From 8b711386333754ecc0d35f8f51c1af7a234574f3 Mon Sep 17 00:00:00 2001 From: aws-sdk-go-automation <43143561+aws-sdk-go-automation@users.noreply.github.com> Date: Mon, 1 Jul 2024 16:03:04 -0400 Subject: [PATCH] Release v1.54.12 (2024-07-01) (#5300) Release v1.54.12 (2024-07-01) === ### Service Client Updates * `service/apigateway`: Updates service API * Add v2 smoke tests and smithy smokeTests trait for SDK testing. * `service/cognito-identity`: Updates service API * `service/connect`: Updates service API, documentation, and paginators * `service/docdb`: Updates service API * Add v2 smoke tests and smithy smokeTests trait for SDK testing. * `service/eks`: Updates service API * `service/payment-cryptography`: Updates service API and documentation * `service/payment-cryptography-data`: Updates service API, documentation, and waiters * `service/states`: Updates service API * Add v2 smoke tests and smithy smokeTests trait for SDK testing. * `service/swf`: Updates service API * Add v2 smoke tests and smithy smokeTests trait for SDK testing. * `service/wafv2`: Updates service API and documentation --- CHANGELOG.md | 19 + aws/endpoints/defaults.go | 3 + aws/version.go | 2 +- models/apis/apigateway/2015-07-09/api-2.json | 4 +- .../apis/apigateway/2015-07-09/smoke-2.json | 16 + .../cognito-identity/2014-06-30/api-2.json | 16 +- .../2014-06-30/endpoint-rule-set-1.json | 314 ++++++ .../2014-06-30/endpoint-tests-1.json | 574 +++++++++++ .../cognito-identity/2014-06-30/smoke-2.json | 18 + models/apis/connect/2017-08-08/api-2.json | 197 ++++ models/apis/connect/2017-08-08/docs-2.json | 125 ++- .../apis/connect/2017-08-08/paginators-1.json | 6 + models/apis/docdb/2014-10-31/api-2.json | 4 +- models/apis/docdb/2014-10-31/smoke-2.json | 16 + models/apis/eks/2017-11-01/api-2.json | 3 +- .../2022-02-03/api-2.json | 514 +++++----- .../2022-02-03/docs-2.json | 95 +- .../2022-02-03/smoke.json | 6 + .../2022-02-03/waiters-2.json | 5 + .../2021-09-14/api-2.json | 21 +- .../2021-09-14/docs-2.json | 14 +- models/apis/states/2016-11-23/api-2.json | 3 +- models/apis/states/2016-11-23/smoke-2.json | 16 + models/apis/swf/2012-01-25/api-2.json | 3 +- models/apis/swf/2012-01-25/smoke-2.json | 18 + models/apis/wafv2/2019-07-29/api-2.json | 3 +- models/apis/wafv2/2019-07-29/docs-2.json | 4 +- models/endpoints/endpoints.json | 3 +- service/connect/api.go | 963 +++++++++++++++++- service/connect/connectiface/interface.go | 15 + service/connect/doc.go | 4 + service/eks/api.go | 4 + service/paymentcryptography/api.go | 6 +- service/paymentcryptographydata/api.go | 248 ++++- service/wafv2/api.go | 19 +- 35 files changed, 2944 insertions(+), 337 deletions(-) create mode 100644 models/apis/apigateway/2015-07-09/smoke-2.json create mode 100644 models/apis/cognito-identity/2014-06-30/endpoint-rule-set-1.json create mode 100644 models/apis/cognito-identity/2014-06-30/endpoint-tests-1.json create mode 100644 models/apis/cognito-identity/2014-06-30/smoke-2.json create mode 100644 models/apis/docdb/2014-10-31/smoke-2.json create mode 100644 models/apis/payment-cryptography-data/2022-02-03/smoke.json create mode 100644 models/apis/payment-cryptography-data/2022-02-03/waiters-2.json create mode 100644 models/apis/states/2016-11-23/smoke-2.json create mode 100644 models/apis/swf/2012-01-25/smoke-2.json diff --git a/CHANGELOG.md b/CHANGELOG.md index 9e9d2bc44f3..9aff376e7d2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,22 @@ +Release v1.54.12 (2024-07-01) +=== + +### Service Client Updates +* `service/apigateway`: Updates service API + * Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* `service/cognito-identity`: Updates service API +* `service/connect`: Updates service API, documentation, and paginators +* `service/docdb`: Updates service API + * Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* `service/eks`: Updates service API +* `service/payment-cryptography`: Updates service API and documentation +* `service/payment-cryptography-data`: Updates service API, documentation, and waiters +* `service/states`: Updates service API + * Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* `service/swf`: Updates service API + * Add v2 smoke tests and smithy smokeTests trait for SDK testing. +* `service/wafv2`: Updates service API and documentation + Release v1.54.11 (2024-06-28) === diff --git a/aws/endpoints/defaults.go b/aws/endpoints/defaults.go index 0b985a1f84f..bef6ea7255c 100644 --- a/aws/endpoints/defaults.go +++ b/aws/endpoints/defaults.go @@ -36109,6 +36109,9 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, }, }, "airflow": service{ diff --git a/aws/version.go b/aws/version.go index 12ea1b3283e..c0219fd8f6d 100644 --- a/aws/version.go +++ b/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.54.11" +const SDKVersion = "1.54.12" diff --git a/models/apis/apigateway/2015-07-09/api-2.json b/models/apis/apigateway/2015-07-09/api-2.json index 2de792495ab..9f77686287a 100644 --- a/models/apis/apigateway/2015-07-09/api-2.json +++ b/models/apis/apigateway/2015-07-09/api-2.json @@ -4,10 +4,12 @@ "apiVersion":"2015-07-09", "endpointPrefix":"apigateway", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"Amazon API Gateway", "serviceId":"API Gateway", "signatureVersion":"v4", - "uid":"apigateway-2015-07-09" + "uid":"apigateway-2015-07-09", + "auth":["aws.auth#sigv4"] }, "operations":{ "CreateApiKey":{ diff --git a/models/apis/apigateway/2015-07-09/smoke-2.json b/models/apis/apigateway/2015-07-09/smoke-2.json new file mode 100644 index 00000000000..824136cc7d5 --- /dev/null +++ b/models/apis/apigateway/2015-07-09/smoke-2.json @@ -0,0 +1,16 @@ +{ + "version": 2, + "testCases": [ + { + "id": "GetDomainNamesSuccess", + "operationName": "GetDomainNames", + "input": {}, + "expectation": { + "success": {} + }, + "config": { + "region": "us-west-2" + } + } + ] +} diff --git a/models/apis/cognito-identity/2014-06-30/api-2.json b/models/apis/cognito-identity/2014-06-30/api-2.json index 54fd0c97848..2d25a88f700 100644 --- a/models/apis/cognito-identity/2014-06-30/api-2.json +++ b/models/apis/cognito-identity/2014-06-30/api-2.json @@ -5,11 +5,13 @@ "endpointPrefix":"cognito-identity", "jsonVersion":"1.1", "protocol":"json", + "protocols":["json"], "serviceFullName":"Amazon Cognito Identity", "serviceId":"Cognito Identity", "signatureVersion":"v4", "targetPrefix":"AWSCognitoIdentityService", - "uid":"cognito-identity-2014-06-30" + "uid":"cognito-identity-2014-06-30", + "auth":["aws.auth#sigv4"] }, "operations":{ "CreateIdentityPool":{ @@ -108,7 +110,8 @@ {"shape":"InternalErrorException"}, {"shape":"ExternalServiceException"} ], - "authtype":"none" + "authtype":"none", + "auth":["smithy.api#noAuth"] }, "GetId":{ "name":"GetId", @@ -128,7 +131,8 @@ {"shape":"LimitExceededException"}, {"shape":"ExternalServiceException"} ], - "authtype":"none" + "authtype":"none", + "auth":["smithy.api#noAuth"] }, "GetIdentityPoolRoles":{ "name":"GetIdentityPoolRoles", @@ -164,7 +168,8 @@ {"shape":"InternalErrorException"}, {"shape":"ExternalServiceException"} ], - "authtype":"none" + "authtype":"none", + "auth":["smithy.api#noAuth"] }, "GetOpenIdTokenForDeveloperIdentity":{ "name":"GetOpenIdTokenForDeveloperIdentity", @@ -363,7 +368,8 @@ {"shape":"InternalErrorException"}, {"shape":"ExternalServiceException"} ], - "authtype":"none" + "authtype":"none", + "auth":["smithy.api#noAuth"] }, "UntagResource":{ "name":"UntagResource", diff --git a/models/apis/cognito-identity/2014-06-30/endpoint-rule-set-1.json b/models/apis/cognito-identity/2014-06-30/endpoint-rule-set-1.json new file mode 100644 index 00000000000..348fc5c4bb0 --- /dev/null +++ b/models/apis/cognito-identity/2014-06-30/endpoint-rule-set-1.json @@ -0,0 +1,314 @@ +{ + "version": "1.0", + "parameters": { + "Region": { + "builtIn": "AWS::Region", + "required": false, + "documentation": "The AWS region used to dispatch the request.", + "type": "String" + }, + "UseDualStack": { + "builtIn": "AWS::UseDualStack", + "required": true, + "default": false, + "documentation": "When true, use the dual-stack endpoint. If the configured endpoint does not support dual-stack, dispatching the request MAY return an error.", + "type": "Boolean" + }, + "UseFIPS": { + "builtIn": "AWS::UseFIPS", + "required": true, + "default": false, + "documentation": "When true, send this request to the FIPS-compliant regional endpoint. If the configured endpoint does not have a FIPS compliant endpoint, dispatching the request will return an error.", + "type": "Boolean" + }, + "Endpoint": { + "builtIn": "SDK::Endpoint", + "required": false, + "documentation": "Override the endpoint used to send this request", + "type": "String" + } + }, + "rules": [ + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Endpoint" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], + "endpoint": { + "url": { + "ref": "Endpoint" + }, + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "isSet", + "argv": [ + { + "ref": "Region" + } + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "aws.partition", + "argv": [ + { + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + }, + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-identity-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + }, + true + ] + } + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-identity-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseDualStack" + }, + true + ] + } + ], + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://cognito-identity.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" + } + ], + "type": "tree" + }, + { + "conditions": [], + "endpoint": { + "url": "https://cognito-identity.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ], + "type": "tree" + } + ], + "type": "tree" + }, + { + "conditions": [], + "error": "Invalid Configuration: Missing Region", + "type": "error" + } + ] +} \ No newline at end of file diff --git a/models/apis/cognito-identity/2014-06-30/endpoint-tests-1.json b/models/apis/cognito-identity/2014-06-30/endpoint-tests-1.json new file mode 100644 index 00000000000..cfc617981e4 --- /dev/null +++ b/models/apis/cognito-identity/2014-06-30/endpoint-tests-1.json @@ -0,0 +1,574 @@ +{ + "testCases": [ + { + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ap-northeast-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-northeast-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ap-northeast-2.amazonaws.com" + } + }, + "params": { + "Region": "ap-northeast-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ap-south-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ap-southeast-1.amazonaws.com" + } + }, + "params": { + "Region": "ap-southeast-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ap-southeast-2.amazonaws.com" + } + }, + "params": { + "Region": "ap-southeast-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region ca-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.ca-central-1.amazonaws.com" + } + }, + "params": { + "Region": "ca-central-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.eu-central-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-central-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.eu-north-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-north-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.eu-west-1.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.eu-west-2.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.eu-west-3.amazonaws.com" + } + }, + "params": { + "Region": "eu-west-3", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.me-south-1.amazonaws.com" + } + }, + "params": { + "Region": "me-south-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.sa-east-1.amazonaws.com" + } + }, + "params": { + "Region": "sa-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-east-2.amazonaws.com" + } + }, + "params": { + "Region": "us-east-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-east-2.amazonaws.com" + } + }, + "params": { + "Region": "us-east-2", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-west-2.amazonaws.com" + } + }, + "params": { + "Region": "us-west-2", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-west-2.amazonaws.com" + } + }, + "params": { + "Region": "us-west-2", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-east-1.api.aws" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.cn-north-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.cn-north-1.api.amazonwebservices.com.cn" + } + }, + "params": { + "Region": "cn-north-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-west-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-gov-west-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-west-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-gov-east-1.amazonaws.com" + } + }, + "params": { + "Region": "us-gov-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-iso-east-1.c2s.ic.gov" + } + }, + "params": { + "Region": "us-iso-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity-fips.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": true, + "UseDualStack": false + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "expect": { + "error": "DualStack is enabled but this partition does not support DualStack" + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": true + } + }, + { + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://cognito-identity.us-isob-east-1.sc2s.sgov.gov" + } + }, + "params": { + "Region": "us-isob-east-1", + "UseFIPS": false, + "UseDualStack": false + } + }, + { + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", + "expect": { + "endpoint": { + "url": "https://example.com" + } + }, + "params": { + "UseFIPS": false, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips enabled and dualstack disabled", + "expect": { + "error": "Invalid Configuration: FIPS and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": true, + "UseDualStack": false, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "For custom endpoint with fips disabled and dualstack enabled", + "expect": { + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported" + }, + "params": { + "Region": "us-east-1", + "UseFIPS": false, + "UseDualStack": true, + "Endpoint": "https://example.com" + } + }, + { + "documentation": "Missing region", + "expect": { + "error": "Invalid Configuration: Missing Region" + } + } + ], + "version": "1.0" +} \ No newline at end of file diff --git a/models/apis/cognito-identity/2014-06-30/smoke-2.json b/models/apis/cognito-identity/2014-06-30/smoke-2.json new file mode 100644 index 00000000000..393efb7c965 --- /dev/null +++ b/models/apis/cognito-identity/2014-06-30/smoke-2.json @@ -0,0 +1,18 @@ +{ + "version": 2, + "testCases": [ + { + "id": "ListIdentityPoolsSuccess", + "operationName": "ListIdentityPools", + "input": { + "MaxResults": 10 + }, + "expectation": { + "success": {} + }, + "config": { + "region": "us-west-2" + } + } + ] +} diff --git a/models/apis/connect/2017-08-08/api-2.json b/models/apis/connect/2017-08-08/api-2.json index 3490a144e9a..0a94deffb2b 100644 --- a/models/apis/connect/2017-08-08/api-2.json +++ b/models/apis/connect/2017-08-08/api-2.json @@ -1205,6 +1205,22 @@ {"shape":"InternalServiceException"} ] }, + "DescribeAuthenticationProfile":{ + "name":"DescribeAuthenticationProfile", + "http":{ + "method":"GET", + "requestUri":"/authentication-profiles/{InstanceId}/{AuthenticationProfileId}" + }, + "input":{"shape":"DescribeAuthenticationProfileRequest"}, + "output":{"shape":"DescribeAuthenticationProfileResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"} + ] + }, "DescribeContact":{ "name":"DescribeContact", "http":{ @@ -2029,6 +2045,22 @@ {"shape":"ThrottlingException"} ] }, + "ListAuthenticationProfiles":{ + "name":"ListAuthenticationProfiles", + "http":{ + "method":"GET", + "requestUri":"/authentication-profiles-summary/{InstanceId}" + }, + "input":{"shape":"ListAuthenticationProfilesRequest"}, + "output":{"shape":"ListAuthenticationProfilesResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"} + ] + }, "ListBots":{ "name":"ListBots", "http":{ @@ -3347,6 +3379,21 @@ {"shape":"InternalServiceException"} ] }, + "UpdateAuthenticationProfile":{ + "name":"UpdateAuthenticationProfile", + "http":{ + "method":"POST", + "requestUri":"/authentication-profiles/{InstanceId}/{AuthenticationProfileId}" + }, + "input":{"shape":"UpdateAuthenticationProfileRequest"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"} + ] + }, "UpdateContact":{ "name":"UpdateContact", "http":{ @@ -4080,6 +4127,12 @@ "error":{"httpStatusCode":403}, "exception":true }, + "AccessTokenDuration":{ + "type":"integer", + "box":true, + "max":60, + "min":10 + }, "ActionSummaries":{ "type":"list", "member":{"shape":"ActionSummary"} @@ -4849,6 +4902,53 @@ } }, "AudioQualityScore":{"type":"float"}, + "AuthenticationProfile":{ + "type":"structure", + "members":{ + "Id":{"shape":"AuthenticationProfileId"}, + "Arn":{"shape":"ARN"}, + "Name":{"shape":"AuthenticationProfileName"}, + "Description":{"shape":"AuthenticationProfileDescription"}, + "AllowedIps":{"shape":"IpCidrList"}, + "BlockedIps":{"shape":"IpCidrList"}, + "IsDefault":{"shape":"Boolean"}, + "CreatedTime":{"shape":"Timestamp"}, + "LastModifiedTime":{"shape":"Timestamp"}, + "LastModifiedRegion":{"shape":"RegionName"}, + "PeriodicSessionDuration":{"shape":"AccessTokenDuration"}, + "MaxSessionDuration":{"shape":"RefreshTokenDuration"} + } + }, + "AuthenticationProfileDescription":{ + "type":"string", + "max":250, + "min":1 + }, + "AuthenticationProfileId":{ + "type":"string", + "max":100, + "min":1 + }, + "AuthenticationProfileName":{ + "type":"string", + "max":128, + "min":1 + }, + "AuthenticationProfileSummary":{ + "type":"structure", + "members":{ + "Id":{"shape":"AuthenticationProfileId"}, + "Arn":{"shape":"ARN"}, + "Name":{"shape":"AuthenticationProfileName"}, + "IsDefault":{"shape":"Boolean"}, + "LastModifiedTime":{"shape":"Timestamp"}, + "LastModifiedRegion":{"shape":"RegionName"} + } + }, + "AuthenticationProfileSummaryList":{ + "type":"list", + "member":{"shape":"AuthenticationProfileSummary"} + }, "AutoAccept":{"type":"boolean"}, "AvailableNumberSummary":{ "type":"structure", @@ -7016,6 +7116,31 @@ "AgentStatus":{"shape":"AgentStatus"} } }, + "DescribeAuthenticationProfileRequest":{ + "type":"structure", + "required":[ + "AuthenticationProfileId", + "InstanceId" + ], + "members":{ + "AuthenticationProfileId":{ + "shape":"AuthenticationProfileId", + "location":"uri", + "locationName":"AuthenticationProfileId" + }, + "InstanceId":{ + "shape":"InstanceId", + "location":"uri", + "locationName":"InstanceId" + } + } + }, + "DescribeAuthenticationProfileResponse":{ + "type":"structure", + "members":{ + "AuthenticationProfile":{"shape":"AuthenticationProfile"} + } + }, "DescribeContactEvaluationRequest":{ "type":"structure", "required":[ @@ -9729,6 +9854,16 @@ "type":"list", "member":{"shape":"InvisibleFieldInfo"} }, + "IpCidr":{ + "type":"string", + "max":50, + "min":2, + "pattern":"^[A-Za-z0-9:/]*$" + }, + "IpCidrList":{ + "type":"list", + "member":{"shape":"IpCidr"} + }, "JoinToken":{ "type":"string", "sensitive":true @@ -9917,6 +10052,35 @@ "NextToken":{"shape":"NextToken"} } }, + "ListAuthenticationProfilesRequest":{ + "type":"structure", + "required":["InstanceId"], + "members":{ + "InstanceId":{ + "shape":"InstanceId", + "location":"uri", + "locationName":"InstanceId" + }, + "MaxResults":{ + "shape":"MaxResult1000", + "box":true, + "location":"querystring", + "locationName":"maxResults" + }, + "NextToken":{ + "shape":"NextToken", + "location":"querystring", + "locationName":"nextToken" + } + } + }, + "ListAuthenticationProfilesResponse":{ + "type":"structure", + "members":{ + "AuthenticationProfileSummaryList":{"shape":"AuthenticationProfileSummaryList"}, + "NextToken":{"shape":"NextToken"} + } + }, "ListBotsRequest":{ "type":"structure", "required":[ @@ -12917,6 +13081,12 @@ "max":4096, "min":0 }, + "RefreshTokenDuration":{ + "type":"integer", + "box":true, + "max":720, + "min":360 + }, "RegionName":{ "type":"string", "pattern":"[a-z]{2}(-[a-z]+){1,2}(-[0-9])?" @@ -15068,6 +15238,33 @@ "ResetOrderNumber":{"shape":"Boolean"} } }, + "UpdateAuthenticationProfileRequest":{ + "type":"structure", + "required":[ + "AuthenticationProfileId", + "InstanceId" + ], + "members":{ + "AuthenticationProfileId":{ + "shape":"AuthenticationProfileId", + "location":"uri", + "locationName":"AuthenticationProfileId" + }, + "InstanceId":{ + "shape":"InstanceId", + "location":"uri", + "locationName":"InstanceId" + }, + "Name":{"shape":"AuthenticationProfileName"}, + "Description":{"shape":"AuthenticationProfileDescription"}, + "AllowedIps":{"shape":"IpCidrList"}, + "BlockedIps":{"shape":"IpCidrList"}, + "PeriodicSessionDuration":{ + "shape":"AccessTokenDuration", + "box":true + } + } + }, "UpdateCaseActionDefinition":{ "type":"structure", "required":["Fields"], diff --git a/models/apis/connect/2017-08-08/docs-2.json b/models/apis/connect/2017-08-08/docs-2.json index f259fca2b54..6e23dd96f1a 100644 --- a/models/apis/connect/2017-08-08/docs-2.json +++ b/models/apis/connect/2017-08-08/docs-2.json @@ -1,6 +1,6 @@ { "version": "2.0", - "service": "

Amazon Connect is a cloud-based contact center solution that you use to set up and manage a customer contact center and provide reliable customer engagement at any scale.

Amazon Connect provides metrics and real-time reporting that enable you to optimize contact routing. You can also resolve customer issues more efficiently by getting customers in touch with the appropriate agents.

There are limits to the number of Amazon Connect resources that you can create. There are also limits to the number of requests that you can make per second. For more information, see Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.

You can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect endpoints, see Amazon Connect Endpoints.

", + "service": "

Amazon Connect is a cloud-based contact center solution that you use to set up and manage a customer contact center and provide reliable customer engagement at any scale.

Amazon Connect provides metrics and real-time reporting that enable you to optimize contact routing. You can also resolve customer issues more efficiently by getting customers in touch with the appropriate agents.

There are limits to the number of Amazon Connect resources that you can create. There are also limits to the number of requests that you can make per second. For more information, see Amazon Connect Service Quotas in the Amazon Connect Administrator Guide.

You can connect programmatically to an Amazon Web Services service by using an endpoint. For a list of Amazon Connect endpoints, see Amazon Connect Endpoints.

", "operations": { "ActivateEvaluationForm": "

Activates an evaluation form in the specified Amazon Connect instance. After the evaluation form is activated, it is available to start new evaluations based on the form.

", "AssociateAnalyticsDataSet": "

This API is in preview release for Amazon Connect and is subject to change.

Associates the specified dataset for a Amazon Connect instance with the target account. You can associate only one dataset in a single call.

", @@ -73,6 +73,7 @@ "DeleteViewVersion": "

Deletes the particular version specified in ViewVersion identifier.

", "DeleteVocabulary": "

Deletes the vocabulary that has the given identifier.

", "DescribeAgentStatus": "

This API is in preview release for Amazon Connect and is subject to change.

Describes an agent status.

", + "DescribeAuthenticationProfile": "

This API is in preview release for Amazon Connect and is subject to change. To request access to this API, contact Amazon Web Services Support.

Describes the target authentication profile.

", "DescribeContact": "

This API is in preview release for Amazon Connect and is subject to change.

Describes the specified contact.

Contact information remains available in Amazon Connect for 24 months, and then it is deleted.

Only data from November 12, 2021, and later is returned by this API.

", "DescribeContactEvaluation": "

Describes a contact evaluation in the specified Amazon Connect instance.

", "DescribeContactFlow": "

Describes the specified flow.

You can also create and update flows using the Amazon Connect Flow language.

Use the $SAVED alias in the request to describe the SAVED content of a Flow. For example, arn:aws:.../contact-flow/{id}:$SAVED. Once a contact flow is published, $SAVED needs to be supplied to view saved content that has not been published.

In the response, Status indicates the flow status as either SAVED or PUBLISHED. The PUBLISHED status will initiate validation on the content. SAVED does not initiate validation of the content. SAVED | PUBLISHED

", @@ -125,6 +126,7 @@ "ListAgentStatuses": "

This API is in preview release for Amazon Connect and is subject to change.

Lists agent statuses.

", "ListAnalyticsDataAssociations": "

This API is in preview release for Amazon Connect and is subject to change.

Lists the association status of requested dataset ID for a given Amazon Connect instance.

", "ListApprovedOrigins": "

This API is in preview release for Amazon Connect and is subject to change.

Returns a paginated list of all approved origins associated with the instance.

", + "ListAuthenticationProfiles": "

This API is in preview release for Amazon Connect and is subject to change. To request access to this API, contact Amazon Web Services Support.

Provides summary information about the authentication profiles in a specified Amazon Connect instance.

", "ListBots": "

This API is in preview release for Amazon Connect and is subject to change.

For the specified version of Amazon Lex, returns a paginated list of all the Amazon Lex bots currently associated with the instance. Use this API to returns both Amazon Lex V1 and V2 bots.

", "ListContactEvaluations": "

Lists contact evaluations in the specified Amazon Connect instance.

", "ListContactFlowModules": "

Provides information about the flow modules for the specified Amazon Connect instance.

", @@ -188,7 +190,7 @@ "SearchUsers": "

Searches users in an Amazon Connect instance, with optional filtering.

AfterContactWorkTimeLimit is returned in milliseconds.

", "SearchVocabularies": "

Searches for vocabularies within a specific Amazon Connect instance using State, NameStartsWith, and LanguageCode.

", "SendChatIntegrationEvent": "

Processes chat integration events from Amazon Web Services or external integrations to Amazon Connect. A chat integration event includes:

When a chat integration event is sent with chat identifiers that do not map to an active chat contact, a new chat contact is also created before handling chat action.

Access to this API is currently restricted to Amazon Pinpoint for supporting SMS integration.

", - "StartAttachedFileUpload": "

Provides a pre-signed Amazon S3 URL in response for uploading your content.

You may only use this API to upload attachments to a Connect Case.

", + "StartAttachedFileUpload": "

Provides a pre-signed Amazon S3 URL in response for uploading your content.

You may only use this API to upload attachments to an Amazon Connect Case.

", "StartChatContact": "

Initiates a flow to start a new chat for the customer. Response of this API provides a token required to obtain credentials from the CreateParticipantConnection API in the Amazon Connect Participant Service.

When a new chat contact is successfully created, clients must subscribe to the participant’s connection for the created chat within 5 minutes. This is achieved by invoking CreateParticipantConnection with WEBSOCKET and CONNECTION_CREDENTIALS.

A 429 error occurs in the following situations:

If you use the ChatDurationInMinutes parameter and receive a 400 error, your account may not support the ability to configure custom chat durations. For more information, contact Amazon Web Services Support.

For more information about chat, see the following topics in the Amazon Connect Administrator Guide:

", "StartContactEvaluation": "

Starts an empty evaluation in the specified Amazon Connect instance, using the given evaluation form for the particular contact. The evaluation form version used for the contact evaluation corresponds to the currently activated version. If no version is activated for the evaluation form, the contact evaluation cannot be started.

Evaluations created through the public API do not contain answer values suggested from automation.

", "StartContactRecording": "

Starts recording the contact:

StartContactRecording is a one-time action. For example, if you use StopContactRecording to stop recording an ongoing call, you can't use StartContactRecording to restart it. For scenarios where the recording has started and you want to suspend and resume it, such as when collecting sensitive information (for example, a credit card number), use SuspendContactRecording and ResumeContactRecording.

You can use this API to override the recording behavior configured in the Set recording behavior block.

Only voice recordings are supported at this time.

", @@ -207,6 +209,7 @@ "UntagContact": "

Removes the specified tags from the contact resource. For more information about this API is used, see Set up granular billing for a detailed view of your Amazon Connect usage.

", "UntagResource": "

Removes the specified tags from the specified resource.

", "UpdateAgentStatus": "

This API is in preview release for Amazon Connect and is subject to change.

Updates agent status.

", + "UpdateAuthenticationProfile": "

This API is in preview release for Amazon Connect and is subject to change. To request access to this API, contact Amazon Web Services Support.

Updates the selected authentication profile.

", "UpdateContact": "

This API is in preview release for Amazon Connect and is subject to change.

Adds or updates user-defined contact information associated with the specified contact. At least one field to be updated must be present in the request.

You can add or update user-defined contact information for both ongoing and completed contacts.

", "UpdateContactAttributes": "

Creates or updates user-defined contact attributes associated with the specified contact.

You can create or update user-defined attributes for both ongoing and completed contacts. For example, while the call is active, you can update the customer's name or the reason the customer called. You can add notes about steps that the agent took during the call that display to the next agent that takes the call. You can also update attributes for a contact using data from your CRM application and save the data with the contact in Amazon Connect. You could also flag calls for additional analysis, such as legal review or to identify abusive callers.

Contact attributes are available in Amazon Connect for 24 months, and are then deleted. For information about contact record retention and the maximum size of the contact record attributes section, see Feature specifications in the Amazon Connect Administrator Guide.

", "UpdateContactEvaluation": "

Updates details about a contact evaluation in the specified Amazon Connect instance. A contact evaluation must be in draft state. Answers included in the request are merged with existing answers for the given evaluation. An answer or note can be deleted by passing an empty object ({}) to the question identifier.

", @@ -268,6 +271,8 @@ "AssociateFlowRequest$FlowId": "

The identifier of the flow.

", "AttachedFile$FileArn": "

The unique identifier of the attached file resource (ARN).

", "AttachedFile$AssociatedResourceArn": "

The resource to which the attached file is (being) uploaded to. Cases are the only current supported resource.

This value must be a valid ARN.

", + "AuthenticationProfile$Arn": "

The Amazon Resource Name (ARN) for the authentication profile.

", + "AuthenticationProfileSummary$Arn": "

The Amazon Resource Name (ARN) of the authentication profile summary.

", "BatchGetAttachedFileMetadataRequest$AssociatedResourceArn": "

The resource to which the attached file is (being) uploaded to. Cases are the only current supported resource.

This value must be a valid ARN.

", "ClaimPhoneNumberRequest$TargetArn": "

The Amazon Resource Name (ARN) for Amazon Connect instances or traffic distribution groups that phone number inbound traffic is routed through. You must enter InstanceId or TargetArn.

", "ClaimPhoneNumberResponse$PhoneNumberArn": "

The Amazon Resource Name (ARN) of the phone number.

", @@ -416,6 +421,13 @@ "refs": { } }, + "AccessTokenDuration": { + "base": null, + "refs": { + "AuthenticationProfile$PeriodicSessionDuration": "

The short lived session duration configuration for users logged in to Amazon Connect, in minutes. This value determines the maximum possible time before an agent is authenticated. For more information, see Configure the session duration in the Amazon Connect Administrator Guide.

", + "UpdateAuthenticationProfileRequest$PeriodicSessionDuration": "

The short lived session duration configuration for users logged in to Amazon Connect, in minutes. This value determines the maximum possible time before an agent is authenticated. For more information, For more information on how to configure IP addresses, see Configure session timeouts in the Amazon Connect Administrator Guide.

" + } + }, "ActionSummaries": { "base": null, "refs": { @@ -1014,6 +1026,48 @@ "AudioQualityMetricsInfo$QualityScore": "

Number measuring the estimated quality of the media connection.

" } }, + "AuthenticationProfile": { + "base": "

This API is in preview release for Amazon Connect and is subject to change. To request access to this API, contact Amazon Web Services Support.

Information about an authentication profile. An authentication profile is a resource that stores the authentication settings for users in your contact center. You use authentication profiles to set up IP address range restrictions and session timeouts. For more information, see Set IP address restrictions or session timeouts.

", + "refs": { + "DescribeAuthenticationProfileResponse$AuthenticationProfile": "

The authentication profile object being described.

" + } + }, + "AuthenticationProfileDescription": { + "base": null, + "refs": { + "AuthenticationProfile$Description": "

The description for the authentication profile.

", + "UpdateAuthenticationProfileRequest$Description": "

The description for the authentication profile.

" + } + }, + "AuthenticationProfileId": { + "base": null, + "refs": { + "AuthenticationProfile$Id": "

A unique identifier for the authentication profile.

", + "AuthenticationProfileSummary$Id": "

The unique identifier of the authentication profile.

", + "DescribeAuthenticationProfileRequest$AuthenticationProfileId": "

A unique identifier for the authentication profile.

", + "UpdateAuthenticationProfileRequest$AuthenticationProfileId": "

A unique identifier for the authentication profile.

" + } + }, + "AuthenticationProfileName": { + "base": null, + "refs": { + "AuthenticationProfile$Name": "

The name for the authentication profile.

", + "AuthenticationProfileSummary$Name": "

The name of the authentication profile summary.

", + "UpdateAuthenticationProfileRequest$Name": "

The name for the authentication profile.

" + } + }, + "AuthenticationProfileSummary": { + "base": "

This API is in preview release for Amazon Connect and is subject to change. To request access to this API, contact Amazon Web Services Support.

A summary of a given authentication profile.

", + "refs": { + "AuthenticationProfileSummaryList$member": null + } + }, + "AuthenticationProfileSummaryList": { + "base": null, + "refs": { + "ListAuthenticationProfilesResponse$AuthenticationProfileSummaryList": "

A summary of a given authentication profile.

" + } + }, "AutoAccept": { "base": null, "refs": { @@ -1101,6 +1155,8 @@ "refs": { "AnswerMachineDetectionConfig$EnableAnswerMachineDetection": "

The flag to indicate if answer machine detection analysis needs to be performed for a voice call. If set to true, TrafficType must be set as CAMPAIGN.

", "AnswerMachineDetectionConfig$AwaitAnswerMachinePrompt": "

Wait for the answering machine prompt.

", + "AuthenticationProfile$IsDefault": "

Shows whether the authentication profile is the default authentication profile for the Amazon Connect instance. The default authentication profile applies to all agents in an Amazon Connect instance, unless overridden by another authentication profile.

", + "AuthenticationProfileSummary$IsDefault": "

Shows whether the authentication profile is the default authentication profile for the Amazon Connect instance. The default authentication profile applies to all agents in an Amazon Connect instance, unless overridden by another authentication profile.

", "EvaluationAnswerData$NotApplicable": "

The flag to mark the question as not applicable.

", "EvaluationFormNumericQuestionOption$AutomaticFail": "

The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0.

", "EvaluationFormQuestion$NotApplicableEnabled": "

The flag to enable not applicable answers to the question.

", @@ -1413,7 +1469,7 @@ "StartChatContactRequest$ContactFlowId": "

The identifier of the flow for initiating the chat. To see the ContactFlowId in the Amazon Connect admin website, on the navigation menu go to Routing, Contact Flows. Choose the flow. On the flow page, under the name of the flow, choose Show additional flow information. The ContactFlowId is the last part of the ARN, shown here in bold:

arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx

", "StartOutboundVoiceContactRequest$ContactFlowId": "

The identifier of the flow for the outbound call. To see the ContactFlowId in the Amazon Connect admin website, on the navigation menu go to Routing, Contact Flows. Choose the flow. On the flow page, under the name of the flow, choose Show additional flow information. The ContactFlowId is the last part of the ARN, shown here in bold:

arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx

", "StartTaskContactRequest$ContactFlowId": "

The identifier of the flow for initiating the tasks. To see the ContactFlowId in the Amazon Connect admin website, on the navigation menu go to Routing, Contact Flows. Choose the flow. On the flow page, under the name of the flow, choose Show additional flow information. The ContactFlowId is the last part of the ARN, shown here in bold:

arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx

", - "StartWebRTCContactRequest$ContactFlowId": "

The identifier of the flow for the call. To see the ContactFlowId in the Amazon Connect admin website, on the navigation menu go to Routing, Contact Flows. Choose the flow. On the flow page, under the name of the flow, choose Show additional flow information. The ContactFlowId is the last part of the ARN, shown here in bold:

arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx

", + "StartWebRTCContactRequest$ContactFlowId": "

The identifier of the flow for the call. To see the ContactFlowId in the Amazon Connect admin website, on the navigation menu go to Routing, Flows. Choose the flow. On the flow page, under the name of the flow, choose Show additional flow information. The ContactFlowId is the last part of the ARN, shown here in bold:

arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx

", "TaskActionDefinition$ContactFlowId": "

The identifier of the flow.

", "TransferContactRequest$ContactFlowId": "

The identifier of the flow.

", "UpdateContactFlowContentRequest$ContactFlowId": "

The identifier of the flow.

", @@ -1559,7 +1615,7 @@ "ContactFlowSearchSummaryList": { "base": null, "refs": { - "SearchContactFlowsResponse$ContactFlows": "

Information about the contact flows.

" + "SearchContactFlowsResponse$ContactFlows": "

Information about the flows.

" } }, "ContactFlowState": { @@ -2350,6 +2406,16 @@ "refs": { } }, + "DescribeAuthenticationProfileRequest": { + "base": null, + "refs": { + } + }, + "DescribeAuthenticationProfileResponse": { + "base": null, + "refs": { + } + }, "DescribeContactEvaluationRequest": { "base": null, "refs": { @@ -4015,7 +4081,7 @@ "BatchPutContactRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ClaimPhoneNumberRequest$InstanceId": "

The identifier of the Amazon Connect instance that phone numbers are claimed to. You can find the instance ID in the Amazon Resource Name (ARN) of the instance. You must enter InstanceId or TargetArn.

", "ClaimedPhoneNumberSummary$InstanceId": "

The identifier of the Amazon Connect instance that phone numbers are claimed to. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", - "CompleteAttachedFileUploadRequest$InstanceId": "

The unique identifier of the Connect instance.

", + "CompleteAttachedFileUploadRequest$InstanceId": "

The unique identifier of the Amazon Connect instance.

", "CreateAgentStatusRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "CreateContactFlowModuleRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "CreateContactFlowRequest$InstanceId": "

The identifier of the Amazon Connect instance.

", @@ -4060,6 +4126,7 @@ "DeleteUserRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "DeleteVocabularyRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "DescribeAgentStatusRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", + "DescribeAuthenticationProfileRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "DescribeContactEvaluationRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "DescribeContactFlowModuleRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "DescribeContactFlowRequest$InstanceId": "

The identifier of the Amazon Connect instance.

", @@ -4111,6 +4178,7 @@ "ListAgentStatusRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ListAnalyticsDataAssociationsRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ListApprovedOriginsRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", + "ListAuthenticationProfilesRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ListBotsRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ListContactEvaluationsRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "ListContactFlowModulesRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", @@ -4169,7 +4237,7 @@ "SearchVocabulariesRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "SecurityProfile$OrganizationResourceId": "

The organization resource identifier for the security profile.

", "SecurityProfileSearchSummary$OrganizationResourceId": "

The organization resource identifier.

", - "StartAttachedFileUploadRequest$InstanceId": "

The unique identifier of the Connect instance.

", + "StartAttachedFileUploadRequest$InstanceId": "

The unique identifier of the Amazon Connect instance.

", "StartChatContactRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "StartContactEvaluationRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "StartContactRecordingRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", @@ -4186,6 +4254,7 @@ "TransferContactRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "UntagContactRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "UpdateAgentStatusRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", + "UpdateAuthenticationProfileRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "UpdateContactAttributesRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "UpdateContactEvaluationRequest$InstanceId": "

The identifier of the Amazon Connect instance. You can find the instance ID in the Amazon Resource Name (ARN) of the instance.

", "UpdateContactFlowContentRequest$InstanceId": "

The identifier of the Amazon Connect instance.

", @@ -4392,6 +4461,21 @@ "TaskTemplateConstraints$InvisibleFields": "

Lists the fields that are invisible to agents.

" } }, + "IpCidr": { + "base": null, + "refs": { + "IpCidrList$member": null + } + }, + "IpCidrList": { + "base": null, + "refs": { + "AuthenticationProfile$AllowedIps": "

A list of IP address range strings that are allowed to access the Amazon Connect instance. For more information about how to configure IP addresses, see Configure IP address based access control in the Amazon Connect Administrator Guide.

", + "AuthenticationProfile$BlockedIps": "

A list of IP address range strings that are blocked from accessing the Amazon Connect instance. For more information about how to configure IP addresses, see Configure IP address based access control in the Amazon Connect Administrator Guide.

", + "UpdateAuthenticationProfileRequest$AllowedIps": "

A list of IP address range strings that are allowed to access the instance. For more information on how to configure IP addresses, seeConfigure session timeouts in the Amazon Connect Administrator Guide.

", + "UpdateAuthenticationProfileRequest$BlockedIps": "

A list of IP address range strings that are blocked from accessing the instance. For more information on how to configure IP addresses, For more information on how to configure IP addresses, see Configure IP-based access control in the Amazon Connect Administrator Guide.

" + } + }, "JoinToken": { "base": null, "refs": { @@ -4519,6 +4603,16 @@ "refs": { } }, + "ListAuthenticationProfilesRequest": { + "base": null, + "refs": { + } + }, + "ListAuthenticationProfilesResponse": { + "base": null, + "refs": { + } + }, "ListBotsRequest": { "base": null, "refs": { @@ -5007,6 +5101,7 @@ "refs": { "ListAgentStatusRequest$MaxResults": "

The maximum number of results to return per page.

", "ListAnalyticsDataAssociationsRequest$MaxResults": "

The maximum number of results to return per page.

", + "ListAuthenticationProfilesRequest$MaxResults": "

The maximum number of results to return per page.

", "ListContactFlowModulesRequest$MaxResults": "

The maximum number of results to return per page.

", "ListContactFlowsRequest$MaxResults": "

The maximum number of results to return per page. The default MaxResult size is 100.

", "ListFlowAssociationsRequest$MaxResults": "

The maximum number of results to return per page.

", @@ -5296,6 +5391,8 @@ "ListAnalyticsDataAssociationsResponse$NextToken": "

If there are additional results, this is the token for the next set of results.

", "ListApprovedOriginsRequest$NextToken": "

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

", "ListApprovedOriginsResponse$NextToken": "

If there are additional results, this is the token for the next set of results.

", + "ListAuthenticationProfilesRequest$NextToken": "

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

", + "ListAuthenticationProfilesResponse$NextToken": "

If there are additional results, this is the token for the next set of results.

", "ListBotsRequest$NextToken": "

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

", "ListBotsResponse$NextToken": "

If there are additional results, this is the token for the next set of results.

", "ListContactEvaluationsRequest$NextToken": "

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

This is not expected to be set because the value returned in the previous response is always null.

", @@ -6611,11 +6708,19 @@ "UrlReference$Value": "

A valid URL.

" } }, + "RefreshTokenDuration": { + "base": null, + "refs": { + "AuthenticationProfile$MaxSessionDuration": "

The long lived session duration for users logged in to Amazon Connect, in minutes. After this time period, users must log in again. For more information, see Configure the session duration in the Amazon Connect Administrator Guide.

" + } + }, "RegionName": { "base": null, "refs": { "AgentStatus$LastModifiedRegion": "

The Amazon Web Services Region where this resource was last modified.

", "AgentStatusSummary$LastModifiedRegion": "

The Amazon Web Services Region where this resource was last modified.

", + "AuthenticationProfile$LastModifiedRegion": "

The Amazon Web Services Region where the authentication profile was last modified.

", + "AuthenticationProfileSummary$LastModifiedRegion": "

The Amazon Web Services Region when the authentication profile summary was last modified.

", "GetPromptFileResponse$LastModifiedRegion": "

The Amazon Web Services Region where this resource was last modified.

", "HierarchyGroup$LastModifiedRegion": "

The Amazon Web Services Region where this resource was last modified.

", "HierarchyGroupSummary$LastModifiedRegion": "

The Amazon Web Services Region where this resource was last modified.

", @@ -8165,6 +8270,9 @@ "AgentStatus$LastModifiedTime": "

The timestamp when this resource was last modified.

", "AgentStatusReference$StatusStartTimestamp": "

The start timestamp of the agent's status.

", "AgentStatusSummary$LastModifiedTime": "

The timestamp when this resource was last modified.

", + "AuthenticationProfile$CreatedTime": "

The timestamp when the authentication profile was created.

", + "AuthenticationProfile$LastModifiedTime": "

The timestamp when the authentication profile was last modified.

", + "AuthenticationProfileSummary$LastModifiedTime": "

The timestamp when the authentication profile summary was last modified.

", "Evaluation$CreatedTime": "

The timestamp for when the evaluation was created.

", "Evaluation$LastModifiedTime": "

The timestamp for when the evaluation was last updated.

", "EvaluationForm$CreatedTime": "

The timestamp for when the evaluation form was created.

", @@ -8395,6 +8503,11 @@ "refs": { } }, + "UpdateAuthenticationProfileRequest": { + "base": null, + "refs": { + } + }, "UpdateCaseActionDefinition": { "base": "

The UpdateCase action definition.

", "refs": { diff --git a/models/apis/connect/2017-08-08/paginators-1.json b/models/apis/connect/2017-08-08/paginators-1.json index 7ba21e5e2e0..c80e204037e 100644 --- a/models/apis/connect/2017-08-08/paginators-1.json +++ b/models/apis/connect/2017-08-08/paginators-1.json @@ -32,6 +32,12 @@ "output_token": "NextToken", "result_key": "Origins" }, + "ListAuthenticationProfiles": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken", + "result_key": "AuthenticationProfileSummaryList" + }, "ListBots": { "input_token": "NextToken", "limit_key": "MaxResults", diff --git a/models/apis/docdb/2014-10-31/api-2.json b/models/apis/docdb/2014-10-31/api-2.json index 041f2e05954..d5f40511eaa 100644 --- a/models/apis/docdb/2014-10-31/api-2.json +++ b/models/apis/docdb/2014-10-31/api-2.json @@ -4,13 +4,15 @@ "apiVersion":"2014-10-31", "endpointPrefix":"rds", "protocol":"query", + "protocols":["query"], "serviceAbbreviation":"Amazon DocDB", "serviceFullName":"Amazon DocumentDB with MongoDB compatibility", "serviceId":"DocDB", "signatureVersion":"v4", "signingName":"rds", "uid":"docdb-2014-10-31", - "xmlNamespace":"http://rds.amazonaws.com/doc/2014-10-31/" + "xmlNamespace":"http://rds.amazonaws.com/doc/2014-10-31/", + "auth":["aws.auth#sigv4"] }, "operations":{ "AddSourceIdentifierToSubscription":{ diff --git a/models/apis/docdb/2014-10-31/smoke-2.json b/models/apis/docdb/2014-10-31/smoke-2.json new file mode 100644 index 00000000000..c6b06e6a332 --- /dev/null +++ b/models/apis/docdb/2014-10-31/smoke-2.json @@ -0,0 +1,16 @@ +{ + "version": 2, + "testCases": [ + { + "id": "DescribeDBEngineVersionsSuccess", + "operationName": "DescribeDBEngineVersions", + "input": {}, + "expectation": { + "success": {} + }, + "config": { + "region": "us-west-2" + } + } + ] +} diff --git a/models/apis/eks/2017-11-01/api-2.json b/models/apis/eks/2017-11-01/api-2.json index 73b1cde8393..bc9658f02a8 100644 --- a/models/apis/eks/2017-11-01/api-2.json +++ b/models/apis/eks/2017-11-01/api-2.json @@ -1229,7 +1229,8 @@ "type":"string", "enum":[ "ON_DEMAND", - "SPOT" + "SPOT", + "CAPACITY_BLOCK" ] }, "Category":{ diff --git a/models/apis/payment-cryptography-data/2022-02-03/api-2.json b/models/apis/payment-cryptography-data/2022-02-03/api-2.json index 5d3bf2273f5..e68286e989e 100644 --- a/models/apis/payment-cryptography-data/2022-02-03/api-2.json +++ b/models/apis/payment-cryptography-data/2022-02-03/api-2.json @@ -2,9 +2,10 @@ "version":"2.0", "metadata":{ "apiVersion":"2022-02-03", + "auth":["aws.auth#sigv4"], "endpointPrefix":"dataplane.payment-cryptography", - "jsonVersion":"1.1", "protocol":"rest-json", + "protocols":["rest-json"], "serviceFullName":"Payment Cryptography Data Plane", "serviceId":"Payment Cryptography Data", "signatureVersion":"v4", @@ -245,9 +246,9 @@ "members":{ "AmexCardSecurityCodeVersion1":{"shape":"AmexCardSecurityCodeVersion1"}, "AmexCardSecurityCodeVersion2":{"shape":"AmexCardSecurityCodeVersion2"}, - "CardHolderVerificationValue":{"shape":"CardHolderVerificationValue"}, "CardVerificationValue1":{"shape":"CardVerificationValue1"}, "CardVerificationValue2":{"shape":"CardVerificationValue2"}, + "CardHolderVerificationValue":{"shape":"CardHolderVerificationValue"}, "DynamicCardVerificationCode":{"shape":"DynamicCardVerificationCode"}, "DynamicCardVerificationValue":{"shape":"DynamicCardVerificationValue"} }, @@ -256,14 +257,14 @@ "CardHolderVerificationValue":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", + "UnpredictableNumber", "PanSequenceNumber", - "UnpredictableNumber" + "ApplicationTransactionCounter" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "UnpredictableNumber":{"shape":"HexLengthBetween2And8"} + "UnpredictableNumber":{"shape":"HexLengthBetween2And8"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"} } }, "CardVerificationAttributes":{ @@ -271,12 +272,12 @@ "members":{ "AmexCardSecurityCodeVersion1":{"shape":"AmexCardSecurityCodeVersion1"}, "AmexCardSecurityCodeVersion2":{"shape":"AmexCardSecurityCodeVersion2"}, - "CardHolderVerificationValue":{"shape":"CardHolderVerificationValue"}, "CardVerificationValue1":{"shape":"CardVerificationValue1"}, "CardVerificationValue2":{"shape":"CardVerificationValue2"}, - "DiscoverDynamicCardVerificationCode":{"shape":"DiscoverDynamicCardVerificationCode"}, + "CardHolderVerificationValue":{"shape":"CardHolderVerificationValue"}, "DynamicCardVerificationCode":{"shape":"DynamicCardVerificationCode"}, - "DynamicCardVerificationValue":{"shape":"DynamicCardVerificationValue"} + "DynamicCardVerificationValue":{"shape":"DynamicCardVerificationValue"}, + "DiscoverDynamicCardVerificationCode":{"shape":"DiscoverDynamicCardVerificationCode"} }, "union":true }, @@ -324,18 +325,19 @@ "DecryptDataInput":{ "type":"structure", "required":[ + "KeyIdentifier", "CipherText", - "DecryptionAttributes", - "KeyIdentifier" + "DecryptionAttributes" ], "members":{ - "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, - "DecryptionAttributes":{"shape":"EncryptionDecryptionAttributes"}, "KeyIdentifier":{ "shape":"KeyArnOrKeyAliasType", "location":"uri", "locationName":"KeyIdentifier" - } + }, + "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, + "DecryptionAttributes":{"shape":"EncryptionDecryptionAttributes"}, + "WrappedKey":{"shape":"WrappedKey"} } }, "DecryptDataOutput":{ @@ -354,34 +356,34 @@ "DiscoverDynamicCardVerificationCode":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", "CardExpiryDate", - "UnpredictableNumber" + "UnpredictableNumber", + "ApplicationTransactionCounter" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, "CardExpiryDate":{"shape":"NumberLengthEquals4"}, - "UnpredictableNumber":{"shape":"HexLengthBetween2And8"} + "UnpredictableNumber":{"shape":"HexLengthBetween2And8"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"} } }, "DukptAttributes":{ "type":"structure", "required":[ - "DukptDerivationType", - "KeySerialNumber" + "KeySerialNumber", + "DukptDerivationType" ], "members":{ - "DukptDerivationType":{"shape":"DukptDerivationType"}, - "KeySerialNumber":{"shape":"HexLengthBetween10And24"} + "KeySerialNumber":{"shape":"HexLengthBetween10And24"}, + "DukptDerivationType":{"shape":"DukptDerivationType"} } }, "DukptDerivationAttributes":{ "type":"structure", "required":["KeySerialNumber"], "members":{ + "KeySerialNumber":{"shape":"HexLengthBetween10And24"}, "DukptKeyDerivationType":{"shape":"DukptDerivationType"}, - "DukptKeyVariant":{"shape":"DukptKeyVariant"}, - "KeySerialNumber":{"shape":"HexLengthBetween10And24"} + "DukptKeyVariant":{"shape":"DukptKeyVariant"} } }, "DukptDerivationType":{ @@ -398,11 +400,11 @@ "type":"structure", "required":["KeySerialNumber"], "members":{ + "KeySerialNumber":{"shape":"HexLengthBetween10And24"}, + "Mode":{"shape":"DukptEncryptionMode"}, "DukptKeyDerivationType":{"shape":"DukptDerivationType"}, "DukptKeyVariant":{"shape":"DukptKeyVariant"}, - "InitializationVector":{"shape":"HexLength16Or32"}, - "KeySerialNumber":{"shape":"HexLengthBetween10And24"}, - "Mode":{"shape":"DukptEncryptionMode"} + "InitializationVector":{"shape":"HexLength16Or32"} } }, "DukptEncryptionMode":{ @@ -423,48 +425,48 @@ "DynamicCardVerificationCode":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", + "UnpredictableNumber", "PanSequenceNumber", - "TrackData", - "UnpredictableNumber" + "ApplicationTransactionCounter", + "TrackData" ], "members":{ + "UnpredictableNumber":{"shape":"HexLengthBetween2And8"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "TrackData":{"shape":"HexLengthBetween2And160"}, - "UnpredictableNumber":{"shape":"HexLengthBetween2And8"} + "TrackData":{"shape":"HexLengthBetween2And160"} } }, "DynamicCardVerificationValue":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", - "CardExpiryDate", "PanSequenceNumber", - "ServiceCode" + "CardExpiryDate", + "ServiceCode", + "ApplicationTransactionCounter" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, "CardExpiryDate":{"shape":"NumberLengthEquals4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "ServiceCode":{"shape":"NumberLengthEquals3"} + "ServiceCode":{"shape":"NumberLengthEquals3"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"} } }, "EmvEncryptionAttributes":{ "type":"structure", "required":[ "MajorKeyDerivationMode", - "PanSequenceNumber", "PrimaryAccountNumber", + "PanSequenceNumber", "SessionDerivationData" ], "members":{ - "InitializationVector":{"shape":"HexLength16Or32"}, "MajorKeyDerivationMode":{"shape":"EmvMajorKeyDerivationMode"}, - "Mode":{"shape":"EmvEncryptionMode"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, - "SessionDerivationData":{"shape":"HexLengthEquals16"} + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, + "SessionDerivationData":{"shape":"HexLengthEquals16"}, + "Mode":{"shape":"EmvEncryptionMode"}, + "InitializationVector":{"shape":"HexLength16Or32"} } }, "EmvEncryptionMode":{ @@ -484,39 +486,40 @@ "EncryptDataInput":{ "type":"structure", "required":[ - "EncryptionAttributes", "KeyIdentifier", - "PlainText" + "PlainText", + "EncryptionAttributes" ], "members":{ - "EncryptionAttributes":{"shape":"EncryptionDecryptionAttributes"}, "KeyIdentifier":{ "shape":"KeyArnOrKeyAliasType", "location":"uri", "locationName":"KeyIdentifier" }, - "PlainText":{"shape":"HexEvenLengthBetween16And4064"} + "PlainText":{"shape":"HexEvenLengthBetween16And4064"}, + "EncryptionAttributes":{"shape":"EncryptionDecryptionAttributes"}, + "WrappedKey":{"shape":"WrappedKey"} } }, "EncryptDataOutput":{ "type":"structure", "required":[ - "CipherText", - "KeyArn" + "KeyArn", + "CipherText" ], "members":{ - "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, "KeyArn":{"shape":"KeyArn"}, - "KeyCheckValue":{"shape":"KeyCheckValue"} + "KeyCheckValue":{"shape":"KeyCheckValue"}, + "CipherText":{"shape":"HexEvenLengthBetween16And4096"} } }, "EncryptionDecryptionAttributes":{ "type":"structure", "members":{ + "Symmetric":{"shape":"SymmetricEncryptionAttributes"}, "Asymmetric":{"shape":"AsymmetricEncryptionAttributes"}, "Dukpt":{"shape":"DukptEncryptionAttributes"}, - "Emv":{"shape":"EmvEncryptionAttributes"}, - "Symmetric":{"shape":"SymmetricEncryptionAttributes"} + "Emv":{"shape":"EmvEncryptionAttributes"} }, "union":true }, @@ -536,14 +539,14 @@ "GenerateCardValidationDataInput":{ "type":"structure", "required":[ - "GenerationAttributes", "KeyIdentifier", - "PrimaryAccountNumber" + "PrimaryAccountNumber", + "GenerationAttributes" ], "members":{ - "GenerationAttributes":{"shape":"CardGenerationAttributes"}, "KeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "GenerationAttributes":{"shape":"CardGenerationAttributes"}, "ValidationDataLength":{"shape":"IntegerRangeBetween3And5Type"} } }, @@ -563,15 +566,15 @@ "GenerateMacInput":{ "type":"structure", "required":[ - "GenerationAttributes", "KeyIdentifier", - "MessageData" + "MessageData", + "GenerationAttributes" ], "members":{ - "GenerationAttributes":{"shape":"MacAttributes"}, "KeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, - "MacLength":{"shape":"IntegerRangeBetween4And16"}, - "MessageData":{"shape":"HexEvenLengthBetween2And4096"} + "MessageData":{"shape":"HexEvenLengthBetween2And4096"}, + "GenerationAttributes":{"shape":"MacAttributes"}, + "MacLength":{"shape":"IntegerRangeBetween4And16"} } }, "GenerateMacOutput":{ @@ -590,37 +593,37 @@ "GeneratePinDataInput":{ "type":"structure", "required":[ + "GenerationKeyIdentifier", "EncryptionKeyIdentifier", "GenerationAttributes", - "GenerationKeyIdentifier", - "PinBlockFormat", - "PrimaryAccountNumber" + "PrimaryAccountNumber", + "PinBlockFormat" ], "members":{ + "GenerationKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "EncryptionKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "GenerationAttributes":{"shape":"PinGenerationAttributes"}, - "GenerationKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, - "PinBlockFormat":{"shape":"PinBlockFormatForPinData"}, "PinDataLength":{"shape":"IntegerRangeBetween4And12"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"} + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PinBlockFormat":{"shape":"PinBlockFormatForPinData"} } }, "GeneratePinDataOutput":{ "type":"structure", "required":[ - "EncryptedPinBlock", - "EncryptionKeyArn", - "EncryptionKeyCheckValue", "GenerationKeyArn", "GenerationKeyCheckValue", + "EncryptionKeyArn", + "EncryptionKeyCheckValue", + "EncryptedPinBlock", "PinData" ], "members":{ - "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, - "EncryptionKeyArn":{"shape":"KeyArn"}, - "EncryptionKeyCheckValue":{"shape":"KeyCheckValue"}, "GenerationKeyArn":{"shape":"KeyArn"}, "GenerationKeyCheckValue":{"shape":"KeyCheckValue"}, + "EncryptionKeyArn":{"shape":"KeyArn"}, + "EncryptionKeyCheckValue":{"shape":"KeyCheckValue"}, + "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, "PinData":{"shape":"PinData"} } }, @@ -628,197 +631,191 @@ "type":"string", "max":32, "min":16, - "pattern":"^(?:[0-9a-fA-F][0-9a-fA-F])+$", + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+", "sensitive":true }, "HexEvenLengthBetween16And4064":{ "type":"string", "max":4064, "min":16, - "pattern":"^(?:[0-9a-fA-F][0-9a-fA-F])+$", + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+", "sensitive":true }, "HexEvenLengthBetween16And4096":{ "type":"string", "max":4096, "min":16, - "pattern":"^(?:[0-9a-fA-F][0-9a-fA-F])+$", + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+", "sensitive":true }, "HexEvenLengthBetween2And4096":{ "type":"string", "max":4096, "min":2, - "pattern":"^(?:[0-9a-fA-F][0-9a-fA-F])+$", + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+", "sensitive":true }, "HexEvenLengthBetween4And128":{ "type":"string", "max":128, "min":4, - "pattern":"^(?:[0-9a-fA-F][0-9a-fA-F])+$", + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+", "sensitive":true }, "HexLength16Or32":{ "type":"string", "max":32, "min":16, - "pattern":"^(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{32})$", + "pattern":"(?:[0-9a-fA-F]{16}|[0-9a-fA-F]{32})", "sensitive":true }, "HexLengthBetween10And24":{ "type":"string", "max":24, "min":10, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween16And32":{ "type":"string", "max":32, "min":16, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween1And16":{ "type":"string", "max":16, "min":1, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween2And1024":{ "type":"string", "max":1024, "min":2, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween2And160":{ "type":"string", "max":160, "min":2, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween2And4":{ "type":"string", "max":4, "min":2, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween2And8":{ "type":"string", "max":8, "min":2, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthBetween4And128":{ "type":"string", "max":128, "min":4, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthEquals1":{ "type":"string", "max":1, "min":1, - "pattern":"^[0-9A-F]+$" + "pattern":"[0-9A-F]+" }, "HexLengthEquals16":{ "type":"string", "max":16, "min":16, - "pattern":"^[0-9a-fA-F]+$" - }, - "HexLengthEquals2":{ - "type":"string", - "max":2, - "min":2, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthEquals4":{ "type":"string", "max":4, "min":4, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "HexLengthEquals8":{ "type":"string", "max":8, "min":8, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" }, "Ibm3624NaturalPin":{ "type":"structure", "required":[ "DecimalizationTable", - "PinValidationData", - "PinValidationDataPadCharacter" + "PinValidationDataPadCharacter", + "PinValidationData" ], "members":{ "DecimalizationTable":{"shape":"NumberLengthEquals16"}, - "PinValidationData":{"shape":"NumberLengthBetween4And16"}, - "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"} + "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"}, + "PinValidationData":{"shape":"NumberLengthBetween4And16"} } }, "Ibm3624PinFromOffset":{ "type":"structure", "required":[ "DecimalizationTable", - "PinOffset", + "PinValidationDataPadCharacter", "PinValidationData", - "PinValidationDataPadCharacter" + "PinOffset" ], "members":{ "DecimalizationTable":{"shape":"NumberLengthEquals16"}, - "PinOffset":{"shape":"NumberLengthBetween4And12"}, + "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"}, "PinValidationData":{"shape":"NumberLengthBetween4And16"}, - "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"} + "PinOffset":{"shape":"NumberLengthBetween4And12"} } }, "Ibm3624PinOffset":{ "type":"structure", "required":[ - "DecimalizationTable", "EncryptedPinBlock", - "PinValidationData", - "PinValidationDataPadCharacter" + "DecimalizationTable", + "PinValidationDataPadCharacter", + "PinValidationData" ], "members":{ - "DecimalizationTable":{"shape":"NumberLengthEquals16"}, "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, - "PinValidationData":{"shape":"NumberLengthBetween4And16"}, - "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"} + "DecimalizationTable":{"shape":"NumberLengthEquals16"}, + "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"}, + "PinValidationData":{"shape":"NumberLengthBetween4And16"} } }, "Ibm3624PinVerification":{ "type":"structure", "required":[ "DecimalizationTable", - "PinOffset", + "PinValidationDataPadCharacter", "PinValidationData", - "PinValidationDataPadCharacter" + "PinOffset" ], "members":{ "DecimalizationTable":{"shape":"NumberLengthEquals16"}, - "PinOffset":{"shape":"NumberLengthBetween4And12"}, + "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"}, "PinValidationData":{"shape":"NumberLengthBetween4And16"}, - "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"} + "PinOffset":{"shape":"NumberLengthBetween4And12"} } }, "Ibm3624RandomPin":{ "type":"structure", "required":[ "DecimalizationTable", - "PinValidationData", - "PinValidationDataPadCharacter" + "PinValidationDataPadCharacter", + "PinValidationData" ], "members":{ "DecimalizationTable":{"shape":"NumberLengthEquals16"}, - "PinValidationData":{"shape":"NumberLengthBetween4And16"}, - "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"} + "PinValidationDataPadCharacter":{"shape":"HexLengthEquals1"}, + "PinValidationData":{"shape":"NumberLengthBetween4And16"} } }, - "IntegerRangeBetween0And9":{ + "IntegerRangeBetween0And6":{ "type":"integer", "box":true, - "max":9, + "max":6, "min":0 }, "IntegerRangeBetween3And5Type":{ @@ -852,19 +849,26 @@ "type":"string", "max":150, "min":70, - "pattern":"^arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:key/[0-9a-zA-Z]{16,64}$" + "pattern":"arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:key/[0-9a-zA-Z]{16,64}" }, "KeyArnOrKeyAliasType":{ "type":"string", "max":322, "min":7, - "pattern":"^arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:(key/[0-9a-zA-Z]{16,64}|alias/[a-zA-Z0-9/_-]+)$|^alias/[a-zA-Z0-9/_-]+$" + "pattern":"arn:aws:payment-cryptography:[a-z]{2}-[a-z]{1,16}-[0-9]+:[0-9]{12}:(key/[0-9a-zA-Z]{16,64}|alias/[a-zA-Z0-9/_-]+)$|^alias/[a-zA-Z0-9/_-]+" }, "KeyCheckValue":{ "type":"string", "max":16, "min":4, - "pattern":"^[0-9a-fA-F]+$" + "pattern":"[0-9a-fA-F]+" + }, + "KeyCheckValueAlgorithm":{ + "type":"string", + "enum":[ + "CMAC", + "ANSI_X9_24" + ] }, "MacAlgorithm":{ "type":"string", @@ -881,28 +885,28 @@ "MacAlgorithmDukpt":{ "type":"structure", "required":[ - "DukptKeyVariant", - "KeySerialNumber" + "KeySerialNumber", + "DukptKeyVariant" ], "members":{ - "DukptDerivationType":{"shape":"DukptDerivationType"}, + "KeySerialNumber":{"shape":"HexLengthBetween10And24"}, "DukptKeyVariant":{"shape":"DukptKeyVariant"}, - "KeySerialNumber":{"shape":"HexLengthBetween10And24"} + "DukptDerivationType":{"shape":"DukptDerivationType"} } }, "MacAlgorithmEmv":{ "type":"structure", "required":[ "MajorKeyDerivationMode", - "PanSequenceNumber", "PrimaryAccountNumber", + "PanSequenceNumber", "SessionKeyDerivationMode", "SessionKeyDerivationValue" ], "members":{ "MajorKeyDerivationMode":{"shape":"MajorKeyDerivationMode"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, "SessionKeyDerivationMode":{"shape":"SessionKeyDerivationMode"}, "SessionKeyDerivationValue":{"shape":"SessionKeyDerivationValue"} } @@ -911,10 +915,10 @@ "type":"structure", "members":{ "Algorithm":{"shape":"MacAlgorithm"}, - "DukptCmac":{"shape":"MacAlgorithmDukpt"}, + "EmvMac":{"shape":"MacAlgorithmEmv"}, "DukptIso9797Algorithm1":{"shape":"MacAlgorithmDukpt"}, "DukptIso9797Algorithm3":{"shape":"MacAlgorithmDukpt"}, - "EmvMac":{"shape":"MacAlgorithmEmv"} + "DukptCmac":{"shape":"MacAlgorithmDukpt"} }, "union":true }, @@ -929,44 +933,50 @@ "type":"string", "max":19, "min":12, - "pattern":"^[0-9]+$", + "pattern":"[0-9]+", "sensitive":true }, "NumberLengthBetween3And5":{ "type":"string", "max":5, "min":3, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" }, "NumberLengthBetween4And12":{ "type":"string", "max":12, "min":4, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" }, "NumberLengthBetween4And16":{ "type":"string", "max":16, "min":4, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" }, "NumberLengthEquals16":{ "type":"string", "max":16, "min":16, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" + }, + "NumberLengthEquals2":{ + "type":"string", + "max":2, + "min":2, + "pattern":"[0-9]+" }, "NumberLengthEquals3":{ "type":"string", "max":3, "min":3, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" }, "NumberLengthEquals4":{ "type":"string", "max":4, "min":4, - "pattern":"^[0-9]+$" + "pattern":"[0-9]+" }, "PaddingType":{ "type":"string", @@ -995,62 +1005,64 @@ "PinGenerationAttributes":{ "type":"structure", "members":{ - "Ibm3624NaturalPin":{"shape":"Ibm3624NaturalPin"}, - "Ibm3624PinFromOffset":{"shape":"Ibm3624PinFromOffset"}, + "VisaPin":{"shape":"VisaPin"}, + "VisaPinVerificationValue":{"shape":"VisaPinVerificationValue"}, "Ibm3624PinOffset":{"shape":"Ibm3624PinOffset"}, + "Ibm3624NaturalPin":{"shape":"Ibm3624NaturalPin"}, "Ibm3624RandomPin":{"shape":"Ibm3624RandomPin"}, - "VisaPin":{"shape":"VisaPin"}, - "VisaPinVerificationValue":{"shape":"VisaPinVerificationValue"} + "Ibm3624PinFromOffset":{"shape":"Ibm3624PinFromOffset"} }, "union":true }, "PinVerificationAttributes":{ "type":"structure", "members":{ - "Ibm3624Pin":{"shape":"Ibm3624PinVerification"}, - "VisaPin":{"shape":"VisaPinVerification"} + "VisaPin":{"shape":"VisaPinVerification"}, + "Ibm3624Pin":{"shape":"Ibm3624PinVerification"} }, "union":true }, "ReEncryptDataInput":{ "type":"structure", "required":[ + "IncomingKeyIdentifier", + "OutgoingKeyIdentifier", "CipherText", "IncomingEncryptionAttributes", - "IncomingKeyIdentifier", - "OutgoingEncryptionAttributes", - "OutgoingKeyIdentifier" + "OutgoingEncryptionAttributes" ], "members":{ - "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, - "IncomingEncryptionAttributes":{"shape":"ReEncryptionAttributes"}, "IncomingKeyIdentifier":{ "shape":"KeyArnOrKeyAliasType", "location":"uri", "locationName":"IncomingKeyIdentifier" }, + "OutgoingKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, + "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, + "IncomingEncryptionAttributes":{"shape":"ReEncryptionAttributes"}, "OutgoingEncryptionAttributes":{"shape":"ReEncryptionAttributes"}, - "OutgoingKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"} + "IncomingWrappedKey":{"shape":"WrappedKey"}, + "OutgoingWrappedKey":{"shape":"WrappedKey"} } }, "ReEncryptDataOutput":{ "type":"structure", "required":[ - "CipherText", "KeyArn", - "KeyCheckValue" + "KeyCheckValue", + "CipherText" ], "members":{ - "CipherText":{"shape":"HexEvenLengthBetween16And4096"}, "KeyArn":{"shape":"KeyArn"}, - "KeyCheckValue":{"shape":"KeyCheckValue"} + "KeyCheckValue":{"shape":"KeyCheckValue"}, + "CipherText":{"shape":"HexEvenLengthBetween16And4096"} } }, "ReEncryptionAttributes":{ "type":"structure", "members":{ - "Dukpt":{"shape":"DukptEncryptionAttributes"}, - "Symmetric":{"shape":"SymmetricEncryptionAttributes"} + "Symmetric":{"shape":"SymmetricEncryptionAttributes"}, + "Dukpt":{"shape":"DukptEncryptionAttributes"} }, "union":true }, @@ -1068,21 +1080,21 @@ "SessionKeyAmex":{ "type":"structure", "required":[ - "PanSequenceNumber", - "PrimaryAccountNumber" + "PrimaryAccountNumber", + "PanSequenceNumber" ], "members":{ - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"} + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"} } }, "SessionKeyDerivation":{ "type":"structure", "members":{ - "Amex":{"shape":"SessionKeyAmex"}, - "Emv2000":{"shape":"SessionKeyEmv2000"}, "EmvCommon":{"shape":"SessionKeyEmvCommon"}, "Mastercard":{"shape":"SessionKeyMastercard"}, + "Emv2000":{"shape":"SessionKeyEmv2000"}, + "Amex":{"shape":"SessionKeyAmex"}, "Visa":{"shape":"SessionKeyVisa"} }, "union":true @@ -1108,53 +1120,53 @@ "SessionKeyEmv2000":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", + "PrimaryAccountNumber", "PanSequenceNumber", - "PrimaryAccountNumber" + "ApplicationTransactionCounter" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"} + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"} } }, "SessionKeyEmvCommon":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", + "PrimaryAccountNumber", "PanSequenceNumber", - "PrimaryAccountNumber" + "ApplicationTransactionCounter" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"} + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"} } }, "SessionKeyMastercard":{ "type":"structure", "required":[ - "ApplicationTransactionCounter", - "PanSequenceNumber", "PrimaryAccountNumber", + "PanSequenceNumber", + "ApplicationTransactionCounter", "UnpredictableNumber" ], "members":{ - "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"}, + "ApplicationTransactionCounter":{"shape":"HexLengthBetween2And4"}, "UnpredictableNumber":{"shape":"HexLengthBetween2And8"} } }, "SessionKeyVisa":{ "type":"structure", "required":[ - "PanSequenceNumber", - "PrimaryAccountNumber" + "PrimaryAccountNumber", + "PanSequenceNumber" ], "members":{ - "PanSequenceNumber":{"shape":"HexLengthEquals2"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"} + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, + "PanSequenceNumber":{"shape":"NumberLengthEquals2"} } }, "String":{"type":"string"}, @@ -1162,8 +1174,8 @@ "type":"structure", "required":["Mode"], "members":{ - "InitializationVector":{"shape":"HexLength16Or32"}, "Mode":{"shape":"EncryptionMode"}, + "InitializationVector":{"shape":"HexLength16Or32"}, "PaddingType":{"shape":"PaddingType"} } }, @@ -1178,36 +1190,45 @@ }, "exception":true }, + "Tr31WrappedKeyBlock":{ + "type":"string", + "max":9984, + "min":56, + "pattern":"[0-9A-Z]+", + "sensitive":true + }, "TranslatePinDataInput":{ "type":"structure", "required":[ - "EncryptedPinBlock", "IncomingKeyIdentifier", - "IncomingTranslationAttributes", "OutgoingKeyIdentifier", - "OutgoingTranslationAttributes" + "IncomingTranslationAttributes", + "OutgoingTranslationAttributes", + "EncryptedPinBlock" ], "members":{ - "EncryptedPinBlock":{"shape":"HexEvenLengthBetween16And32"}, - "IncomingDukptAttributes":{"shape":"DukptDerivationAttributes"}, "IncomingKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, + "OutgoingKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "IncomingTranslationAttributes":{"shape":"TranslationIsoFormats"}, + "OutgoingTranslationAttributes":{"shape":"TranslationIsoFormats"}, + "EncryptedPinBlock":{"shape":"HexEvenLengthBetween16And32"}, + "IncomingDukptAttributes":{"shape":"DukptDerivationAttributes"}, "OutgoingDukptAttributes":{"shape":"DukptDerivationAttributes"}, - "OutgoingKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, - "OutgoingTranslationAttributes":{"shape":"TranslationIsoFormats"} + "IncomingWrappedKey":{"shape":"WrappedKey"}, + "OutgoingWrappedKey":{"shape":"WrappedKey"} } }, "TranslatePinDataOutput":{ "type":"structure", "required":[ + "PinBlock", "KeyArn", - "KeyCheckValue", - "PinBlock" + "KeyCheckValue" ], "members":{ + "PinBlock":{"shape":"HexLengthBetween16And32"}, "KeyArn":{"shape":"KeyArn"}, - "KeyCheckValue":{"shape":"KeyCheckValue"}, - "PinBlock":{"shape":"HexLengthBetween16And32"} + "KeyCheckValue":{"shape":"KeyCheckValue"} } }, "TranslationIsoFormats":{ @@ -1236,20 +1257,20 @@ "type":"structure", "required":["message"], "members":{ - "fieldList":{"shape":"ValidationExceptionFieldList"}, - "message":{"shape":"String"} + "message":{"shape":"String"}, + "fieldList":{"shape":"ValidationExceptionFieldList"} }, "exception":true }, "ValidationExceptionField":{ "type":"structure", "required":[ - "message", - "path" + "path", + "message" ], "members":{ - "message":{"shape":"String"}, - "path":{"shape":"String"} + "path":{"shape":"String"}, + "message":{"shape":"String"} } }, "ValidationExceptionFieldList":{ @@ -1259,12 +1280,12 @@ "VerificationFailedException":{ "type":"structure", "required":[ - "Message", - "Reason" + "Reason", + "Message" ], "members":{ - "Message":{"shape":"String"}, - "Reason":{"shape":"VerificationFailedReason"} + "Reason":{"shape":"VerificationFailedReason"}, + "Message":{"shape":"String"} }, "error":{ "httpStatusCode":400, @@ -1284,19 +1305,19 @@ "VerifyAuthRequestCryptogramInput":{ "type":"structure", "required":[ - "AuthRequestCryptogram", "KeyIdentifier", + "TransactionData", + "AuthRequestCryptogram", "MajorKeyDerivationMode", - "SessionKeyDerivationAttributes", - "TransactionData" + "SessionKeyDerivationAttributes" ], "members":{ - "AuthRequestCryptogram":{"shape":"HexLengthEquals16"}, - "AuthResponseAttributes":{"shape":"CryptogramAuthResponse"}, "KeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, + "TransactionData":{"shape":"HexLengthBetween2And1024"}, + "AuthRequestCryptogram":{"shape":"HexLengthEquals16"}, "MajorKeyDerivationMode":{"shape":"MajorKeyDerivationMode"}, "SessionKeyDerivationAttributes":{"shape":"SessionKeyDerivation"}, - "TransactionData":{"shape":"HexLengthBetween2And1024"} + "AuthResponseAttributes":{"shape":"CryptogramAuthResponse"} } }, "VerifyAuthRequestCryptogramOutput":{ @@ -1306,9 +1327,9 @@ "KeyCheckValue" ], "members":{ - "AuthResponseValue":{"shape":"HexLengthBetween1And16"}, "KeyArn":{"shape":"KeyArn"}, - "KeyCheckValue":{"shape":"KeyCheckValue"} + "KeyCheckValue":{"shape":"KeyCheckValue"}, + "AuthResponseValue":{"shape":"HexLengthBetween1And16"} } }, "VerifyCardValidationDataInput":{ @@ -1316,14 +1337,14 @@ "required":[ "KeyIdentifier", "PrimaryAccountNumber", - "ValidationData", - "VerificationAttributes" + "VerificationAttributes", + "ValidationData" ], "members":{ "KeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, - "ValidationData":{"shape":"NumberLengthBetween3And5"}, - "VerificationAttributes":{"shape":"CardVerificationAttributes"} + "VerificationAttributes":{"shape":"CardVerificationAttributes"}, + "ValidationData":{"shape":"NumberLengthBetween3And5"} } }, "VerifyCardValidationDataOutput":{ @@ -1341,16 +1362,16 @@ "type":"structure", "required":[ "KeyIdentifier", - "Mac", "MessageData", + "Mac", "VerificationAttributes" ], "members":{ "KeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, - "Mac":{"shape":"HexEvenLengthBetween4And128"}, - "MacLength":{"shape":"IntegerRangeBetween4And16"}, "MessageData":{"shape":"HexEvenLengthBetween2And4096"}, - "VerificationAttributes":{"shape":"MacAttributes"} + "Mac":{"shape":"HexEvenLengthBetween4And128"}, + "VerificationAttributes":{"shape":"MacAttributes"}, + "MacLength":{"shape":"IntegerRangeBetween4And16"} } }, "VerifyMacOutput":{ @@ -1367,44 +1388,44 @@ "VerifyPinDataInput":{ "type":"structure", "required":[ - "EncryptedPinBlock", + "VerificationKeyIdentifier", "EncryptionKeyIdentifier", - "PinBlockFormat", - "PrimaryAccountNumber", "VerificationAttributes", - "VerificationKeyIdentifier" + "EncryptedPinBlock", + "PrimaryAccountNumber", + "PinBlockFormat" ], "members":{ - "DukptAttributes":{"shape":"DukptAttributes"}, - "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, + "VerificationKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, "EncryptionKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"}, + "VerificationAttributes":{"shape":"PinVerificationAttributes"}, + "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, + "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, "PinBlockFormat":{"shape":"PinBlockFormatForPinData"}, "PinDataLength":{"shape":"IntegerRangeBetween4And12"}, - "PrimaryAccountNumber":{"shape":"NumberLengthBetween12And19"}, - "VerificationAttributes":{"shape":"PinVerificationAttributes"}, - "VerificationKeyIdentifier":{"shape":"KeyArnOrKeyAliasType"} + "DukptAttributes":{"shape":"DukptAttributes"} } }, "VerifyPinDataOutput":{ "type":"structure", "required":[ - "EncryptionKeyArn", - "EncryptionKeyCheckValue", "VerificationKeyArn", - "VerificationKeyCheckValue" + "VerificationKeyCheckValue", + "EncryptionKeyArn", + "EncryptionKeyCheckValue" ], "members":{ - "EncryptionKeyArn":{"shape":"KeyArn"}, - "EncryptionKeyCheckValue":{"shape":"KeyCheckValue"}, "VerificationKeyArn":{"shape":"KeyArn"}, - "VerificationKeyCheckValue":{"shape":"KeyCheckValue"} + "VerificationKeyCheckValue":{"shape":"KeyCheckValue"}, + "EncryptionKeyArn":{"shape":"KeyArn"}, + "EncryptionKeyCheckValue":{"shape":"KeyCheckValue"} } }, "VisaPin":{ "type":"structure", "required":["PinVerificationKeyIndex"], "members":{ - "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And9"} + "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And6"} } }, "VisaPinVerification":{ @@ -1414,7 +1435,7 @@ "VerificationValue" ], "members":{ - "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And9"}, + "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And6"}, "VerificationValue":{"shape":"NumberLengthBetween4And12"} } }, @@ -1426,8 +1447,23 @@ ], "members":{ "EncryptedPinBlock":{"shape":"HexLengthBetween16And32"}, - "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And9"} + "PinVerificationKeyIndex":{"shape":"IntegerRangeBetween0And6"} } + }, + "WrappedKey":{ + "type":"structure", + "required":["WrappedKeyMaterial"], + "members":{ + "WrappedKeyMaterial":{"shape":"WrappedKeyMaterial"}, + "KeyCheckValueAlgorithm":{"shape":"KeyCheckValueAlgorithm"} + } + }, + "WrappedKeyMaterial":{ + "type":"structure", + "members":{ + "Tr31KeyBlock":{"shape":"Tr31WrappedKeyBlock"} + }, + "union":true } } } diff --git a/models/apis/payment-cryptography-data/2022-02-03/docs-2.json b/models/apis/payment-cryptography-data/2022-02-03/docs-2.json index 028da476191..6774b2eff2f 100644 --- a/models/apis/payment-cryptography-data/2022-02-03/docs-2.json +++ b/models/apis/payment-cryptography-data/2022-02-03/docs-2.json @@ -7,7 +7,7 @@ "GenerateCardValidationData": "

Generates card-related validation data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2), or Card Security Codes (CSC). For more information, see Generate card data in the Amazon Web Services Payment Cryptography User Guide.

This operation generates a CVV or CSC value that is printed on a payment credit or debit card during card production. The CVV or CSC, PAN (Primary Account Number) and expiration date of the card are required to check its validity during transaction processing. To begin this operation, a CVK (Card Verification Key) encryption key is required. You can use CreateKey or ImportKey to establish a CVK within Amazon Web Services Payment Cryptography. The KeyModesOfUse should be set to Generate and Verify for a CVK encryption key.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", "GenerateMac": "

Generates a Message Authentication Code (MAC) cryptogram within Amazon Web Services Payment Cryptography.

You can use this operation to authenticate card-related data by using known data values to generate MAC for data validation between the sending and receiving parties. This operation uses message data, a secret encryption key and MAC algorithm to generate a unique MAC value for transmission. The receiving party of the MAC must use the same message data, secret encryption key and MAC algorithm to reproduce another MAC value for comparision.

You can use this operation to generate a DUPKT, CMAC, HMAC or EMV MAC by setting generation attributes and algorithm to the associated values. The MAC generation encryption key must have valid values for KeyUsage such as TR31_M7_HMAC_KEY for HMAC generation, and they key must have KeyModesOfUse set to Generate and Verify.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", "GeneratePinData": "

Generates pin-related data such as PIN, PIN Verification Value (PVV), PIN Block, and PIN Offset during new card issuance or reissuance. For more information, see Generate PIN data in the Amazon Web Services Payment Cryptography User Guide.

PIN data is never transmitted in clear to or from Amazon Web Services Payment Cryptography. This operation generates PIN, PVV, or PIN Offset and then encrypts it using Pin Encryption Key (PEK) to create an EncryptedPinBlock for transmission from Amazon Web Services Payment Cryptography. This operation uses a separate Pin Verification Key (PVK) for VISA PVV generation.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", - "ReEncryptData": "

Re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption Keys.

You can either generate an encryption key within Amazon Web Services Payment Cryptography by calling CreateKey or import your own encryption key by calling ImportKey. The KeyArn for use with this operation must be in a compatible key state with KeyModesOfUse set to Encrypt. In asymmetric encryption, ciphertext is encrypted using public component (imported by calling ImportKey) of the asymmetric key pair created outside of Amazon Web Services Payment Cryptography.

For symmetric and DUKPT encryption, Amazon Web Services Payment Cryptography supports TDES and AES algorithms. For asymmetric encryption, Amazon Web Services Payment Cryptography supports RSA. To encrypt using DUKPT, a DUKPT key must already exist within your account with KeyModesOfUse set to DeriveKey or a new DUKPT can be generated by calling CreateKey.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", + "ReEncryptData": "

Re-encrypt ciphertext using DUKPT or Symmetric data encryption keys.

You can either generate an encryption key within Amazon Web Services Payment Cryptography by calling CreateKey or import your own encryption key by calling ImportKey. The KeyArn for use with this operation must be in a compatible key state with KeyModesOfUse set to Encrypt.

For symmetric and DUKPT encryption, Amazon Web Services Payment Cryptography supports TDES and AES algorithms. To encrypt using DUKPT, a DUKPT key must already exist within your account with KeyModesOfUse set to DeriveKey or a new DUKPT can be generated by calling CreateKey.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", "TranslatePinData": "

Translates encrypted PIN block from and to ISO 9564 formats 0,1,3,4. For more information, see Translate PIN data in the Amazon Web Services Payment Cryptography User Guide.

PIN block translation involves changing the encrytion of PIN block from one encryption key to another encryption key and changing PIN block format from one to another without PIN block data leaving Amazon Web Services Payment Cryptography. The encryption key transformation can be from PEK (Pin Encryption Key) to BDK (Base Derivation Key) for DUKPT or from BDK for DUKPT to PEK. Amazon Web Services Payment Cryptography supports TDES and AES key derivation type for DUKPT translations.

The allowed combinations of PIN block format translations are guided by PCI. It is important to note that not all encrypted PIN block formats (example, format 1) require PAN (Primary Account Number) as input. And as such, PIN block format that requires PAN (example, formats 0,3,4) cannot be translated to a format (format 1) that does not require a PAN for generation.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Amazon Web Services Payment Cryptography currently supports ISO PIN block 4 translation for PIN block built using legacy PAN length. That is, PAN is the right most 12 digits excluding the check digits.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", "VerifyAuthRequestCryptogram": "

Verifies Authorization Request Cryptogram (ARQC) for a EMV chip payment card authorization. For more information, see Verify auth request cryptogram in the Amazon Web Services Payment Cryptography User Guide.

ARQC generation is done outside of Amazon Web Services Payment Cryptography and is typically generated on a point of sale terminal for an EMV chip card to obtain payment authorization during transaction time. For ARQC verification, you must first import the ARQC generated outside of Amazon Web Services Payment Cryptography by calling ImportKey. This operation uses the imported ARQC and an major encryption key (DUKPT) created by calling CreateKey to either provide a boolean ARQC verification result or provide an APRC (Authorization Response Cryptogram) response using Method 1 or Method 2. The ARPC_METHOD_1 uses AuthResponseCode to generate ARPC and ARPC_METHOD_2 uses CardStatusUpdate to generate ARPC.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", "VerifyCardValidationData": "

Verifies card-related validation data using algorithms such as Card Verification Values (CVV/CVV2), Dynamic Card Verification Values (dCVV/dCVV2) and Card Security Codes (CSC). For more information, see Verify card data in the Amazon Web Services Payment Cryptography User Guide.

This operation validates the CVV or CSC codes that is printed on a payment credit or debit card during card payment transaction. The input values are typically provided as part of an inbound transaction to an issuer or supporting platform partner. Amazon Web Services Payment Cryptography uses CVV or CSC, PAN (Primary Account Number) and expiration date of the card to check its validity during transaction processing. In this operation, the CVK (Card Verification Key) encryption key for use with card data verification is same as the one in used for GenerateCardValidationData.

For information about valid keys for this operation, see Understanding key attributes and Key types for specific data operations in the Amazon Web Services Payment Cryptography User Guide.

Cross-account use: This operation can't be used across different Amazon Web Services accounts.

Related operations:

", @@ -362,21 +362,6 @@ "VerifyAuthRequestCryptogramInput$AuthRequestCryptogram": "

The auth request cryptogram imported into Amazon Web Services Payment Cryptography for ARQC verification using a major encryption key and transaction data.

" } }, - "HexLengthEquals2": { - "base": null, - "refs": { - "CardHolderVerificationValue$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "DynamicCardVerificationCode$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "DynamicCardVerificationValue$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "EmvEncryptionAttributes$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "MacAlgorithmEmv$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "SessionKeyAmex$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "SessionKeyEmv2000$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "SessionKeyEmvCommon$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "SessionKeyMastercard$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", - "SessionKeyVisa$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

" - } - }, "HexLengthEquals4": { "base": null, "refs": { @@ -419,7 +404,7 @@ "PinGenerationAttributes$Ibm3624RandomPin": "

Parameters that are required to generate or verify Ibm3624 random PIN.

" } }, - "IntegerRangeBetween0And9": { + "IntegerRangeBetween0And6": { "base": null, "refs": { "VisaPin$PinVerificationKeyIndex": "

The value for PIN verification index. It is used in the Visa PIN algorithm to calculate the PVV (PIN Verification Value).

", @@ -459,35 +444,35 @@ "EncryptDataOutput$KeyArn": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.

", "GenerateCardValidationDataOutput$KeyArn": "

The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate CVV or CSC.

", "GenerateMacOutput$KeyArn": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for MAC generation.

", - "GeneratePinDataOutput$EncryptionKeyArn": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.

", "GeneratePinDataOutput$GenerationKeyArn": "

The keyARN of the pin data generation key that Amazon Web Services Payment Cryptography uses for PIN, PVV or PIN Offset generation.

", + "GeneratePinDataOutput$EncryptionKeyArn": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.

", "ReEncryptDataOutput$KeyArn": "

The keyARN (Amazon Resource Name) of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.

", "TranslatePinDataOutput$KeyArn": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses to encrypt outgoing PIN block data after translation.

", "VerifyAuthRequestCryptogramOutput$KeyArn": "

The keyARN of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC verification.

", "VerifyCardValidationDataOutput$KeyArn": "

The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify CVV or CSC.

", "VerifyMacOutput$KeyArn": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for MAC verification.

", - "VerifyPinDataOutput$EncryptionKeyArn": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.

", - "VerifyPinDataOutput$VerificationKeyArn": "

The keyARN of the PIN encryption key that Amazon Web Services Payment Cryptography uses for PIN or PIN Offset verification.

" + "VerifyPinDataOutput$VerificationKeyArn": "

The keyARN of the PIN encryption key that Amazon Web Services Payment Cryptography uses for PIN or PIN Offset verification.

", + "VerifyPinDataOutput$EncryptionKeyArn": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for encrypted pin block generation.

" } }, "KeyArnOrKeyAliasType": { "base": null, "refs": { - "DecryptDataInput$KeyIdentifier": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext decryption.

", - "EncryptDataInput$KeyIdentifier": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.

", + "DecryptDataInput$KeyIdentifier": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for ciphertext decryption.

When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.

", + "EncryptDataInput$KeyIdentifier": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses for plaintext encryption.

When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.

", "GenerateCardValidationDataInput$KeyIdentifier": "

The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to generate card data.

", "GenerateMacInput$KeyIdentifier": "

The keyARN of the MAC generation encryption key.

", - "GeneratePinDataInput$EncryptionKeyIdentifier": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses to encrypt the PIN Block.

", "GeneratePinDataInput$GenerationKeyIdentifier": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses for pin data generation.

", - "ReEncryptDataInput$IncomingKeyIdentifier": "

The keyARN of the encryption key of incoming ciphertext data.

", + "GeneratePinDataInput$EncryptionKeyIdentifier": "

The keyARN of the PEK that Amazon Web Services Payment Cryptography uses to encrypt the PIN Block.

", + "ReEncryptDataInput$IncomingKeyIdentifier": "

The keyARN of the encryption key of incoming ciphertext data.

When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key. Otherwise, it is the key identifier used to perform the operation.

", "ReEncryptDataInput$OutgoingKeyIdentifier": "

The keyARN of the encryption key of outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.

", - "TranslatePinDataInput$IncomingKeyIdentifier": "

The keyARN of the encryption key under which incoming PIN block data is encrypted. This key type can be PEK or BDK.

", + "TranslatePinDataInput$IncomingKeyIdentifier": "

The keyARN of the encryption key under which incoming PIN block data is encrypted. This key type can be PEK or BDK.

When a WrappedKeyBlock is provided, this value will be the identifier to the key wrapping key for PIN block. Otherwise, it is the key identifier used to perform the operation.

", "TranslatePinDataInput$OutgoingKeyIdentifier": "

The keyARN of the encryption key for encrypting outgoing PIN block data. This key type can be PEK or BDK.

", "VerifyAuthRequestCryptogramInput$KeyIdentifier": "

The keyARN of the major encryption key that Amazon Web Services Payment Cryptography uses for ARQC verification.

", "VerifyCardValidationDataInput$KeyIdentifier": "

The keyARN of the CVK encryption key that Amazon Web Services Payment Cryptography uses to verify card data.

", "VerifyMacInput$KeyIdentifier": "

The keyARN of the encryption key that Amazon Web Services Payment Cryptography uses to verify MAC data.

", - "VerifyPinDataInput$EncryptionKeyIdentifier": "

The keyARN of the encryption key under which the PIN block data is encrypted. This key type can be PEK or BDK.

", - "VerifyPinDataInput$VerificationKeyIdentifier": "

The keyARN of the PIN verification key.

" + "VerifyPinDataInput$VerificationKeyIdentifier": "

The keyARN of the PIN verification key.

", + "VerifyPinDataInput$EncryptionKeyIdentifier": "

The keyARN of the encryption key under which the PIN block data is encrypted. This key type can be PEK or BDK.

" } }, "KeyCheckValue": { @@ -497,15 +482,21 @@ "EncryptDataOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "GenerateCardValidationDataOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "GenerateMacOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", - "GeneratePinDataOutput$EncryptionKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "GeneratePinDataOutput$GenerationKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", + "GeneratePinDataOutput$EncryptionKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "ReEncryptDataOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "TranslatePinDataOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "VerifyAuthRequestCryptogramOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "VerifyCardValidationDataOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", "VerifyMacOutput$KeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", - "VerifyPinDataOutput$EncryptionKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", - "VerifyPinDataOutput$VerificationKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

" + "VerifyPinDataOutput$VerificationKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

", + "VerifyPinDataOutput$EncryptionKeyCheckValue": "

The key check value (KCV) of the encryption key. The KCV is used to check if all parties holding a given key have the same key or to detect that a key has changed.

Amazon Web Services Payment Cryptography computes the KCV according to the CMAC specification.

" + } + }, + "KeyCheckValueAlgorithm": { + "base": null, + "refs": { + "WrappedKey$KeyCheckValueAlgorithm": "

The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.

For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.

" } }, "MacAlgorithm": { @@ -517,9 +508,9 @@ "MacAlgorithmDukpt": { "base": "

Parameters required for DUKPT MAC generation and verification.

", "refs": { - "MacAttributes$DukptCmac": "

Parameters that are required for MAC generation or verification using DUKPT CMAC algorithm.

", "MacAttributes$DukptIso9797Algorithm1": "

Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm1.

", - "MacAttributes$DukptIso9797Algorithm3": "

Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm3.

" + "MacAttributes$DukptIso9797Algorithm3": "

Parameters that are required for MAC generation or verification using DUKPT ISO 9797 algorithm3.

", + "MacAttributes$DukptCmac": "

Parameters that are required for MAC generation or verification using DUKPT CMAC algorithm.

" } }, "MacAlgorithmEmv": { @@ -596,6 +587,21 @@ "Ibm3624RandomPin$DecimalizationTable": "

The decimalization table to use for IBM 3624 PIN algorithm. The table is used to convert the algorithm intermediate result from hexadecimal characters to decimal.

" } }, + "NumberLengthEquals2": { + "base": null, + "refs": { + "CardHolderVerificationValue$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "DynamicCardVerificationCode$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "DynamicCardVerificationValue$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "EmvEncryptionAttributes$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "MacAlgorithmEmv$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "SessionKeyAmex$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "SessionKeyEmv2000$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "SessionKeyEmvCommon$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "SessionKeyMastercard$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

", + "SessionKeyVisa$PanSequenceNumber": "

A number that identifies and differentiates payment cards with the same Primary Account Number (PAN).

" + } + }, "NumberLengthEquals3": { "base": null, "refs": { @@ -725,8 +731,8 @@ "ResourceNotFoundException$ResourceId": "

The resource that is missing.

", "ThrottlingException$Message": null, "ValidationException$message": null, - "ValidationExceptionField$message": "

The request was denied due to an invalid request error.

", "ValidationExceptionField$path": "

The request was denied due to an invalid request error.

", + "ValidationExceptionField$message": "

The request was denied due to an invalid request error.

", "VerificationFailedException$Message": null } }, @@ -742,6 +748,12 @@ "refs": { } }, + "Tr31WrappedKeyBlock": { + "base": null, + "refs": { + "WrappedKeyMaterial$Tr31KeyBlock": "

The TR-31 wrapped key block.

" + } + }, "TranslatePinDataInput": { "base": null, "refs": { @@ -858,6 +870,23 @@ "refs": { "PinGenerationAttributes$VisaPinVerificationValue": "

Parameters that are required to generate or verify Visa PIN Verification Value (PVV).

" } + }, + "WrappedKey": { + "base": "

Parameter information of a WrappedKeyBlock for encryption key exchange.

", + "refs": { + "DecryptDataInput$WrappedKey": "

The WrappedKeyBlock containing the encryption key for ciphertext decryption.

", + "EncryptDataInput$WrappedKey": "

The WrappedKeyBlock containing the encryption key for plaintext encryption.

", + "ReEncryptDataInput$IncomingWrappedKey": "

The WrappedKeyBlock containing the encryption key of incoming ciphertext data.

", + "ReEncryptDataInput$OutgoingWrappedKey": "

The WrappedKeyBlock containing the encryption key of outgoing ciphertext data after encryption by Amazon Web Services Payment Cryptography.

", + "TranslatePinDataInput$IncomingWrappedKey": "

The WrappedKeyBlock containing the encryption key under which incoming PIN block data is encrypted.

", + "TranslatePinDataInput$OutgoingWrappedKey": "

The WrappedKeyBlock containing the encryption key for encrypting outgoing PIN block data.

" + } + }, + "WrappedKeyMaterial": { + "base": "

Parameter information of a WrappedKeyBlock for encryption key exchange.

", + "refs": { + "WrappedKey$WrappedKeyMaterial": "

Parameter information of a WrappedKeyBlock for encryption key exchange.

" + } } } } diff --git a/models/apis/payment-cryptography-data/2022-02-03/smoke.json b/models/apis/payment-cryptography-data/2022-02-03/smoke.json new file mode 100644 index 00000000000..a9756813e4a --- /dev/null +++ b/models/apis/payment-cryptography-data/2022-02-03/smoke.json @@ -0,0 +1,6 @@ +{ + "version": 1, + "defaultRegion": "us-west-2", + "testCases": [ + ] +} diff --git a/models/apis/payment-cryptography-data/2022-02-03/waiters-2.json b/models/apis/payment-cryptography-data/2022-02-03/waiters-2.json new file mode 100644 index 00000000000..13f60ee66be --- /dev/null +++ b/models/apis/payment-cryptography-data/2022-02-03/waiters-2.json @@ -0,0 +1,5 @@ +{ + "version": 2, + "waiters": { + } +} diff --git a/models/apis/payment-cryptography/2021-09-14/api-2.json b/models/apis/payment-cryptography/2021-09-14/api-2.json index 907838d3900..142c5822208 100644 --- a/models/apis/payment-cryptography/2021-09-14/api-2.json +++ b/models/apis/payment-cryptography/2021-09-14/api-2.json @@ -2,9 +2,11 @@ "version":"2.0", "metadata":{ "apiVersion":"2021-09-14", + "auth":["aws.auth#sigv4"], "endpointPrefix":"controlplane.payment-cryptography", "jsonVersion":"1.0", "protocol":"json", + "protocols":["json"], "serviceFullName":"Payment Cryptography Control Plane", "serviceId":"Payment Cryptography", "signatureVersion":"v4", @@ -493,6 +495,12 @@ "Key":{"shape":"Key"} } }, + "EvenHexLengthBetween16And32":{ + "type":"string", + "max":32, + "min":16, + "pattern":"(?:[0-9a-fA-F][0-9a-fA-F])+" + }, "ExportAttributes":{ "type":"structure", "members":{ @@ -571,7 +579,7 @@ "WrappingKeyCertificate":{"shape":"CertificateType"}, "ExportToken":{"shape":"ExportTokenId"}, "KeyBlockFormat":{"shape":"Tr34KeyBlockFormat"}, - "RandomNonce":{"shape":"HexLength16"}, + "RandomNonce":{"shape":"EvenHexLengthBetween16And32"}, "KeyBlockHeaders":{"shape":"KeyBlockHeaders"} } }, @@ -677,12 +685,6 @@ "KeyCertificateChain":{"shape":"CertificateType"} } }, - "HexLength16":{ - "type":"string", - "max":16, - "min":16, - "pattern":"[0-9A-F]+" - }, "HexLength20Or24":{ "type":"string", "max":24, @@ -763,7 +765,7 @@ "ImportToken":{"shape":"ImportTokenId"}, "WrappedKeyBlock":{"shape":"Tr34WrappedKeyBlock"}, "KeyBlockFormat":{"shape":"Tr34KeyBlockFormat"}, - "RandomNonce":{"shape":"HexLength16"} + "RandomNonce":{"shape":"EvenHexLengthBetween16And32"} } }, "InternalServerException":{ @@ -1204,7 +1206,8 @@ "type":"string", "max":9984, "min":56, - "pattern":"[0-9A-Z]+" + "pattern":"[0-9A-Z]+", + "sensitive":true }, "Tr34KeyBlockFormat":{ "type":"string", diff --git a/models/apis/payment-cryptography/2021-09-14/docs-2.json b/models/apis/payment-cryptography/2021-09-14/docs-2.json index 881d22a3434..5e8ed9db3b3 100644 --- a/models/apis/payment-cryptography/2021-09-14/docs-2.json +++ b/models/apis/payment-cryptography/2021-09-14/docs-2.json @@ -134,6 +134,13 @@ "refs": { } }, + "EvenHexLengthBetween16And32": { + "base": null, + "refs": { + "ExportTr34KeyBlock$RandomNonce": "

A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.

", + "ImportTr34KeyBlock$RandomNonce": "

A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.

" + } + }, "ExportAttributes": { "base": "

The attributes for IPEK generation during export.

", "refs": { @@ -237,13 +244,6 @@ "refs": { } }, - "HexLength16": { - "base": null, - "refs": { - "ExportTr34KeyBlock$RandomNonce": "

A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.

", - "ImportTr34KeyBlock$RandomNonce": "

A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.

" - } - }, "HexLength20Or24": { "base": null, "refs": { diff --git a/models/apis/states/2016-11-23/api-2.json b/models/apis/states/2016-11-23/api-2.json index 29633e7e790..95e8a621820 100644 --- a/models/apis/states/2016-11-23/api-2.json +++ b/models/apis/states/2016-11-23/api-2.json @@ -11,7 +11,8 @@ "serviceId":"SFN", "signatureVersion":"v4", "targetPrefix":"AWSStepFunctions", - "uid":"states-2016-11-23" + "uid":"states-2016-11-23", + "auth":["aws.auth#sigv4"] }, "operations":{ "CreateActivity":{ diff --git a/models/apis/states/2016-11-23/smoke-2.json b/models/apis/states/2016-11-23/smoke-2.json new file mode 100644 index 00000000000..c8060da11dd --- /dev/null +++ b/models/apis/states/2016-11-23/smoke-2.json @@ -0,0 +1,16 @@ +{ + "version": 2, + "testCases": [ + { + "id": "ListActivitiesSuccess", + "operationName": "ListActivities", + "input": {}, + "expectation": { + "success": {} + }, + "config": { + "region": "us-west-2" + } + } + ] +} diff --git a/models/apis/swf/2012-01-25/api-2.json b/models/apis/swf/2012-01-25/api-2.json index 184a5aca391..3ffb61ccecc 100644 --- a/models/apis/swf/2012-01-25/api-2.json +++ b/models/apis/swf/2012-01-25/api-2.json @@ -11,7 +11,8 @@ "serviceId":"SWF", "signatureVersion":"v4", "targetPrefix":"SimpleWorkflowService", - "uid":"swf-2012-01-25" + "uid":"swf-2012-01-25", + "auth":["aws.auth#sigv4"] }, "operations":{ "CountClosedWorkflowExecutions":{ diff --git a/models/apis/swf/2012-01-25/smoke-2.json b/models/apis/swf/2012-01-25/smoke-2.json new file mode 100644 index 00000000000..4c7575cb530 --- /dev/null +++ b/models/apis/swf/2012-01-25/smoke-2.json @@ -0,0 +1,18 @@ +{ + "version": 2, + "testCases": [ + { + "id": "ListDomainsSuccess", + "operationName": "ListDomains", + "input": { + "registrationStatus": "REGISTERED" + }, + "expectation": { + "success": {} + }, + "config": { + "region": "us-west-2" + } + } + ] +} diff --git a/models/apis/wafv2/2019-07-29/api-2.json b/models/apis/wafv2/2019-07-29/api-2.json index 1772100f303..ab7d1841aba 100755 --- a/models/apis/wafv2/2019-07-29/api-2.json +++ b/models/apis/wafv2/2019-07-29/api-2.json @@ -11,7 +11,8 @@ "serviceId":"WAFV2", "signatureVersion":"v4", "targetPrefix":"AWSWAF_20190729", - "uid":"wafv2-2019-07-29" + "uid":"wafv2-2019-07-29", + "auth":["aws.auth#sigv4"] }, "operations":{ "AssociateWebACL":{ diff --git a/models/apis/wafv2/2019-07-29/docs-2.json b/models/apis/wafv2/2019-07-29/docs-2.json index 81b6778801f..2693ff744bd 100755 --- a/models/apis/wafv2/2019-07-29/docs-2.json +++ b/models/apis/wafv2/2019-07-29/docs-2.json @@ -207,7 +207,7 @@ "BodyParsingFallbackBehavior": { "base": null, "refs": { - "JsonBody$InvalidFallbackBehavior": "

What WAF should do if it fails to completely parse the JSON body. The options are the following:

If you don't provide this setting, WAF parses and evaluates the content only up to the first parsing failure that it encounters.

WAF does its best to parse the entire JSON body, but might be forced to stop for reasons such as invalid characters, duplicate keys, truncation, and any content whose root node isn't an object or an array.

WAF parses the JSON in the following examples as two valid key, value pairs:

" + "JsonBody$InvalidFallbackBehavior": "

What WAF should do if it fails to completely parse the JSON body. The options are the following:

If you don't provide this setting, WAF parses and evaluates the content only up to the first parsing failure that it encounters.

WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, WAF doesn't apply the fallback behavior. For more information, see JSON body in the WAF Developer Guide.

" } }, "Boolean": { @@ -1184,7 +1184,7 @@ } }, "JsonBody": { - "base": "

Inspect the body of the web request as JSON. The body immediately follows the request headers.

This is used to indicate the web request component to inspect, in the FieldToMatch specification.

Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. WAF inspects only the parts of the JSON that result from the matches that you indicate.

Example JSON: \"JsonBody\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"ALL\" }

", + "base": "

Inspect the body of the web request as JSON. The body immediately follows the request headers.

This is used to indicate the web request component to inspect, in the FieldToMatch specification.

Use the specifications in this object to indicate which parts of the JSON body to inspect using the rule's inspection criteria. WAF inspects only the parts of the JSON that result from the matches that you indicate.

Example JSON: \"JsonBody\": { \"MatchPattern\": { \"All\": {} }, \"MatchScope\": \"ALL\" }

For additional information about this request component option, see JSON body in the WAF Developer Guide.

", "refs": { "FieldToMatch$JsonBody": "

Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form.

WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to WAF for inspection.

For information about how to handle oversized request bodies, see the JsonBody object configuration.

" } diff --git a/models/endpoints/endpoints.json b/models/endpoints/endpoints.json index 16e3c463e32..f03ae494e2f 100644 --- a/models/endpoints/endpoints.json +++ b/models/endpoints/endpoints.json @@ -21084,7 +21084,8 @@ "protocols" : [ "https" ] }, "endpoints" : { - "cn-north-1" : { } + "cn-north-1" : { }, + "cn-northwest-1" : { } } }, "airflow" : { diff --git a/service/connect/api.go b/service/connect/api.go index f2a6d347343..acdc81c5178 100644 --- a/service/connect/api.go +++ b/service/connect/api.go @@ -6952,6 +6952,100 @@ func (c *Connect) DescribeAgentStatusWithContext(ctx aws.Context, input *Describ return out, req.Send() } +const opDescribeAuthenticationProfile = "DescribeAuthenticationProfile" + +// DescribeAuthenticationProfileRequest generates a "aws/request.Request" representing the +// client's request for the DescribeAuthenticationProfile operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeAuthenticationProfile for more information on using the DescribeAuthenticationProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeAuthenticationProfileRequest method. +// req, resp := client.DescribeAuthenticationProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/DescribeAuthenticationProfile +func (c *Connect) DescribeAuthenticationProfileRequest(input *DescribeAuthenticationProfileInput) (req *request.Request, output *DescribeAuthenticationProfileOutput) { + op := &request.Operation{ + Name: opDescribeAuthenticationProfile, + HTTPMethod: "GET", + HTTPPath: "/authentication-profiles/{InstanceId}/{AuthenticationProfileId}", + } + + if input == nil { + input = &DescribeAuthenticationProfileInput{} + } + + output = &DescribeAuthenticationProfileOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeAuthenticationProfile API operation for Amazon Connect Service. +// +// This API is in preview release for Amazon Connect and is subject to change. +// To request access to this API, contact Amazon Web Services Support. +// +// Describes the target authentication profile. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Connect Service's +// API operation DescribeAuthenticationProfile for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// The request is not valid. +// +// - InvalidParameterException +// One or more of the specified parameters are not valid. +// +// - ResourceNotFoundException +// The specified resource was not found. +// +// - ThrottlingException +// The throttling limit has been exceeded. +// +// - InternalServiceException +// Request processing failed because of an error or failure with the service. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/DescribeAuthenticationProfile +func (c *Connect) DescribeAuthenticationProfile(input *DescribeAuthenticationProfileInput) (*DescribeAuthenticationProfileOutput, error) { + req, out := c.DescribeAuthenticationProfileRequest(input) + return out, req.Send() +} + +// DescribeAuthenticationProfileWithContext is the same as DescribeAuthenticationProfile with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeAuthenticationProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Connect) DescribeAuthenticationProfileWithContext(ctx aws.Context, input *DescribeAuthenticationProfileInput, opts ...request.Option) (*DescribeAuthenticationProfileOutput, error) { + req, out := c.DescribeAuthenticationProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeContact = "DescribeContact" // DescribeContactRequest generates a "aws/request.Request" representing the @@ -12215,6 +12309,158 @@ func (c *Connect) ListApprovedOriginsPagesWithContext(ctx aws.Context, input *Li return p.Err() } +const opListAuthenticationProfiles = "ListAuthenticationProfiles" + +// ListAuthenticationProfilesRequest generates a "aws/request.Request" representing the +// client's request for the ListAuthenticationProfiles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAuthenticationProfiles for more information on using the ListAuthenticationProfiles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListAuthenticationProfilesRequest method. +// req, resp := client.ListAuthenticationProfilesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/ListAuthenticationProfiles +func (c *Connect) ListAuthenticationProfilesRequest(input *ListAuthenticationProfilesInput) (req *request.Request, output *ListAuthenticationProfilesOutput) { + op := &request.Operation{ + Name: opListAuthenticationProfiles, + HTTPMethod: "GET", + HTTPPath: "/authentication-profiles-summary/{InstanceId}", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListAuthenticationProfilesInput{} + } + + output = &ListAuthenticationProfilesOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListAuthenticationProfiles API operation for Amazon Connect Service. +// +// This API is in preview release for Amazon Connect and is subject to change. +// To request access to this API, contact Amazon Web Services Support. +// +// Provides summary information about the authentication profiles in a specified +// Amazon Connect instance. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Connect Service's +// API operation ListAuthenticationProfiles for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// The request is not valid. +// +// - InvalidParameterException +// One or more of the specified parameters are not valid. +// +// - ResourceNotFoundException +// The specified resource was not found. +// +// - ThrottlingException +// The throttling limit has been exceeded. +// +// - InternalServiceException +// Request processing failed because of an error or failure with the service. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/ListAuthenticationProfiles +func (c *Connect) ListAuthenticationProfiles(input *ListAuthenticationProfilesInput) (*ListAuthenticationProfilesOutput, error) { + req, out := c.ListAuthenticationProfilesRequest(input) + return out, req.Send() +} + +// ListAuthenticationProfilesWithContext is the same as ListAuthenticationProfiles with the addition of +// the ability to pass a context and additional request options. +// +// See ListAuthenticationProfiles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Connect) ListAuthenticationProfilesWithContext(ctx aws.Context, input *ListAuthenticationProfilesInput, opts ...request.Option) (*ListAuthenticationProfilesOutput, error) { + req, out := c.ListAuthenticationProfilesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListAuthenticationProfilesPages iterates over the pages of a ListAuthenticationProfiles operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListAuthenticationProfiles method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListAuthenticationProfiles operation. +// pageNum := 0 +// err := client.ListAuthenticationProfilesPages(params, +// func(page *connect.ListAuthenticationProfilesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *Connect) ListAuthenticationProfilesPages(input *ListAuthenticationProfilesInput, fn func(*ListAuthenticationProfilesOutput, bool) bool) error { + return c.ListAuthenticationProfilesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAuthenticationProfilesPagesWithContext same as ListAuthenticationProfilesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Connect) ListAuthenticationProfilesPagesWithContext(ctx aws.Context, input *ListAuthenticationProfilesInput, fn func(*ListAuthenticationProfilesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListAuthenticationProfilesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAuthenticationProfilesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAuthenticationProfilesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListBots = "ListBots" // ListBotsRequest generates a "aws/request.Request" representing the @@ -21265,7 +21511,8 @@ func (c *Connect) StartAttachedFileUploadRequest(input *StartAttachedFileUploadI // // Provides a pre-signed Amazon S3 URL in response for uploading your content. // -// You may only use this API to upload attachments to a Connect Case (https://docs.aws.amazon.com/connect/latest/APIReference/API_connect-cases_CreateCase.html). +// You may only use this API to upload attachments to an Amazon Connect Case +// (https://docs.aws.amazon.com/connect/latest/APIReference/API_connect-cases_CreateCase.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -23155,6 +23402,101 @@ func (c *Connect) UpdateAgentStatusWithContext(ctx aws.Context, input *UpdateAge return out, req.Send() } +const opUpdateAuthenticationProfile = "UpdateAuthenticationProfile" + +// UpdateAuthenticationProfileRequest generates a "aws/request.Request" representing the +// client's request for the UpdateAuthenticationProfile operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateAuthenticationProfile for more information on using the UpdateAuthenticationProfile +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateAuthenticationProfileRequest method. +// req, resp := client.UpdateAuthenticationProfileRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/UpdateAuthenticationProfile +func (c *Connect) UpdateAuthenticationProfileRequest(input *UpdateAuthenticationProfileInput) (req *request.Request, output *UpdateAuthenticationProfileOutput) { + op := &request.Operation{ + Name: opUpdateAuthenticationProfile, + HTTPMethod: "POST", + HTTPPath: "/authentication-profiles/{InstanceId}/{AuthenticationProfileId}", + } + + if input == nil { + input = &UpdateAuthenticationProfileInput{} + } + + output = &UpdateAuthenticationProfileOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateAuthenticationProfile API operation for Amazon Connect Service. +// +// This API is in preview release for Amazon Connect and is subject to change. +// To request access to this API, contact Amazon Web Services Support. +// +// Updates the selected authentication profile. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Connect Service's +// API operation UpdateAuthenticationProfile for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// The request is not valid. +// +// - InvalidParameterException +// One or more of the specified parameters are not valid. +// +// - ResourceNotFoundException +// The specified resource was not found. +// +// - ThrottlingException +// The throttling limit has been exceeded. +// +// - InternalServiceException +// Request processing failed because of an error or failure with the service. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/connect-2017-08-08/UpdateAuthenticationProfile +func (c *Connect) UpdateAuthenticationProfile(input *UpdateAuthenticationProfileInput) (*UpdateAuthenticationProfileOutput, error) { + req, out := c.UpdateAuthenticationProfileRequest(input) + return out, req.Send() +} + +// UpdateAuthenticationProfileWithContext is the same as UpdateAuthenticationProfile with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateAuthenticationProfile for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *Connect) UpdateAuthenticationProfileWithContext(ctx aws.Context, input *UpdateAuthenticationProfileInput, opts ...request.Option) (*UpdateAuthenticationProfileOutput, error) { + req, out := c.UpdateAuthenticationProfileRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUpdateContact = "UpdateContact" // UpdateContactRequest generates a "aws/request.Request" representing the @@ -30647,6 +30989,245 @@ func (s *AudioQualityMetricsInfo) SetQualityScore(v float64) *AudioQualityMetric return s } +// This API is in preview release for Amazon Connect and is subject to change. +// To request access to this API, contact Amazon Web Services Support. +// +// Information about an authentication profile. An authentication profile is +// a resource that stores the authentication settings for users in your contact +// center. You use authentication profiles to set up IP address range restrictions +// and session timeouts. For more information, see Set IP address restrictions +// or session timeouts (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html). +type AuthenticationProfile struct { + _ struct{} `type:"structure"` + + // A list of IP address range strings that are allowed to access the Amazon + // Connect instance. For more information about how to configure IP addresses, + // see Configure IP address based access control (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-ip-based-ac) + // in the Amazon Connect Administrator Guide. + AllowedIps []*string `type:"list"` + + // The Amazon Resource Name (ARN) for the authentication profile. + Arn *string `type:"string"` + + // A list of IP address range strings that are blocked from accessing the Amazon + // Connect instance. For more information about how to configure IP addresses, + // see Configure IP address based access control (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-ip-based-ac) + // in the Amazon Connect Administrator Guide. + BlockedIps []*string `type:"list"` + + // The timestamp when the authentication profile was created. + CreatedTime *time.Time `type:"timestamp"` + + // The description for the authentication profile. + Description *string `min:"1" type:"string"` + + // A unique identifier for the authentication profile. + Id *string `min:"1" type:"string"` + + // Shows whether the authentication profile is the default authentication profile + // for the Amazon Connect instance. The default authentication profile applies + // to all agents in an Amazon Connect instance, unless overridden by another + // authentication profile. + IsDefault *bool `type:"boolean"` + + // The Amazon Web Services Region where the authentication profile was last + // modified. + LastModifiedRegion *string `type:"string"` + + // The timestamp when the authentication profile was last modified. + LastModifiedTime *time.Time `type:"timestamp"` + + // The long lived session duration for users logged in to Amazon Connect, in + // minutes. After this time period, users must log in again. For more information, + // see Configure the session duration (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-session-timeouts) + // in the Amazon Connect Administrator Guide. + MaxSessionDuration *int64 `min:"360" type:"integer"` + + // The name for the authentication profile. + Name *string `min:"1" type:"string"` + + // The short lived session duration configuration for users logged in to Amazon + // Connect, in minutes. This value determines the maximum possible time before + // an agent is authenticated. For more information, see Configure the session + // duration (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-session-timeouts) + // in the Amazon Connect Administrator Guide. + PeriodicSessionDuration *int64 `min:"10" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationProfile) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationProfile) GoString() string { + return s.String() +} + +// SetAllowedIps sets the AllowedIps field's value. +func (s *AuthenticationProfile) SetAllowedIps(v []*string) *AuthenticationProfile { + s.AllowedIps = v + return s +} + +// SetArn sets the Arn field's value. +func (s *AuthenticationProfile) SetArn(v string) *AuthenticationProfile { + s.Arn = &v + return s +} + +// SetBlockedIps sets the BlockedIps field's value. +func (s *AuthenticationProfile) SetBlockedIps(v []*string) *AuthenticationProfile { + s.BlockedIps = v + return s +} + +// SetCreatedTime sets the CreatedTime field's value. +func (s *AuthenticationProfile) SetCreatedTime(v time.Time) *AuthenticationProfile { + s.CreatedTime = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *AuthenticationProfile) SetDescription(v string) *AuthenticationProfile { + s.Description = &v + return s +} + +// SetId sets the Id field's value. +func (s *AuthenticationProfile) SetId(v string) *AuthenticationProfile { + s.Id = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *AuthenticationProfile) SetIsDefault(v bool) *AuthenticationProfile { + s.IsDefault = &v + return s +} + +// SetLastModifiedRegion sets the LastModifiedRegion field's value. +func (s *AuthenticationProfile) SetLastModifiedRegion(v string) *AuthenticationProfile { + s.LastModifiedRegion = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *AuthenticationProfile) SetLastModifiedTime(v time.Time) *AuthenticationProfile { + s.LastModifiedTime = &v + return s +} + +// SetMaxSessionDuration sets the MaxSessionDuration field's value. +func (s *AuthenticationProfile) SetMaxSessionDuration(v int64) *AuthenticationProfile { + s.MaxSessionDuration = &v + return s +} + +// SetName sets the Name field's value. +func (s *AuthenticationProfile) SetName(v string) *AuthenticationProfile { + s.Name = &v + return s +} + +// SetPeriodicSessionDuration sets the PeriodicSessionDuration field's value. +func (s *AuthenticationProfile) SetPeriodicSessionDuration(v int64) *AuthenticationProfile { + s.PeriodicSessionDuration = &v + return s +} + +// This API is in preview release for Amazon Connect and is subject to change. +// To request access to this API, contact Amazon Web Services Support. +// +// A summary of a given authentication profile. +type AuthenticationProfileSummary struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the authentication profile summary. + Arn *string `type:"string"` + + // The unique identifier of the authentication profile. + Id *string `min:"1" type:"string"` + + // Shows whether the authentication profile is the default authentication profile + // for the Amazon Connect instance. The default authentication profile applies + // to all agents in an Amazon Connect instance, unless overridden by another + // authentication profile. + IsDefault *bool `type:"boolean"` + + // The Amazon Web Services Region when the authentication profile summary was + // last modified. + LastModifiedRegion *string `type:"string"` + + // The timestamp when the authentication profile summary was last modified. + LastModifiedTime *time.Time `type:"timestamp"` + + // The name of the authentication profile summary. + Name *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationProfileSummary) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthenticationProfileSummary) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *AuthenticationProfileSummary) SetArn(v string) *AuthenticationProfileSummary { + s.Arn = &v + return s +} + +// SetId sets the Id field's value. +func (s *AuthenticationProfileSummary) SetId(v string) *AuthenticationProfileSummary { + s.Id = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *AuthenticationProfileSummary) SetIsDefault(v bool) *AuthenticationProfileSummary { + s.IsDefault = &v + return s +} + +// SetLastModifiedRegion sets the LastModifiedRegion field's value. +func (s *AuthenticationProfileSummary) SetLastModifiedRegion(v string) *AuthenticationProfileSummary { + s.LastModifiedRegion = &v + return s +} + +// SetLastModifiedTime sets the LastModifiedTime field's value. +func (s *AuthenticationProfileSummary) SetLastModifiedTime(v time.Time) *AuthenticationProfileSummary { + s.LastModifiedTime = &v + return s +} + +// SetName sets the Name field's value. +func (s *AuthenticationProfileSummary) SetName(v string) *AuthenticationProfileSummary { + s.Name = &v + return s +} + // Information about available phone numbers. type AvailableNumberSummary struct { _ struct{} `type:"structure"` @@ -31944,7 +32525,7 @@ type CompleteAttachedFileUploadInput struct { // FileId is a required field FileId *string `location:"uri" locationName:"FileId" min:"1" type:"string" required:"true"` - // The unique identifier of the Connect instance. + // The unique identifier of the Amazon Connect instance. // // InstanceId is a required field InstanceId *string `location:"uri" locationName:"InstanceId" min:"1" type:"string" required:"true"` @@ -40725,6 +41306,105 @@ func (s *DescribeAgentStatusOutput) SetAgentStatus(v *AgentStatus) *DescribeAgen return s } +type DescribeAuthenticationProfileInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // A unique identifier for the authentication profile. + // + // AuthenticationProfileId is a required field + AuthenticationProfileId *string `location:"uri" locationName:"AuthenticationProfileId" min:"1" type:"string" required:"true"` + + // The identifier of the Amazon Connect instance. You can find the instance + // ID (https://docs.aws.amazon.com/connect/latest/adminguide/find-instance-arn.html) + // in the Amazon Resource Name (ARN) of the instance. + // + // InstanceId is a required field + InstanceId *string `location:"uri" locationName:"InstanceId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAuthenticationProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAuthenticationProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeAuthenticationProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeAuthenticationProfileInput"} + if s.AuthenticationProfileId == nil { + invalidParams.Add(request.NewErrParamRequired("AuthenticationProfileId")) + } + if s.AuthenticationProfileId != nil && len(*s.AuthenticationProfileId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AuthenticationProfileId", 1)) + } + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + if s.InstanceId != nil && len(*s.InstanceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuthenticationProfileId sets the AuthenticationProfileId field's value. +func (s *DescribeAuthenticationProfileInput) SetAuthenticationProfileId(v string) *DescribeAuthenticationProfileInput { + s.AuthenticationProfileId = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *DescribeAuthenticationProfileInput) SetInstanceId(v string) *DescribeAuthenticationProfileInput { + s.InstanceId = &v + return s +} + +type DescribeAuthenticationProfileOutput struct { + _ struct{} `type:"structure"` + + // The authentication profile object being described. + AuthenticationProfile *AuthenticationProfile `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAuthenticationProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAuthenticationProfileOutput) GoString() string { + return s.String() +} + +// SetAuthenticationProfile sets the AuthenticationProfile field's value. +func (s *DescribeAuthenticationProfileOutput) SetAuthenticationProfile(v *AuthenticationProfile) *DescribeAuthenticationProfileOutput { + s.AuthenticationProfile = v + return s +} + type DescribeContactEvaluationInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -53878,6 +54558,119 @@ func (s *ListApprovedOriginsOutput) SetOrigins(v []*string) *ListApprovedOrigins return s } +type ListAuthenticationProfilesInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The identifier of the Amazon Connect instance. You can find the instance + // ID (https://docs.aws.amazon.com/connect/latest/adminguide/find-instance-arn.html) + // in the Amazon Resource Name (ARN) of the instance. + // + // InstanceId is a required field + InstanceId *string `location:"uri" locationName:"InstanceId" min:"1" type:"string" required:"true"` + + // The maximum number of results to return per page. + MaxResults *int64 `location:"querystring" locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next set of results. Use the value returned in the previous + // response in the next request to retrieve the next set of results. + NextToken *string `location:"querystring" locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAuthenticationProfilesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAuthenticationProfilesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAuthenticationProfilesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAuthenticationProfilesInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + if s.InstanceId != nil && len(*s.InstanceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceId", 1)) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetInstanceId sets the InstanceId field's value. +func (s *ListAuthenticationProfilesInput) SetInstanceId(v string) *ListAuthenticationProfilesInput { + s.InstanceId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAuthenticationProfilesInput) SetMaxResults(v int64) *ListAuthenticationProfilesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAuthenticationProfilesInput) SetNextToken(v string) *ListAuthenticationProfilesInput { + s.NextToken = &v + return s +} + +type ListAuthenticationProfilesOutput struct { + _ struct{} `type:"structure"` + + // A summary of a given authentication profile. + AuthenticationProfileSummaryList []*AuthenticationProfileSummary `type:"list"` + + // If there are additional results, this is the token for the next set of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAuthenticationProfilesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAuthenticationProfilesOutput) GoString() string { + return s.String() +} + +// SetAuthenticationProfileSummaryList sets the AuthenticationProfileSummaryList field's value. +func (s *ListAuthenticationProfilesOutput) SetAuthenticationProfileSummaryList(v []*AuthenticationProfileSummary) *ListAuthenticationProfilesOutput { + s.AuthenticationProfileSummaryList = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAuthenticationProfilesOutput) SetNextToken(v string) *ListAuthenticationProfilesOutput { + s.NextToken = &v + return s +} + type ListBotsInput struct { _ struct{} `type:"structure" nopayload:"true"` @@ -66039,7 +66832,7 @@ type SearchContactFlowsOutput struct { // The total number of contact flows which matched your search query. ApproximateTotalCount *int64 `type:"long"` - // Information about the contact flows. + // Information about the flows. ContactFlows []*ContactFlow `type:"list"` // If there are additional results, this is the token for the next set of results. @@ -69127,7 +69920,7 @@ type StartAttachedFileUploadInput struct { // FileUseCaseType is a required field FileUseCaseType *string `type:"string" required:"true" enum:"FileUseCaseType"` - // The unique identifier of the Connect instance. + // The unique identifier of the Amazon Connect instance. // // InstanceId is a required field InstanceId *string `location:"uri" locationName:"InstanceId" min:"1" type:"string" required:"true"` @@ -70552,10 +71345,10 @@ type StartWebRTCContactInput struct { ClientToken *string `type:"string" idempotencyToken:"true"` // The identifier of the flow for the call. To see the ContactFlowId in the - // Amazon Connect admin website, on the navigation menu go to Routing, Contact - // Flows. Choose the flow. On the flow page, under the name of the flow, choose - // Show additional flow information. The ContactFlowId is the last part of the - // ARN, shown here in bold: + // Amazon Connect admin website, on the navigation menu go to Routing, Flows. + // Choose the flow. On the flow page, under the name of the flow, choose Show + // additional flow information. The ContactFlowId is the last part of the ARN, + // shown here in bold: // // arn:aws:connect:us-west-2:xxxxxxxxxxxx:instance/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/contact-flow/846ec553-a005-41c0-8341-xxxxxxxxxxxx // @@ -73592,6 +74385,160 @@ func (s UpdateAgentStatusOutput) GoString() string { return s.String() } +type UpdateAuthenticationProfileInput struct { + _ struct{} `type:"structure"` + + // A list of IP address range strings that are allowed to access the instance. + // For more information on how to configure IP addresses, seeConfigure session + // timeouts (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-session-timeouts) + // in the Amazon Connect Administrator Guide. + AllowedIps []*string `type:"list"` + + // A unique identifier for the authentication profile. + // + // AuthenticationProfileId is a required field + AuthenticationProfileId *string `location:"uri" locationName:"AuthenticationProfileId" min:"1" type:"string" required:"true"` + + // A list of IP address range strings that are blocked from accessing the instance. + // For more information on how to configure IP addresses, For more information + // on how to configure IP addresses, see Configure IP-based access control (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-ip-based-ac) + // in the Amazon Connect Administrator Guide. + BlockedIps []*string `type:"list"` + + // The description for the authentication profile. + Description *string `min:"1" type:"string"` + + // The identifier of the Amazon Connect instance. You can find the instance + // ID (https://docs.aws.amazon.com/connect/latest/adminguide/find-instance-arn.html) + // in the Amazon Resource Name (ARN) of the instance. + // + // InstanceId is a required field + InstanceId *string `location:"uri" locationName:"InstanceId" min:"1" type:"string" required:"true"` + + // The name for the authentication profile. + Name *string `min:"1" type:"string"` + + // The short lived session duration configuration for users logged in to Amazon + // Connect, in minutes. This value determines the maximum possible time before + // an agent is authenticated. For more information, For more information on + // how to configure IP addresses, see Configure session timeouts (https://docs.aws.amazon.com/connect/latest/adminguide/authentication-profiles.html#configure-session-timeouts) + // in the Amazon Connect Administrator Guide. + PeriodicSessionDuration *int64 `min:"10" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAuthenticationProfileInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAuthenticationProfileInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateAuthenticationProfileInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateAuthenticationProfileInput"} + if s.AuthenticationProfileId == nil { + invalidParams.Add(request.NewErrParamRequired("AuthenticationProfileId")) + } + if s.AuthenticationProfileId != nil && len(*s.AuthenticationProfileId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AuthenticationProfileId", 1)) + } + if s.Description != nil && len(*s.Description) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Description", 1)) + } + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + if s.InstanceId != nil && len(*s.InstanceId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("InstanceId", 1)) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.PeriodicSessionDuration != nil && *s.PeriodicSessionDuration < 10 { + invalidParams.Add(request.NewErrParamMinValue("PeriodicSessionDuration", 10)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllowedIps sets the AllowedIps field's value. +func (s *UpdateAuthenticationProfileInput) SetAllowedIps(v []*string) *UpdateAuthenticationProfileInput { + s.AllowedIps = v + return s +} + +// SetAuthenticationProfileId sets the AuthenticationProfileId field's value. +func (s *UpdateAuthenticationProfileInput) SetAuthenticationProfileId(v string) *UpdateAuthenticationProfileInput { + s.AuthenticationProfileId = &v + return s +} + +// SetBlockedIps sets the BlockedIps field's value. +func (s *UpdateAuthenticationProfileInput) SetBlockedIps(v []*string) *UpdateAuthenticationProfileInput { + s.BlockedIps = v + return s +} + +// SetDescription sets the Description field's value. +func (s *UpdateAuthenticationProfileInput) SetDescription(v string) *UpdateAuthenticationProfileInput { + s.Description = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *UpdateAuthenticationProfileInput) SetInstanceId(v string) *UpdateAuthenticationProfileInput { + s.InstanceId = &v + return s +} + +// SetName sets the Name field's value. +func (s *UpdateAuthenticationProfileInput) SetName(v string) *UpdateAuthenticationProfileInput { + s.Name = &v + return s +} + +// SetPeriodicSessionDuration sets the PeriodicSessionDuration field's value. +func (s *UpdateAuthenticationProfileInput) SetPeriodicSessionDuration(v int64) *UpdateAuthenticationProfileInput { + s.PeriodicSessionDuration = &v + return s +} + +type UpdateAuthenticationProfileOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAuthenticationProfileOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateAuthenticationProfileOutput) GoString() string { + return s.String() +} + // The UpdateCase action definition. type UpdateCaseActionDefinition struct { _ struct{} `type:"structure"` diff --git a/service/connect/connectiface/interface.go b/service/connect/connectiface/interface.go index d796b294b8e..f3106149a6c 100644 --- a/service/connect/connectiface/interface.go +++ b/service/connect/connectiface/interface.go @@ -344,6 +344,10 @@ type ConnectAPI interface { DescribeAgentStatusWithContext(aws.Context, *connect.DescribeAgentStatusInput, ...request.Option) (*connect.DescribeAgentStatusOutput, error) DescribeAgentStatusRequest(*connect.DescribeAgentStatusInput) (*request.Request, *connect.DescribeAgentStatusOutput) + DescribeAuthenticationProfile(*connect.DescribeAuthenticationProfileInput) (*connect.DescribeAuthenticationProfileOutput, error) + DescribeAuthenticationProfileWithContext(aws.Context, *connect.DescribeAuthenticationProfileInput, ...request.Option) (*connect.DescribeAuthenticationProfileOutput, error) + DescribeAuthenticationProfileRequest(*connect.DescribeAuthenticationProfileInput) (*request.Request, *connect.DescribeAuthenticationProfileOutput) + DescribeContact(*connect.DescribeContactInput) (*connect.DescribeContactOutput, error) DescribeContactWithContext(aws.Context, *connect.DescribeContactInput, ...request.Option) (*connect.DescribeContactOutput, error) DescribeContactRequest(*connect.DescribeContactInput) (*request.Request, *connect.DescribeContactOutput) @@ -570,6 +574,13 @@ type ConnectAPI interface { ListApprovedOriginsPages(*connect.ListApprovedOriginsInput, func(*connect.ListApprovedOriginsOutput, bool) bool) error ListApprovedOriginsPagesWithContext(aws.Context, *connect.ListApprovedOriginsInput, func(*connect.ListApprovedOriginsOutput, bool) bool, ...request.Option) error + ListAuthenticationProfiles(*connect.ListAuthenticationProfilesInput) (*connect.ListAuthenticationProfilesOutput, error) + ListAuthenticationProfilesWithContext(aws.Context, *connect.ListAuthenticationProfilesInput, ...request.Option) (*connect.ListAuthenticationProfilesOutput, error) + ListAuthenticationProfilesRequest(*connect.ListAuthenticationProfilesInput) (*request.Request, *connect.ListAuthenticationProfilesOutput) + + ListAuthenticationProfilesPages(*connect.ListAuthenticationProfilesInput, func(*connect.ListAuthenticationProfilesOutput, bool) bool) error + ListAuthenticationProfilesPagesWithContext(aws.Context, *connect.ListAuthenticationProfilesInput, func(*connect.ListAuthenticationProfilesOutput, bool) bool, ...request.Option) error + ListBots(*connect.ListBotsInput) (*connect.ListBotsOutput, error) ListBotsWithContext(aws.Context, *connect.ListBotsInput, ...request.Option) (*connect.ListBotsOutput, error) ListBotsRequest(*connect.ListBotsInput) (*request.Request, *connect.ListBotsOutput) @@ -1060,6 +1071,10 @@ type ConnectAPI interface { UpdateAgentStatusWithContext(aws.Context, *connect.UpdateAgentStatusInput, ...request.Option) (*connect.UpdateAgentStatusOutput, error) UpdateAgentStatusRequest(*connect.UpdateAgentStatusInput) (*request.Request, *connect.UpdateAgentStatusOutput) + UpdateAuthenticationProfile(*connect.UpdateAuthenticationProfileInput) (*connect.UpdateAuthenticationProfileOutput, error) + UpdateAuthenticationProfileWithContext(aws.Context, *connect.UpdateAuthenticationProfileInput, ...request.Option) (*connect.UpdateAuthenticationProfileOutput, error) + UpdateAuthenticationProfileRequest(*connect.UpdateAuthenticationProfileInput) (*request.Request, *connect.UpdateAuthenticationProfileOutput) + UpdateContact(*connect.UpdateContactInput) (*connect.UpdateContactOutput, error) UpdateContactWithContext(aws.Context, *connect.UpdateContactInput, ...request.Option) (*connect.UpdateContactOutput, error) UpdateContactRequest(*connect.UpdateContactInput) (*request.Request, *connect.UpdateContactOutput) diff --git a/service/connect/doc.go b/service/connect/doc.go index 73da5c55de5..3e86077b168 100644 --- a/service/connect/doc.go +++ b/service/connect/doc.go @@ -3,6 +3,10 @@ // Package connect provides the client and types for making API // requests to Amazon Connect Service. // +// - Amazon Connect actions (https://docs.aws.amazon.com/connect/latest/APIReference/API_Operations_Amazon_Connect_Service.html) +// +// - Amazon Connect data types (https://docs.aws.amazon.com/connect/latest/APIReference/API_Types_Amazon_Connect_Service.html) +// // Amazon Connect is a cloud-based contact center solution that you use to set // up and manage a customer contact center and provide reliable customer engagement // at any scale. diff --git a/service/eks/api.go b/service/eks/api.go index bc3cb0f0af5..6adcdad7aba 100644 --- a/service/eks/api.go +++ b/service/eks/api.go @@ -19622,6 +19622,9 @@ const ( // CapacityTypesSpot is a CapacityTypes enum value CapacityTypesSpot = "SPOT" + + // CapacityTypesCapacityBlock is a CapacityTypes enum value + CapacityTypesCapacityBlock = "CAPACITY_BLOCK" ) // CapacityTypes_Values returns all elements of the CapacityTypes enum @@ -19629,6 +19632,7 @@ func CapacityTypes_Values() []string { return []string{ CapacityTypesOnDemand, CapacityTypesSpot, + CapacityTypesCapacityBlock, } } diff --git a/service/paymentcryptography/api.go b/service/paymentcryptography/api.go index 285eabfa1fd..a902c6249d3 100644 --- a/service/paymentcryptography/api.go +++ b/service/paymentcryptography/api.go @@ -4940,8 +4940,12 @@ type ImportTr31KeyBlock struct { // The TR-31 wrapped key block to import. // + // WrappedKeyBlock is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ImportTr31KeyBlock's + // String and GoString methods. + // // WrappedKeyBlock is a required field - WrappedKeyBlock *string `min:"56" type:"string" required:"true"` + WrappedKeyBlock *string `min:"56" type:"string" required:"true" sensitive:"true"` // The KeyARN of the key that will decrypt or unwrap a TR-31 key block during // import. diff --git a/service/paymentcryptographydata/api.go b/service/paymentcryptographydata/api.go index 0733ad40b6a..80361536090 100644 --- a/service/paymentcryptographydata/api.go +++ b/service/paymentcryptographydata/api.go @@ -675,21 +675,16 @@ func (c *PaymentCryptographyData) ReEncryptDataRequest(input *ReEncryptDataInput // ReEncryptData API operation for Payment Cryptography Data Plane. // -// Re-encrypt ciphertext using DUKPT, Symmetric and Asymmetric Data Encryption -// Keys. +// Re-encrypt ciphertext using DUKPT or Symmetric data encryption keys. // // You can either generate an encryption key within Amazon Web Services Payment // Cryptography by calling CreateKey (https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html) // or import your own encryption key by calling ImportKey (https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html). // The KeyArn for use with this operation must be in a compatible key state -// with KeyModesOfUse set to Encrypt. In asymmetric encryption, ciphertext is -// encrypted using public component (imported by calling ImportKey (https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_ImportKey.html)) -// of the asymmetric key pair created outside of Amazon Web Services Payment -// Cryptography. +// with KeyModesOfUse set to Encrypt. // // For symmetric and DUKPT encryption, Amazon Web Services Payment Cryptography -// supports TDES and AES algorithms. For asymmetric encryption, Amazon Web Services -// Payment Cryptography supports RSA. To encrypt using DUKPT, a DUKPT key must +// supports TDES and AES algorithms. To encrypt using DUKPT, a DUKPT key must // already exist within your account with KeyModesOfUse set to DeriveKey or // a new DUKPT can be generated by calling CreateKey (https://docs.aws.amazon.com/payment-cryptography/latest/APIReference/API_CreateKey.html). // @@ -2281,8 +2276,15 @@ type DecryptDataInput struct { // The keyARN of the encryption key that Amazon Web Services Payment Cryptography // uses for ciphertext decryption. // + // When a WrappedKeyBlock is provided, this value will be the identifier to + // the key wrapping key. Otherwise, it is the key identifier used to perform + // the operation. + // // KeyIdentifier is a required field KeyIdentifier *string `location:"uri" locationName:"KeyIdentifier" min:"7" type:"string" required:"true"` + + // The WrappedKeyBlock containing the encryption key for ciphertext decryption. + WrappedKey *WrappedKey `type:"structure"` } // String returns the string representation. @@ -2326,6 +2328,11 @@ func (s *DecryptDataInput) Validate() error { invalidParams.AddNested("DecryptionAttributes", err.(request.ErrInvalidParams)) } } + if s.WrappedKey != nil { + if err := s.WrappedKey.Validate(); err != nil { + invalidParams.AddNested("WrappedKey", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -2351,6 +2358,12 @@ func (s *DecryptDataInput) SetKeyIdentifier(v string) *DecryptDataInput { return s } +// SetWrappedKey sets the WrappedKey field's value. +func (s *DecryptDataInput) SetWrappedKey(v *WrappedKey) *DecryptDataInput { + s.WrappedKey = v + return s +} + type DecryptDataOutput struct { _ struct{} `type:"structure"` @@ -3100,6 +3113,10 @@ type EncryptDataInput struct { // The keyARN of the encryption key that Amazon Web Services Payment Cryptography // uses for plaintext encryption. // + // When a WrappedKeyBlock is provided, this value will be the identifier to + // the key wrapping key. Otherwise, it is the key identifier used to perform + // the operation. + // // KeyIdentifier is a required field KeyIdentifier *string `location:"uri" locationName:"KeyIdentifier" min:"7" type:"string" required:"true"` @@ -3117,6 +3134,9 @@ type EncryptDataInput struct { // // PlainText is a required field PlainText *string `min:"16" type:"string" required:"true" sensitive:"true"` + + // The WrappedKeyBlock containing the encryption key for plaintext encryption. + WrappedKey *WrappedKey `type:"structure"` } // String returns the string representation. @@ -3160,6 +3180,11 @@ func (s *EncryptDataInput) Validate() error { invalidParams.AddNested("EncryptionAttributes", err.(request.ErrInvalidParams)) } } + if s.WrappedKey != nil { + if err := s.WrappedKey.Validate(); err != nil { + invalidParams.AddNested("WrappedKey", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -3185,6 +3210,12 @@ func (s *EncryptDataInput) SetPlainText(v string) *EncryptDataInput { return s } +// SetWrappedKey sets the WrappedKey field's value. +func (s *EncryptDataInput) SetWrappedKey(v *WrappedKey) *EncryptDataInput { + s.WrappedKey = v + return s +} + type EncryptDataOutput struct { _ struct{} `type:"structure"` @@ -5005,9 +5036,17 @@ type ReEncryptDataInput struct { // The keyARN of the encryption key of incoming ciphertext data. // + // When a WrappedKeyBlock is provided, this value will be the identifier to + // the key wrapping key. Otherwise, it is the key identifier used to perform + // the operation. + // // IncomingKeyIdentifier is a required field IncomingKeyIdentifier *string `location:"uri" locationName:"IncomingKeyIdentifier" min:"7" type:"string" required:"true"` + // The WrappedKeyBlock containing the encryption key of incoming ciphertext + // data. + IncomingWrappedKey *WrappedKey `type:"structure"` + // The attributes and values for outgoing ciphertext data after encryption by // Amazon Web Services Payment Cryptography. // @@ -5019,6 +5058,10 @@ type ReEncryptDataInput struct { // // OutgoingKeyIdentifier is a required field OutgoingKeyIdentifier *string `min:"7" type:"string" required:"true"` + + // The WrappedKeyBlock containing the encryption key of outgoing ciphertext + // data after encryption by Amazon Web Services Payment Cryptography. + OutgoingWrappedKey *WrappedKey `type:"structure"` } // String returns the string representation. @@ -5071,11 +5114,21 @@ func (s *ReEncryptDataInput) Validate() error { invalidParams.AddNested("IncomingEncryptionAttributes", err.(request.ErrInvalidParams)) } } + if s.IncomingWrappedKey != nil { + if err := s.IncomingWrappedKey.Validate(); err != nil { + invalidParams.AddNested("IncomingWrappedKey", err.(request.ErrInvalidParams)) + } + } if s.OutgoingEncryptionAttributes != nil { if err := s.OutgoingEncryptionAttributes.Validate(); err != nil { invalidParams.AddNested("OutgoingEncryptionAttributes", err.(request.ErrInvalidParams)) } } + if s.OutgoingWrappedKey != nil { + if err := s.OutgoingWrappedKey.Validate(); err != nil { + invalidParams.AddNested("OutgoingWrappedKey", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -5101,6 +5154,12 @@ func (s *ReEncryptDataInput) SetIncomingKeyIdentifier(v string) *ReEncryptDataIn return s } +// SetIncomingWrappedKey sets the IncomingWrappedKey field's value. +func (s *ReEncryptDataInput) SetIncomingWrappedKey(v *WrappedKey) *ReEncryptDataInput { + s.IncomingWrappedKey = v + return s +} + // SetOutgoingEncryptionAttributes sets the OutgoingEncryptionAttributes field's value. func (s *ReEncryptDataInput) SetOutgoingEncryptionAttributes(v *ReEncryptionAttributes) *ReEncryptDataInput { s.OutgoingEncryptionAttributes = v @@ -5113,6 +5172,12 @@ func (s *ReEncryptDataInput) SetOutgoingKeyIdentifier(v string) *ReEncryptDataIn return s } +// SetOutgoingWrappedKey sets the OutgoingWrappedKey field's value. +func (s *ReEncryptDataInput) SetOutgoingWrappedKey(v *WrappedKey) *ReEncryptDataInput { + s.OutgoingWrappedKey = v + return s +} + type ReEncryptDataOutput struct { _ struct{} `type:"structure"` @@ -6068,6 +6133,10 @@ type TranslatePinDataInput struct { // The keyARN of the encryption key under which incoming PIN block data is encrypted. // This key type can be PEK or BDK. // + // When a WrappedKeyBlock is provided, this value will be the identifier to + // the key wrapping key for PIN block. Otherwise, it is the key identifier used + // to perform the operation. + // // IncomingKeyIdentifier is a required field IncomingKeyIdentifier *string `min:"7" type:"string" required:"true"` @@ -6077,6 +6146,10 @@ type TranslatePinDataInput struct { // IncomingTranslationAttributes is a required field IncomingTranslationAttributes *TranslationIsoFormats `type:"structure" required:"true"` + // The WrappedKeyBlock containing the encryption key under which incoming PIN + // block data is encrypted. + IncomingWrappedKey *WrappedKey `type:"structure"` + // The attributes and values to use for outgoing DUKPT encryption key after // PIN block translation. OutgoingDukptAttributes *DukptDerivationAttributes `type:"structure"` @@ -6092,6 +6165,10 @@ type TranslatePinDataInput struct { // // OutgoingTranslationAttributes is a required field OutgoingTranslationAttributes *TranslationIsoFormats `type:"structure" required:"true"` + + // The WrappedKeyBlock containing the encryption key for encrypting outgoing + // PIN block data. + OutgoingWrappedKey *WrappedKey `type:"structure"` } // String returns the string representation. @@ -6149,6 +6226,11 @@ func (s *TranslatePinDataInput) Validate() error { invalidParams.AddNested("IncomingTranslationAttributes", err.(request.ErrInvalidParams)) } } + if s.IncomingWrappedKey != nil { + if err := s.IncomingWrappedKey.Validate(); err != nil { + invalidParams.AddNested("IncomingWrappedKey", err.(request.ErrInvalidParams)) + } + } if s.OutgoingDukptAttributes != nil { if err := s.OutgoingDukptAttributes.Validate(); err != nil { invalidParams.AddNested("OutgoingDukptAttributes", err.(request.ErrInvalidParams)) @@ -6159,6 +6241,11 @@ func (s *TranslatePinDataInput) Validate() error { invalidParams.AddNested("OutgoingTranslationAttributes", err.(request.ErrInvalidParams)) } } + if s.OutgoingWrappedKey != nil { + if err := s.OutgoingWrappedKey.Validate(); err != nil { + invalidParams.AddNested("OutgoingWrappedKey", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -6190,6 +6277,12 @@ func (s *TranslatePinDataInput) SetIncomingTranslationAttributes(v *TranslationI return s } +// SetIncomingWrappedKey sets the IncomingWrappedKey field's value. +func (s *TranslatePinDataInput) SetIncomingWrappedKey(v *WrappedKey) *TranslatePinDataInput { + s.IncomingWrappedKey = v + return s +} + // SetOutgoingDukptAttributes sets the OutgoingDukptAttributes field's value. func (s *TranslatePinDataInput) SetOutgoingDukptAttributes(v *DukptDerivationAttributes) *TranslatePinDataInput { s.OutgoingDukptAttributes = v @@ -6208,6 +6301,12 @@ func (s *TranslatePinDataInput) SetOutgoingTranslationAttributes(v *TranslationI return s } +// SetOutgoingWrappedKey sets the OutgoingWrappedKey field's value. +func (s *TranslatePinDataInput) SetOutgoingWrappedKey(v *WrappedKey) *TranslatePinDataInput { + s.OutgoingWrappedKey = v + return s +} + type TranslatePinDataOutput struct { _ struct{} `type:"structure"` @@ -7582,6 +7681,123 @@ func (s *VisaPinVerificationValue) SetPinVerificationKeyIndex(v int64) *VisaPinV return s } +// Parameter information of a WrappedKeyBlock for encryption key exchange. +type WrappedKey struct { + _ struct{} `type:"structure"` + + // The algorithm that Amazon Web Services Payment Cryptography uses to calculate + // the key check value (KCV). It is used to validate the key integrity. + // + // For TDES keys, the KCV is computed by encrypting 8 bytes, each with value + // of zero, with the key to be checked and retaining the 3 highest order bytes + // of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm + // where the input data is 16 bytes of zero and retaining the 3 highest order + // bytes of the encrypted result. + KeyCheckValueAlgorithm *string `type:"string" enum:"KeyCheckValueAlgorithm"` + + // Parameter information of a WrappedKeyBlock for encryption key exchange. + // + // WrappedKeyMaterial is a required field + WrappedKeyMaterial *WrappedKeyMaterial `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WrappedKey) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WrappedKey) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *WrappedKey) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "WrappedKey"} + if s.WrappedKeyMaterial == nil { + invalidParams.Add(request.NewErrParamRequired("WrappedKeyMaterial")) + } + if s.WrappedKeyMaterial != nil { + if err := s.WrappedKeyMaterial.Validate(); err != nil { + invalidParams.AddNested("WrappedKeyMaterial", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKeyCheckValueAlgorithm sets the KeyCheckValueAlgorithm field's value. +func (s *WrappedKey) SetKeyCheckValueAlgorithm(v string) *WrappedKey { + s.KeyCheckValueAlgorithm = &v + return s +} + +// SetWrappedKeyMaterial sets the WrappedKeyMaterial field's value. +func (s *WrappedKey) SetWrappedKeyMaterial(v *WrappedKeyMaterial) *WrappedKey { + s.WrappedKeyMaterial = v + return s +} + +// Parameter information of a WrappedKeyBlock for encryption key exchange. +type WrappedKeyMaterial struct { + _ struct{} `type:"structure"` + + // The TR-31 wrapped key block. + // + // Tr31KeyBlock is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by WrappedKeyMaterial's + // String and GoString methods. + Tr31KeyBlock *string `min:"56" type:"string" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WrappedKeyMaterial) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WrappedKeyMaterial) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *WrappedKeyMaterial) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "WrappedKeyMaterial"} + if s.Tr31KeyBlock != nil && len(*s.Tr31KeyBlock) < 56 { + invalidParams.Add(request.NewErrParamMinLen("Tr31KeyBlock", 56)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetTr31KeyBlock sets the Tr31KeyBlock field's value. +func (s *WrappedKeyMaterial) SetTr31KeyBlock(v string) *WrappedKeyMaterial { + s.Tr31KeyBlock = &v + return s +} + const ( // DukptDerivationTypeTdes2key is a DukptDerivationType enum value DukptDerivationTypeTdes2key = "TDES_2KEY" @@ -7718,6 +7934,22 @@ func EncryptionMode_Values() []string { } } +const ( + // KeyCheckValueAlgorithmCmac is a KeyCheckValueAlgorithm enum value + KeyCheckValueAlgorithmCmac = "CMAC" + + // KeyCheckValueAlgorithmAnsiX924 is a KeyCheckValueAlgorithm enum value + KeyCheckValueAlgorithmAnsiX924 = "ANSI_X9_24" +) + +// KeyCheckValueAlgorithm_Values returns all elements of the KeyCheckValueAlgorithm enum +func KeyCheckValueAlgorithm_Values() []string { + return []string{ + KeyCheckValueAlgorithmCmac, + KeyCheckValueAlgorithmAnsiX924, + } +} + const ( // MacAlgorithmIso9797Algorithm1 is a MacAlgorithm enum value MacAlgorithmIso9797Algorithm1 = "ISO9797_ALGORITHM1" diff --git a/service/wafv2/api.go b/service/wafv2/api.go index 5f0cfb4499f..4ccf3cd0993 100644 --- a/service/wafv2/api.go +++ b/service/wafv2/api.go @@ -14785,6 +14785,10 @@ func (s *JA3Fingerprint) SetFallbackBehavior(v string) *JA3Fingerprint { // // Example JSON: "JsonBody": { "MatchPattern": { "All": {} }, "MatchScope": // "ALL" } +// +// For additional information about this request component option, see JSON +// body (https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) +// in the WAF Developer Guide. type JsonBody struct { _ struct{} `type:"structure"` @@ -14803,17 +14807,10 @@ type JsonBody struct { // If you don't provide this setting, WAF parses and evaluates the content only // up to the first parsing failure that it encounters. // - // WAF does its best to parse the entire JSON body, but might be forced to stop - // for reasons such as invalid characters, duplicate keys, truncation, and any - // content whose root node isn't an object or an array. - // - // WAF parses the JSON in the following examples as two valid key, value pairs: - // - // * Missing comma: {"key1":"value1""key2":"value2"} - // - // * Missing colon: {"key1":"value1","key2""value2"} - // - // * Extra colons: {"key1"::"value1","key2""value2"} + // WAF parsing doesn't fully validate the input JSON string, so parsing can + // succeed even for invalid JSON. When parsing succeeds, WAF doesn't apply the + // fallback behavior. For more information, see JSON body (https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) + // in the WAF Developer Guide. InvalidFallbackBehavior *string `type:"string" enum:"BodyParsingFallbackBehavior"` // The patterns to look for in the JSON body. WAF inspects the results of these