Modify a setting for a DB cluster. You can change one or more database configuration parameters by specifying these parameters and the new values in the request.
" }, @@ -1441,7 +1442,7 @@ "documentation":"The list of log types to disable.
" } }, - "documentation":"The configuration setting for the log types to be enabled for export to CloudWatch Logs for a specific DB instance or DB cluster.
The EnableLogTypes and DisableLogTypes arrays determine which logs will be exported (or not exported) to CloudWatch Logs.
The configuration setting for the log types to be enabled for export to CloudWatch Logs for a specific DB instance or DB cluster.
The EnableLogTypes and DisableLogTypes arrays determine which logs will be exported (or not exported) to CloudWatch Logs.
Valid log types are: audit (to publish audit logs) and slowquery (to publish slow-query logs). See Publishing Neptune logs to Amazon CloudWatch logs.
The number of days for which automatic DB snapshots are retained.
" }, + "StorageType":{ + "shape":"String", + "documentation":"The storage type for the DB cluster.
" + }, "AllocatedStorage":{ "shape":"IntegerOptional", "documentation":"The allocated storage size in gibibytes (GiB) for database engines. For Neptune, AllocatedStorage always returns 1, because Neptune DB cluster storage size isn't fixed, but instead automatically adjusts as needed.
The list of log types that need to be enabled for exporting to CloudWatch Logs.
" + "documentation":"A list of the log types that this DB cluster should export to CloudWatch Logs. Valid log types are: audit (to publish audit logs) and slowquery (to publish slow-query logs). See Publishing Neptune logs to Amazon CloudWatch logs.
The ID of the Neptune global database to which this new DB cluster should be added.
" + }, + "StorageType":{ + "shape":"String", + "documentation":"The storage type to associate with the DB cluster.
Valid Values:
standard | iopt1
Default:
standard
When you create a Neptune cluster with the storage type set to iopt1, the storage type is returned in the response. The storage type isn't returned when you set it to standard.
A list of log types that this DB cluster is configured to export to CloudWatch Logs.
" + "documentation":"A list of the log types that this DB cluster is configured to export to CloudWatch Logs. Valid log types are: audit (to publish audit logs to CloudWatch) and slowquery (to publish slow-query logs to CloudWatch). See Publishing Neptune logs to Amazon CloudWatch logs.
Contains a user-supplied global database cluster identifier. This identifier is the unique key that identifies a global database.
" + }, + "IOOptimizedNextAllowedModificationTime":{ + "shape":"TStamp", + "documentation":"The next time you can modify the DB cluster to use the iopt1 storage type.
The storage type associated with the DB cluster.
" } }, "documentation":"Contains the details of an Amazon Neptune DB cluster.
This data type is used as a response element in the DescribeDBClusters.
", @@ -2783,6 +2800,10 @@ "IAMDatabaseAuthenticationEnabled":{ "shape":"Boolean", "documentation":"True if mapping of Amazon Identity and Access Management (IAM) accounts to database accounts is enabled, and otherwise false.
" + }, + "StorageType":{ + "shape":"String", + "documentation":"The storage type associated with the DB cluster snapshot.
" } }, "documentation":"Contains the details for an Amazon Neptune DB cluster snapshot
This data type is used as a response element in the DescribeDBClusterSnapshots action.
", @@ -5076,7 +5097,7 @@ }, "CloudwatchLogsExportConfiguration":{ "shape":"CloudwatchLogsExportConfiguration", - "documentation":"The configuration setting for the log types to be enabled for export to CloudWatch Logs for a specific DB cluster.
" + "documentation":"The configuration setting for the log types to be enabled for export to CloudWatch Logs for a specific DB cluster. See Using the CLI to publish Neptune audit logs to CloudWatch Logs.
" }, "EngineVersion":{ "shape":"String", @@ -5101,6 +5122,10 @@ "ServerlessV2ScalingConfiguration":{ "shape":"ServerlessV2ScalingConfiguration", "documentation":"Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + }, + "StorageType":{ + "shape":"String", + "documentation":"The storage type to associate with the DB cluster.
Valid Values:
standard | iopt1
Default:
standard
Log types that are in the process of being enabled. After they are enabled, these log types are exported to CloudWatch Logs.
" } }, - "documentation":"A list of the log types whose configuration is still pending. In other words, these log types are in the process of being activated or deactivated.
" + "documentation":"A list of the log types whose configuration is still pending. In other words, these log types are in the process of being activated or deactivated.
Valid log types are: audit (to publish audit logs) and slowquery (to publish slow-query logs). See Publishing Neptune logs to Amazon CloudWatch logs.
This PendingCloudwatchLogsExports structure specifies pending changes to which CloudWatch logs are enabled and which are disabled.
This data type is used as a response element in the ModifyDBInstance action.
" + "documentation":"This data type is used as a response element in the ModifyDBInstance action.
" }, "PromoteReadReplicaDBClusterMessage":{ "type":"structure", @@ -6081,6 +6106,10 @@ "ServerlessV2ScalingConfiguration":{ "shape":"ServerlessV2ScalingConfiguration", "documentation":"Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + }, + "StorageType":{ + "shape":"String", + "documentation":"Specifies the storage type to be associated with the DB cluster.
Valid values: standard, iopt1
Default: standard
Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + }, + "StorageType":{ + "shape":"String", + "documentation":"Specifies the storage type to be associated with the DB cluster.
Valid values: standard, iopt1
Default: standard
The maximum number of messages that a campaign can send each second. For an application, this value specifies the default limit for the number of messages that campaigns can send each second. The minimum value is 50. The maximum value is 20,000.
" + "documentation": "The maximum number of messages that a campaign can send each second. For an application, this value specifies the default limit for the number of messages that campaigns can send each second. The minimum value is 1. The maximum value is 20,000.
" }, "Total": { "shape": "__integer", diff --git a/botocore/data/securityhub/2018-10-26/service-2.json b/botocore/data/securityhub/2018-10-26/service-2.json index 42912f6e92..a4622aea9f 100644 --- a/botocore/data/securityhub/2018-10-26/service-2.json +++ b/botocore/data/securityhub/2018-10-26/service-2.json @@ -1315,7 +1315,9 @@ {"shape":"LimitExceededException"}, {"shape":"ResourceNotFoundException"}, {"shape":"ResourceInUseException"}, - {"shape":"AccessDeniedException"} + {"shape":"AccessDeniedException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ResourceInUseException"} ], "documentation":"Updates the properties of a security control.
" }, @@ -1607,7 +1609,7 @@ }, "AlphaNumericNonEmptyString":{ "type":"string", - "pattern":"^[-_ a-zA-Z0-9]+$" + "pattern":"^([^\\u0000-\\u007F]|[-_ a-zA-Z0-9])+$" }, "ArnList":{ "type":"list", @@ -4871,6 +4873,10 @@ "TableStatus":{ "shape":"NonEmptyString", "documentation":"The current status of the table. Valid values are as follows:
ACTIVE
ARCHIVED
ARCHIVING
CREATING
DELETING
INACCESSIBLE_ENCRYPTION_CREDENTIALS
UPDATING
Indicates whether deletion protection is to be enabled (true) or disabled (false) on the table.
" } }, "documentation":"Provides details about a DynamoDB table.
" @@ -5125,6 +5131,200 @@ }, "documentation":"The current DynamoDB Streams configuration for the table.
" }, + "AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails":{ + "type":"structure", + "members":{ + "DirectoryId":{ + "shape":"NonEmptyString", + "documentation":"The ID of the Active Directory used for authentication.
" + } + }, + "documentation":"Provides details about an Active Directory that’s used to authenticate an Client VPN endpoint.
" + }, + "AwsEc2ClientVpnEndpointAuthenticationOptionsDetails":{ + "type":"structure", + "members":{ + "Type":{ + "shape":"NonEmptyString", + "documentation":"The authentication type used.
" + }, + "ActiveDirectory":{ + "shape":"AwsEc2ClientVpnEndpointAuthenticationOptionsActiveDirectoryDetails", + "documentation":"Information about the Active Directory, if applicable. With Active Directory authentication, clients are authenticated against existing Active Directory groups.
" + }, + "MutualAuthentication":{ + "shape":"AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails", + "documentation":"Information about the authentication certificates, if applicable.
" + }, + "FederatedAuthentication":{ + "shape":"AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails", + "documentation":"Information about the IAM SAML identity provider, if applicable.
" + } + }, + "documentation":"Information about the authentication method used by the Client VPN endpoint.
" + }, + "AwsEc2ClientVpnEndpointAuthenticationOptionsFederatedAuthenticationDetails":{ + "type":"structure", + "members":{ + "SamlProviderArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the IAM SAML identity provider.
" + }, + "SelfServiceSamlProviderArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the IAM SAML identity provider for the self-service portal.
" + } + }, + "documentation":"Describes the IAM SAML identity providers used for federated authentication.
" + }, + "AwsEc2ClientVpnEndpointAuthenticationOptionsList":{ + "type":"list", + "member":{"shape":"AwsEc2ClientVpnEndpointAuthenticationOptionsDetails"} + }, + "AwsEc2ClientVpnEndpointAuthenticationOptionsMutualAuthenticationDetails":{ + "type":"structure", + "members":{ + "ClientRootCertificateChain":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the client certificate.
" + } + }, + "documentation":"Information about the client certificate used for authentication.
" + }, + "AwsEc2ClientVpnEndpointClientConnectOptionsDetails":{ + "type":"structure", + "members":{ + "Enabled":{ + "shape":"Boolean", + "documentation":"Indicates whether client connect options are enabled.
" + }, + "LambdaFunctionArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the Lambda function used for connection authorization.
" + }, + "Status":{ + "shape":"AwsEc2ClientVpnEndpointClientConnectOptionsStatusDetails", + "documentation":"The status of any updates to the client connect options.
" + } + }, + "documentation":"The options for managing connection authorization for new client connections.
" + }, + "AwsEc2ClientVpnEndpointClientConnectOptionsStatusDetails":{ + "type":"structure", + "members":{ + "Code":{ + "shape":"NonEmptyString", + "documentation":"The status code.
" + }, + "Message":{ + "shape":"NonEmptyString", + "documentation":"The status message.
" + } + }, + "documentation":"Describes the status of the Client VPN endpoint attribute.
" + }, + "AwsEc2ClientVpnEndpointClientLoginBannerOptionsDetails":{ + "type":"structure", + "members":{ + "Enabled":{ + "shape":"Boolean", + "documentation":"Current state of text banner feature.
" + }, + "BannerText":{ + "shape":"NonEmptyString", + "documentation":"Customizable text that will be displayed in a banner on Amazon Web Services provided clients when a VPN session is established.
" + } + }, + "documentation":"Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
" + }, + "AwsEc2ClientVpnEndpointConnectionLogOptionsDetails":{ + "type":"structure", + "members":{ + "Enabled":{ + "shape":"Boolean", + "documentation":"Indicates whether client connection logging is enabled for the Client VPN endpoint.
" + }, + "CloudwatchLogGroup":{ + "shape":"NonEmptyString", + "documentation":"The name of the Amazon CloudWatch Logs log group to which connection logging data is published.
" + }, + "CloudwatchLogStream":{ + "shape":"NonEmptyString", + "documentation":"The name of the Amazon CloudWatch Logs log stream to which connection logging data is published.
" + } + }, + "documentation":"Information about the client connection logging options for the Client VPN endpoint.
" + }, + "AwsEc2ClientVpnEndpointDetails":{ + "type":"structure", + "members":{ + "ClientVpnEndpointId":{ + "shape":"NonEmptyString", + "documentation":"The ID of the Client VPN endpoint.
" + }, + "Description":{ + "shape":"NonEmptyString", + "documentation":"A brief description of the endpoint.
" + }, + "ClientCidrBlock":{ + "shape":"NonEmptyString", + "documentation":"The IPv4 address range, in CIDR notation, from which client IP addresses are assigned.
" + }, + "DnsServer":{ + "shape":"StringList", + "documentation":"Information about the DNS servers to be used for DNS resolution.
" + }, + "SplitTunnel":{ + "shape":"Boolean", + "documentation":"Indicates whether split-tunnel is enabled in the Client VPN endpoint.
" + }, + "TransportProtocol":{ + "shape":"NonEmptyString", + "documentation":"The transport protocol used by the Client VPN endpoint.
" + }, + "VpnPort":{ + "shape":"Integer", + "documentation":"The port number for the Client VPN endpoint.
" + }, + "ServerCertificateArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the server certificate.
" + }, + "AuthenticationOptions":{ + "shape":"AwsEc2ClientVpnEndpointAuthenticationOptionsList", + "documentation":"Information about the authentication method used by the Client VPN endpoint.
" + }, + "ConnectionLogOptions":{ + "shape":"AwsEc2ClientVpnEndpointConnectionLogOptionsDetails", + "documentation":"Information about the client connection logging options for the Client VPN endpoint.
" + }, + "SecurityGroupIdSet":{ + "shape":"StringList", + "documentation":"The IDs of the security groups for the target network.
" + }, + "VpcId":{ + "shape":"NonEmptyString", + "documentation":"The ID of the VPC.
" + }, + "SelfServicePortalUrl":{ + "shape":"NonEmptyString", + "documentation":"The URL of the self-service portal.
" + }, + "ClientConnectOptions":{ + "shape":"AwsEc2ClientVpnEndpointClientConnectOptionsDetails", + "documentation":"The options for managing connection authorization for new client connections.
" + }, + "SessionTimeoutHours":{ + "shape":"Integer", + "documentation":"The maximum VPN session duration time in hours.
" + }, + "ClientLoginBannerOptions":{ + "shape":"AwsEc2ClientVpnEndpointClientLoginBannerOptionsDetails", + "documentation":"Options for enabling a customizable text banner that will be displayed on Amazon Web Services provided clients when a VPN session is established.
" + } + }, + "documentation":"Describes an Client VPN endpoint. A Client VPN endpoint is the resource that you create and configure to enable and manage client VPN sessions. It's the termination point for all client VPN sessions.
" + }, "AwsEc2EipDetails":{ "type":"structure", "members":{ @@ -10524,7 +10724,7 @@ }, "CurrentVersion":{ "shape":"NonEmptyString", - "documentation":"The current version of the MSK cluster.
" + "documentation":"The current version of the cluster.
" }, "NumberOfBrokerNodes":{ "shape":"Integer", @@ -10537,9 +10737,13 @@ "ClientAuthentication":{ "shape":"AwsMskClusterClusterInfoClientAuthenticationDetails", "documentation":"Provides information for different modes of client authentication.
" + }, + "EnhancedMonitoring":{ + "shape":"NonEmptyString", + "documentation":"Specifies the level of monitoring for the cluster.
" } }, - "documentation":"Provide details about an Amazon MSK cluster.
" + "documentation":"Provide details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
" }, "AwsMskClusterClusterInfoEncryptionInfoDetails":{ "type":"structure", @@ -12694,6 +12898,51 @@ }, "documentation":"Provides details about a specified Amazon Route 53 configuration for DNS query logging.
" }, + "AwsS3AccessPointDetails":{ + "type":"structure", + "members":{ + "AccessPointArn":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Resource Name (ARN) of the access point.
" + }, + "Alias":{ + "shape":"NonEmptyString", + "documentation":"The name or alias of the access point.
" + }, + "Bucket":{ + "shape":"NonEmptyString", + "documentation":"The name of the S3 bucket associated with the specified access point.
" + }, + "BucketAccountId":{ + "shape":"NonEmptyString", + "documentation":"The Amazon Web Services account ID associated with the S3 bucket associated with this access point.
" + }, + "Name":{ + "shape":"NonEmptyString", + "documentation":"The name of the specified access point.
" + }, + "NetworkOrigin":{ + "shape":"NonEmptyString", + "documentation":"Indicates whether this access point allows access from the public internet.
" + }, + "PublicAccessBlockConfiguration":{"shape":"AwsS3AccountPublicAccessBlockDetails"}, + "VpcConfiguration":{ + "shape":"AwsS3AccessPointVpcConfigurationDetails", + "documentation":"Contains the virtual private cloud (VPC) configuration for the specified access point.
" + } + }, + "documentation":"Returns configuration information about the specified Amazon S3 access point. S3 access points are named network endpoints that are attached to buckets that you can use to perform S3 object operations.
" + }, + "AwsS3AccessPointVpcConfigurationDetails":{ + "type":"structure", + "members":{ + "VpcId":{ + "shape":"NonEmptyString", + "documentation":"If this field is specified, this access point will only allow connections from the specified VPC ID.
" + } + }, + "documentation":"The virtual private cloud (VPC) configuration for an Amazon S3 access point.
" + }, "AwsS3AccountPublicAccessBlockDetails":{ "type":"structure", "members":{ @@ -12951,7 +13200,7 @@ }, "BucketLifecycleConfiguration":{ "shape":"AwsS3BucketBucketLifecycleConfigurationDetails", - "documentation":"The lifecycle configuration for objects in the S3 bucket.
" + "documentation":"The lifecycle configuration for objects in the specified bucket.
" }, "PublicAccessBlockConfiguration":{ "shape":"AwsS3AccountPublicAccessBlockDetails", @@ -12979,10 +13228,14 @@ }, "ObjectLockConfiguration":{ "shape":"AwsS3BucketObjectLockConfiguration", - "documentation":"Specifies which rule Amazon S3 applies by default to every new object placed in the specified bucket.
" + "documentation":"Specifies which rule Amazon S3 applies by default to every new object placed in the bucket.
" + }, + "Name":{ + "shape":"NonEmptyString", + "documentation":"The name of the bucket.
" } }, - "documentation":"The details of an Amazon S3 bucket.
" + "documentation":"The details of an Amazon Simple Storage Service (Amazon S3) bucket.
" }, "AwsS3BucketLoggingConfiguration":{ "type":"structure", @@ -15738,7 +15991,7 @@ }, "Name":{ "shape":"NonEmptyString", - "documentation":"The name of the configuration policy.
" + "documentation":" The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: -, ., !, *, /.
The name of the configuration policy.
" + "documentation":" The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: -, ., !, *, /.
Identifies whether a control parameter uses a custom user-defined value or the Security Hub default value.
" + "documentation":"Identifies whether a control parameter uses a custom user-defined value or subscribes to the default Security Hub behavior.
When ValueType is set equal to DEFAULT, the default behavior can be a specific Security Hub default value, or the default behavior can be to ignore a specific parameter. When ValueType is set equal to DEFAULT, Security Hub ignores user-provided input for the Value field.
When ValueType is set equal to CUSTOM, the Value field can't be empty.
Provides details about an Amazon Managed Streaming for Apache Kafka (Amazon MSK) cluster.
" + }, + "AwsS3AccessPoint":{ + "shape":"AwsS3AccessPointDetails", + "documentation":"Provides details about an Amazon Simple Storage Service (Amazon S3) access point. S3 access points are named network endpoints that are attached to S3 buckets that you can use to perform S3 object operations.
" + }, + "AwsEc2ClientVpnEndpoint":{ + "shape":"AwsEc2ClientVpnEndpointDetails", + "documentation":"Provides details about an Client VPN endpoint. A Client VPN endpoint is the resource that you create and configure to enable and manage client VPN sessions. It's the termination point for all client VPN sessions.
" } }, "documentation":"Additional details about a resource related to a finding.
To provide the details, use the object that corresponds to the resource type. For example, if the resource type is AwsEc2Instance, then you use the AwsEc2Instance object to provide the details.
If the type-specific object does not contain all of the fields you want to populate, then you use the Other object to populate those additional fields.
You also use the Other object to populate the details when the selected type does not have a corresponding object.
The name of the configuration policy.
" + "documentation":" The name of the configuration policy. Alphanumeric characters and the following ASCII characters are permitted: -, ., !, *, /.