more tags. Each tag consists of a tag key and a tag value. The tag
|
||||
// value can be an empty (null) string.
|
||||
//
|
||||
// Each tag consists of a tag key and a tag value. The tag value can be an empty
|
||||
// (null) string.
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// You cannot have more than one tag on a KMS key with the same tag key. If
|
||||
// you specify an existing tag key with a different tag value, KMS replaces
|
||||
@ -18926,6 +19284,9 @@ type UpdateAliasInput struct {
|
||||
// with alias/ followed by the alias name, such as alias/ExampleAlias. You cannot
|
||||
// use UpdateAlias to change the alias name.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// AliasName is a required field
|
||||
AliasName *string `min:"1" type:"string" required:"true"`
|
||||
|
||||
@ -19071,6 +19432,9 @@ type UpdateCustomKeyStoreInput struct {
|
||||
// Changes the friendly name of the custom key store to the value that you specify.
|
||||
// The custom key store name must be unique in the Amazon Web Services account.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// To change this value, an CloudHSM key store must be disconnected. An external
|
||||
// key store can be connected or disconnected.
|
||||
NewCustomKeyStoreName *string `min:"1" type:"string"`
|
||||
@ -19286,6 +19650,9 @@ type UpdateKeyDescriptionInput struct {
|
||||
|
||||
// New description for the KMS key.
|
||||
//
|
||||
// Do not include confidential or sensitive information in this field. This
|
||||
// field may be displayed in plaintext in CloudTrail logs and other output.
|
||||
//
|
||||
// Description is a required field
|
||||
Description *string `type:"string" required:"true"`
|
||||
|
||||
@ -21298,6 +21665,18 @@ func GrantOperation_Values() []string {
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// KeyEncryptionMechanismRsaesOaepSha256 is a KeyEncryptionMechanism enum value
|
||||
KeyEncryptionMechanismRsaesOaepSha256 = "RSAES_OAEP_SHA_256"
|
||||
)
|
||||
|
||||
// KeyEncryptionMechanism_Values returns all elements of the KeyEncryptionMechanism enum
|
||||
func KeyEncryptionMechanism_Values() []string {
|
||||
return []string{
|
||||
KeyEncryptionMechanismRsaesOaepSha256,
|
||||
}
|
||||
}
|
||||
|
||||
const (
|
||||
// KeyManagerTypeAws is a KeyManagerType enum value
|
||||
KeyManagerTypeAws = "AWS"
|
||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -8,7 +8,7 @@ github.com/ansel1/merry
|
||||
# github.com/ansel1/merry/v2 v2.0.1
|
||||
## explicit; go 1.12
|
||||
github.com/ansel1/merry/v2
|
||||
# github.com/aws/aws-sdk-go v1.44.249
|
||||
# github.com/aws/aws-sdk-go v1.44.254
|
||||
## explicit; go 1.11
|
||||
github.com/aws/aws-sdk-go/aws
|
||||
github.com/aws/aws-sdk-go/aws/awserr
|
||||
|
Loading…
Reference in New Issue
Block a user