Updated API models and rebuilt service gems.

aws · Feb 4, 2025 · ae7c222 · ae7c222
1 parent 99f4f25
commit ae7c222
Show file tree

Hide file tree

Showing 60 changed files with 1,598 additions and 246 deletions.
diff --git a/apis/datasync/2018-11-09/docs-2.json b/apis/datasync/2018-11-09/docs-2.json
@@ -1068,29 +1068,29 @@
       "base": null,
       "refs": {
         "CreateLocationHdfsRequest$KerberosKeytab": "<p>The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. You can load the keytab from a file by providing the file's address. If you're using the CLI, it performs base64 encoding for you. Otherwise, provide the base64-encoded text. </p> <note> <p>If <code>KERBEROS</code> is specified for <code>AuthenticationType</code>, this parameter is required. </p> </note>",
-        "CreateLocationSmbRequest$KerberosKeytab": "<p>Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys.</p> <p>You can specify the keytab using a file path (for example, <code>file://path/to/file.keytab</code>). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for <code>KerberosPrincipal</code> and in your <code>krb5.conf</code> file. </p>",
+        "CreateLocationSmbRequest$KerberosKeytab": "<p>Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.</p> <p>The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for <code>KerberosPrincipal</code>. </p>",
         "UpdateLocationHdfsRequest$KerberosKeytab": "<p>The Kerberos key table (keytab) that contains mappings between the defined Kerberos principal and the encrypted keys. You can load the keytab from a file by providing the file's address. If you use the CLI, it performs base64 encoding for you. Otherwise, provide the base64-encoded text.</p>",
-        "UpdateLocationSmbRequest$KerberosKeytab": "<p>Specifies your Kerberos key table (keytab) file, which includes mappings between your service principal name (SPN) and encryption keys.</p> <p>You can specify the keytab using a file path (for example, <code>file://path/to/file.keytab</code>). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the SPN in the keytab file matches exactly what you specify for <code>KerberosPrincipal</code> and in your <code>krb5.conf</code> file.</p>"
+        "UpdateLocationSmbRequest$KerberosKeytab": "<p>Specifies your Kerberos key table (keytab) file, which includes mappings between your Kerberos principal and encryption keys.</p> <p>The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the Kerberos principal that you use to create the keytab file matches exactly what you specify for <code>KerberosPrincipal</code>.</p>"
       }
     },
     "KerberosKrb5ConfFile": {
       "base": null,
       "refs": {
         "CreateLocationHdfsRequest$KerberosKrb5Conf": "<p>The <code>krb5.conf</code> file that contains the Kerberos configuration information. You can load the <code>krb5.conf</code> file by providing the file's address. If you're using the CLI, it performs the base64 encoding for you. Otherwise, provide the base64-encoded text. </p> <note> <p>If <code>KERBEROS</code> is specified for <code>AuthenticationType</code>, this parameter is required.</p> </note>",
-        "CreateLocationSmbRequest$KerberosKrb5Conf": "<p>Specifies a Kerberos configuration file (<code>krb5.conf</code>) that defines your Kerberos realm configuration.</p> <p>You can specify the <code>krb5.conf</code> using a file path (for example, <code>file://path/to/krb5.conf</code>). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the service principal name (SPN) in the <code>krb5.conf</code> file matches exactly what you specify for <code>KerberosPrincipal</code> and in your keytab file.</p>",
+        "CreateLocationSmbRequest$KerberosKrb5Conf": "<p>Specifies a Kerberos configuration file (<code>krb5.conf</code>) that defines your Kerberos realm configuration.</p> <p>The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p>",
         "UpdateLocationHdfsRequest$KerberosKrb5Conf": "<p>The <code>krb5.conf</code> file that contains the Kerberos configuration information. You can load the <code>krb5.conf</code> file by providing the file's address. If you're using the CLI, it performs the base64 encoding for you. Otherwise, provide the base64-encoded text.</p>",
-        "UpdateLocationSmbRequest$KerberosKrb5Conf": "<p>Specifies a Kerberos configuration file (<code>krb5.conf</code>) that defines your Kerberos realm configuration.</p> <p>You can specify the <code>krb5.conf</code> using a file path (for example, <code>file://path/to/krb5.conf</code>). The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p> <p>To avoid task execution errors, make sure that the service principal name (SPN) in the <code>krb5.conf</code> file matches exactly what you specify for <code>KerberosPrincipal</code> and in your keytab file.</p>"
+        "UpdateLocationSmbRequest$KerberosKrb5Conf": "<p>Specifies a Kerberos configuration file (<code>krb5.conf</code>) that defines your Kerberos realm configuration.</p> <p>The file must be base64 encoded. If you're using the CLI, the encoding is done for you.</p>"
       }
     },
     "KerberosPrincipal": {
       "base": null,
       "refs": {
         "CreateLocationHdfsRequest$KerberosPrincipal": "<p>The Kerberos principal with access to the files and folders on the HDFS cluster. </p> <note> <p>If <code>KERBEROS</code> is specified for <code>AuthenticationType</code>, this parameter is required.</p> </note>",
-        "CreateLocationSmbRequest$KerberosPrincipal": "<p>Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.</p> <p>SPNs are case sensitive and must include a prepended <code>cifs/</code>. For example, an SPN might look like <code>cifs/[email protected]</code>.</p> <p>Your task execution will fail if the SPN that you provide for this parameter doesn’t match what’s exactly in your keytab or <code>krb5.conf</code> files. </p>",
+        "CreateLocationSmbRequest$KerberosPrincipal": "<p>Specifies a Kerberos prinicpal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.</p> <p>A Kerberos principal might look like <code>HOST/[email protected]</code>.</p> <p>Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.</p>",
         "DescribeLocationHdfsResponse$KerberosPrincipal": "<p>The Kerberos principal with access to the files and folders on the HDFS cluster. This parameter is used if the <code>AuthenticationType</code> is defined as <code>KERBEROS</code>.</p>",
-        "DescribeLocationSmbResponse$KerberosPrincipal": "<p>The Kerberos service principal name (SPN) that has permission to access the files, folders, and file metadata in your SMB file server.</p>",
+        "DescribeLocationSmbResponse$KerberosPrincipal": "<p>The Kerberos principal that has permission to access the files, folders, and file metadata in your SMB file server.</p>",
         "UpdateLocationHdfsRequest$KerberosPrincipal": "<p>The Kerberos principal with access to the files and folders on the HDFS cluster. </p>",
-        "UpdateLocationSmbRequest$KerberosPrincipal": "<p>Specifies a service principal name (SPN), which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.</p> <p>SPNs are case sensitive and must include a prepended <code>cifs/</code>. For example, an SPN might look like <code>cifs/[email protected]</code>.</p> <p>Your task execution will fail if the SPN that you provide for this parameter doesn’t match what’s exactly in your keytab or <code>krb5.conf</code> files.</p>"
+        "UpdateLocationSmbRequest$KerberosPrincipal": "<p>Specifies a Kerberos prinicpal, which is an identity in your Kerberos realm that has permission to access the files, folders, and file metadata in your SMB file server.</p> <p>A Kerberos principal might look like <code>HOST/[email protected]</code>.</p> <p>Principal names are case sensitive. Your DataSync task execution will fail if the principal that you specify for this parameter doesn’t exactly match the principal that you use to create the keytab file.</p>"
       }
     },
     "KmsKeyProviderUri": {

diff --git a/apis/dms/2016-01-01/api-2.json b/apis/dms/2016-01-01/api-2.json
@@ -1875,6 +1875,7 @@
         "ServiceAccessRoleArn":{"shape":"String"},
         "EnableCloudwatchLogs":{"shape":"BooleanOptional"},
         "SourceDataSettings":{"shape":"SourceDataSettings"},
+        "TargetDataSettings":{"shape":"TargetDataSettings"},
         "NumberOfJobs":{"shape":"IntegerOptional"},
         "Tags":{"shape":"TagList"},
         "SelectionRules":{"shape":"SecretString"}
@@ -2180,6 +2181,7 @@
         "DataMigrationType":{"shape":"MigrationTypeValue"},
         "DataMigrationSettings":{"shape":"DataMigrationSettings"},
         "SourceDataSettings":{"shape":"SourceDataSettings"},
+        "TargetDataSettings":{"shape":"TargetDataSettings"},
         "DataMigrationStatistics":{"shape":"DataMigrationStatistics"},
         "DataMigrationStatus":{"shape":"String"},
         "PublicIpAddresses":{"shape":"PublicIpAddressList"},
@@ -3947,6 +3949,7 @@
         "ServiceAccessRoleArn":{"shape":"String"},
         "DataMigrationType":{"shape":"MigrationTypeValue"},
         "SourceDataSettings":{"shape":"SourceDataSettings"},
+        "TargetDataSettings":{"shape":"TargetDataSettings"},
         "NumberOfJobs":{"shape":"IntegerOptional"},
         "SelectionRules":{"shape":"SecretString"}
       }
@@ -5557,6 +5560,14 @@
       "type":"list",
       "member":{"shape":"TableToReload"}
     },
+    "TablePreparationMode":{
+      "type":"string",
+      "enum":[
+        "do-nothing",
+        "truncate",
+        "drop-tables-on-target"
+      ]
+    },
     "TableStatistics":{
       "type":"structure",
       "members":{
@@ -5612,6 +5623,16 @@
       "type":"list",
       "member":{"shape":"Tag"}
     },
+    "TargetDataSetting":{
+      "type":"structure",
+      "members":{
+        "TablePreparationMode":{"shape":"TablePreparationMode"}
+      }
+    },
+    "TargetDataSettings":{
+      "type":"list",
+      "member":{"shape":"TargetDataSetting"}
+    },
     "TargetDbType":{
       "type":"string",
       "enum":[

diff --git a/apis/dms/2016-01-01/docs-2.json b/apis/dms/2016-01-01/docs-2.json
@@ -1962,7 +1962,7 @@
       }
     },
     "KerberosAuthenticationSettings": {
-      "base": "<p>Specifies using Kerberos authentication settings for use with DMS.</p>",
+      "base": "<p>Specifies the settings required for kerberos authentication when creating the replication instance.</p>",
       "refs": {
         "CreateReplicationInstanceMessage$KerberosAuthenticationSettings": "<p>Specifies the ID of the secret that stores the key cache file required for kerberos authentication, when creating a replication instance.</p>",
         "ModifyReplicationInstanceMessage$KerberosAuthenticationSettings": "<p>Specifies the ID of the secret that stores the key cache file required for kerberos authentication, when modifying a replication instance.</p>",
@@ -2278,7 +2278,7 @@
     "OracleAuthenticationMethod": {
       "base": null,
       "refs": {
-        "OracleSettings$AuthenticationMethod": "<p>Specifies using Kerberos authentication with Oracle.</p>"
+        "OracleSettings$AuthenticationMethod": "<p>Specifies the authentication method to be used with Oracle.</p>"
       }
     },
     "OracleDataProviderSettings": {
@@ -2902,7 +2902,7 @@
     "SqlServerAuthenticationMethod": {
       "base": null,
       "refs": {
-        "MicrosoftSQLServerSettings$AuthenticationMethod": "<p>Specifies using Kerberos authentication with Microsoft SQL Server.</p>"
+        "MicrosoftSQLServerSettings$AuthenticationMethod": "<p>Specifies the authentication method to be used with Microsoft SQL Server.</p>"
       }
     },
     "SslSecurityProtocolValue": {
@@ -3439,9 +3439,9 @@
         "KafkaSettings$SslClientKeyArn": "<p>The Amazon Resource Name (ARN) for the client private key used to securely connect to a Kafka target endpoint.</p>",
         "KafkaSettings$SslCaCertificateArn": "<p> The Amazon Resource Name (ARN) for the private certificate authority (CA) cert that DMS uses to securely connect to your Kafka target endpoint.</p>",
         "KafkaSettings$SaslUsername": "<p> The secure user name you created when you first set up your MSK cluster to validate a client identity and make an encrypted connection between server and client using SASL-SSL authentication.</p>",
-        "KerberosAuthenticationSettings$KeyCacheSecretId": "<p>Specifies the secret ID of the key cache for the replication instance.</p>",
-        "KerberosAuthenticationSettings$KeyCacheSecretIamArn": "<p>Specifies the Amazon Resource Name (ARN) of the IAM role that grants Amazon Web Services DMS access to the secret containing key cache file for the replication instance.</p>",
-        "KerberosAuthenticationSettings$Krb5FileContents": "<p>Specifies the ID of the secret that stores the key cache file required for kerberos authentication of the replication instance.</p>",
+        "KerberosAuthenticationSettings$KeyCacheSecretId": "<p>Specifies the ID of the secret that stores the key cache file required for kerberos authentication.</p>",
+        "KerberosAuthenticationSettings$KeyCacheSecretIamArn": "<p>Specifies the Amazon Resource Name (ARN) of the IAM role that grants Amazon Web Services DMS access to the secret containing key cache file for the kerberos authentication.</p>",
+        "KerberosAuthenticationSettings$Krb5FileContents": "<p>Specifies the contents of krb5 configuration file required for kerberos authentication.</p>",
         "KeyList$member": null,
         "KinesisSettings$StreamArn": "<p>The Amazon Resource Name (ARN) for the Amazon Kinesis Data Streams endpoint.</p>",
         "KinesisSettings$ServiceAccessRoleArn": "<p>The Amazon Resource Name (ARN) for the IAM role that DMS uses to write to the Kinesis data stream. The role must allow the <code>iam:PassRole</code> action.</p>",
@@ -3934,6 +3934,12 @@
         "ReloadTablesMessage$TablesToReload": "<p>The name and schema of the table to be reloaded. </p>"
       }
     },
+    "TablePreparationMode": {
+      "base": null,
+      "refs": {
+        "TargetDataSetting$TablePreparationMode": "<p>This setting determines how DMS handles the target tables before starting a data migration, either by leaving them untouched, dropping and recreating them, or truncating the existing data in the target tables.</p>"
+      }
+    },
     "TableStatistics": {
       "base": "<p>Provides a collection of table statistics in response to a request by the <code>DescribeTableStatistics</code> operation.</p>",
       "refs": {
@@ -3978,6 +3984,20 @@
         "StartReplicationTaskAssessmentRunMessage$Tags": "<p>One or more tags to be assigned to the premigration assessment run that you want to start.</p>"
       }
     },
+    "TargetDataSetting": {
+      "base": "<p>Defines settings for a target data provider for a data migration.</p>",
+      "refs": {
+        "TargetDataSettings$member": null
+      }
+    },
+    "TargetDataSettings": {
+      "base": null,
+      "refs": {
+        "CreateDataMigrationMessage$TargetDataSettings": "<p>Specifies information about the target data provider.</p>",
+        "DataMigration$TargetDataSettings": "<p>Specifies information about the data migration's target data provider.</p>",
+        "ModifyDataMigrationMessage$TargetDataSettings": "<p>The new information about the target data provider for the data migration.</p>"
+      }
+    },
     "TargetDbType": {
       "base": null,
       "refs": {

diff --git a/apis/iam/2010-05-08/api-2.json b/apis/iam/2010-05-08/api-2.json
@@ -2963,7 +2963,9 @@
       "members":{
         "SAMLMetadataDocument":{"shape":"SAMLMetadataDocumentType"},
         "Name":{"shape":"SAMLProviderNameType"},
-        "Tags":{"shape":"tagListType"}
+        "Tags":{"shape":"tagListType"},
+        "AssertionEncryptionMode":{"shape":"assertionEncryptionModeType"},
+        "AddPrivateKey":{"shape":"privateKeyType"}
       }
     },
     "CreateSAMLProviderResponse":{
@@ -3853,10 +3855,13 @@
     "GetSAMLProviderResponse":{
       "type":"structure",
       "members":{
+        "SAMLProviderUUID":{"shape":"privateKeyIdType"},
         "SAMLMetadataDocument":{"shape":"SAMLMetadataDocumentType"},
         "CreateDate":{"shape":"dateType"},
         "ValidUntil":{"shape":"dateType"},
-        "Tags":{"shape":"tagListType"}
+        "Tags":{"shape":"tagListType"},
+        "AssertionEncryptionMode":{"shape":"assertionEncryptionModeType"},
+        "PrivateKeyList":{"shape":"privateKeyList"}
       }
     },
     "GetSSHPublicKeyRequest":{
@@ -5304,6 +5309,13 @@
       "max":10000000,
       "min":1000
     },
+    "SAMLPrivateKey":{
+      "type":"structure",
+      "members":{
+        "KeyId":{"shape":"privateKeyIdType"},
+        "Timestamp":{"shape":"dateType"}
+      }
+    },
     "SAMLProviderListEntry":{
       "type":"structure",
       "members":{
@@ -5905,13 +5917,13 @@
     },
     "UpdateSAMLProviderRequest":{
       "type":"structure",
-      "required":[
-        "SAMLMetadataDocument",
-        "SAMLProviderArn"
-      ],
+      "required":["SAMLProviderArn"],
       "members":{
         "SAMLMetadataDocument":{"shape":"SAMLMetadataDocumentType"},
-        "SAMLProviderArn":{"shape":"arnType"}
+        "SAMLProviderArn":{"shape":"arnType"},
+        "AssertionEncryptionMode":{"shape":"assertionEncryptionModeType"},
+        "AddPrivateKey":{"shape":"privateKeyType"},
+        "RemovePrivateKey":{"shape":"privateKeyIdType"}
       }
     },
     "UpdateSAMLProviderResponse":{
@@ -6106,6 +6118,13 @@
       "max":2048,
       "min":20
     },
+    "assertionEncryptionModeType":{
+      "type":"string",
+      "enum":[
+        "Required",
+        "Allowed"
+      ]
+    },
     "assignmentStatusType":{
       "type":"string",
       "enum":[
@@ -6406,6 +6425,17 @@
       "type":"string",
       "pattern":"v[1-9][0-9]*(\\.[A-Za-z0-9-]*)?"
     },
+    "privateKeyIdType":{
+      "type":"string",
+      "max":64,
+      "min":22,
+      "pattern":"[A-Z0-9]+"
+    },
+    "privateKeyList":{
+      "type":"list",
+      "member":{"shape":"SAMLPrivateKey"},
+      "max":2
+    },
     "privateKeyType":{
       "type":"string",
       "max":16384,