From 10e90c7b3f60e7149c0d7943c04758b36a885ac5 Mon Sep 17 00:00:00 2001 From: aws-sdk-python-automation Date: Mon, 26 Jun 2023 18:10:10 +0000 Subject: [PATCH 1/2] Update to latest models --- .../api-change-connect-26797.json | 5 + .../next-release/api-change-glue-76094.json | 5 + .../api-change-guardduty-15863.json | 5 + .../next-release/api-change-iam-62666.json | 5 + .../api-change-pinpoint-78917.json | 5 + .../data/connect/2017-08-08/paginators-1.json | 6 + .../data/connect/2017-08-08/service-2.json | 133 +++++++++++++++++- botocore/data/glue/2017-03-31/service-2.json | 17 ++- .../data/guardduty/2017-11-28/service-2.json | 11 +- .../data/iam/2010-05-08/paginators-1.json | 49 +++++++ botocore/data/iam/2010-05-08/service-2.json | 82 ++++++++++- .../data/pinpoint/2016-12-01/service-2.json | 21 +++ 12 files changed, 333 insertions(+), 11 deletions(-) create mode 100644 .changes/next-release/api-change-connect-26797.json create mode 100644 .changes/next-release/api-change-glue-76094.json create mode 100644 .changes/next-release/api-change-guardduty-15863.json create mode 100644 .changes/next-release/api-change-iam-62666.json create mode 100644 .changes/next-release/api-change-pinpoint-78917.json diff --git a/.changes/next-release/api-change-connect-26797.json b/.changes/next-release/api-change-connect-26797.json new file mode 100644 index 0000000000..6ec86e6589 --- /dev/null +++ b/.changes/next-release/api-change-connect-26797.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``connect``", + "description": "This release provides a way to search for existing tags within an instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value pairs." +} diff --git a/.changes/next-release/api-change-glue-76094.json b/.changes/next-release/api-change-glue-76094.json new file mode 100644 index 0000000000..20e302fbbb --- /dev/null +++ b/.changes/next-release/api-change-glue-76094.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``glue``", + "description": "Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue Streaming Job" +} diff --git a/.changes/next-release/api-change-guardduty-15863.json b/.changes/next-release/api-change-guardduty-15863.json new file mode 100644 index 0000000000..ca64153ee7 --- /dev/null +++ b/.changes/next-release/api-change-guardduty-15863.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``guardduty``", + "description": "Add support for user.extra.sessionName in Kubernetes Audit Logs Findings." +} diff --git a/.changes/next-release/api-change-iam-62666.json b/.changes/next-release/api-change-iam-62666.json new file mode 100644 index 0000000000..7c618beb8e --- /dev/null +++ b/.changes/next-release/api-change-iam-62666.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``iam``", + "description": "Support for a new API \"GetMFADevice\" to present MFA device metadata such as device certifications" +} diff --git a/.changes/next-release/api-change-pinpoint-78917.json b/.changes/next-release/api-change-pinpoint-78917.json new file mode 100644 index 0000000000..5ced10c99c --- /dev/null +++ b/.changes/next-release/api-change-pinpoint-78917.json @@ -0,0 +1,5 @@ +{ + "type": "api-change", + "category": "``pinpoint``", + "description": "Added time zone estimation support for journeys" +} diff --git a/botocore/data/connect/2017-08-08/paginators-1.json b/botocore/data/connect/2017-08-08/paginators-1.json index debef67179..815897d265 100644 --- a/botocore/data/connect/2017-08-08/paginators-1.json +++ b/botocore/data/connect/2017-08-08/paginators-1.json @@ -282,6 +282,12 @@ ], "output_token": "NextToken", "result_key": "QuickConnects" + }, + "SearchResourceTags": { + "input_token": "NextToken", + "limit_key": "MaxResults", + "output_token": "NextToken", + "result_key": "Tags" } } } diff --git a/botocore/data/connect/2017-08-08/service-2.json b/botocore/data/connect/2017-08-08/service-2.json index 4a94f31edd..effb497b05 100644 --- a/botocore/data/connect/2017-08-08/service-2.json +++ b/botocore/data/connect/2017-08-08/service-2.json @@ -221,7 +221,7 @@ {"shape":"IdempotencyException"}, {"shape":"AccessDeniedException"} ], - "documentation":"

Claims an available phone number to your Amazon Connect instance or traffic distribution group. You can call this API only in the same Amazon Web Services Region where the Amazon Connect instance or traffic distribution group was created.

For more information about how to use this operation, see Claim a phone number in your country and Claim phone numbers to traffic distribution groups in the Amazon Connect Administrator Guide.

You can call the SearchAvailablePhoneNumbers API for available phone numbers that you can claim. Call the DescribePhoneNumber API to verify the status of a previous ClaimPhoneNumber operation.

" + "documentation":"

Claims an available phone number to your Amazon Connect instance or traffic distribution group. You can call this API only in the same Amazon Web Services Region where the Amazon Connect instance or traffic distribution group was created.

For more information about how to use this operation, see Claim a phone number in your country and Claim phone numbers to traffic distribution groups in the Amazon Connect Administrator Guide.

You can call the SearchAvailablePhoneNumbers API for available phone numbers that you can claim. Call the DescribePhoneNumber API to verify the status of a previous ClaimPhoneNumber operation.

If you plan to claim and release numbers frequently during a 30 day period, contact us for a service quota exception. Otherwise, it is possible you will be blocked from claiming and releasing any more numbers until 30 days past the oldest number released has expired.

By default you can claim and release up to 200% of your maximum number of active phone numbers during any 30 day period. If you claim and release phone numbers using the UI or API during a rolling 30 day cycle that exceeds 200% of your phone number service level quota, you will be blocked from claiming any more numbers until 30 days past the oldest number released has expired.

For example, if you already have 99 claimed numbers and a service level quota of 99 phone numbers, and in any 30 day period you release 99, claim 99, and then release 99, you will have exceeded the 200% limit. At that point you are blocked from claiming any more numbers until you open an Amazon Web Services support ticket.

" }, "CreateAgentStatus":{ "name":"CreateAgentStatus", @@ -2219,7 +2219,7 @@ {"shape":"IdempotencyException"}, {"shape":"AccessDeniedException"} ], - "documentation":"

Releases a phone number previously claimed to an Amazon Connect instance or traffic distribution group. You can call this API only in the Amazon Web Services Region where the number was claimed.

To release phone numbers from a traffic distribution group, use the ReleasePhoneNumber API, not the Amazon Connect console.

After releasing a phone number, the phone number enters into a cooldown period of 30 days. It cannot be searched for or claimed again until the period has ended. If you accidentally release a phone number, contact Amazon Web Services Support.

" + "documentation":"

Releases a phone number previously claimed to an Amazon Connect instance or traffic distribution group. You can call this API only in the Amazon Web Services Region where the number was claimed.

To release phone numbers from a traffic distribution group, use the ReleasePhoneNumber API, not the Amazon Connect console.

After releasing a phone number, the phone number enters into a cooldown period of 30 days. It cannot be searched for or claimed again until the period has ended. If you accidentally release a phone number, contact Amazon Web Services Support.

If you plan to claim and release numbers frequently during a 30 day period, contact us for a service quota exception. Otherwise, it is possible you will be blocked from claiming and releasing any more numbers until 30 days past the oldest number released has expired.

By default you can claim and release up to 200% of your maximum number of active phone numbers during any 30 day period. If you claim and release phone numbers using the UI or API during a rolling 30 day cycle that exceeds 200% of your phone number service level quota, you will be blocked from claiming any more numbers until 30 days past the oldest number released has expired.

For example, if you already have 99 claimed numbers and a service level quota of 99 phone numbers, and in any 30 day period you release 99, claim 99, and then release 99, you will have exceeded the 200% limit. At that point you are blocked from claiming any more numbers until you open an Amazon Web Services support ticket.

" }, "ReplicateInstance":{ "name":"ReplicateInstance", @@ -2340,6 +2340,24 @@ ], "documentation":"

Searches quick connects in an Amazon Connect instance, with optional filtering.

" }, + "SearchResourceTags":{ + "name":"SearchResourceTags", + "http":{ + "method":"POST", + "requestUri":"/search-resource-tags" + }, + "input":{"shape":"SearchResourceTagsRequest"}, + "output":{"shape":"SearchResourceTagsResponse"}, + "errors":[ + {"shape":"InvalidRequestException"}, + {"shape":"InvalidParameterException"}, + {"shape":"ResourceNotFoundException"}, + {"shape":"ThrottlingException"}, + {"shape":"InternalServiceException"}, + {"shape":"MaximumResultReturnedException"} + ], + "documentation":"

Searches tags used in an Amazon Connect instance using optional search criteria.

" + }, "SearchRoutingProfiles":{ "name":"SearchRoutingProfiles", "http":{ @@ -11073,6 +11091,15 @@ "max":7, "min":1 }, + "MaximumResultReturnedException":{ + "type":"structure", + "members":{ + "Message":{"shape":"Message"} + }, + "documentation":"

Maximum number (1000) of tags have been returned with current request. Consider changing request parameters to get more tags.

", + "error":{"httpStatusCode":400}, + "exception":true + }, "MediaConcurrencies":{ "type":"list", "member":{"shape":"MediaConcurrency"} @@ -12653,6 +12680,16 @@ "error":{"httpStatusCode":409}, "exception":true }, + "ResourceTagsSearchCriteria":{ + "type":"structure", + "members":{ + "TagSearchCondition":{ + "shape":"TagSearchCondition", + "documentation":"

The search criteria to be used to return tags.

" + } + }, + "documentation":"

The search criteria to be used to search tags.

" + }, "ResourceType":{ "type":"string", "enum":[ @@ -12665,6 +12702,10 @@ "USER" ] }, + "ResourceTypeList":{ + "type":"list", + "member":{"shape":"String"} + }, "ResumeContactRecordingRequest":{ "type":"structure", "required":[ @@ -13350,6 +13391,46 @@ } } }, + "SearchResourceTagsRequest":{ + "type":"structure", + "required":["InstanceId"], + "members":{ + "InstanceId":{ + "shape":"InstanceIdOrArn", + "documentation":"

The identifier of the Amazon Connect instance. You can find the instanceId in the Amazon Resource Name (ARN) of the instance.

" + }, + "ResourceTypes":{ + "shape":"ResourceTypeList", + "documentation":"

The list of resource types to be used to search tags from. If not provided or if any empty list is provided, this API will search from all supported resource types.

" + }, + "NextToken":{ + "shape":"NextToken2500", + "documentation":"

The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.

" + }, + "MaxResults":{ + "shape":"MaxResult100", + "documentation":"

The maximum number of results to return per page.

", + "box":true + }, + "SearchCriteria":{ + "shape":"ResourceTagsSearchCriteria", + "documentation":"

The search criteria to be used to return tags.

" + } + } + }, + "SearchResourceTagsResponse":{ + "type":"structure", + "members":{ + "Tags":{ + "shape":"TagsList", + "documentation":"

A list of tags used in the Amazon Connect instance.

" + }, + "NextToken":{ + "shape":"NextToken2500", + "documentation":"

If there are additional results, this is the token for the next set of results.

" + } + } + }, "SearchRoutingProfilesRequest":{ "type":"structure", "required":["InstanceId"], @@ -14371,6 +14452,10 @@ "max":50, "min":1 }, + "TagKeyString":{ + "type":"string", + "max":128 + }, "TagMap":{ "type":"map", "key":{"shape":"TagKey"}, @@ -14411,10 +14496,54 @@ "max":128, "min":1 }, + "TagSearchCondition":{ + "type":"structure", + "members":{ + "tagKey":{ + "shape":"TagKeyString", + "documentation":"

The tag key used in the tag search condition.

" + }, + "tagValue":{ + "shape":"TagValueString", + "documentation":"

The tag value used in the tag search condition.

" + }, + "tagKeyComparisonType":{ + "shape":"StringComparisonType", + "documentation":"

The type of comparison to be made when evaluating the tag key in tag search condition.

" + }, + "tagValueComparisonType":{ + "shape":"StringComparisonType", + "documentation":"

The type of comparison to be made when evaluating the tag value in tag search condition.

" + } + }, + "documentation":"

The search criteria to be used to return tags.

" + }, + "TagSet":{ + "type":"structure", + "members":{ + "key":{ + "shape":"TagKey", + "documentation":"

The tag key in the tagSet.

" + }, + "value":{ + "shape":"TagValue", + "documentation":"

The tag value in the tagSet.

" + } + }, + "documentation":"

A tag set contains tag key and tag value.

" + }, "TagValue":{ "type":"string", "max":256 }, + "TagValueString":{ + "type":"string", + "max":256 + }, + "TagsList":{ + "type":"list", + "member":{"shape":"TagSet"} + }, "TaskActionDefinition":{ "type":"structure", "required":[ diff --git a/botocore/data/glue/2017-03-31/service-2.json b/botocore/data/glue/2017-03-31/service-2.json index 4e38fc1581..5ff41890a2 100644 --- a/botocore/data/glue/2017-03-31/service-2.json +++ b/botocore/data/glue/2017-03-31/service-2.json @@ -12779,6 +12779,10 @@ "exception":true }, "IsVersionValid":{"type":"boolean"}, + "Iso8601DateTime":{ + "type":"timestamp", + "timestampFormat":"iso8601" + }, "JDBCConnectionType":{ "type":"string", "enum":[ @@ -13574,6 +13578,10 @@ "EmitConsumerLagMetrics":{ "shape":"EnclosedInStringProperty", "documentation":"

When this option is set to 'true', for each batch, it will emit the metrics for the duration between the oldest record received by the topic and the time it arrives in Glue to CloudWatch. The metric's name is \"glue.driver.streaming.maxConsumerLagInMs\". The default value is 'false'. This option is supported in Glue version 4.0 or later.

" + }, + "StartingTimestamp":{ + "shape":"Iso8601DateTime", + "documentation":"

The timestamp of the record in the Kafka topic to start reading data from. The possible values are a timestamp string in UTC format of the pattern yyyy-mm-ddTHH:MM:SSZ (where Z represents a UTC timezone offset with a +/-. For example: \"2023-04-04T08:00:00+08:00\").

Only one of StartingTimestamp or StartingOffsets must be set.

" } }, "documentation":"

Additional options for streaming.

" @@ -13633,7 +13641,7 @@ }, "StartingPosition":{ "shape":"StartingPosition", - "documentation":"

The starting position in the Kinesis data stream to read data from. The possible values are \"latest\", \"trim_horizon\", or \"earliest\". The default value is \"latest\".

" + "documentation":"

The starting position in the Kinesis data stream to read data from. The possible values are \"latest\", \"trim_horizon\", \"earliest\", or a timestamp string in UTC format in the pattern yyyy-mm-ddTHH:MM:SSZ (where Z represents a UTC timezone offset with a +/-. For example: \"2023-04-04T08:00:00-04:00\"). The default value is \"latest\".

Note: Using a value that is a timestamp string in UTC format for \"startingPosition\" is supported only for Glue version 4.0 or later.

" }, "MaxFetchTimeInMs":{ "shape":"BoxedNonNegativeLong", @@ -13694,6 +13702,10 @@ "EmitConsumerLagMetrics":{ "shape":"EnclosedInStringProperty", "documentation":"

When this option is set to 'true', for each batch, it will emit the metrics for the duration between the oldest record received by the stream and the time it arrives in Glue to CloudWatch. The metric's name is \"glue.driver.streaming.maxConsumerLagInMs\". The default value is 'false'. This option is supported in Glue version 4.0 or later.

" + }, + "StartingTimestamp":{ + "shape":"Iso8601DateTime", + "documentation":"

The timestamp of the record in the Kinesis data stream to start reading data from. The possible values are a timestamp string in UTC format of the pattern yyyy-mm-ddTHH:MM:SSZ (where Z represents a UTC timezone offset with a +/-. For example: \"2023-04-04T08:00:00+08:00\").

" } }, "documentation":"

Additional options for the Amazon Kinesis streaming data source.

" @@ -18327,7 +18339,8 @@ "enum":[ "latest", "trim_horizon", - "earliest" + "earliest", + "timestamp" ] }, "Statement":{ diff --git a/botocore/data/guardduty/2017-11-28/service-2.json b/botocore/data/guardduty/2017-11-28/service-2.json index 44ff57eed1..e40fa46fa6 100644 --- a/botocore/data/guardduty/2017-11-28/service-2.json +++ b/botocore/data/guardduty/2017-11-28/service-2.json @@ -797,7 +797,7 @@ {"shape":"AccessDeniedException"}, {"shape":"InternalServerErrorException"} ], - "documentation":"

Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, and threat intel sets, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.

" + "documentation":"

Lists tags for a resource. Tagging is currently supported for detectors, finding filters, IP sets, threat intel sets, publishing destination, with a limit of 50 tags per resource. When invoked, this operation returns all assigned tags for a given resource.

" }, "ListThreatIntelSets":{ "name":"ListThreatIntelSets", @@ -4713,6 +4713,11 @@ "shape":"Groups", "documentation":"

The groups that include the user who called the Kubernetes API.

", "locationName":"groups" + }, + "SessionName":{ + "shape":"SessionNameList", + "documentation":"

Entity that assumes the IAM role when Kubernetes RBAC permissions are assigned to that role.

", + "locationName":"sessionName" } }, "documentation":"

Details about the Kubernetes user involved in a Kubernetes finding.

" @@ -7120,6 +7125,10 @@ }, "documentation":"

Additional information about the generated finding.

" }, + "SessionNameList":{ + "type":"list", + "member":{"shape":"String"} + }, "SortCriteria":{ "type":"structure", "members":{ diff --git a/botocore/data/iam/2010-05-08/paginators-1.json b/botocore/data/iam/2010-05-08/paginators-1.json index 433252c086..91c09a217c 100644 --- a/botocore/data/iam/2010-05-08/paginators-1.json +++ b/botocore/data/iam/2010-05-08/paginators-1.json @@ -200,6 +200,55 @@ "more_results": "IsTruncated", "output_token": "Marker", "result_key": "Tags" + }, + "ListInstanceProfileTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListMFADeviceTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListOpenIDConnectProviderTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListPolicyTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListRoleTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListSAMLProviderTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" + }, + "ListServerCertificateTags": { + "input_token": "Marker", + "limit_key": "MaxItems", + "more_results": "IsTruncated", + "output_token": "Marker", + "result_key": "Tags" } } } diff --git a/botocore/data/iam/2010-05-08/service-2.json b/botocore/data/iam/2010-05-08/service-2.json index bc883919a5..0833ba4eb8 100644 --- a/botocore/data/iam/2010-05-08/service-2.json +++ b/botocore/data/iam/2010-05-08/service-2.json @@ -72,7 +72,7 @@ {"shape":"PolicyNotAttachableException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Attaches the specified managed policy to the specified IAM group.

You use this operation to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

For more information about policies, see Managed policies and inline policies in the IAM User Guide.

" + "documentation":"

Attaches the specified managed policy to the specified IAM group.

You use this operation to attach a managed policy to a group. To embed an inline policy in a group, use PutGroupPolicy .

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

For more information about policies, see Managed policies and inline policies in the IAM User Guide.

" }, "AttachRolePolicy":{ "name":"AttachRolePolicy", @@ -89,7 +89,7 @@ {"shape":"PolicyNotAttachableException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy.

Use this operation to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy. For more information about policies, see Managed policies and inline policies in the IAM User Guide.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

" + "documentation":"

Attaches the specified managed policy to the specified IAM role. When you attach a managed policy to a role, the managed policy becomes part of the role's permission (access) policy.

You cannot use a managed policy as the role's trust policy. The role's trust policy is created at the same time as the role, using CreateRole . You can update a role's trust policy using UpdateAssumerolePolicy .

Use this operation to attach a managed policy to a role. To embed an inline policy in a role, use PutRolePolicy . For more information about policies, see Managed policies and inline policies in the IAM User Guide.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

" }, "AttachUserPolicy":{ "name":"AttachUserPolicy", @@ -105,7 +105,7 @@ {"shape":"PolicyNotAttachableException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Attaches the specified managed policy to the specified user.

You use this operation to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy.

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

For more information about policies, see Managed policies and inline policies in the IAM User Guide.

" + "documentation":"

Attaches the specified managed policy to the specified user.

You use this operation to attach a managed policy to a user. To embed an inline policy in a user, use PutUserPolicy .

As a best practice, you can validate your IAM policies. To learn more, see Validating IAM policies in the IAM User Guide.

For more information about policies, see Managed policies and inline policies in the IAM User Guide.

" }, "ChangePassword":{ "name":"ChangePassword", @@ -1046,6 +1046,23 @@ ], "documentation":"

Retrieves the user name for the specified IAM user. A login profile is created when you create a password for the user to access the Amazon Web Services Management Console. If the user does not exist or does not have a password, the operation returns a 404 (NoSuchEntity) error.

If you create an IAM user with access to the console, the CreateDate reflects the date you created the initial password for the user.

If you create an IAM user with programmatic access, and then later add a password for the user to access the Amazon Web Services Management Console, the CreateDate reflects the initial password creation date. A user with programmatic access does not have a login profile unless you create a password for the user to access the Amazon Web Services Management Console.

" }, + "GetMFADevice":{ + "name":"GetMFADevice", + "http":{ + "method":"POST", + "requestUri":"/" + }, + "input":{"shape":"GetMFADeviceRequest"}, + "output":{ + "shape":"GetMFADeviceResponse", + "resultWrapper":"GetMFADeviceResult" + }, + "errors":[ + {"shape":"NoSuchEntityException"}, + {"shape":"ServiceFailureException"} + ], + "documentation":"

Retrieves information about an MFA device for a specified user.

" + }, "GetOpenIDConnectProvider":{ "name":"GetOpenIDConnectProvider", "http":{ @@ -1874,7 +1891,7 @@ {"shape":"NoSuchEntityException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a group, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" + "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM group.

A user can also have managed policies attached to it. To attach a managed policy to a group, use AttachGroupPolicy . To create a new managed policy, use CreatePolicy . For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a group, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutGroupPolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" }, "PutRolePermissionsBoundary":{ "name":"PutRolePermissionsBoundary", @@ -1906,7 +1923,7 @@ {"shape":"UnmodifiableEntityException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole. You can update a role's trust policy using UpdateAssumeRolePolicy. For more information about IAM roles, see Using roles to delegate permissions and federate identities.

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed with a role, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" + "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM role.

When you embed an inline policy in a role, the inline policy is used as part of the role's access (permissions) policy. The role's trust policy is created at the same time as the role, using CreateRole . You can update a role's trust policy using UpdateAssumerolePolicy . For more information about IAM roles, see Using roles to delegate permissions and federate identities.

A role can also have a managed policy attached to it. To attach a managed policy to a role, use AttachRolePolicy . To create a new managed policy, use CreatePolicy . For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed with a role, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutRolePolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" }, "PutUserPermissionsBoundary":{ "name":"PutUserPermissionsBoundary", @@ -1936,7 +1953,7 @@ {"shape":"NoSuchEntityException"}, {"shape":"ServiceFailureException"} ], - "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy. To create a new managed policy, use CreatePolicy. For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a user, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" + "documentation":"

Adds or updates an inline policy document that is embedded in the specified IAM user.

An IAM user can also have a managed policy attached to it. To attach a managed policy to a user, use AttachUserPolicy . To create a new managed policy, use CreatePolicy . For information about policies, see Managed policies and inline policies in the IAM User Guide.

For information about the maximum number of inline policies that you can embed in a user, see IAM and STS quotas in the IAM User Guide.

Because policy documents can be large, you should use POST rather than GET when calling PutUserPolicy. For general information about using the Query API with IAM, see Making query requests in the IAM User Guide.

" }, "RemoveClientIDFromOpenIDConnectProvider":{ "name":"RemoveClientIDFromOpenIDConnectProvider", @@ -2869,6 +2886,23 @@ "type":"blob", "sensitive":true }, + "CertificationKeyType":{ + "type":"string", + "max":128, + "min":1, + "pattern":"[\\u0020-\\u00FF]+" + }, + "CertificationMapType":{ + "type":"map", + "key":{"shape":"CertificationKeyType"}, + "value":{"shape":"CertificationValueType"} + }, + "CertificationValueType":{ + "type":"string", + "max":32, + "min":1, + "pattern":"[\\u0020-\\u00FF]+" + }, "ChangePasswordRequest":{ "type":"structure", "required":[ @@ -4342,6 +4376,42 @@ }, "documentation":"

Contains the response to a successful GetLoginProfile request.

" }, + "GetMFADeviceRequest":{ + "type":"structure", + "required":["SerialNumber"], + "members":{ + "SerialNumber":{ + "shape":"serialNumberType", + "documentation":"

Serial number that uniquely identifies the MFA device. For this API, we only accept FIDO security key ARNs.

" + }, + "UserName":{ + "shape":"userNameType", + "documentation":"

The friendly name identifying the user.

" + } + } + }, + "GetMFADeviceResponse":{ + "type":"structure", + "required":["SerialNumber"], + "members":{ + "UserName":{ + "shape":"userNameType", + "documentation":"

The friendly name identifying the user.

" + }, + "SerialNumber":{ + "shape":"serialNumberType", + "documentation":"

Serial number that uniquely identifies the MFA device. For this API, we only accept FIDO security key ARNs.

" + }, + "EnableDate":{ + "shape":"dateType", + "documentation":"

The date that a specified user's MFA device was first enabled.

" + }, + "Certifications":{ + "shape":"CertificationMapType", + "documentation":"

The certifications of a specified user's MFA device. We currently provide FIPS-140-2, FIPS-140-3, and FIDO certification levels obtained from FIDO Alliance Metadata Service (MDS).

" + } + } + }, "GetOpenIDConnectProviderRequest":{ "type":"structure", "required":["OpenIDConnectProviderArn"], diff --git a/botocore/data/pinpoint/2016-12-01/service-2.json b/botocore/data/pinpoint/2016-12-01/service-2.json index 4bd141375f..a68d749ee5 100644 --- a/botocore/data/pinpoint/2016-12-01/service-2.json +++ b/botocore/data/pinpoint/2016-12-01/service-2.json @@ -12191,6 +12191,10 @@ "ClosedDays": { "shape": "ClosedDays", "documentation": "

The time when a journey will not send messages. QuietTime should be configured first and SendingSchedule should be set to true.

" + }, + "TimezoneEstimationMethods": { + "shape": "ListOf__TimezoneEstimationMethodsElement", + "documentation": "

An array of time zone estimation methods, if any, to use for determining an Endpoints time zone if the Endpoint does not have a value for the Demographic.Timezone attribute.

" } }, "documentation": "

Provides information about the status, configuration, and other settings for a journey.

", @@ -16051,6 +16055,10 @@ "ClosedDays": { "shape": "ClosedDays", "documentation": "

The time when journey will stop sending messages. QuietTime should be configured first and SendingSchedule should be set to true.

" + }, + "TimezoneEstimationMethods": { + "shape": "ListOf__TimezoneEstimationMethodsElement", + "documentation": "

An array of time zone estimation methods, if any, to use for determining an Endpoints time zone if the Endpoint does not have a value for the Demographic.Timezone attribute.

" } }, "documentation": "

Specifies the configuration and other settings for a journey.

", @@ -16136,6 +16144,13 @@ "IN_APP" ] }, + "__TimezoneEstimationMethodsElement": { + "type": "string", + "enum": [ + "PHONE_NUMBER", + "POSTAL_CODE" + ] + }, "__boolean": { "type": "boolean" }, @@ -16301,6 +16316,12 @@ "shape": "__EndpointTypesElement" } }, + "ListOf__TimezoneEstimationMethodsElement": { + "type": "list", + "member": { + "shape": "__TimezoneEstimationMethodsElement" + } + }, "ListOf__string": { "type": "list", "member": { From 19b06553f119ea88f9c09454984aff5cba394c92 Mon Sep 17 00:00:00 2001 From: aws-sdk-python-automation Date: Mon, 26 Jun 2023 18:10:20 +0000 Subject: [PATCH 2/2] Bumping version to 1.29.161 --- .changes/1.29.161.json | 27 +++++++++++++++++++ .../api-change-connect-26797.json | 5 ---- .../next-release/api-change-glue-76094.json | 5 ---- .../api-change-guardduty-15863.json | 5 ---- .../next-release/api-change-iam-62666.json | 5 ---- .../api-change-pinpoint-78917.json | 5 ---- CHANGELOG.rst | 10 +++++++ botocore/__init__.py | 2 +- docs/source/conf.py | 2 +- 9 files changed, 39 insertions(+), 27 deletions(-) create mode 100644 .changes/1.29.161.json delete mode 100644 .changes/next-release/api-change-connect-26797.json delete mode 100644 .changes/next-release/api-change-glue-76094.json delete mode 100644 .changes/next-release/api-change-guardduty-15863.json delete mode 100644 .changes/next-release/api-change-iam-62666.json delete mode 100644 .changes/next-release/api-change-pinpoint-78917.json diff --git a/.changes/1.29.161.json b/.changes/1.29.161.json new file mode 100644 index 0000000000..e196674e52 --- /dev/null +++ b/.changes/1.29.161.json @@ -0,0 +1,27 @@ +[ + { + "category": "``connect``", + "description": "This release provides a way to search for existing tags within an instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value pairs.", + "type": "api-change" + }, + { + "category": "``glue``", + "description": "Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue Streaming Job", + "type": "api-change" + }, + { + "category": "``guardduty``", + "description": "Add support for user.extra.sessionName in Kubernetes Audit Logs Findings.", + "type": "api-change" + }, + { + "category": "``iam``", + "description": "Support for a new API \"GetMFADevice\" to present MFA device metadata such as device certifications", + "type": "api-change" + }, + { + "category": "``pinpoint``", + "description": "Added time zone estimation support for journeys", + "type": "api-change" + } +] \ No newline at end of file diff --git a/.changes/next-release/api-change-connect-26797.json b/.changes/next-release/api-change-connect-26797.json deleted file mode 100644 index 6ec86e6589..0000000000 --- a/.changes/next-release/api-change-connect-26797.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``connect``", - "description": "This release provides a way to search for existing tags within an instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value pairs." -} diff --git a/.changes/next-release/api-change-glue-76094.json b/.changes/next-release/api-change-glue-76094.json deleted file mode 100644 index 20e302fbbb..0000000000 --- a/.changes/next-release/api-change-glue-76094.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``glue``", - "description": "Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue Streaming Job" -} diff --git a/.changes/next-release/api-change-guardduty-15863.json b/.changes/next-release/api-change-guardduty-15863.json deleted file mode 100644 index ca64153ee7..0000000000 --- a/.changes/next-release/api-change-guardduty-15863.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``guardduty``", - "description": "Add support for user.extra.sessionName in Kubernetes Audit Logs Findings." -} diff --git a/.changes/next-release/api-change-iam-62666.json b/.changes/next-release/api-change-iam-62666.json deleted file mode 100644 index 7c618beb8e..0000000000 --- a/.changes/next-release/api-change-iam-62666.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``iam``", - "description": "Support for a new API \"GetMFADevice\" to present MFA device metadata such as device certifications" -} diff --git a/.changes/next-release/api-change-pinpoint-78917.json b/.changes/next-release/api-change-pinpoint-78917.json deleted file mode 100644 index 5ced10c99c..0000000000 --- a/.changes/next-release/api-change-pinpoint-78917.json +++ /dev/null @@ -1,5 +0,0 @@ -{ - "type": "api-change", - "category": "``pinpoint``", - "description": "Added time zone estimation support for journeys" -} diff --git a/CHANGELOG.rst b/CHANGELOG.rst index c8fe2b0827..75802006f2 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -2,6 +2,16 @@ CHANGELOG ========= +1.29.161 +======== + +* api-change:``connect``: This release provides a way to search for existing tags within an instance. Before tagging a resource, ensure consistency by searching for pre-existing key:value pairs. +* api-change:``glue``: Timestamp Starting Position For Kinesis and Kafka Data Sources in a Glue Streaming Job +* api-change:``guardduty``: Add support for user.extra.sessionName in Kubernetes Audit Logs Findings. +* api-change:``iam``: Support for a new API "GetMFADevice" to present MFA device metadata such as device certifications +* api-change:``pinpoint``: Added time zone estimation support for journeys + + 1.29.160 ======== diff --git a/botocore/__init__.py b/botocore/__init__.py index 566b02e867..6f445f4eb8 100644 --- a/botocore/__init__.py +++ b/botocore/__init__.py @@ -16,7 +16,7 @@ import os import re -__version__ = '1.29.160' +__version__ = '1.29.161' class NullHandler(logging.Handler): diff --git a/docs/source/conf.py b/docs/source/conf.py index 1206fb95fa..9fc147a1b3 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -59,7 +59,7 @@ # The short X.Y version. version = '1.29.1' # The full version, including alpha/beta/rc tags. -release = '1.29.160' +release = '1.29.161' # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages.