From b23412f8e10f0236f238dc29a7f7781a9fc147e0 Mon Sep 17 00:00:00 2001 From: mattBrzezinski Date: Thu, 11 Mar 2021 06:08:47 +0000 Subject: [PATCH] AWS API Definitions Updated --- src/services/accessanalyzer.jl | 76 +++++++++++++++++++++++++++++++++- src/services/backup.jl | 39 +++++++++++++---- src/services/ssm.jl | 38 ++++++++++++----- 3 files changed, 132 insertions(+), 21 deletions(-) diff --git a/src/services/accessanalyzer.jl b/src/services/accessanalyzer.jl index 7f372a0d6b..c6cc1ab984 100644 --- a/src/services/accessanalyzer.jl +++ b/src/services/accessanalyzer.jl @@ -22,6 +22,28 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys apply_archive_rule(analyzerArn, ruleName; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("PUT", "/archive-rule", Dict{String, Any}("analyzerArn"=>analyzerArn, "ruleName"=>ruleName, "clientToken"=>string(uuid4())); aws_config=aws_config) apply_archive_rule(analyzerArn, ruleName, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("PUT", "/archive-rule", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn, "ruleName"=>ruleName, "clientToken"=>string(uuid4())), params)); aws_config=aws_config) +""" + create_access_preview(analyzer_arn, configurations) + create_access_preview(analyzer_arn, configurations, params::Dict{String,<:Any}) + +Creates an access preview that allows you to preview Access Analyzer findings for your +resource before deploying resource permissions. + +# Arguments +- `analyzer_arn`: The ARN of the account analyzer used to generate the access preview. You + can only create an access preview for analyzers with an Account type and Active status. +- `configurations`: Access control configuration for your resource that is used to generate + the access preview. The access preview includes findings for external access allowed to the + resource with the proposed access control configuration. The configuration must contain + exactly one element. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"clientToken"`: A client token. +""" +create_access_preview(analyzerArn, configurations; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("PUT", "/access-preview", Dict{String, Any}("analyzerArn"=>analyzerArn, "configurations"=>configurations, "clientToken"=>string(uuid4())); aws_config=aws_config) +create_access_preview(analyzerArn, configurations, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("PUT", "/access-preview", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn, "configurations"=>configurations, "clientToken"=>string(uuid4())), params)); aws_config=aws_config) + """ create_analyzer(analyzer_name, type) create_analyzer(analyzer_name, type, params::Dict{String,<:Any}) @@ -98,6 +120,20 @@ Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys delete_archive_rule(analyzerName, ruleName; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("DELETE", "/analyzer/$(analyzerName)/archive-rule/$(ruleName)", Dict{String, Any}("clientToken"=>string(uuid4())); aws_config=aws_config) delete_archive_rule(analyzerName, ruleName, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("DELETE", "/analyzer/$(analyzerName)/archive-rule/$(ruleName)", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("clientToken"=>string(uuid4())), params)); aws_config=aws_config) +""" + get_access_preview(access_preview_id, analyzer_arn) + get_access_preview(access_preview_id, analyzer_arn, params::Dict{String,<:Any}) + +Retrieves information about an access preview for the specified analyzer. + +# Arguments +- `access_preview_id`: The unique ID for the access preview. +- `analyzer_arn`: The ARN of the analyzer used to generate the access preview. + +""" +get_access_preview(accessPreviewId, analyzerArn; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/access-preview/$(accessPreviewId)", Dict{String, Any}("analyzerArn"=>analyzerArn); aws_config=aws_config) +get_access_preview(accessPreviewId, analyzerArn, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/access-preview/$(accessPreviewId)", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn), params)); aws_config=aws_config) + """ get_analyzed_resource(analyzer_arn, resource_arn) get_analyzed_resource(analyzer_arn, resource_arn, params::Dict{String,<:Any}) @@ -154,6 +190,42 @@ Retrieves information about the specified finding. get_finding(analyzerArn, id; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/finding/$(id)", Dict{String, Any}("analyzerArn"=>analyzerArn); aws_config=aws_config) get_finding(analyzerArn, id, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/finding/$(id)", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn), params)); aws_config=aws_config) +""" + list_access_preview_findings(access_preview_id, analyzer_arn) + list_access_preview_findings(access_preview_id, analyzer_arn, params::Dict{String,<:Any}) + +Retrieves a list of access preview findings generated by the specified access preview. + +# Arguments +- `access_preview_id`: The unique ID for the access preview. +- `analyzer_arn`: The ARN of the analyzer used to generate the access. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"filter"`: Criteria to filter the returned findings. +- `"maxResults"`: The maximum number of results to return in the response. +- `"nextToken"`: A token used for pagination of results returned. +""" +list_access_preview_findings(accessPreviewId, analyzerArn; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("POST", "/access-preview/$(accessPreviewId)", Dict{String, Any}("analyzerArn"=>analyzerArn); aws_config=aws_config) +list_access_preview_findings(accessPreviewId, analyzerArn, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("POST", "/access-preview/$(accessPreviewId)", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn), params)); aws_config=aws_config) + +""" + list_access_previews(analyzer_arn) + list_access_previews(analyzer_arn, params::Dict{String,<:Any}) + +Retrieves a list of access previews for the specified analyzer. + +# Arguments +- `analyzer_arn`: The ARN of the analyzer used to generate the access preview. + +# Optional Parameters +Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: +- `"maxResults"`: The maximum number of results to return in the response. +- `"nextToken"`: A token used for pagination of results returned. +""" +list_access_previews(analyzerArn; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/access-preview", Dict{String, Any}("analyzerArn"=>analyzerArn); aws_config=aws_config) +list_access_previews(analyzerArn, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = accessanalyzer("GET", "/access-preview", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("analyzerArn"=>analyzerArn), params)); aws_config=aws_config) + """ list_analyzed_resources(analyzer_arn) list_analyzed_resources(analyzer_arn, params::Dict{String,<:Any}) @@ -210,8 +282,8 @@ list_archive_rules(analyzerName, params::AbstractDict{String, <:Any}; aws_config list_findings(analyzer_arn, params::Dict{String,<:Any}) Retrieves a list of findings generated by the specified analyzer. To learn about filter -keys that you can use to create an archive rule, see Access Analyzer filter keys in the IAM -User Guide. +keys that you can use to retrieve a list of findings, see Access Analyzer filter keys in +the IAM User Guide. # Arguments - `analyzer_arn`: The ARN of the analyzer to retrieve findings from. diff --git a/src/services/backup.jl b/src/services/backup.jl index 1771a02798..4f2225fb82 100644 --- a/src/services/backup.jl +++ b/src/services/backup.jl @@ -167,7 +167,9 @@ delete_backup_vault_notifications(backupVaultName, params::AbstractDict{String, delete_recovery_point(backup_vault_name, recovery_point_arn) delete_recovery_point(backup_vault_name, recovery_point_arn, params::Dict{String,<:Any}) -Deletes the recovery point specified by a recovery point ID. +Deletes the recovery point specified by a recovery point ID. If the recovery point ID +belongs to a continuous backup, calling this endpoint deletes the existing continuous +backup and stops future continuous backup. # Arguments - `backup_vault_name`: The name of a logical container where backups are stored. Backup @@ -294,6 +296,24 @@ Returns metadata associated with a restore job that is specified by a job ID. describe_restore_job(restoreJobId; aws_config::AbstractAWSConfig=global_aws_config()) = backup("GET", "/restore-jobs/$(restoreJobId)"; aws_config=aws_config) describe_restore_job(restoreJobId, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = backup("GET", "/restore-jobs/$(restoreJobId)", params; aws_config=aws_config) +""" + disassociate_recovery_point(backup_vault_name, recovery_point_arn) + disassociate_recovery_point(backup_vault_name, recovery_point_arn, params::Dict{String,<:Any}) + +Deletes the specified continuous backup recovery point from AWS Backup and releases control +of that continuous backup to the source service, such as Amazon RDS. The source service +will continue to create and retain continuous backups using the lifecycle that you +specified in your original backup plan. Does not support snapshot backup recovery points. + +# Arguments +- `backup_vault_name`: The unique name of an AWS Backup vault. Required. +- `recovery_point_arn`: An Amazon Resource Name (ARN) that uniquely identifies an AWS + Backup recovery point. Required. + +""" +disassociate_recovery_point(backupVaultName, recoveryPointArn; aws_config::AbstractAWSConfig=global_aws_config()) = backup("POST", "/backup-vaults/$(backupVaultName)/recovery-points/$(recoveryPointArn)/disassociate"; aws_config=aws_config) +disassociate_recovery_point(backupVaultName, recoveryPointArn, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = backup("POST", "/backup-vaults/$(backupVaultName)/recovery-points/$(recoveryPointArn)/disassociate", params; aws_config=aws_config) + """ export_backup_plan_template(backup_plan_id) export_backup_plan_template(backup_plan_id, params::Dict{String,<:Any}) @@ -311,8 +331,8 @@ export_backup_plan_template(backupPlanId, params::AbstractDict{String, <:Any}; a get_backup_plan(backup_plan_id) get_backup_plan(backup_plan_id, params::Dict{String,<:Any}) -Returns BackupPlan details for the specified BackupPlanId. Returns the body of a backup -plan in JSON format, in addition to plan metadata. +Returns BackupPlan details for the specified BackupPlanId. The details are the body of a +backup plan in JSON format, in addition to plan metadata. # Arguments - `backup_plan_id`: Uniquely identifies a backup plan. @@ -429,7 +449,8 @@ get_supported_resource_types(params::AbstractDict{String, Any}; aws_config::Abst list_backup_jobs() list_backup_jobs(params::Dict{String,<:Any}) -Returns a list of existing backup jobs for an authenticated account. +Returns a list of existing backup jobs for an authenticated account for the last 30 days. +For a longer period of time, consider using these monitoring tools. # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: @@ -779,7 +800,8 @@ start_backup_job(BackupVaultName, IamRoleArn, ResourceArn, params::AbstractDict{ start_copy_job(destination_backup_vault_arn, iam_role_arn, recovery_point_arn, source_backup_vault_name) start_copy_job(destination_backup_vault_arn, iam_role_arn, recovery_point_arn, source_backup_vault_name, params::Dict{String,<:Any}) -Starts a job to create a one-time copy of the specified resource. +Starts a job to create a one-time copy of the specified resource. Does not support +continuous backups. # Arguments - `destination_backup_vault_arn`: An Amazon Resource Name (ARN) that uniquely identifies a @@ -930,12 +952,13 @@ update_global_settings(params::AbstractDict{String, Any}; aws_config::AbstractAW Sets the transition lifecycle of a recovery point. The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and -expires backups automatically according to the lifecycle that you define. Backups +expires backups automatically according to the lifecycle that you define. Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. Therefore, the “expire after days” setting must be 90 days greater than the “transition to cold after days” setting. The “transition to cold after days” -setting cannot be changed after a backup has been transitioned to cold. Only Amazon EFS -file system backups can be transitioned to cold storage. +setting cannot be changed after a backup has been transitioned to cold. Only Amazon EFS +file system backups can be transitioned to cold storage. Does not support continuous +backups. # Arguments - `backup_vault_name`: The name of a logical container where backups are stored. Backup diff --git a/src/services/ssm.jl b/src/services/ssm.jl index 4276706cad..f68c543fc4 100644 --- a/src/services/ssm.jl +++ b/src/services/ssm.jl @@ -26,10 +26,14 @@ EC2 User Guide. # Arguments - `resource_id`: The resource ID you want to tag. Use the ID of the resource. Here are some examples: ManagedInstance: mi-012345abcde MaintenanceWindow: mw-012345abcde PatchBaseline: - pb-012345abcde For the Document and Parameter values, use the name of the resource. The - ManagedInstance type for this API action is only for on-premises managed instances. You - must specify the name of the managed instance in the following format: mi-ID_number. For - example, mi-1a2b3c4d5e6f. + pb-012345abcde OpsMetadata object: ResourceID for tagging is created from the Amazon + Resource Name (ARN) for the object. Specifically, ResourceID is created from the strings + that come after the word opsmetadata in the ARN. For example, an OpsMetadata object with an + ARN of arn:aws:ssm:us-east-2:1234567890:opsmetadata/aws/ssm/MyGroup/appmanager has a + ResourceID of either aws/ssm/MyGroup/appmanager or /aws/ssm/MyGroup/appmanager. For the + Document and Parameter values, use the name of the resource. The ManagedInstance type for + this API action is only for on-premises managed instances. You must specify the name of the + managed instance in the following format: mi-ID_number. For example, mi-1a2b3c4d5e6f. - `resource_type`: Specifies the type of resource you are tagging. The ManagedInstance type for this API action is for on-premises managed instances. You must specify the name of the managed instance in the following format: mi-ID_number. For example, mi-1a2b3c4d5e6f. @@ -408,6 +412,12 @@ action to specify information about the new application, including the applicati # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: - `"Metadata"`: Metadata for a new Application Manager application. +- `"Tags"`: Optional metadata that you assign to a resource. You can specify a maximum of + five tags for an OpsMetadata object. Tags enable you to categorize a resource in different + ways, such as by purpose, owner, or environment. For example, you might want to tag an + OpsMetadata object to identify an environment or target AWS Region. In this case, you could + specify the following key-value pairs: Key=Environment,Value=Production + Key=Region,Value=us-east-2 """ create_ops_metadata(ResourceId; aws_config::AbstractAWSConfig=global_aws_config()) = ssm("CreateOpsMetadata", Dict{String, Any}("ResourceId"=>ResourceId); aws_config=aws_config) create_ops_metadata(ResourceId, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = ssm("CreateOpsMetadata", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("ResourceId"=>ResourceId), params)); aws_config=aws_config) @@ -1488,9 +1498,11 @@ Returns detailed information about command execution for an invocation or plugin # Optional Parameters Optional parameters can be passed as a `params::Dict{String,<:Any}`. Valid keys are: -- `"PluginName"`: (Optional) The name of the plugin for which you want detailed results. If - the document contains only one plugin, the name can be omitted and the details will be - returned. Plugin names are also referred to as step names in Systems Manager documents. +- `"PluginName"`: The name of the plugin for which you want detailed results. If the + document contains only one plugin, you can omit the name and details for that plugin are + returned. If the document contains more than one plugin, you must specify the name of the + plugin for which you want to view details. Plugin names are also referred to as step names + in Systems Manager documents. For example, aws:RunShellScript is a plugin. """ get_command_invocation(CommandId, InstanceId; aws_config::AbstractAWSConfig=global_aws_config()) = ssm("GetCommandInvocation", Dict{String, Any}("CommandId"=>CommandId, "InstanceId"=>InstanceId); aws_config=aws_config) get_command_invocation(CommandId, InstanceId, params::AbstractDict{String, <:Any}; aws_config::AbstractAWSConfig=global_aws_config()) = ssm("GetCommandInvocation", Dict{String, Any}(mergewith(_merge, Dict{String, Any}("CommandId"=>CommandId, "InstanceId"=>InstanceId), params)); aws_config=aws_config) @@ -2590,10 +2602,14 @@ Removes tag keys from the specified resource. # Arguments - `resource_id`: The ID of the resource from which you want to remove tags. For example: ManagedInstance: mi-012345abcde MaintenanceWindow: mw-012345abcde PatchBaseline: - pb-012345abcde For the Document and Parameter values, use the name of the resource. The - ManagedInstance type for this API action is only for on-premises managed instances. Specify - the name of the managed instance in the following format: mi-ID_number. For example, - mi-1a2b3c4d5e6f. + pb-012345abcde OpsMetadata object: ResourceID for tagging is created from the Amazon + Resource Name (ARN) for the object. Specifically, ResourceID is created from the strings + that come after the word opsmetadata in the ARN. For example, an OpsMetadata object with an + ARN of arn:aws:ssm:us-east-2:1234567890:opsmetadata/aws/ssm/MyGroup/appmanager has a + ResourceID of either aws/ssm/MyGroup/appmanager or /aws/ssm/MyGroup/appmanager. For the + Document and Parameter values, use the name of the resource. The ManagedInstance type for + this API action is only for on-premises managed instances. Specify the name of the managed + instance in the following format: mi-ID_number. For example, mi-1a2b3c4d5e6f. - `resource_type`: The type of resource from which you want to remove a tag. The ManagedInstance type for this API action is only for on-premises managed instances. Specify the name of the managed instance in the following format: mi-ID_number. For example,