Adds an instance fleet to a running cluster.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x.
Adds an instance fleet to a running cluster.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x.
Cancels a pending step or steps in a running cluster. Available only in Amazon EMR versions 4.8.0 and later, excluding version 5.0.0. A maximum of 256 steps are allowed in each CancelSteps request. CancelSteps is idempotent but asynchronous; it does not guarantee that a step will be canceled, even if the request is successfully submitted. When you use Amazon EMR releases 5.28.0 and later, you can cancel steps that are in a PENDING or RUNNING state. In earlier versions of Amazon EMR, you can only cancel steps that are in a PENDING state.
Cancels a pending step or steps in a running cluster. Available only in Amazon EMR versions 4.8.0 and higher, excluding version 5.0.0. A maximum of 256 steps are allowed in each CancelSteps request. CancelSteps is idempotent but asynchronous; it does not guarantee that a step will be canceled, even if the request is successfully submitted. When you use Amazon EMR releases 5.28.0 and higher, you can cancel steps that are in a PENDING or RUNNING state. In earlier versions of Amazon EMR, you can only cancel steps that are in a PENDING state.
Lists all available details about the instance fleets in a cluster.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Lists all available details about the instance fleets in a cluster.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
Modifies the target On-Demand and target Spot capacities for the instance fleet with the specified InstanceFleetID within the cluster specified using ClusterID. The call either succeeds or fails atomically.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Modifies the target On-Demand and target Spot capacities for the instance fleet with the specified InstanceFleetID within the cluster specified using ClusterID. The call either succeeds or fails atomically.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
Auto-termination is supported in Amazon EMR releases 5.30.0 and 6.1.0 and later. For more information, see Using an auto-termination policy.
Creates or updates an auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see Control cluster termination.
" + "documentation":"Auto-termination is supported in Amazon EMR releases 5.30.0 and 6.1.0 and higher. For more information, see Using an auto-termination policy.
Creates or updates an auto-termination policy for an Amazon EMR cluster. An auto-termination policy defines the amount of idle time in seconds after which a cluster automatically terminates. For alternative cluster termination options, see Control cluster termination.
" }, "PutBlockPublicAccessConfiguration":{ "name":"PutBlockPublicAccessConfiguration", @@ -628,7 +628,7 @@ "errors":[ {"shape":"InternalServerError"} ], - "documentation":"RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps parameter is set to TRUE, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.
For additional protection, you can set the JobFlowInstancesConfig TerminationProtected parameter to TRUE to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.
A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.
For long-running clusters, we recommend that you periodically store your results.
The instance fleets configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.
RunJobFlow creates and starts running a new cluster (job flow). The cluster runs the steps specified. After the steps complete, the cluster stops and the HDFS partition is lost. To prevent loss of data, configure the last step of the job flow to store results in Amazon S3. If the JobFlowInstancesConfig KeepJobFlowAliveWhenNoSteps parameter is set to TRUE, the cluster transitions to the WAITING state rather than shutting down after the steps have completed.
For additional protection, you can set the JobFlowInstancesConfig TerminationProtected parameter to TRUE to lock the cluster and prevent it from being terminated by API call, user intervention, or in the event of a job flow error.
A maximum of 256 steps are allowed in each job flow.
If your cluster is long-running (such as a Hive data warehouse) or complex, you may require more than 256 steps to process your data. You can bypass the 256-step limitation in various ways, including using the SSH shell to connect to the master node and submitting queries directly to the software running on the master node, such as Hive and Hadoop.
For long-running clusters, we recommend that you periodically store your results.
The instance fleets configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions. The RunJobFlow request can contain InstanceFleets parameters or InstanceGroups parameters, but not both.
This option is for advanced users only. This is meta information about third-party applications that third-party vendors use for testing purposes.
" } }, - "documentation":"With Amazon EMR release version 4.0 and later, the only accepted parameter is the application name. To pass arguments to applications, you use configuration classifications specified using configuration JSON objects. For more information, see Configuring Applications.
With earlier Amazon EMR releases, the application is any Amazon or third-party software that you can add to the cluster. This structure contains a list of strings that indicates the software to use with the cluster and accepts a user argument list. Amazon EMR accepts and forwards the argument list to the corresponding installation script as bootstrap action argument.
" + "documentation":"With Amazon EMR release version 4.0 and higher, the only accepted parameter is the application name. To pass arguments to applications, you use configuration classifications specified using configuration JSON objects. For more information, see Configuring Applications.
With earlier Amazon EMR releases, the application is any Amazon or third-party software that you can add to the cluster. This structure contains a list of strings that indicates the software to use with the cluster and accepts a user argument list. Amazon EMR accepts and forwards the argument list to the corresponding installation script as bootstrap action argument.
" }, "ApplicationList":{ "type":"list", @@ -1082,7 +1082,7 @@ "documentation":"The reason for the failure if the CancelSteps request fails.
" } }, - "documentation":"Specification of the status of a CancelSteps request. Available only in Amazon EMR version 4.8.0 and later, excluding version 5.0.0.
" + "documentation":"Specification of the status of a CancelSteps request. Available only in Amazon EMR version 4.8.0 and higher, excluding version 5.0.0.
" }, "CancelStepsInfoList":{ "type":"list", @@ -1196,7 +1196,7 @@ }, "InstanceCollectionType":{ "shape":"InstanceCollectionType", - "documentation":"The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
The instance group configuration of the cluster. A value of INSTANCE_GROUP indicates a uniform instance group configuration. A value of INSTANCE_FLEET indicates an instance fleets configuration.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The instance group configuration of the cluster. A value of INSTANCE_GROUP indicates a uniform instance group configuration. A value of INSTANCE_FLEET indicates an instance fleets configuration.
The KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding Amazon EMR 6.0.0.
" + "documentation":"The KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and higher, excluding Amazon EMR 6.0.0.
" }, "RequestedAmiVersion":{ "shape":"String", @@ -1216,7 +1216,7 @@ }, "ReleaseLabel":{ "shape":"String", - "documentation":"The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form emr-x.x.x, where x.x.x is an Amazon EMR release version such as emr-5.14.0. For more information about Amazon EMR release versions and included application versions and features, see https://docs.aws.amazon.com/emr/latest/ReleaseGuide/. The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use AmiVersion.
The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form emr-x.x.x, where x.x.x is an Amazon EMR release version such as emr-5.14.0. For more information about Amazon EMR release versions and included application versions and features, see https://docs.aws.amazon.com/emr/latest/ReleaseGuide/. The release label applies only to Amazon EMR releases version 4.0 and higher. Earlier versions use AmiVersion.
Applies only to Amazon EMR releases 4.x and later. The list of configurations that are supplied to the Amazon EMR cluster.
" + "documentation":"Applies only to Amazon EMR releases 4.x and higher. The list of configurations that are supplied to the Amazon EMR cluster.
" }, "SecurityConfiguration":{ "shape":"XmlString", @@ -1264,15 +1264,15 @@ }, "ScaleDownBehavior":{ "shape":"ScaleDownBehavior", - "documentation":"The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION is available only in Amazon EMR releases 4.1.0 and later, and is the default for versions of Amazon EMR earlier than 5.1.0.
The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and higher and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION is available only in Amazon EMR releases 4.1.0 and higher, and is the default for versions of Amazon EMR earlier than 5.1.0.
Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.
" + "documentation":"Available only in Amazon EMR releases 5.7.0 and higher. The ID of a custom Amazon EBS-backed Linux AMI if the cluster uses a custom AMI.
" }, "EbsRootVolumeSize":{ "shape":"Integer", - "documentation":"The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.
" + "documentation":"The size, in GiB, of the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 4.x and higher.
" }, "RepoUpgradeOnBoot":{ "shape":"RepoUpgradeOnBoot", @@ -1301,6 +1301,14 @@ "OSReleaseLabel":{ "shape":"String", "documentation":"The Amazon Linux release specified in a cluster launch RunJobFlow request. If no Amazon Linux release was specified, the default Amazon Linux release is shown in the response.
" + }, + "EbsRootVolumeIops":{ + "shape":"Integer", + "documentation":"The IOPS, of the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 6.15.0 and higher.
" + }, + "EbsRootVolumeThroughput":{ + "shape":"Integer", + "documentation":"The throughput, in MiB/s, of the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 6.15.0 and higher.
" } }, "documentation":"The detailed description of the cluster.
" @@ -1509,7 +1517,7 @@ "documentation":"A set of properties specified within a configuration classification.
" } }, - "documentation":"Amazon EMR releases 4.x or later.
An optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see Configuring Applications.
" + "documentation":"Amazon EMR releases 4.x or higher.
An optional configuration specification to be used when provisioning cluster instances, which can include configurations for applications and software bundled with Amazon EMR. A configuration consists of a classification, properties, and optional nested configurations. A classification refers to an application-specific configuration file. Properties are the settings you want to change in that file. For more information, see Configuring Applications.
" }, "ConfigurationList":{ "type":"list", @@ -2148,7 +2156,7 @@ "members":{ "BlockPublicAccessConfiguration":{ "shape":"BlockPublicAccessConfiguration", - "documentation":"A configuration for Amazon EMR block public access. The configuration applies to all clusters created in your account for the current Region. The configuration specifies whether block public access is enabled. If block public access is enabled, security groups associated with the cluster cannot have rules that allow inbound traffic from 0.0.0.0/0 or ::/0 on a port, unless the port is specified as an exception using PermittedPublicSecurityGroupRuleRanges in the BlockPublicAccessConfiguration. By default, Port 22 (SSH) is an exception, and public access is allowed on this port. You can change this by updating the block public access configuration to remove the exception.
For accounts that created clusters in a Region before November 25, 2019, block public access is disabled by default in that Region. To use this feature, you must manually enable and configure it. For accounts that did not create an Amazon EMR cluster in a Region before this date, block public access is enabled by default in that Region.
A configuration for Amazon EMR block public access. The configuration applies to all clusters created in your account for the current Region. The configuration specifies whether block public access is enabled. If block public access is enabled, security groups associated with the cluster cannot have rules that allow inbound traffic from 0.0.0.0/0 or ::/0 on a port, unless the port is specified as an exception using PermittedPublicSecurityGroupRuleRanges in the BlockPublicAccessConfiguration. By default, Port 22 (SSH) is an exception, and public access is allowed on this port. To change this, update the block public access configuration to remove the exception.
For accounts that created clusters in a Region before November 25, 2019, block public access is disabled by default in that Region. To use this feature, you must manually enable and configure it. For accounts that did not create an Amazon EMR cluster in a Region before this date, block public access is enabled by default in that Region.
The resize specification for the instance fleet.
" } }, - "documentation":"Describes an instance fleet, which is a group of Amazon EC2 instances that host a particular node type (master, core, or task) in an Amazon EMR cluster. Instance fleets can consist of a mix of instance types and On-Demand and Spot Instances, which are provisioned to meet a defined target capacity.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Describes an instance fleet, which is a group of Amazon EC2 instances that host a particular node type (master, core, or task) in an Amazon EMR cluster. Instance fleets can consist of a mix of instance types and On-Demand and Spot Instances, which are provisioned to meet a defined target capacity.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The resize specification for the instance fleet.
" } }, - "documentation":"The configuration that defines an instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
The configuration that defines an instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The resize specification for the instance fleet.
" } }, - "documentation":"Configuration parameters for an instance fleet modification request.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Configuration parameters for an instance fleet modification request.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.
The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and higher.
The launch specification for Spot Instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand and Spot instance allocation strategies are available in Amazon EMR releases 5.12.1 and later.
The launch specification for Spot Instances in the fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions. On-Demand and Spot instance allocation strategies are available in Amazon EMR releases 5.12.1 and higher.
An explanatory message.
" } }, - "documentation":"Provides status change reason details for the instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Provides status change reason details for the instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
Provides historical timestamps for the instance fleet, including the time of creation, the time it became ready to run jobs, and the time of termination.
" } }, - "documentation":"The status of the instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
The status of the instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The time and date the instance fleet terminated.
" } }, - "documentation":"Provides historical timestamps for the instance fleet, including the time of creation, the time it became ready to run jobs, and the time of termination.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Provides historical timestamps for the instance fleet, including the time of creation, the time it became ready to run jobs, and the time of termination.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
Amazon EMR releases 4.x or later.
The list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).
" + "documentation":"Amazon EMR releases 4.x or higher.
The list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).
" }, "ConfigurationsVersion":{ "shape":"Long", @@ -2694,7 +2702,7 @@ }, "Configurations":{ "shape":"ConfigurationList", - "documentation":"Amazon EMR releases 4.x or later.
The list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).
" + "documentation":"Amazon EMR releases 4.x or higher.
The list of configurations supplied for an Amazon EMR cluster instance group. You can specify a separate configuration for each instance group (master, core, and task).
" }, "EbsConfiguration":{ "shape":"EbsConfiguration", @@ -3069,7 +3077,7 @@ "documentation":"The custom AMI ID to use for the instance type.
" } }, - "documentation":"An instance type configuration for each instance type in an instance fleet, which determines the Amazon EC2 instances Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities. When you use an allocation strategy, you can include a maximum of 30 instance type configurations for a fleet. For more information about how to use an allocation strategy, see Configure Instance Fleets. Without an allocation strategy, you may specify a maximum of five instance type configurations for a fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
An instance type configuration for each instance type in an instance fleet, which determines the Amazon EC2 instances Amazon EMR attempts to provision to fulfill On-Demand and Spot target capacities. When you use an allocation strategy, you can include a maximum of 30 instance type configurations for a fleet. For more information about how to use an allocation strategy, see Configure Instance Fleets. Without an allocation strategy, you may specify a maximum of five instance type configurations for a fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The custom AMI ID to use for the instance type.
" } }, - "documentation":"The configuration specification for each instance type in an instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
The configuration specification for each instance type in an instance fleet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and later, excluding 6.0.0.
" + "documentation":"The KMS key used for encrypting log files. This attribute is only available with Amazon EMR 5.30.0 and higher, excluding 6.0.0.
" }, "AmiVersion":{ "shape":"XmlStringMaxLen256", - "documentation":"Applies only to Amazon EMR AMI versions 3.x and 2.x. For Amazon EMR releases 4.0 and later, ReleaseLabel is used. To specify a custom AMI, use CustomAmiID.
Applies only to Amazon EMR AMI versions 3.x and 2.x. For Amazon EMR releases 4.0 and higher, ReleaseLabel is used. To specify a custom AMI, use CustomAmiID.
The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION available only in Amazon EMR releases 4.1.0 and later, and is the default for releases of Amazon EMR earlier than 5.1.0.
The way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and higher and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION available only in Amazon EMR releases 4.1.0 and higher, and is the default for releases of Amazon EMR earlier than 5.1.0.
A description of a cluster (job flow).
" @@ -3301,7 +3309,7 @@ }, "InstanceFleets":{ "shape":"InstanceFleetConfigList", - "documentation":"The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Describes the Amazon EC2 instances and instance configurations for clusters that use the instance fleet configuration.
" + "documentation":"The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
Describes the Amazon EC2 instances and instance configurations for clusters that use the instance fleet configuration.
" }, "Ec2KeyName":{ "shape":"XmlStringMaxLen256", @@ -3329,7 +3337,7 @@ }, "Ec2SubnetIds":{ "shape":"XmlStringMaxLen256List", - "documentation":"Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
Applies to clusters that use the instance fleet configuration. When multiple Amazon EC2 subnet IDs are specified, Amazon EMR evaluates them and launches instances in the optimal subnet.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The launch specification for On-Demand instances in the instance fleet, which determines the allocation strategy.
" } }, - "documentation":"The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and later.
The launch specification for On-Demand Instances in the instance fleet, which determines the allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions. On-Demand Instances allocation strategy is available in Amazon EMR releases 5.12.1 and higher.
When multiple Availability Zones are specified, Amazon EMR evaluates them and launches instances in the optimal Availability Zone. AvailabilityZones is used for instance fleets, while AvailabilityZone (singular) is used for uniform instance groups.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions.
When multiple Availability Zones are specified, Amazon EMR evaluates them and launches instances in the optimal Availability Zone. AvailabilityZones is used for instance fleets, while AvailabilityZone (singular) is used for uniform instance groups.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions.
The Amazon EC2 Availability Zone configuration of the cluster (job flow).
" @@ -4505,7 +4513,7 @@ }, "LogEncryptionKmsKeyId":{ "shape":"XmlString", - "documentation":"The KMS key used for encrypting log files. If a value is not provided, the logs remain encrypted by AES-256. This attribute is only available with Amazon EMR releases 5.30.0 and later, excluding Amazon EMR 6.0.0.
" + "documentation":"The KMS key used for encrypting log files. If a value is not provided, the logs remain encrypted by AES-256. This attribute is only available with Amazon EMR releases 5.30.0 and higher, excluding Amazon EMR 6.0.0.
" }, "AdditionalInfo":{ "shape":"XmlString", @@ -4513,11 +4521,11 @@ }, "AmiVersion":{ "shape":"XmlStringMaxLen256", - "documentation":"Applies only to Amazon EMR AMI versions 3.x and 2.x. For Amazon EMR releases 4.0 and later, ReleaseLabel is used. To specify a custom AMI, use CustomAmiID.
Applies only to Amazon EMR AMI versions 3.x and 2.x. For Amazon EMR releases 4.0 and higher, ReleaseLabel is used. To specify a custom AMI, use CustomAmiID.
The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form emr-x.x.x, where x.x.x is an Amazon EMR release version such as emr-5.14.0. For more information about Amazon EMR release versions and included application versions and features, see https://docs.aws.amazon.com/emr/latest/ReleaseGuide/. The release label applies only to Amazon EMR releases version 4.0 and later. Earlier versions use AmiVersion.
The Amazon EMR release label, which determines the version of open-source application packages installed on the cluster. Release labels are in the form emr-x.x.x, where x.x.x is an Amazon EMR release version such as emr-5.14.0. For more information about Amazon EMR release versions and included application versions and features, see https://docs.aws.amazon.com/emr/latest/ReleaseGuide/. The release label applies only to Amazon EMR releases version 4.0 and higher. Earlier versions use AmiVersion.
For Amazon EMR releases 3.x and 2.x. For Amazon EMR releases 4.x and later, use Applications.
A list of strings that indicates third-party software to use. For more information, see the Amazon EMR Developer Guide. Currently supported values are:
\"mapr-m3\" - launch the job flow using MapR M3 Edition.
\"mapr-m5\" - launch the job flow using MapR M5 Edition.
For Amazon EMR releases 3.x and 2.x. For Amazon EMR releases 4.x and higher, use Applications.
A list of strings that indicates third-party software to use. For more information, see the Amazon EMR Developer Guide. Currently supported values are:
\"mapr-m3\" - launch the job flow using MapR M3 Edition.
\"mapr-m5\" - launch the job flow using MapR M5 Edition.
For Amazon EMR releases 3.x and 2.x. For Amazon EMR releases 4.x and later, use Applications.
A list of strings that indicates third-party software to use with the job flow that accepts a user argument list. Amazon EMR accepts and forwards the argument list to the corresponding installation script as bootstrap action arguments. For more information, see \"Launch a Job Flow on the MapR Distribution for Hadoop\" in the Amazon EMR Developer Guide. Supported values are:
\"mapr-m3\" - launch the cluster using MapR M3 Edition.
\"mapr-m5\" - launch the cluster using MapR M5 Edition.
\"mapr\" with the user arguments specifying \"--edition,m3\" or \"--edition,m5\" - launch the job flow using MapR M3 or M5 Edition respectively.
\"mapr-m7\" - launch the cluster using MapR M7 Edition.
\"hunk\" - launch the cluster with the Hunk Big Data Analytics Platform.
\"hue\"- launch the cluster with Hue installed.
\"spark\" - launch the cluster with Apache Spark installed.
\"ganglia\" - launch the cluster with the Ganglia Monitoring System installed.
For Amazon EMR releases 3.x and 2.x. For Amazon EMR releases 4.x and higher, use Applications.
A list of strings that indicates third-party software to use with the job flow that accepts a user argument list. Amazon EMR accepts and forwards the argument list to the corresponding installation script as bootstrap action arguments. For more information, see \"Launch a Job Flow on the MapR Distribution for Hadoop\" in the Amazon EMR Developer Guide. Supported values are:
\"mapr-m3\" - launch the cluster using MapR M3 Edition.
\"mapr-m5\" - launch the cluster using MapR M5 Edition.
\"mapr\" with the user arguments specifying \"--edition,m3\" or \"--edition,m5\" - launch the job flow using MapR M3 or M5 Edition respectively.
\"mapr-m7\" - launch the cluster using MapR M7 Edition.
\"hunk\" - launch the cluster with the Hunk Big Data Analytics Platform.
\"hue\"- launch the cluster with Hue installed.
\"spark\" - launch the cluster with Apache Spark installed.
\"ganglia\" - launch the cluster with the Ganglia Monitoring System installed.
Applies to Amazon EMR releases 4.0 and later. A case-insensitive list of applications for Amazon EMR to install and configure when launching the cluster. For a list of applications available for each Amazon EMR release version, see the Amazon EMRRelease Guide.
" + "documentation":"Applies to Amazon EMR releases 4.0 and higher. A case-insensitive list of applications for Amazon EMR to install and configure when launching the cluster. For a list of applications available for each Amazon EMR release version, see the Amazon EMRRelease Guide.
" }, "Configurations":{ "shape":"ConfigurationList", - "documentation":"For Amazon EMR releases 4.0 and later. The list of configurations supplied for the Amazon EMR cluster that you are creating.
" + "documentation":"For Amazon EMR releases 4.0 and higher. The list of configurations supplied for the Amazon EMR cluster that you are creating.
" }, "VisibleToAllUsers":{ "shape":"Boolean", @@ -4573,15 +4581,15 @@ }, "ScaleDownBehavior":{ "shape":"ScaleDownBehavior", - "documentation":"Specifies the way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and later and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION available only in Amazon EMR releases 4.1.0 and later, and is the default for releases of Amazon EMR earlier than 5.1.0.
Specifies the way that individual Amazon EC2 instances terminate when an automatic scale-in activity occurs or an instance group is resized. TERMINATE_AT_INSTANCE_HOUR indicates that Amazon EMR terminates nodes at the instance-hour boundary, regardless of when the request to terminate the instance was submitted. This option is only available with Amazon EMR 5.1.0 and higher and is the default for clusters created using that version. TERMINATE_AT_TASK_COMPLETION indicates that Amazon EMR adds nodes to a deny list and drains tasks from nodes before terminating the Amazon EC2 instances, regardless of the instance-hour boundary. With either behavior, Amazon EMR removes the least active nodes first and blocks instance termination if it could lead to HDFS corruption. TERMINATE_AT_TASK_COMPLETION available only in Amazon EMR releases 4.1.0 and higher, and is the default for releases of Amazon EMR earlier than 5.1.0.
Available only in Amazon EMR releases 5.7.0 and later. The ID of a custom Amazon EBS-backed Linux AMI. If specified, Amazon EMR uses this AMI when it launches cluster Amazon EC2 instances. For more information about custom AMIs in Amazon EMR, see Using a Custom AMI in the Amazon EMR Management Guide. If omitted, the cluster uses the base Linux AMI for the ReleaseLabel specified. For Amazon EMR releases 2.x and 3.x, use AmiVersion instead.
For information about creating a custom AMI, see Creating an Amazon EBS-Backed Linux AMI in the Amazon Elastic Compute Cloud User Guide for Linux Instances. For information about finding an AMI ID, see Finding a Linux AMI.
" + "documentation":"Available only in Amazon EMR releases 5.7.0 and higher. The ID of a custom Amazon EBS-backed Linux AMI. If specified, Amazon EMR uses this AMI when it launches cluster Amazon EC2 instances. For more information about custom AMIs in Amazon EMR, see Using a Custom AMI in the Amazon EMR Management Guide. If omitted, the cluster uses the base Linux AMI for the ReleaseLabel specified. For Amazon EMR releases 2.x and 3.x, use AmiVersion instead.
For information about creating a custom AMI, see Creating an Amazon EBS-Backed Linux AMI in the Amazon Elastic Compute Cloud User Guide for Linux Instances. For information about finding an AMI ID, see Finding a Linux AMI.
" }, "EbsRootVolumeSize":{ "shape":"Integer", - "documentation":"The size, in GiB, of the Amazon EBS root device volume of the Linux AMI that is used for each Amazon EC2 instance. Available in Amazon EMR releases 4.x and later.
" + "documentation":"The size, in GiB, of the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 4.x and higher.
" }, "RepoUpgradeOnBoot":{ "shape":"RepoUpgradeOnBoot", @@ -4607,9 +4615,17 @@ "OSReleaseLabel":{ "shape":"XmlStringMaxLen256", "documentation":"Specifies a particular Amazon Linux release for all nodes in a cluster launch RunJobFlow request. If a release is not specified, Amazon EMR uses the latest validated Amazon Linux release for cluster launch.
" + }, + "EbsRootVolumeIops":{ + "shape":"Integer", + "documentation":"The IOPS for the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 6.15.0 and higher.
" + }, + "EbsRootVolumeThroughput":{ + "shape":"Integer", + "documentation":"The throughput, in MiB/s, of the Amazon EBS root device volume for the Linux AMI that each Amazon EC2 instance uses. Available in Amazon EMR releases 6.15.0 and higher.
" } }, - "documentation":"Input to the RunJobFlow operation.
" + "documentation":"Input to the RunJobFlow operation.
" }, "RunJobFlowOutput":{ "type":"structure", @@ -4929,10 +4945,10 @@ }, "AllocationStrategy":{ "shape":"SpotProvisioningAllocationStrategy", - "documentation":"Specifies the strategy to use in launching Spot Instance fleets. Currently, the only option is capacity-optimized (the default), which launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching.
" + "documentation":"Specifies one of the following strategies to launch Spot Instance fleets: price-capacity-optimized, capacity-optimized, lowest-price, or diversified. For more information on the provisioning strategies, see Allocation strategies for Spot Instances in the Amazon EC2 User Guide for Linux Instances.
When you launch a Spot Instance fleet with the old console, it automatically launches with the capacity-optimized strategy. You can't change the allocation strategy from the old console.
The launch specification for Spot Instances in the instance fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and later, excluding 5.0.x versions. Spot Instance allocation strategy is available in Amazon EMR releases 5.12.1 and later.
Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.
The launch specification for Spot Instances in the instance fleet, which determines the defined duration, provisioning timeout behavior, and allocation strategy.
The instance fleet configuration is available only in Amazon EMR releases 4.8.0 and higher, excluding 5.0.x versions. Spot Instance allocation strategy is available in Amazon EMR releases 5.12.1 and higher.
Spot Instances with a defined duration (also known as Spot blocks) are no longer available to new customers from July 1, 2021. For customers who have previously used the feature, we will continue to support Spot Instances with a defined duration until December 31, 2022.
The name of the feature for the Neptune DB cluster that the IAM role is to be associated with. For the list of supported feature names, see DBEngineVersion.
" + "documentation":"The name of the feature for the Neptune DB cluster that the IAM role is to be associated with. For the list of supported feature names, see DBEngineVersion.
" } } }, @@ -1729,11 +1729,11 @@ }, "PreferredBackupWindow":{ "shape":"String", - "documentation":"The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Region. To see the time blocks available, see Adjusting the Preferred Maintenance Window in the Amazon Neptune User Guide.
Constraints:
Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.
The daily time range during which automated backups are created if automated backups are enabled using the BackupRetentionPeriod parameter.
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Region. To see the time blocks available, see Neptune Maintenance Window in the Amazon Neptune User Guide.
Constraints:
Must be in the format hh24:mi-hh24:mi.
Must be in Universal Coordinated Time (UTC).
Must not conflict with the preferred maintenance window.
Must be at least 30 minutes.
The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format: ddd:hh24:mi-ddd:hh24:mi
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Region, occurring on a random day of the week. To see the time blocks available, see Adjusting the Preferred Maintenance Window in the Amazon Neptune User Guide.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
" + "documentation":"The weekly time range during which system maintenance can occur, in Universal Coordinated Time (UTC).
Format: ddd:hh24:mi-ddd:hh24:mi
The default is a 30-minute window selected at random from an 8-hour block of time for each Amazon Region, occurring on a random day of the week. To see the time blocks available, see Neptune Maintenance Window in the Amazon Neptune User Guide.
Valid Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun.
Constraints: Minimum 30-minute window.
" }, "ReplicationSourceIdentifier":{ "shape":"String", @@ -1767,7 +1767,10 @@ "shape":"BooleanOptional", "documentation":"A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is enabled.
" }, - "ServerlessV2ScalingConfiguration":{"shape":"ServerlessV2ScalingConfiguration"}, + "ServerlessV2ScalingConfiguration":{ + "shape":"ServerlessV2ScalingConfiguration", + "documentation":"Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + }, "GlobalClusterIdentifier":{ "shape":"GlobalClusterIdentifier", "documentation":"The ID of the Neptune global database to which this new DB cluster should be added.
" @@ -1962,7 +1965,7 @@ "documentation":"The ARN from the key store with which to associate the instance for TDE encryption.
" }, "TdeCredentialPassword":{ - "shape":"String", + "shape":"SensitiveString", "documentation":"The password for the given ARN from the key store in order to access the device.
" }, "StorageEncrypted":{ @@ -2339,13 +2342,16 @@ "shape":"TStamp", "documentation":"Time at which the DB cluster will be automatically restarted.
" }, - "ServerlessV2ScalingConfiguration":{"shape":"ServerlessV2ScalingConfigurationInfo"}, + "ServerlessV2ScalingConfiguration":{ + "shape":"ServerlessV2ScalingConfigurationInfo", + "documentation":"Shows the scaling configuration for a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + }, "GlobalClusterIdentifier":{ "shape":"GlobalClusterIdentifier", "documentation":"Contains a user-supplied global database cluster identifier. This identifier is the unique key that identifies a global database.
" } }, - "documentation":"Contains the details of an Amazon Neptune DB cluster.
This data type is used as a response element in the DescribeDBClusters action.
", + "documentation":"Contains the details of an Amazon Neptune DB cluster.
This data type is used as a response element in the DescribeDBClusters.
", "wrapper":true }, "DBClusterAlreadyExistsFault":{ @@ -2647,7 +2653,7 @@ }, "FeatureName":{ "shape":"String", - "documentation":"The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see DescribeDBEngineVersions.
" + "documentation":"The name of the feature associated with the Amazon Identity and Access Management (IAM) role. For the list of supported feature names, see DescribeDBEngineVersions.
" } }, "documentation":"Describes an Amazon Identity and Access Management (IAM) role that is associated with a DB cluster.
" @@ -5074,7 +5080,7 @@ }, "EngineVersion":{ "shape":"String", - "documentation":"The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless the ApplyImmediately parameter is set to true.
For a list of valid engine versions, see Engine Releases for Amazon Neptune, or call DescribeDBEngineVersions.
" + "documentation":"The version number of the database engine to which you want to upgrade. Changing this parameter results in an outage. The change is applied during the next maintenance window unless the ApplyImmediately parameter is set to true.
For a list of valid engine versions, see Engine Releases for Amazon Neptune, or call DescribeDBEngineVersions.
" }, "AllowMajorVersionUpgrade":{ "shape":"Boolean", @@ -5092,7 +5098,10 @@ "shape":"BooleanOptional", "documentation":" If set to true, tags are copied to any snapshot of the DB cluster that is created.
Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + } } }, "ModifyDBClusterParameterGroupMessage":{ @@ -5242,7 +5251,7 @@ "documentation":"The ARN from the key store with which to associate the instance for TDE encryption.
" }, "TdeCredentialPassword":{ - "shape":"String", + "shape":"SensitiveString", "documentation":"The password for the given ARN from the key store in order to access the device.
" }, "CACertificateIdentifier":{ @@ -5886,7 +5895,7 @@ }, "FeatureName":{ "shape":"String", - "documentation":"The name of the feature for the DB cluster that the IAM role is to be disassociated from. For the list of supported feature names, see DescribeDBEngineVersions.
" + "documentation":"The name of the feature for the DB cluster that the IAM role is to be disassociated from. For the list of supported feature names, see DescribeDBEngineVersions.
" } } }, @@ -6069,7 +6078,10 @@ "shape":"BooleanOptional", "documentation":" If set to true, tags are copied to any snapshot of the restored DB cluster that is created.
Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + } } }, "RestoreDBClusterFromSnapshotResult":{ @@ -6145,7 +6157,10 @@ "shape":"BooleanOptional", "documentation":"A value that indicates whether the DB cluster has deletion protection enabled. The database can't be deleted when deletion protection is enabled. By default, deletion protection is disabled.
" }, - "ServerlessV2ScalingConfiguration":{"shape":"ServerlessV2ScalingConfiguration"} + "ServerlessV2ScalingConfiguration":{ + "shape":"ServerlessV2ScalingConfiguration", + "documentation":"Contains the scaling configuration of a Neptune Serverless DB cluster.
For more information, see Using Amazon Neptune Serverless in the Amazon Neptune User Guide.
" + } } }, "RestoreDBClusterToPointInTimeResult":{ @@ -6190,6 +6205,10 @@ }, "exception":true }, + "SensitiveString":{ + "type":"string", + "sensitive":true + }, "ServerlessV2ScalingConfiguration":{ "type":"structure", "members":{ diff --git a/botocore/data/pinpoint/2016-12-01/endpoint-rule-set-1.json b/botocore/data/pinpoint/2016-12-01/endpoint-rule-set-1.json index 0f212a69ff..cdfee85c7f 100644 --- a/botocore/data/pinpoint/2016-12-01/endpoint-rule-set-1.json +++ b/botocore/data/pinpoint/2016-12-01/endpoint-rule-set-1.json @@ -40,7 +40,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -83,7 +82,8 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -96,7 +96,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -110,7 +109,6 @@ "assign": "PartitionResult" } ], - "type": "tree", "rules": [ { "conditions": [ @@ -133,7 +131,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -168,7 +165,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -179,14 +175,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS and DualStack are enabled, but this partition does not support one or both", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -200,14 +198,12 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ { "fn": "booleanEquals", "argv": [ - true, { "fn": "getAttr", "argv": [ @@ -216,11 +212,11 @@ }, "supportsFIPS" ] - } + }, + true ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -231,14 +227,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "FIPS is enabled but this partition does not support FIPS", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -252,7 +250,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [ @@ -272,7 +269,6 @@ ] } ], - "type": "tree", "rules": [ { "conditions": [], @@ -283,14 +279,16 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" }, { "conditions": [], "error": "DualStack is enabled but this partition does not support DualStack", "type": "error" } - ] + ], + "type": "tree" }, { "conditions": [ @@ -408,9 +406,11 @@ }, "type": "endpoint" } - ] + ], + "type": "tree" } - ] + ], + "type": "tree" }, { "conditions": [], diff --git a/botocore/data/pinpoint/2016-12-01/service-2.json b/botocore/data/pinpoint/2016-12-01/service-2.json index 5d8fb8f24e..9d55c8dd14 100644 --- a/botocore/data/pinpoint/2016-12-01/service-2.json +++ b/botocore/data/pinpoint/2016-12-01/service-2.json @@ -8064,7 +8064,7 @@ "shape": "__string", "location": "uri", "locationName": "endpoint-id", - "documentation": "The unique identifier for the endpoint.
" + "documentation": "The case insensitive unique identifier for the endpoint. The identifier can't contain $, { or }.
The unique identifier for the endpoint.
" + "documentation": "The case insensitive unique identifier for the endpoint. The identifier can't contain $, { or }.
The unique identifier for the endpoint.
" + "documentation": "The case insensitive unique identifier for the endpoint. The identifier can't contain $, { or }.
Creates a new cluster with the specified parameters.
To create a cluster in Virtual Private Cloud (VPC), you must provide a cluster subnet group name. The cluster subnet group identifies the subnets of your VPC that Amazon Redshift uses when creating the cluster. For more information about managing clusters, go to Amazon Redshift Clusters in the Amazon Redshift Cluster Management Guide.
" }, @@ -1740,7 +1741,8 @@ {"shape":"InvalidClusterTrackFault"}, {"shape":"InvalidRetentionPeriodFault"}, {"shape":"UnsupportedOperationFault"}, - {"shape":"CustomCnameAssociationFault"} + {"shape":"CustomCnameAssociationFault"}, + {"shape":"Ipv6CidrBlockNotFoundFault"} ], "documentation":"Modifies the settings for a cluster.
You can also change node type and the number of nodes to scale up or down the cluster. When resizing a cluster, you must specify both the number of nodes and the node type even if one of the parameters does not change.
You can add another security or parameter group, or change the admin user password. Resetting a cluster password or modifying the security groups associated with a cluster do not need a reboot. However, modifying a parameter group requires a reboot for parameters to take effect. For more information about managing clusters, go to Amazon Redshift Clusters in the Amazon Redshift Cluster Management Guide.
" }, @@ -2183,7 +2185,8 @@ {"shape":"ReservedNodeOfferingNotFoundFault"}, {"shape":"DependentServiceUnavailableFault"}, {"shape":"ReservedNodeAlreadyExistsFault"}, - {"shape":"UnsupportedOperationFault"} + {"shape":"UnsupportedOperationFault"}, + {"shape":"Ipv6CidrBlockNotFoundFault"} ], "documentation":"Creates a new cluster from a snapshot. By default, Amazon Redshift creates the resulting cluster with the same configuration as the original cluster from which the snapshot was created, except that the new cluster is created with the default cluster security and parameter groups. After Amazon Redshift creates the cluster, you can use the ModifyCluster API to associate a different security group and different parameter group with the restored cluster. If you are using a DS node type, you can also choose to change to another DS node type of the same size during restore.
If you restore a cluster into a VPC, you must provide a cluster subnet group where you want the cluster restored.
For more information about working with snapshots, go to Amazon Redshift Snapshots in the Amazon Redshift Cluster Management Guide.
" }, @@ -3126,6 +3129,10 @@ "MasterPasswordSecretKmsKeyId":{ "shape":"String", "documentation":"The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret.
" + }, + "IpAddressType":{ + "shape":"String", + "documentation":"The IP address type for the cluster. Possible values are ipv4 and dualstack.
Describes a cluster.
", @@ -3668,6 +3675,10 @@ "Tags":{ "shape":"TagList", "documentation":"The list of tags for the cluster subnet group.
" + }, + "SupportedClusterIpAddressTypes":{ + "shape":"ValueStringList", + "documentation":"The IP address types supported by this cluster subnet group. Possible values are ipv4 and dualstack.
Describes a subnet group.
", @@ -4032,6 +4043,10 @@ "MasterPasswordSecretKmsKeyId":{ "shape":"String", "documentation":"The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if ManageMasterPassword is true.
The IP address types that the cluster supports. Possible values are ipv4 and dualstack.
There are no subnets in your VPC with associated IPv6 CIDR blocks. To use dual-stack mode, associate an IPv6 CIDR block with each subnet in your VPC.
", + "error":{ + "code":"Ipv6CidrBlockNotFoundFault", + "httpStatusCode":400, + "senderFault":true + }, + "exception":true + }, "LimitExceededFault":{ "type":"structure", "members":{ @@ -7807,6 +7834,10 @@ "MasterPasswordSecretKmsKeyId":{ "shape":"String", "documentation":"The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if ManageMasterPassword is true.
The IP address types that the cluster supports. Possible values are ipv4 and dualstack.
The Availability Zone.
" + }, + "Ipv6Address":{ + "shape":"String", + "documentation":"The IPv6 address of the network interface within the subnet.
" } }, "documentation":"Describes a network interface.
" @@ -9283,6 +9318,10 @@ "MasterPasswordSecretKmsKeyId":{ "shape":"String", "documentation":"The ID of the Key Management Service (KMS) key used to encrypt and store the cluster's admin credentials secret. You can only use this parameter if ManageMasterPassword is true.
The IP address type for the cluster. Possible values are ipv4 and dualstack.
Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution in the Amazon CloudFront Developer Guide.
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "documentation":"Associates a web ACL with a regional application resource, to protect the resource. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To associate a web ACL, in the CloudFront call UpdateDistribution, set the web ACL ID to the Amazon Resource Name (ARN) of the web ACL. For information, see UpdateDistribution in the Amazon CloudFront Developer Guide.
Required permissions for customer-managed IAM policies
This call requires permissions that are specific to the protected resource type. For details, see Permissions for AssociateWebACL in the WAF Developer Guide.
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To disassociate a web ACL, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution in the Amazon CloudFront API Reference.
Disassociates the specified regional application resource from any existing web ACL association. A resource can have at most one web ACL association. A regional application can be an Application Load Balancer (ALB), an Amazon API Gateway REST API, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
For Amazon CloudFront, don't use this call. Instead, use your CloudFront distribution configuration. To disassociate a web ACL, provide an empty web ACL ID in the CloudFront call UpdateDistribution. For information, see UpdateDistribution in the Amazon CloudFront API Reference.
Required permissions for customer-managed IAM policies
This call requires permissions that are specific to the protected resource type. For details, see Permissions for DisassociateWebACL in the WAF Developer Guide.
" }, "GenerateMobileSdkReleaseUrl":{ "name":"GenerateMobileSdkReleaseUrl", @@ -554,7 +554,7 @@ {"shape":"WAFUnavailableEntityException"}, {"shape":"WAFInvalidOperationException"} ], - "documentation":"Retrieves the WebACL for the specified resource.
" + "documentation":"Retrieves the WebACL for the specified resource.
This call uses GetWebACL, to verify that your account has permission to access the retrieved web ACL. If you get an error that indicates that your account isn't authorized to perform wafv2:GetWebACL on the resource, that error won't be included in your CloudTrail event history.
For Amazon CloudFront, don't use this call. Instead, call the CloudFront action GetDistributionConfig. For information, see GetDistributionConfig in the Amazon CloudFront API Reference.
Required permissions for customer-managed IAM policies
This call requires permissions that are specific to the protected resource type. For details, see Permissions for GetWebACLForResource in the WAF Developer Guide.
" }, "ListAPIKeys":{ "name":"ListAPIKeys", @@ -692,7 +692,7 @@ {"shape":"WAFInvalidParameterException"}, {"shape":"WAFInvalidOperationException"} ], - "documentation":"Retrieves an array of the Amazon Resource Names (ARNs) for the regional resources that are associated with the specified web ACL. If you want the list of Amazon CloudFront resources, use the CloudFront call ListDistributionsByWebACLId.
Retrieves an array of the Amazon Resource Names (ARNs) for the regional resources that are associated with the specified web ACL.
For Amazon CloudFront, don't use this call. Instead, use the CloudFront call ListDistributionsByWebACLId. For information, see ListDistributionsByWebACLId in the Amazon CloudFront API Reference.
Required permissions for customer-managed IAM policies
This call requires permissions that are specific to the protected resource type. For details, see Permissions for ListResourcesForWebACL in the WAF Developer Guide.
" }, "ListRuleGroups":{ "name":"ListRuleGroups", @@ -849,7 +849,7 @@ {"shape":"WAFLimitsExceededException"}, {"shape":"WAFInvalidOperationException"} ], - "documentation":"Updates the specified IPSet.
This operation completely replaces the mutable specifications that you already have for the IP set with the ones that you provide to this call.
To modify an IP set, do the following:
Retrieve it by calling GetIPSet
Update its settings as needed
Provide the complete IP set specification to this call
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "documentation":"Updates the specified IPSet.
This operation completely replaces the mutable specifications that you already have for the IP set with the ones that you provide to this call.
To modify an IP set, do the following:
Retrieve it by calling GetIPSet
Update its settings as needed
Provide the complete IP set specification to this call
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
Updates the specified RegexPatternSet.
This operation completely replaces the mutable specifications that you already have for the regex pattern set with the ones that you provide to this call.
To modify a regex pattern set, do the following:
Retrieve it by calling GetRegexPatternSet
Update its settings as needed
Provide the complete regex pattern set specification to this call
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
" + "documentation":"Updates the specified RegexPatternSet.
This operation completely replaces the mutable specifications that you already have for the regex pattern set with the ones that you provide to this call.
To modify a regex pattern set, do the following:
Retrieve it by calling GetRegexPatternSet
Update its settings as needed
Provide the complete regex pattern set specification to this call
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
Updates the specified RuleGroup.
This operation completely replaces the mutable specifications that you already have for the rule group with the ones that you provide to this call.
To modify a rule group, do the following:
Retrieve it by calling GetRuleGroup
Update its settings as needed
Provide the complete rule group specification to this call
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
A rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
" + "documentation":"Updates the specified RuleGroup.
This operation completely replaces the mutable specifications that you already have for the rule group with the ones that you provide to this call.
To modify a rule group, do the following:
Retrieve it by calling GetRuleGroup
Update its settings as needed
Provide the complete rule group specification to this call
A rule group defines a collection of rules to inspect and control web requests that you can use in a WebACL. When you create a rule group, you define an immutable capacity limit. If you update a rule group, you must stay within the capacity. This allows others to reuse the rule group with confidence in its capacity requirements.
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL.
This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call.
To modify a web ACL, do the following:
Retrieve it by calling GetWebACL
Update its settings as needed
Provide the complete web ACL specification to this call
When you make changes to web ACLs or web ACL components, like rules and rule groups, WAF propagates the changes everywhere that the web ACL and its components are stored and used. Your changes are applied within seconds, but there might be a brief period of inconsistency when the changes have arrived in some places and not in others. So, for example, if you change a rule action setting, the action might be the old action in one area and the new action in another area. Or if you add an IP address to an IP set used in a blocking rule, the new address might briefly be blocked in one area while still allowed in another. This temporary inconsistency can occur when you first associate a web ACL with an Amazon Web Services resource and when you change a web ACL that is already associated with a resource. Generally, any inconsistencies of this type last only a few seconds.
A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
" + "documentation":"Updates the specified WebACL. While updating a web ACL, WAF provides continuous coverage to the resources that you have associated with the web ACL.
This operation completely replaces the mutable specifications that you already have for the web ACL with the ones that you provide to this call.
To modify a web ACL, do the following:
Retrieve it by calling GetWebACL
Update its settings as needed
Provide the complete web ACL specification to this call
A web ACL defines a collection of rules to use to inspect and control web requests. Each rule has a statement that defines what to look for in web requests and an action that WAF applies to requests that match the statement. In the web ACL, you assign a default action to take (allow, block) for any request that does not match any of the rules. The rules in a web ACL can be a combination of the types Rule, RuleGroup, and managed rule group. You can associate a web ACL with one or more Amazon Web Services resources to protect. The resources can be an Amazon CloudFront distribution, an Amazon API Gateway REST API, an Application Load Balancer, an AppSync GraphQL API, an Amazon Cognito user pool, an App Runner service, or an Amazon Web Services Verified Access instance.
Temporary inconsistencies during updates
When you create or change a web ACL or other WAF resources, the changes take a small amount of time to propagate to all areas where the resources are stored. The propagation time can be from a few seconds to a number of minutes.
The following are examples of the temporary inconsistencies that you might notice during change propagation:
After you create a web ACL, if you try to associate it with a resource, you might get an exception indicating that the web ACL is unavailable.
After you add a rule group to a web ACL, the new rule group rules might be in effect in one area where the web ACL is used and not in another.
After you change a rule action setting, you might see the old action in some places and the new action in others.
After you add an IP address to an IP set that is in use in a blocking rule, the new address might be blocked in one area while still allowed in another.
A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 200 bytes.
Valid values depend on the component that you specify for inspection in FieldToMatch:
Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.
UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.
JA3Fingerprint: Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. You can use this choice only with a string match ByteMatchStatement with the PositionalConstraint set to EXACTLY.
You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the WAF Developer Guide.
HeaderOrder: The comma-separated list of header names to match for. WAF creates a string that contains the ordered list of header names, from the headers in the web request, and then matches against that string.
If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.
If you're using the WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 200 bytes.
For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.
If you're using the CLI or one of the Amazon Web Services SDKs
The value that you want WAF to search for. The SDK automatically base64 encodes the value.
" + "documentation":"A string value that you want WAF to search for. WAF searches only in the part of web requests that you designate for inspection in FieldToMatch. The maximum length of the value is 200 bytes.
Valid values depend on the component that you specify for inspection in FieldToMatch:
Method: The HTTP method that you want WAF to search for. This indicates the type of operation specified in the request.
UriPath: The value that you want WAF to search for in the URI path, for example, /images/daily-ad.jpg.
JA3Fingerprint: Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. You can use this choice only with a string match ByteMatchStatement with the PositionalConstraint set to EXACTLY.
You can obtain the JA3 fingerprint for client requests from the web ACL logs. If WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see Log fields in the WAF Developer Guide.
HeaderOrder: The list of header names to match for. WAF creates a string that contains the ordered list of header names, from the headers in the web request, and then matches against that string.
If SearchString includes alphabetic characters A-Z and a-z, note that the value is case sensitive.
If you're using the WAF API
Specify a base64-encoded version of the value. The maximum length of the value before you base64-encode it is 200 bytes.
For example, suppose the value of Type is HEADER and the value of Data is User-Agent. If you want to search the User-Agent header for the value BadBot, you base64-encode BadBot using MIME base64-encoding and include the resulting value, QmFkQm90, in the value of SearchString.
If you're using the CLI or one of the Amazon Web Services SDKs
The value that you want WAF to search for. The SDK automatically base64 encodes the value.
" }, "FieldToMatch":{ "shape":"FieldToMatch", @@ -1387,7 +1387,7 @@ }, "MatchScope":{ "shape":"MapMatchScope", - "documentation":"The parts of the cookies to inspect with the rule inspection criteria. If you specify All, WAF inspects both keys and values.
The parts of the cookies to inspect with the rule inspection criteria. If you specify ALL, WAF inspects both keys and values.
All does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical AND statement to combine two match rules, one that inspects the keys and another that inspects the values.
The parts of the headers to match with the rule inspection criteria. If you specify All, WAF inspects both keys and values.
The parts of the headers to match with the rule inspection criteria. If you specify ALL, WAF inspects both keys and values.
All does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical AND statement to combine two match rules, one that inspects the keys and another that inspects the values.
The parts of the JSON to match against using the MatchPattern. If you specify All, WAF matches against keys and values.
The parts of the JSON to match against using the MatchPattern. If you specify ALL, WAF matches against keys and values.
All does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical AND statement to combine two match rules, one that inspects the keys and another that inspects the values.