You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
-Forward DNS queries from resolvers on your network to Route 53 Resolver
-DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers to easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. For more information, see How DNS Resolvers on Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
-Conditionally forward queries from a VPC to resolvers on your network
-You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. To forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward (such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. @@ -38,7 +33,6 @@ If a query matches multiple rules (example.com, acme.example.com), Resolver choo (acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see How Route 53 Resolver Forwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
-Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose whether to forward queries from your VPCs to your network (outbound queries), from your network to your VPCs (inbound queries), or both.
diff --git a/clients/client-route53resolver/src/Route53Resolver.ts b/clients/client-route53resolver/src/Route53Resolver.ts index 036336e6e429..045cd5b87007 100644 --- a/clients/client-route53resolver/src/Route53Resolver.ts +++ b/clients/client-route53resolver/src/Route53Resolver.ts @@ -320,32 +320,26 @@ import { Route53ResolverClient } from "./Route53ResolverClient"; * such as domain names for EC2 instances or Elastic Load Balancing load balancers. * Resolver performs recursive lookups against public name servers for all other domain * names. - * - *You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
- * - *+ *
You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
+ ** Forward DNS queries from resolvers on your network to Route 53 Resolver *
- * - *DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers + *
DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers * to easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. * For more information, see * How DNS Resolvers * on Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
- * - *+ *
* Conditionally forward queries from a VPC to resolvers on your network *
- * - *You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. + *
You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. * To forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward * (such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. * If a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match * (acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see * How Route 53 Resolver * Forwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
- * - *Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose + *
Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose * whether to forward queries from your VPCs to your network (outbound queries), from your * network to your VPCs (inbound queries), or both.
*/ @@ -385,7 +379,7 @@ export class Route53Resolver extends Route53ResolverClient { /** *Adds IP addresses to an inbound or an outbound Resolver endpoint. If you want to add more than one IP address,
* submit one AssociateResolverEndpointIpAddress request for each IP address.
To remove an IP address from an endpoint, see + *
To remove an IP address from an endpoint, see * DisassociateResolverEndpointIpAddress. *
*/ @@ -422,12 +416,10 @@ export class Route53Resolver extends Route53ResolverClient { *Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs
* that are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig
* request for each VPC.
The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.
*To remove a VPC from a query logging configuration, see + *
To remove a VPC from a query logging configuration, see * DisassociateResolverQueryLogConfig. *
*/ @@ -594,7 +586,7 @@ export class Route53Resolver extends Route53ResolverClient { /** *Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
- *An inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC * from your network.
@@ -637,11 +629,9 @@ export class Route53Resolver extends Route53ResolverClient { /** *Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. * Resolver can log queries only for VPCs that are in the same Region as the query logging configuration.
- * - *To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see
+ *
To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see
* AssociateResolverQueryLogConfig.
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts + *
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts * can then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all * VPCs that are associated with the configuration.
*/ @@ -806,7 +796,7 @@ export class Route53Resolver extends Route53ResolverClient { /** *Deletes a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound * Resolver endpoint:
- ** Inbound: DNS queries from your network are no longer routed @@ -851,11 +841,9 @@ export class Route53Resolver extends Route53ResolverClient { *
Deletes a query logging configuration. When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are * associated with the configuration. This also applies if the query logging configuration is shared with other Amazon Web Services accounts, and * the other accounts have associated VPCs with the shared configuration.
- * - *Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See + *
Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See * DisassociateResolverQueryLogConfig.
- * - *If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing + *
If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing * the configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs * that they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically * disassociated from the configuration.
@@ -958,7 +946,7 @@ export class Route53Resolver extends Route53ResolverClient { /** *Removes IP addresses from an inbound or an outbound Resolver endpoint. If you want to remove more than one IP address,
* submit one DisassociateResolverEndpointIpAddress request for each IP address.
To add an IP address to an endpoint, see + *
To add an IP address to an endpoint, see * AssociateResolverEndpointIpAddress. *
*/ @@ -995,13 +983,12 @@ export class Route53Resolver extends Route53ResolverClient { /** *Disassociates a VPC from a query logging configuration.
- * - *Before you can delete a query logging configuration, you must first disassociate all VPCs
+ * Before you can delete a query logging configuration, you must first disassociate all VPCs
* from the configuration. If you used Resource Access Manager (RAM) to share a
* query logging configuration with other accounts, VPCs can be disassociated from the
* configuration in the following ways: The accounts that you shared the configuration with can disassociate VPCs from the configuration. You can stop sharing the configuration.
+ *
*
Removes the association between a specified Resolver rule and a specified VPC.
- *If you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the
+ * If you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the
* domain name that you specified in the Resolver rule.
Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from + *
Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from * Amazon Virtual Private Cloud.
*/ public getResolverConfig( @@ -1540,16 +1527,16 @@ export class Route53Resolver extends Route53ResolverClient { * requirements: *It can optionally start with * (asterisk).
It can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain + *
With the exception of the optional starting asterisk, it must only contain
* the following characters: A-Z, a-z,
* 0-9, - (hyphen).
It must be from 1-255 characters in length.
- *It must be from 1-255 characters in length.
+ * *Retrieves the Resolver configurations that you have defined. - * Route 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs.
+ * Route 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs. */ public listResolverConfigs( args: ListResolverConfigsCommandInput, @@ -2359,7 +2346,7 @@ export class Route53Resolver extends Route53ResolverClient { } /** - *Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from + *
Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from * Amazon Virtual Private Cloud.
*/ public updateResolverConfig( @@ -2424,7 +2411,8 @@ export class Route53Resolver extends Route53ResolverClient { } /** - *Updates the name of an inbound or an outbound Resolver endpoint.
+ *Updates the name, or enpoint type for an inbound or an outbound Resolver endpoint. + * You can only update between IPV4 and DUALSTACK, IPV6 endpoint type can't be updated to other type.
*/ public updateResolverEndpoint( args: UpdateResolverEndpointCommandInput, diff --git a/clients/client-route53resolver/src/Route53ResolverClient.ts b/clients/client-route53resolver/src/Route53ResolverClient.ts index 311637fb6999..711fe12c92b2 100644 --- a/clients/client-route53resolver/src/Route53ResolverClient.ts +++ b/clients/client-route53resolver/src/Route53ResolverClient.ts @@ -555,32 +555,26 @@ export interface Route53ResolverClientResolvedConfig extends Route53ResolverClie * such as domain names for EC2 instances or Elastic Load Balancing load balancers. * Resolver performs recursive lookups against public name servers for all other domain * names. - * - *You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
- * - *+ *
You can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
+ ** Forward DNS queries from resolvers on your network to Route 53 Resolver *
- * - *DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers + *
DNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers * to easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. * For more information, see * How DNS Resolvers * on Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
- * - *+ *
* Conditionally forward queries from a VPC to resolvers on your network *
- * - *You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. + *
You can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. * To forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward * (such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. * If a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match * (acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see * How Route 53 Resolver * Forwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
- * - *Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose + *
Like Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose * whether to forward queries from your VPCs to your network (outbound queries), from your * network to your VPCs (inbound queries), or both.
*/ diff --git a/clients/client-route53resolver/src/commands/AssociateResolverEndpointIpAddressCommand.ts b/clients/client-route53resolver/src/commands/AssociateResolverEndpointIpAddressCommand.ts index 11f48668fe48..ef1cb2c8d3bf 100644 --- a/clients/client-route53resolver/src/commands/AssociateResolverEndpointIpAddressCommand.ts +++ b/clients/client-route53resolver/src/commands/AssociateResolverEndpointIpAddressCommand.ts @@ -39,7 +39,7 @@ export interface AssociateResolverEndpointIpAddressCommandOutput /** *Adds IP addresses to an inbound or an outbound Resolver endpoint. If you want to add more than one IP address,
* submit one AssociateResolverEndpointIpAddress request for each IP address.
To remove an IP address from an endpoint, see + *
To remove an IP address from an endpoint, see * DisassociateResolverEndpointIpAddress. *
* @example diff --git a/clients/client-route53resolver/src/commands/AssociateResolverQueryLogConfigCommand.ts b/clients/client-route53resolver/src/commands/AssociateResolverQueryLogConfigCommand.ts index e71406c66097..3cb4244bedce 100644 --- a/clients/client-route53resolver/src/commands/AssociateResolverQueryLogConfigCommand.ts +++ b/clients/client-route53resolver/src/commands/AssociateResolverQueryLogConfigCommand.ts @@ -40,12 +40,10 @@ export interface AssociateResolverQueryLogConfigCommandOutput *Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs
* that are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig
* request for each VPC.
The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.
*To remove a VPC from a query logging configuration, see + *
To remove a VPC from a query logging configuration, see * DisassociateResolverQueryLogConfig. *
* @example diff --git a/clients/client-route53resolver/src/commands/CreateResolverEndpointCommand.ts b/clients/client-route53resolver/src/commands/CreateResolverEndpointCommand.ts index 777f8f4f31d0..a55a3e1cc6d4 100644 --- a/clients/client-route53resolver/src/commands/CreateResolverEndpointCommand.ts +++ b/clients/client-route53resolver/src/commands/CreateResolverEndpointCommand.ts @@ -36,7 +36,7 @@ export interface CreateResolverEndpointCommandOutput extends CreateResolverEndpo /** *Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
- *An inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC * from your network.
diff --git a/clients/client-route53resolver/src/commands/CreateResolverQueryLogConfigCommand.ts b/clients/client-route53resolver/src/commands/CreateResolverQueryLogConfigCommand.ts index 5c3ea80ff800..78cb6fcfa7ba 100644 --- a/clients/client-route53resolver/src/commands/CreateResolverQueryLogConfigCommand.ts +++ b/clients/client-route53resolver/src/commands/CreateResolverQueryLogConfigCommand.ts @@ -39,11 +39,9 @@ export interface CreateResolverQueryLogConfigCommandOutput /** *Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. * Resolver can log queries only for VPCs that are in the same Region as the query logging configuration.
- * - *To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see
+ *
To specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see
* AssociateResolverQueryLogConfig.
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts + *
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts * can then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all * VPCs that are associated with the configuration.
* @example diff --git a/clients/client-route53resolver/src/commands/DeleteResolverEndpointCommand.ts b/clients/client-route53resolver/src/commands/DeleteResolverEndpointCommand.ts index 6e59b79ff889..3bb40085d6fe 100644 --- a/clients/client-route53resolver/src/commands/DeleteResolverEndpointCommand.ts +++ b/clients/client-route53resolver/src/commands/DeleteResolverEndpointCommand.ts @@ -37,7 +37,7 @@ export interface DeleteResolverEndpointCommandOutput extends DeleteResolverEndpo /** *Deletes a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound * Resolver endpoint:
- ** Inbound: DNS queries from your network are no longer routed diff --git a/clients/client-route53resolver/src/commands/DeleteResolverQueryLogConfigCommand.ts b/clients/client-route53resolver/src/commands/DeleteResolverQueryLogConfigCommand.ts index 3f98758ca57a..4559f4aa9c62 100644 --- a/clients/client-route53resolver/src/commands/DeleteResolverQueryLogConfigCommand.ts +++ b/clients/client-route53resolver/src/commands/DeleteResolverQueryLogConfigCommand.ts @@ -40,11 +40,9 @@ export interface DeleteResolverQueryLogConfigCommandOutput *
Deletes a query logging configuration. When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are * associated with the configuration. This also applies if the query logging configuration is shared with other Amazon Web Services accounts, and * the other accounts have associated VPCs with the shared configuration.
- * - *Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See + *
Before you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See * DisassociateResolverQueryLogConfig.
- * - *If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing + *
If you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing * the configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs * that they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically * disassociated from the configuration.
diff --git a/clients/client-route53resolver/src/commands/DisassociateResolverEndpointIpAddressCommand.ts b/clients/client-route53resolver/src/commands/DisassociateResolverEndpointIpAddressCommand.ts index dae20afd1489..7a79c39ebc5e 100644 --- a/clients/client-route53resolver/src/commands/DisassociateResolverEndpointIpAddressCommand.ts +++ b/clients/client-route53resolver/src/commands/DisassociateResolverEndpointIpAddressCommand.ts @@ -40,7 +40,7 @@ export interface DisassociateResolverEndpointIpAddressCommandOutput /** *Removes IP addresses from an inbound or an outbound Resolver endpoint. If you want to remove more than one IP address,
* submit one DisassociateResolverEndpointIpAddress request for each IP address.
To add an IP address to an endpoint, see + *
To add an IP address to an endpoint, see * AssociateResolverEndpointIpAddress. *
* @example diff --git a/clients/client-route53resolver/src/commands/DisassociateResolverQueryLogConfigCommand.ts b/clients/client-route53resolver/src/commands/DisassociateResolverQueryLogConfigCommand.ts index f739c91527fe..13bd042f0d6e 100644 --- a/clients/client-route53resolver/src/commands/DisassociateResolverQueryLogConfigCommand.ts +++ b/clients/client-route53resolver/src/commands/DisassociateResolverQueryLogConfigCommand.ts @@ -38,13 +38,12 @@ export interface DisassociateResolverQueryLogConfigCommandOutput /** *Disassociates a VPC from a query logging configuration.
- * - *Before you can delete a query logging configuration, you must first disassociate all VPCs
+ * Before you can delete a query logging configuration, you must first disassociate all VPCs
* from the configuration. If you used Resource Access Manager (RAM) to share a
* query logging configuration with other accounts, VPCs can be disassociated from the
* configuration in the following ways: The accounts that you shared the configuration with can disassociate VPCs from the configuration. You can stop sharing the configuration.
+ *
*
Removes the association between a specified Resolver rule and a specified VPC.
- *If you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the
+ * If you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the
* domain name that you specified in the Resolver rule.
Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from + *
Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from * Amazon Virtual Private Cloud.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-route53resolver/src/commands/ImportFirewallDomainsCommand.ts b/clients/client-route53resolver/src/commands/ImportFirewallDomainsCommand.ts index 45869ed42e32..e831e794ef16 100644 --- a/clients/client-route53resolver/src/commands/ImportFirewallDomainsCommand.ts +++ b/clients/client-route53resolver/src/commands/ImportFirewallDomainsCommand.ts @@ -40,16 +40,16 @@ export interface ImportFirewallDomainsCommandOutput extends ImportFirewallDomain * requirements: *It can optionally start with * (asterisk).
It can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain + *
With the exception of the optional starting asterisk, it must only contain
* the following characters: A-Z, a-z,
* 0-9, - (hyphen).
It must be from 1-255 characters in length.
- *It must be from 1-255 characters in length.
+ * *Retrieves the Resolver configurations that you have defined. - * Route 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs.
+ * Route 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs. * @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53resolver/src/commands/UpdateResolverConfigCommand.ts b/clients/client-route53resolver/src/commands/UpdateResolverConfigCommand.ts index 60295780fcf9..e937b2870f9e 100644 --- a/clients/client-route53resolver/src/commands/UpdateResolverConfigCommand.ts +++ b/clients/client-route53resolver/src/commands/UpdateResolverConfigCommand.ts @@ -35,7 +35,7 @@ export interface UpdateResolverConfigCommandInput extends UpdateResolverConfigRe export interface UpdateResolverConfigCommandOutput extends UpdateResolverConfigResponse, __MetadataBearer {} /** - *Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from + *
Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from * Amazon Virtual Private Cloud.
* @example * Use a bare-bones client and the command you need to make an API call. diff --git a/clients/client-route53resolver/src/commands/UpdateResolverEndpointCommand.ts b/clients/client-route53resolver/src/commands/UpdateResolverEndpointCommand.ts index c6eb6d9860ab..4343c95521fb 100644 --- a/clients/client-route53resolver/src/commands/UpdateResolverEndpointCommand.ts +++ b/clients/client-route53resolver/src/commands/UpdateResolverEndpointCommand.ts @@ -35,7 +35,8 @@ export interface UpdateResolverEndpointCommandInput extends UpdateResolverEndpoi export interface UpdateResolverEndpointCommandOutput extends UpdateResolverEndpointResponse, __MetadataBearer {} /** - *Updates the name of an inbound or an outbound Resolver endpoint.
+ *Updates the name, or enpoint type for an inbound or an outbound Resolver endpoint. + * You can only update between IPV4 and DUALSTACK, IPV6 endpoint type can't be updated to other type.
* @example * Use a bare-bones client and the command you need to make an API call. * ```javascript diff --git a/clients/client-route53resolver/src/endpoint/ruleset.ts b/clients/client-route53resolver/src/endpoint/ruleset.ts index 95ddaa1b5328..8a59c77e70dc 100644 --- a/clients/client-route53resolver/src/endpoint/ruleset.ts +++ b/clients/client-route53resolver/src/endpoint/ruleset.ts @@ -6,24 +6,25 @@ import { RuleSetObject } from "@aws-sdk/util-endpoints"; or see "smithy.rules#endpointRuleSet" in codegen/sdk-codegen/aws-models/route53resolver.json */ -const p="required", -q="fn", -r="argv", -s="ref"; -const a="PartitionResult", +const q="required", +r="fn", +s="argv", +t="ref"; +const a="isSet", b="tree", c="error", d="endpoint", -e={[p]:false,"type":"String"}, -f={[p]:true,"default":false,"type":"Boolean"}, -g={[s]:"Endpoint"}, -h={[q]:"booleanEquals",[r]:[{[s]:"UseFIPS"},true]}, -i={[q]:"booleanEquals",[r]:[{[s]:"UseDualStack"},true]}, -j={}, -k={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:a},"supportsFIPS"]}]}, -l={[q]:"booleanEquals",[r]:[true,{[q]:"getAttr",[r]:[{[s]:a},"supportsDualStack"]}]}, -m=[g], -n=[h], -o=[i]; -const _data={version:"1.0",parameters:{Region:e,UseDualStack:f,UseFIPS:f,Endpoint:e},rules:[{conditions:[{[q]:"aws.partition",[r]:[{[s]:"Region"}],assign:a}],type:b,rules:[{conditions:[{[q]:"isSet",[r]:m},{[q]:"parseURL",[r]:m,assign:"url"}],type:b,rules:[{conditions:n,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:c},{type:b,rules:[{conditions:o,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:c},{endpoint:{url:g,properties:j,headers:j},type:d}]}]},{conditions:[h,i],type:b,rules:[{conditions:[k,l],type:b,rules:[{endpoint:{url:"https://route53resolver-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:j,headers:j},type:d}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:c}]},{conditions:n,type:b,rules:[{conditions:[k],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://route53resolver-fips.{Region}.{PartitionResult#dnsSuffix}",properties:j,headers:j},type:d}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:c}]},{conditions:o,type:b,rules:[{conditions:[l],type:b,rules:[{endpoint:{url:"https://route53resolver.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:j,headers:j},type:d}]},{error:"DualStack is enabled but this partition does not support DualStack",type:c}]},{endpoint:{url:"https://route53resolver.{Region}.{PartitionResult#dnsSuffix}",properties:j,headers:j},type:d}]}]}; +e="PartitionResult", +f={[q]:false,"type":"String"}, +g={[q]:true,"default":false,"type":"Boolean"}, +h={[t]:"Endpoint"}, +i={[r]:"booleanEquals",[s]:[{[t]:"UseFIPS"},true]}, +j={[r]:"booleanEquals",[s]:[{[t]:"UseDualStack"},true]}, +k={}, +l={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:e},"supportsFIPS"]}]}, +m={[r]:"booleanEquals",[s]:[true,{[r]:"getAttr",[s]:[{[t]:e},"supportsDualStack"]}]}, +n=[i], +o=[j], +p=[{[t]:"Region"}]; +const _data={version:"1.0",parameters:{Region:f,UseDualStack:g,UseFIPS:g,Endpoint:f},rules:[{conditions:[{[r]:a,[s]:[h]}],type:b,rules:[{conditions:n,error:"Invalid Configuration: FIPS and custom endpoint are not supported",type:c},{type:b,rules:[{conditions:o,error:"Invalid Configuration: Dualstack and custom endpoint are not supported",type:c},{endpoint:{url:h,properties:k,headers:k},type:d}]}]},{type:b,rules:[{conditions:[{[r]:a,[s]:p}],type:b,rules:[{conditions:[{[r]:"aws.partition",[s]:p,assign:e}],type:b,rules:[{conditions:[i,j],type:b,rules:[{conditions:[l,m],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://route53resolver-fips.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"FIPS and DualStack are enabled, but this partition does not support one or both",type:c}]},{conditions:n,type:b,rules:[{conditions:[l],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://route53resolver-fips.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"FIPS is enabled but this partition does not support FIPS",type:c}]},{conditions:o,type:b,rules:[{conditions:[m],type:b,rules:[{type:b,rules:[{endpoint:{url:"https://route53resolver.{Region}.{PartitionResult#dualStackDnsSuffix}",properties:k,headers:k},type:d}]}]},{error:"DualStack is enabled but this partition does not support DualStack",type:c}]},{type:b,rules:[{endpoint:{url:"https://route53resolver.{Region}.{PartitionResult#dnsSuffix}",properties:k,headers:k},type:d}]}]}]},{error:"Invalid Configuration: Missing Region",type:c}]}]}; export const ruleSet: RuleSetObject = _data; diff --git a/clients/client-route53resolver/src/models/models_0.ts b/clients/client-route53resolver/src/models/models_0.ts index c9a016c28048..054d4ee5fc00 100644 --- a/clients/client-route53resolver/src/models/models_0.ts +++ b/clients/client-route53resolver/src/models/models_0.ts @@ -77,7 +77,7 @@ export interface AssociateFirewallRuleGroupRequest { *You must specify a unique priority for each rule group that you associate with a single VPC. * To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You * can change the priority setting for a rule group association after you create it.
- *The allowed values for Priority are between 100 and 9900.
The allowed values for Priority are between 100 and 9900.
The requested state transition isn't valid. For example, you can't delete a firewall + * domain list if it is in the process of being deleted, or you can't import domains into a + * domain list that is in the process of being deleted.
*/ export class ConflictException extends __BaseException { readonly name: "ConflictException" = "ConflictException"; @@ -303,7 +305,8 @@ export class ThrottlingException extends __BaseException { } /** - * + *You have provided an invalid command. Supported values are ADD,
+ * REMOVE, or REPLACE a domain.
The new IP address.
+ *The new IPv4 address.
*/ Ip?: string; + + /** + *+ * The new IPv6 address. + *
+ */ + Ipv6?: string; } export interface AssociateResolverEndpointIpAddressRequest { @@ -367,6 +377,12 @@ export enum ResolverEndpointDirection { Outbound = "OUTBOUND", } +export enum ResolverEndpointType { + DUALSTACK = "DUALSTACK", + IPV4 = "IPV4", + IPV6 = "IPV6", +} + export enum ResolverEndpointStatus { ActionNeeded = "ACTION_NEEDED", AutoRecovering = "AUTO_RECOVERING", @@ -381,7 +397,7 @@ export enum ResolverEndpointStatus { * CreateResolverEndpoint, * DeleteResolverEndpoint, * GetResolverEndpoint, - * ListResolverEndpoints, + * Updates the name, or ResolverEndpointType for an endpoint, * or * UpdateResolverEndpoint * request, a complex type that contains settings for an existing inbound or outbound Resolver endpoint. @@ -420,7 +436,7 @@ export interface ResolverEndpoint { /** *Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:
- *
* INBOUND: allows DNS queries to your VPC from your network
A code that specifies the current status of the Resolver endpoint. Valid values include the following:
- *
* CREATING: Resolver is creating and configuring one or more Amazon VPC network interfaces
@@ -474,7 +490,7 @@ export interface ResolverEndpoint {
* To resolve the problem, we recommend that you check each IP address that you associated with the endpoint. For each IP address
* that isn't available, add another IP address and then delete the IP address that isn't available. (An endpoint must always include
* at least two IP addresses.) A status of ACTION_NEEDED can have a variety of causes. Here are two common causes:
One or more of the network interfaces that are associated with the endpoint were deleted using Amazon VPC.
*The network interface couldn't be created for some reason that's outside the control of Resolver.
*
* DELETING: Resolver is deleting this endpoint and the associated network interfaces.
The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).
*/ ModificationTime?: string; + + /** + *+ * The Resolver endpoint IP address type. + *
+ */ + ResolverEndpointType?: ResolverEndpointType | string; } export interface AssociateResolverEndpointIpAddressResponse { @@ -595,10 +618,9 @@ export interface AssociateResolverQueryLogConfigRequest { /** *The ID of an Amazon VPC that you want this query logging configuration to log queries for.
- * - *The VPCs and the query logging configuration must be in the same Region.
- *The VPCs and the query logging configuration must be in the same Region.
+ *The status of the specified query logging association. Valid values include the following:
- *
* CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
If the value of Status is FAILED, the value of Error indicates the cause:
* DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
ACCESS_DENIED: Permissions don't allow sending logs to the destination.
* If the value of Status is a value other than FAILED, Error is null.
If the value of Status is a value other than FAILED, Error is null.
The IP address that you want to use for DNS queries.
+ *The IPv4 address that you want to use for DNS queries.
*/ Ip?: string; + + /** + *+ * The IPv6 address that you want to use for DNS queries. + *
+ */ + Ipv6?: string; } export interface CreateResolverEndpointRequest { @@ -1247,7 +1277,7 @@ export interface CreateResolverEndpointRequest { /** *Specify the applicable value:
- *
* INBOUND: Resolver forwards DNS queries to the DNS service for a VPC from your network
A list of the tag keys and values that you want to associate with the endpoint.
*/ Tags?: Tag[]; + + /** + *+ * For the endpoint type you can choose either IPv4, IPv6. or dual-stack. + * A dual-stack endpoint means that it will resolve via both IPv4 and IPv6. This + * endpoint type is applied to all IP addresses. + *
+ */ + ResolverEndpointType?: ResolverEndpointType | string; } export interface CreateResolverEndpointResponse { @@ -1288,33 +1327,32 @@ export interface CreateResolverQueryLogConfigRequest { /** *The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group, * or a Kinesis Data Firehose delivery stream. Examples of valid values include the following:
- * - *+ *
* S3 bucket:
- *+ *
* arn:aws:s3:::examplebucket
*
You can optionally append a file prefix to the end of the ARN.
- *+ *
You can optionally append a file prefix to the end of the ARN.
+ *
* arn:aws:s3:::examplebucket/development/
*
+ *
* CloudWatch Logs log group:
- *+ *
* arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*
*
+ *
* Kinesis Data Firehose delivery stream:
- *+ *
* arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name
*
The status of the specified query logging configuration. Valid values include the following:
- *
* CREATING: Resolver is creating the query logging configuration.
* FAILED: Resolver can't deliver logs to the location that is specified in the query logging configuration.
* Here are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
*Permissions don't allow sending logs to the destination.
*One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.
+ *One IPv4 address that you want to forward DNS queries to.
*/ - Ip: string | undefined; + Ip?: string; /** *The port at Ip that you want to forward DNS queries to.
+ * One IPv6 address that you want to forward DNS queries to. + *
+ */ + Ipv6?: string; } export interface CreateResolverRuleRequest { @@ -1477,12 +1522,12 @@ export interface CreateResolverRuleRequest { /** *When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for + *
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for
* a subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
+ *
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
* for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify
* SYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
The IPs that you want Resolver to forward DNS queries to. You can specify only IPv4 addresses. Separate IP addresses with a space.
- *+ *
* TargetIps is available only when the value of Rule type is FORWARD.
When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for + *
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for
* a subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
+ *
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
* for RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify
* SYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
To filter objects, such as Resolver endpoints or Resolver rules, you specify Name and Values. For example,
+ *
To filter objects, such as Resolver endpoints or Resolver rules, you specify Name and Values. For example,
* to list only inbound Resolver endpoints, specify Direction for Name and specify INBOUND for Values.
The name of the parameter that you want to use to filter objects.
- *The valid values for Name depend on the action that you're including the filter in,
+ *
The valid values for Name depend on the action that you're including the filter in,
* ListResolverEndpoints,
* ListResolverRules,
* ListResolverRuleAssociations,
* ListResolverQueryLogConfigs,
* or
* ListResolverQueryLogConfigAssociations.
In early versions of Resolver, values for In early versions of Resolver, values for Name were listed as uppercase, with underscore (_) delimiters. For example,
+ * Name were listed as uppercase, with underscore (_) delimiters. For example,
* CreatorRequestId was originally listed as CREATOR_REQUEST_ID. Uppercase values for Name are still supported.
+ *
* ListResolverEndpoints *
- *Valid values for Name include the following:
Valid values for Name include the following:
* CreatorRequestId: The value that you specified when you created the Resolver endpoint.
+ *
* ListResolverRules *
- *Valid values for Name include the following:
Valid values for Name include the following:
* CreatorRequestId: The value that you specified when you created the Resolver rule.
DomainName: The domain name for which Resolver is forwarding DNS queries to your network. In the value that
* you specify for Values, include a trailing dot (.) after the domain name. For example, if the domain name is example.com,
* specify the following value. Note the "." after com:
- * + *
* example.com.
*
* Name: The name of the Resolver rule.
* ResolverEndpointId: The ID of the Resolver endpoint that the Resolver rule is associated with.
You can filter on the Resolver endpoint only for rules that have a value of FORWARD for
* RuleType.
* Status: The status of the Resolver rule. If you specify Status for Name,
@@ -1923,12 +1965,11 @@ export interface Filter {
* for Name, specify FORWARD or SYSTEM for Values.
+ *
* ListResolverRuleAssociations *
- *Valid values for Name include the following:
Valid values for Name include the following:
* Name: The name of the Resolver rule association.
Status: The status of the Resolver rule association. If you specify Status for Name,
* specify one of the following status codes for Values: CREATING, COMPLETE, DELETING, or
* FAILED.
- *
* VPCId: The ID of the VPC that the Resolver rule is associated with.
+ *
* ListResolverQueryLogConfigs *
- *Valid values for Name include the following:
Valid values for Name include the following:
* Arn: The ARN for the query logging configuration.
* Destination: The Amazon Web Services service that you want to forward query logs to. Valid values include the following:
* S3
@@ -1991,7 +2031,7 @@ export interface Filter {
*
* DestinationArn: The ARN of the location that Resolver is sending query logs to. This value can be the ARN for an
@@ -2022,14 +2062,13 @@ export interface Filter {
* DELETING, or FAILED. For more information, see
* Status.
*
+ *
* ListResolverQueryLogConfigAssociations *
- *Valid values for Name include the following:
Valid values for Name include the following:
* CreationTime: The date and time that the VPC was associated with the query logging configuration, in Unix time format and
@@ -2059,7 +2098,7 @@ export interface Filter {
* DELETING, or FAILED. For more information, see
* Status.
*
The status of whether or not the Resolver will create autodefined rules for reverse DNS * lookups. This is enabled by default. The status can be one of following:
- *Status of the rules generated by VPCs based on CIDR/Region for reverse DNS resolution. The - * status can be one of following:
- * - ** ENABLING: Autodefined rules for reverse DNS lookups are being @@ -2337,7 +2376,7 @@ export interface ResolverConfig { export interface GetResolverConfigResponse { /** - *
Information about the behavior configuration of Route 53 Resolver behavior for the VPC you + *
Information about the behavior configuration of Route 53 Resolver behavior for the VPC you
* specified in the GetResolverConfig request.
The validation status for a DNSSEC configuration. The status can be one of the following:
- ** ENABLING: DNSSEC validation is being enabled but is not complete.
@@ -2559,7 +2600,7 @@ export interface ImportFirewallDomainsResponse { Name?: string; /** - *+ *
Status of the import request.
*/ Status?: FirewallDomainListStatus | string; @@ -2643,6 +2684,7 @@ export enum IpAddressStatus { FailedResourceGone = "FAILED_RESOURCE_GONE", RemapAttaching = "REMAP_ATTACHING", RemapDetaching = "REMAP_DETACHING", + Updating = "UPDATING", } /** @@ -2662,10 +2704,17 @@ export interface IpAddressResponse { SubnetId?: string; /** - *One IP address that the Resolver endpoint uses for DNS queries.
+ *One IPv4 address that the Resolver endpoint uses for DNS queries.
*/ Ip?: string; + /** + *+ * One IPv6 address that the Resolver endpoint uses for DNS queries. + *
+ */ + Ipv6?: string; + /** *A status code that gives the current status of the request.
*/ @@ -2960,8 +3009,8 @@ export interface ListResolverConfigsRequest { /** *(Optional) If the current Amazon Web Services account has more than MaxResults Resolver configurations, use
* NextToken to get the second and subsequent pages of results.
For the first ListResolverConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and
+ *
For the first ListResolverConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and
* specify that value for NextToken in the request.
If a response includes the last of the Resolver configurations that are associated with the current Amazon Web Services account,
* NextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another + *
If a response doesn't include the last of the configurations, you can get more configurations by submitting another
* ListResolverConfigs request.
- * Get the value of NextToken that Amazon Route 53
- * returned in the previous response and include it in
+ * Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in
* NextToken in the next request.
(Optional) If the current Amazon Web Services account has more than MaxResults DNSSEC configurations, use NextToken
* to get the second and subsequent pages of results.
For the first ListResolverDnssecConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and specify that value
+ *
For the first ListResolverDnssecConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and specify that value
* for NextToken in the request.
If a response includes the last of the DNSSEC configurations that are associated with the current Amazon Web Services account,
* NextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another + *
If a response doesn't include the last of the configurations, you can get more configurations by submitting another
* ListResolverDnssecConfigs
* request. Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in
* NextToken in the next request.
For the first ListResolverEndpointIpAddresses request, omit this value.
If the specified Resolver endpoint has more than MaxResults IP addresses, you can submit another
+ *
If the specified Resolver endpoint has more than MaxResults IP addresses, you can submit another
* ListResolverEndpointIpAddresses request to get the next group of IP addresses. In the next request, specify the value of
* NextToken from the previous response.
For the first ListResolverEndpoints request, omit this value.
If you have more than MaxResults Resolver endpoints, you can submit another ListResolverEndpoints request
+ *
If you have more than MaxResults Resolver endpoints, you can submit another ListResolverEndpoints request
* to get the next group of Resolver endpoints. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver endpoints, such as all inbound Resolver endpoints.
- *If you submit a second or subsequent ListResolverEndpoints request and specify the NextToken parameter,
* you must use the same values for Filters, if any, as in the previous request.
For the first ListResolverQueryLogConfigAssociations request, omit this value.
If there are more than MaxResults query logging associations that match the values that you specify for Filters,
+ *
If there are more than MaxResults query logging associations that match the values that you specify for Filters,
* you can submit another ListResolverQueryLogConfigAssociations request to get the next group of associations. In the next request, specify the value of
* NextToken from the previous response.
An optional specification to return a subset of query logging associations.
- *If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
* you must use the same values for Filters, if any, as in the previous request.
The element that you want Resolver to sort query logging associations by.
- *If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
* you must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
- *Valid values include the following elements:
+ *
* CreationTime: The ID of the query logging association.
* Error: If the value of Status is FAILED, the value of Error
* indicates the cause:
* DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
ACCESS_DENIED: Permissions don't allow sending logs to the destination.
* If Status is a value other than FAILED, ERROR is null.
If Status is a value other than FAILED, ERROR is null.
* Id: The ID of the query logging association
* Status: The current status of the configuration. Valid values include the following:
* CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
* FAILED: Resolver either couldn't create or couldn't delete the query logging association.
* Here are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
*Permissions don't allow sending logs to the destination.
*If you specified a value for SortBy, the order that you want query logging associations to be listed in,
* ASCENDING or DESCENDING.
If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigAssociations request and specify the NextToken parameter,
* you must use the same value for SortOrder, if any, as in the previous request.
For the first ListResolverQueryLogConfigs request, omit this value.
If there are more than MaxResults query logging configurations that match the values that you specify for Filters,
+ *
If there are more than MaxResults query logging configurations that match the values that you specify for Filters,
* you can submit another ListResolverQueryLogConfigs request to get the next group of configurations. In the next request, specify the value of
* NextToken from the previous response.
An optional specification to return a subset of query logging configurations.
- *If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigs request and specify the NextToken parameter,
* you must use the same values for Filters, if any, as in the previous request.
The element that you want Resolver to sort query logging configurations by.
- *If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigs request and specify the NextToken parameter,
* you must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
- *Valid values include the following elements:
+ *
* Arn: The ARN of the query logging configuration
* Status: The current status of the configuration. Valid values include the following:
* CREATING: Resolver is creating the query logging configuration.
* FAILED: Resolver either couldn't create or couldn't delete the query logging configuration.
* Here are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
*Permissions don't allow sending logs to the destination.
*If you specified a value for SortBy, the order that you want query logging configurations to be listed in,
* ASCENDING or DESCENDING.
If you submit a second or subsequent If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter,
+ * ListResolverQueryLogConfigs request and specify the NextToken parameter,
* you must use the same value for SortOrder, if any, as in the previous request.
For the first ListResolverRuleAssociation request, omit this value.
If you have more than MaxResults rule associations, you can submit another ListResolverRuleAssociation request
+ *
If you have more than MaxResults rule associations, you can submit another ListResolverRuleAssociation request
* to get the next group of rule associations. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver rules, such as Resolver rules that are associated with the same VPC ID.
- *If you submit a second or subsequent ListResolverRuleAssociations request and specify the NextToken parameter,
* you must use the same values for Filters, if any, as in the previous request.
For the first ListResolverRules request, omit this value.
If you have more than MaxResults Resolver rules, you can submit another ListResolverRules request
+ *
If you have more than MaxResults Resolver rules, you can submit another ListResolverRules request
* to get the next group of Resolver rules. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver rules, such as all Resolver rules that are associated with the same Resolver endpoint.
- *If you submit a second or subsequent ListResolverRules request and specify the NextToken parameter,
* you must use the same values for Filters, if any, as in the previous request.
For the first ListTagsForResource request, omit this value.
If you have more than MaxResults tags, you can submit another ListTagsForResource request
+ *
If you have more than MaxResults tags, you can submit another ListTagsForResource request
* to get the next group of tags for the resource. In the next request, specify the value of NextToken from the previous response.
An Identity and Access Management policy statement that lists the query logging configurations that you want to share with another Amazon Web Services account
* and the operations that you want the account to be able to perform. You can specify the following operations in the Actions section
* of the statement:
* route53resolver:AssociateResolverQueryLogConfig
@@ -3575,8 +3619,7 @@ export interface PutResolverQueryLogConfigPolicyRequest {
*
In the Resource section of the statement, you specify the ARNs for the query logging configurations that you want to share
+ *
In the Resource section of the statement, you specify the ARNs for the query logging configurations that you want to share
* with the account that you specified in Arn.
An Identity and Access Management policy statement that lists the rules that you want to share with another Amazon Web Services account and the operations that you want the account
* to be able to perform. You can specify the following operations in the Action section of the statement:
* route53resolver:GetResolverRule
@@ -3628,8 +3671,7 @@ export interface PutResolverRulePolicyRequest {
*
In the Resource section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN
+ *
In the Resource section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN
* that you specified in Arn.
The Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable
* Get or List command:
+ *
- *+ *
* GetResolverRule *
- *+ *
- *+ *
- *+ *
- *+ *
- *The Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable
* Get or List command:
+ *
- *+ *
* GetResolverRule *
- *+ *
- *+ *
- *+ *
- *+ *
- *A list of domains to use in the update operation.
+ *There is a limit of 1000 domains per request.
+ *Each domain specification in your domain list must satisfy the following * requirements:
*It can optionally start with * (asterisk).
It can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain + *
With the exception of the optional starting asterisk, it must only contain
* the following characters: A-Z, a-z,
* 0-9, - (hyphen).
It must be from 1-255 characters in length.
- *It must be from 1-255 characters in length.
+ * *+ *
Status of the UpdateFirewallDomains request.
We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the + * Amazon EC2 guide and the blog EC2-Classic Networking is Retiring – Here’s How to Prepare.
+ *It can take some time for the status change to be completed.
*+ * Provides information about the IP address type in response to UpdateResolverEndpoint. + *
+ */ +export interface UpdateIpAddress { + /** + * The ID of the IP address, specified by the ResolverEndpointId.
+ * The IPv6 address that you want to use for DNS queries. + *
+ */ + Ipv6: string | undefined; +} + export interface UpdateResolverEndpointRequest { /** *The ID of the Resolver endpoint that you want to update.
@@ -4041,6 +4110,20 @@ export interface UpdateResolverEndpointRequest { *The name of the Resolver endpoint that you want to update.
*/ Name?: string; + + /** + *+ * Specifies the endpoint type for what type of IP address the endpoint uses to forward DNS queries. + *
+ */ + ResolverEndpointType?: ResolverEndpointType | string; + + /** + *+ * Updates the Resolver endpoint type to IpV4, Ipv6, or dual-stack. + *
+ */ + UpdateIpAddresses?: UpdateIpAddress[]; } export interface UpdateResolverEndpointResponse { @@ -5136,6 +5219,13 @@ export const UpdateResolverDnssecConfigResponseFilterSensitiveLog = (obj: Update ...obj, }); +/** + * @internal + */ +export const UpdateIpAddressFilterSensitiveLog = (obj: UpdateIpAddress): any => ({ + ...obj, +}); + /** * @internal */ diff --git a/clients/client-route53resolver/src/protocols/Aws_json1_1.ts b/clients/client-route53resolver/src/protocols/Aws_json1_1.ts index 2a1030c34a98..ef021328490b 100644 --- a/clients/client-route53resolver/src/protocols/Aws_json1_1.ts +++ b/clients/client-route53resolver/src/protocols/Aws_json1_1.ts @@ -383,6 +383,7 @@ import { UpdateFirewallRuleGroupAssociationResponse, UpdateFirewallRuleRequest, UpdateFirewallRuleResponse, + UpdateIpAddress, UpdateResolverConfigRequest, UpdateResolverConfigResponse, UpdateResolverDnssecConfigRequest, @@ -2638,6 +2639,9 @@ const deserializeAws_json1_1GetResolverConfigCommandError = async ( case "ThrottlingException": case "com.amazonaws.route53resolver#ThrottlingException": throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.route53resolver#ValidationException": + throw await deserializeAws_json1_1ValidationExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -3047,6 +3051,9 @@ const deserializeAws_json1_1GetResolverRulePolicyCommandError = async ( }; const errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.route53resolver#AccessDeniedException": + throw await deserializeAws_json1_1AccessDeniedExceptionResponse(parsedOutput, context); case "InternalServiceErrorException": case "com.amazonaws.route53resolver#InternalServiceErrorException": throw await deserializeAws_json1_1InternalServiceErrorExceptionResponse(parsedOutput, context); @@ -3477,6 +3484,9 @@ const deserializeAws_json1_1ListResolverConfigsCommandError = async ( case "ThrottlingException": case "com.amazonaws.route53resolver#ThrottlingException": throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.route53resolver#ValidationException": + throw await deserializeAws_json1_1ValidationExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -4060,6 +4070,9 @@ const deserializeAws_json1_1PutResolverRulePolicyCommandError = async ( }; const errorCode = loadRestJsonErrorCode(output, parsedOutput.body); switch (errorCode) { + case "AccessDeniedException": + case "com.amazonaws.route53resolver#AccessDeniedException": + throw await deserializeAws_json1_1AccessDeniedExceptionResponse(parsedOutput, context); case "InternalServiceErrorException": case "com.amazonaws.route53resolver#InternalServiceErrorException": throw await deserializeAws_json1_1InternalServiceErrorExceptionResponse(parsedOutput, context); @@ -4470,6 +4483,9 @@ const deserializeAws_json1_1UpdateResolverConfigCommandError = async ( case "ThrottlingException": case "com.amazonaws.route53resolver#ThrottlingException": throw await deserializeAws_json1_1ThrottlingExceptionResponse(parsedOutput, context); + case "ValidationException": + case "com.amazonaws.route53resolver#ValidationException": + throw await deserializeAws_json1_1ValidationExceptionResponse(parsedOutput, context); default: const parsedBody = parsedOutput.body; throwDefaultError({ @@ -4954,6 +4970,7 @@ const serializeAws_json1_1CreateResolverEndpointRequest = ( IpAddresses: serializeAws_json1_1IpAddressesRequest(input.IpAddresses, context), }), ...(input.Name != null && { Name: input.Name }), + ...(input.ResolverEndpointType != null && { ResolverEndpointType: input.ResolverEndpointType }), ...(input.SecurityGroupIds != null && { SecurityGroupIds: serializeAws_json1_1SecurityGroupIds(input.SecurityGroupIds, context), }), @@ -5264,6 +5281,7 @@ const serializeAws_json1_1IpAddressesRequest = (input: IpAddressRequest[], conte const serializeAws_json1_1IpAddressRequest = (input: IpAddressRequest, context: __SerdeContext): any => { return { ...(input.Ip != null && { Ip: input.Ip }), + ...(input.Ipv6 != null && { Ipv6: input.Ipv6 }), ...(input.SubnetId != null && { SubnetId: input.SubnetId }), }; }; @@ -5272,6 +5290,7 @@ const serializeAws_json1_1IpAddressUpdate = (input: IpAddressUpdate, context: __ return { ...(input.Ip != null && { Ip: input.Ip }), ...(input.IpId != null && { IpId: input.IpId }), + ...(input.Ipv6 != null && { Ipv6: input.Ipv6 }), ...(input.SubnetId != null && { SubnetId: input.SubnetId }), }; }; @@ -5527,6 +5546,7 @@ const serializeAws_json1_1TagResourceRequest = (input: TagResourceRequest, conte const serializeAws_json1_1TargetAddress = (input: TargetAddress, context: __SerdeContext): any => { return { ...(input.Ip != null && { Ip: input.Ip }), + ...(input.Ipv6 != null && { Ipv6: input.Ipv6 }), ...(input.Port != null && { Port: input.Port }), }; }; @@ -5598,6 +5618,21 @@ const serializeAws_json1_1UpdateFirewallRuleRequest = ( }; }; +const serializeAws_json1_1UpdateIpAddress = (input: UpdateIpAddress, context: __SerdeContext): any => { + return { + ...(input.IpId != null && { IpId: input.IpId }), + ...(input.Ipv6 != null && { Ipv6: input.Ipv6 }), + }; +}; + +const serializeAws_json1_1UpdateIpAddresses = (input: UpdateIpAddress[], context: __SerdeContext): any => { + return input + .filter((e: any) => e != null) + .map((entry) => { + return serializeAws_json1_1UpdateIpAddress(entry, context); + }); +}; + const serializeAws_json1_1UpdateResolverConfigRequest = ( input: UpdateResolverConfigRequest, context: __SerdeContext @@ -5625,6 +5660,10 @@ const serializeAws_json1_1UpdateResolverEndpointRequest = ( return { ...(input.Name != null && { Name: input.Name }), ...(input.ResolverEndpointId != null && { ResolverEndpointId: input.ResolverEndpointId }), + ...(input.ResolverEndpointType != null && { ResolverEndpointType: input.ResolverEndpointType }), + ...(input.UpdateIpAddresses != null && { + UpdateIpAddresses: serializeAws_json1_1UpdateIpAddresses(input.UpdateIpAddresses, context), + }), }; }; @@ -6299,6 +6338,7 @@ const deserializeAws_json1_1IpAddressResponse = (output: any, context: __SerdeCo CreationTime: __expectString(output.CreationTime), Ip: __expectString(output.Ip), IpId: __expectString(output.IpId), + Ipv6: __expectString(output.Ipv6), ModificationTime: __expectString(output.ModificationTime), Status: __expectString(output.Status), StatusMessage: __expectString(output.StatusMessage), @@ -6590,6 +6630,7 @@ const deserializeAws_json1_1ResolverEndpoint = (output: any, context: __SerdeCon IpAddressCount: __expectInt32(output.IpAddressCount), ModificationTime: __expectString(output.ModificationTime), Name: __expectString(output.Name), + ResolverEndpointType: __expectString(output.ResolverEndpointType), SecurityGroupIds: output.SecurityGroupIds != null ? deserializeAws_json1_1SecurityGroupIds(output.SecurityGroupIds, context) @@ -6806,6 +6847,7 @@ const deserializeAws_json1_1TagResourceResponse = (output: any, context: __Serde const deserializeAws_json1_1TargetAddress = (output: any, context: __SerdeContext): TargetAddress => { return { Ip: __expectString(output.Ip), + Ipv6: __expectString(output.Ipv6), Port: __expectInt32(output.Port), } as any; }; diff --git a/codegen/sdk-codegen/aws-models/route53resolver.json b/codegen/sdk-codegen/aws-models/route53resolver.json index 4edef3c4b2ff..e1e7bbed8a32 100644 --- a/codegen/sdk-codegen/aws-models/route53resolver.json +++ b/codegen/sdk-codegen/aws-models/route53resolver.json @@ -51,22 +51,26 @@ } }, "com.amazonaws.route53resolver#Action": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "ALLOW", - "name": "ALLOW" - }, - { - "value": "BLOCK", - "name": "BLOCK" - }, - { - "value": "ALERT", - "name": "ALERT" + "type": "enum", + "members": { + "ALLOW": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ALLOW" + } + }, + "BLOCK": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "BLOCK" + } + }, + "ALERT": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ALERT" } - ] + } } }, "com.amazonaws.route53resolver#Arn": { @@ -141,7 +145,7 @@ "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { - "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule\n\t\t\tgroups that you associate with the specified VPC. DNS Firewall filters VPC traffic\n\t\t\tstarting from the rule group with the lowest numeric priority setting.
\nYou must specify a unique priority for each rule group that you associate with a single VPC. \n To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You \n can change the priority setting for a rule group association after you create it.
\n \tThe allowed values for Priority are between 100 and 9900.
The setting that determines the processing order of the rule group among the rule\n\t\t\tgroups that you associate with the specified VPC. DNS Firewall filters VPC traffic\n\t\t\tstarting from the rule group with the lowest numeric priority setting.
\nYou must specify a unique priority for each rule group that you associate with a single VPC. \n To make it easier to insert rule groups later, leave space between the numbers, for example, use 101, 200, and so on. You \n can change the priority setting for a rule group association after you create it.
\nThe allowed values for Priority are between 100 and 9900.
A list of the tag keys and values that you want to associate with the rule group association.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#AssociateFirewallRuleGroupResponse": { @@ -175,6 +182,9 @@ "smithy.api#documentation": "The association that you just created. The association has an ID that you can use to\n\t\t\tidentify it in other requests, like update and delete.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddress": { @@ -209,7 +219,7 @@ } ], "traits": { - "smithy.api#documentation": "Adds IP addresses to an inbound or an outbound Resolver endpoint. If you want to add more than one IP address, \n\t\t\tsubmit one AssociateResolverEndpointIpAddress request for each IP address.
To remove an IP address from an endpoint, see \n\t\t\tDisassociateResolverEndpointIpAddress.\n\t\t
" + "smithy.api#documentation": "Adds IP addresses to an inbound or an outbound Resolver endpoint. If you want to add more than one IP address, \n\t\t\tsubmit one AssociateResolverEndpointIpAddress request for each IP address.
To remove an IP address from an endpoint, see \n\t\t\tDisassociateResolverEndpointIpAddress.\n\t\t
" } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressRequest": { @@ -229,6 +239,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressResponse": { @@ -240,6 +253,9 @@ "smithy.api#documentation": "The response to an AssociateResolverEndpointIpAddress request.
Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs \n\t\t\tthat are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig \n\t\t\trequest for each VPC.
The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.
\nTo remove a VPC from a query logging configuration, see \n\t\t\tDisassociateResolverQueryLogConfig.\n\t\t\t
" + "smithy.api#documentation": "Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs \n\t\t\tthat are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig \n\t\t\trequest for each VPC.
The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.
\nTo remove a VPC from a query logging configuration, see \n\t\t\tDisassociateResolverQueryLogConfig.\n\t\t\t
" } }, "com.amazonaws.route53resolver#AssociateResolverQueryLogConfigRequest": { @@ -293,10 +309,13 @@ "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { - "smithy.api#documentation": "The ID of an Amazon VPC that you want this query logging configuration to log queries for.
\n\t\t\n\t\tThe VPCs and the query logging configuration must be in the same Region.
\n\t\tThe ID of an Amazon VPC that you want this query logging configuration to log queries for.
\nThe VPCs and the query logging configuration must be in the same Region.
\nA complex type that contains settings for a specified association between an Amazon VPC and a query logging configuration.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#AssociateResolverRule": { @@ -371,6 +393,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#AssociateResolverRuleResponse": { @@ -382,32 +407,43 @@ "smithy.api#documentation": "Information about the AssociateResolverRule request, including the status of the request.
The requested state transition isn't valid. For example, you can't delete a firewall\n\t\t\tdomain list if it is in the process of being deleted, or you can't import domains into a\n\t\t\tdomain list that is in the process of being deleted.
", "smithy.api#error": "client" } }, @@ -524,6 +564,9 @@ "smithy.api#documentation": "A list of the tag keys and values that you want to associate with the domain list.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#CreateFirewallDomainListResponse": { @@ -535,6 +578,9 @@ "smithy.api#documentation": "The\n\t\t\tdomain list that you just created.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#CreateFirewallRule": { @@ -622,6 +668,9 @@ "smithy.api#documentation": "A list of the tag keys and values that you want to associate with the rule group.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#CreateFirewallRuleGroupResponse": { @@ -633,6 +682,9 @@ "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#CreateFirewallRuleRequest": { @@ -670,14 +722,14 @@ "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { - "smithy.api#documentation": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request and send metrics and logs to Cloud Watch.
\n BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request and send metrics and logs to Cloud Watch.
\n BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
The way that you want DNS Firewall to block the request, used with the rule action\n\t\t\tsetting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
This setting is required if the rule action setting is BLOCK.
The way that you want DNS Firewall to block the request, used with the rule action\n\t\t\tsetting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
This setting is required if the rule action setting is BLOCK.
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
This setting is required if the BlockResponse setting is OVERRIDE.
The\n\t\t\tfirewall rule that you just created.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#CreateResolverEndpoint": { @@ -751,7 +808,7 @@ } ], "traits": { - "smithy.api#documentation": "Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
\n\t\tAn inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC \n\t\t\t\tfrom your network.
\nAn outbound Resolver endpoint forwards DNS queries from the DNS service for a VPC \n\t\t\t\tto your network.
\nCreates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
\nAn inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC \n\t\t\t\tfrom your network.
\nAn outbound Resolver endpoint forwards DNS queries from the DNS service for a VPC \n\t\t\t\tto your network.
\nSpecify the applicable value:
\n\t\t\n INBOUND: Resolver forwards DNS queries to the DNS service for a VPC from your network
\n OUTBOUND: Resolver forwards DNS queries from the DNS service for a VPC to your network
Specify the applicable value:
\n\n INBOUND: Resolver forwards DNS queries to the DNS service for a VPC from your network
\n OUTBOUND: Resolver forwards DNS queries from the DNS service for a VPC to your network
A list of the tag keys and values that you want to associate with the endpoint.
" } + }, + "ResolverEndpointType": { + "target": "com.amazonaws.route53resolver#ResolverEndpointType", + "traits": { + "smithy.api#documentation": "\n\t\t\tFor the endpoint type you can choose either IPv4, IPv6. or dual-stack.\n\t\t\tA dual-stack endpoint means that it will resolve via both IPv4 and IPv6. This\n\t\t\tendpoint type is applied to all IP addresses.\n\t\t
" + } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#CreateResolverEndpointResponse": { @@ -808,6 +874,9 @@ "smithy.api#documentation": "Information about the CreateResolverEndpoint request, including the status of the request.
Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. \n\t\t\tResolver can log queries only for VPCs that are in the same Region as the query logging configuration.
\n\t\t\n\t\tTo specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see \n\t\t\tAssociateResolverQueryLogConfig.
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts \n\t\t\tcan then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all \n\t\t\tVPCs that are associated with the configuration.
" + "smithy.api#documentation": "Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. \n\t\t\tResolver can log queries only for VPCs that are in the same Region as the query logging configuration.
\nTo specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig. For more information, see \n\t\t\tAssociateResolverQueryLogConfig.
You can optionally use Resource Access Manager (RAM) to share a query logging configuration with other Amazon Web Services accounts. The other accounts \n\t\t\tcan then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all \n\t\t\tVPCs that are associated with the configuration.
" } }, "com.amazonaws.route53resolver#CreateResolverQueryLogConfigRequest": { @@ -861,7 +930,7 @@ "DestinationArn": { "target": "com.amazonaws.route53resolver#DestinationArn", "traits": { - "smithy.api#documentation": "The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group, \n\t\t\tor a Kinesis Data Firehose delivery stream. Examples of valid values include the following:
\n\t\t\n\t\t\n S3 bucket:
\n\t\t\t\t\n arn:aws:s3:::examplebucket\n
You can optionally append a file prefix to the end of the ARN.
\n\t\t\t\t\n arn:aws:s3:::examplebucket/development/\n
\n CloudWatch Logs log group:
\n\t\t\t\t\n arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*\n
\n Kinesis Data Firehose delivery stream:
\n\t\t\t\t\n arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name\n
The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group, \n\t\t\tor a Kinesis Data Firehose delivery stream. Examples of valid values include the following:
\n\n S3 bucket:
\n\n arn:aws:s3:::examplebucket\n
You can optionally append a file prefix to the end of the ARN.
\n\n arn:aws:s3:::examplebucket/development/\n
\n CloudWatch Logs log group:
\n\n arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*\n
\n Kinesis Data Firehose delivery stream:
\n\n arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name\n
A list of the tag keys and values that you want to associate with the query logging configuration.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#CreateResolverQueryLogConfigResponse": { @@ -890,6 +962,9 @@ "smithy.api#documentation": "Information about the CreateResolverQueryLogConfig request, including the status of the request.
When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD \n\t\t\tfor RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD \n\t\t\tfor RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
The IPs that you want Resolver to forward DNS queries to. You can specify only IPv4 addresses. Separate IP addresses with a space.
\n\t\t\n TargetIps is available only when the value of Rule type is FORWARD.
The IPs that you want Resolver to forward DNS queries to. You can specify only IPv4 addresses. Separate IP addresses with a space.
\n\n TargetIps is available only when the value of Rule type is FORWARD.
A list of the tag keys and values that you want to associate with the endpoint.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#CreateResolverRuleResponse": { @@ -989,6 +1067,9 @@ "smithy.api#documentation": "Information about the CreateResolverRule request, including the status of the request.
The domain list that you just deleted.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DeleteFirewallRule": { @@ -1120,6 +1207,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#DeleteFirewallRuleGroupResponse": { @@ -1131,6 +1221,9 @@ "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DeleteFirewallRuleRequest": { @@ -1150,6 +1243,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#DeleteFirewallRuleResponse": { @@ -1161,6 +1257,9 @@ "smithy.api#documentation": "The specification for the firewall rule that you just deleted.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DeleteResolverEndpoint": { @@ -1189,7 +1288,7 @@ } ], "traits": { - "smithy.api#documentation": "Deletes a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound \n\t\t\tResolver endpoint:
\n\t\t\n Inbound: DNS queries from your network are no longer routed \n\t\t\t\tto the DNS service for the specified VPC.
\n\n Outbound: DNS queries from a VPC are no longer routed to your network.
\nDeletes a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound \n\t\t\tResolver endpoint:
\n\n Inbound: DNS queries from your network are no longer routed \n\t\t\t\tto the DNS service for the specified VPC.
\n\n Outbound: DNS queries from a VPC are no longer routed to your network.
\nInformation about the DeleteResolverEndpoint request, including the status of the request.
Deletes a query logging configuration. When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are \n\t\t\tassociated with the configuration. This also applies if the query logging configuration is shared with other Amazon Web Services accounts, and \n\t\t\tthe other accounts have associated VPCs with the shared configuration.
\n\t\t\n\t\tBefore you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See \n\t\t\tDisassociateResolverQueryLogConfig.
\n\t\t\t\n\t\tIf you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing \n\t\t\tthe configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs \n\t\t\tthat they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically \n\t\t\tdisassociated from the configuration.
" + "smithy.api#documentation": "Deletes a query logging configuration. When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are \n\t\t\tassociated with the configuration. This also applies if the query logging configuration is shared with other Amazon Web Services accounts, and \n\t\t\tthe other accounts have associated VPCs with the shared configuration.
\nBefore you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See \n\t\t\tDisassociateResolverQueryLogConfig.
\nIf you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing \n\t\t\tthe configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs \n\t\t\tthat they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically \n\t\t\tdisassociated from the configuration.
" } }, "com.amazonaws.route53resolver#DeleteResolverQueryLogConfigRequest": { @@ -1257,6 +1362,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#DeleteResolverQueryLogConfigResponse": { @@ -1268,6 +1376,9 @@ "smithy.api#documentation": "Information about the query logging configuration that you deleted, including the status of the request.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DeleteResolverRule": { @@ -1309,6 +1420,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#DeleteResolverRuleResponse": { @@ -1320,6 +1434,9 @@ "smithy.api#documentation": "Information about the DeleteResolverRule request, including the status of the request.
The firewall rule group association that you just removed.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddress": { @@ -1415,7 +1538,7 @@ } ], "traits": { - "smithy.api#documentation": "Removes IP addresses from an inbound or an outbound Resolver endpoint. If you want to remove more than one IP address, \n\t\t\tsubmit one DisassociateResolverEndpointIpAddress request for each IP address.
To add an IP address to an endpoint, see \n\t\t\tAssociateResolverEndpointIpAddress.\n\t\t
" + "smithy.api#documentation": "Removes IP addresses from an inbound or an outbound Resolver endpoint. If you want to remove more than one IP address, \n\t\t\tsubmit one DisassociateResolverEndpointIpAddress request for each IP address.
To add an IP address to an endpoint, see \n\t\t\tAssociateResolverEndpointIpAddress.\n\t\t
" } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressRequest": { @@ -1435,6 +1558,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressResponse": { @@ -1446,6 +1572,9 @@ "smithy.api#documentation": "The response to an DisassociateResolverEndpointIpAddress request.
Disassociates a VPC from a query logging configuration.
\n\t\t\n\t\tBefore you can delete a query logging configuration, you must first disassociate all VPCs\n\t\t\t\tfrom the configuration. If you used Resource Access Manager (RAM) to share a\n\t\t\t\tquery logging configuration with other accounts, VPCs can be disassociated from the\n\t\t\t\tconfiguration in the following ways:
\n\t\t\tThe accounts that you shared the configuration with can disassociate VPCs from the configuration.
\nYou can stop sharing the configuration.
\nDisassociates a VPC from a query logging configuration.
\nBefore you can delete a query logging configuration, you must first disassociate all VPCs\n\t\t\t\tfrom the configuration. If you used Resource Access Manager (RAM) to share a\n\t\t\t\tquery logging configuration with other accounts, VPCs can be disassociated from the\n\t\t\t\tconfiguration in the following ways:
\nThe accounts that you shared the configuration with can disassociate VPCs from the configuration.
\nYou can stop sharing the configuration.
\nA complex type that contains settings for the association that you deleted between an Amazon VPC and a query logging configuration.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#DisassociateResolverRule": { @@ -1533,7 +1668,7 @@ } ], "traits": { - "smithy.api#documentation": "Removes the association between a specified Resolver rule and a specified VPC.
\n\t\tIf you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the \n\t\t\t\tdomain name that you specified in the Resolver rule.
\n\t\tRemoves the association between a specified Resolver rule and a specified VPC.
\nIf you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the \n\t\t\t\tdomain name that you specified in the Resolver rule.
\nInformation about the DisassociateResolverRule request, including the status of the request.
The name of the parameter that you want to use to filter objects.
\n\t\tThe valid values for Name depend on the action that you're including the filter in, \n\t\t\tListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tor \n\t\t\tListResolverQueryLogConfigAssociations.
In early versions of Resolver, values for Name were listed as uppercase, with underscore (_) delimiters. For example, \n\t\t\t\tCreatorRequestId was originally listed as CREATOR_REQUEST_ID. Uppercase values for Name are still supported.
\n ListResolverEndpoints\n
\n\t\tValid values for Name include the following:
\n CreatorRequestId: The value that you specified when you created the Resolver endpoint.
\n Direction: Whether you want to return inbound or outbound Resolver endpoints. If you specify DIRECTION \n\t\t\t\tfor Name, specify INBOUND or OUTBOUND for Values.
\n HostVPCId: The ID of the VPC that inbound DNS queries pass through on the way from your network to your VPCs in a region, or \n\t\t\t\tthe VPC that outbound queries pass through on the way from your VPCs to your network. In a \n\t\t\t\tCreateResolverEndpoint\n\t\t\t\trequest, SubnetId indirectly identifies the VPC. In a \n\t\t\t\tGetResolverEndpoint\n\t\t\t\trequest, the VPC ID for a Resolver endpoint \n\t\t\t\tis returned in the HostVPCId element.
\n IpAddressCount: The number of IP addresses that you have associated with the Resolver endpoint.
\n Name: The name of the Resolver endpoint.
\n SecurityGroupIds: The IDs of the VPC security groups that you specified when you created the \n\t\t\t\tResolver endpoint.
\n Status: The status of the Resolver endpoint. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: CREATING, OPERATIONAL, UPDATING,\n\t\t\t\tAUTO_RECOVERING, ACTION_NEEDED, or DELETING. For more information, see Status in\n\t\t\t\tResolverEndpoint.
\n ListResolverRules\n
\n\t\tValid values for Name include the following:
\n CreatorRequestId: The value that you specified when you created the Resolver rule.
\n DomainName: The domain name for which Resolver is forwarding DNS queries to your network. In the value that \n\t\t\t\tyou specify for Values, include a trailing dot (.) after the domain name. For example, if the domain name is example.com, \n\t\t\t\tspecify the following value. Note the \".\" after com:
\n example.com.\n
\n Name: The name of the Resolver rule.
\n ResolverEndpointId: The ID of the Resolver endpoint that the Resolver rule is associated with.
You can filter on the Resolver endpoint only for rules that have a value of FORWARD for \n\t\t\t\t\tRuleType.
\n Status: The status of the Resolver rule. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: COMPLETE, DELETING, UPDATING, \n\t\t\t\tor FAILED.
\n Type: The type of the Resolver rule. If you specify TYPE \n\t\t\t\tfor Name, specify FORWARD or SYSTEM for Values.
\n ListResolverRuleAssociations\n
\n\t\tValid values for Name include the following:
\n Name: The name of the Resolver rule association.
\n ResolverRuleId: The ID of the Resolver rule that is associated with one or more VPCs.
\n Status: The status of the Resolver rule association. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: CREATING, COMPLETE, DELETING, or \n\t\t\t\tFAILED.
\n VPCId: The ID of the VPC that the Resolver rule is associated with.
\n ListResolverQueryLogConfigs\n
\n\t\tValid values for Name include the following:
\n Arn: The ARN for the query logging configuration.
\n AssociationCount: The number of VPCs that are associated with the query logging configuration.
\n CreationTime: The date and time that the query logging configuration was created, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n CreatorRequestId: A unique string that identifies the request that created the query logging configuration.
\n Destination: The Amazon Web Services service that you want to forward query logs to. Valid values include the following:
\n S3\n
\n CloudWatchLogs\n
\n KinesisFirehose\n
\n DestinationArn: The ARN of the location that Resolver is sending query logs to. This value can be the ARN for an \n\t\t\t\tS3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
\n Id: The ID of the query logging configuration
\n Name: The name of the query logging configuration
\n OwnerId: The Amazon Web Services account ID for the account that created the query logging configuration.
\n ShareStatus: An indication of whether the query logging configuration is shared with other Amazon Web Services accounts, \n\t\t\t\tor was shared with the current account by another Amazon Web Services account. Valid values include: NOT_SHARED, SHARED_WITH_ME, \n\t\t\t\tor SHARED_BY_ME.
\n Status: The status of the query logging configuration. If you specify Status for Name, \n\t\t\t\tspecify the applicable status code for Values: CREATING, CREATED, \n\t\t\t\tDELETING, or FAILED. For more information, see \n\t\t\t\tStatus.\n\t\t\t\t
\n ListResolverQueryLogConfigAssociations\n
\n\t\tValid values for Name include the following:
\n CreationTime: The date and time that the VPC was associated with the query logging configuration, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n Error: If the value of Status is FAILED, specify the cause: \n\t\t\t\tDESTINATION_NOT_FOUND or ACCESS_DENIED.
\n Id: The ID of the query logging association.
\n ResolverQueryLogConfigId: The ID of the query logging configuration that a VPC is associated with.
\n ResourceId: The ID of the Amazon VPC that is associated with the query logging configuration.
\n Status: The status of the query logging association. If you specify Status for Name, \n\t\t\t\tspecify the applicable status code for Values: CREATING, CREATED, \n\t\t\t\tDELETING, or FAILED. For more information, see \n\t\t\t Status.\n\t\t\t\t
The name of the parameter that you want to use to filter objects.
\nThe valid values for Name depend on the action that you're including the filter in, \n\t\t\tListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tor \n\t\t\tListResolverQueryLogConfigAssociations.
In early versions of Resolver, values for Name were listed as uppercase, with underscore (_) delimiters. For example, \n\t\t\t\tCreatorRequestId was originally listed as CREATOR_REQUEST_ID. Uppercase values for Name are still supported.
\n ListResolverEndpoints\n
\nValid values for Name include the following:
\n CreatorRequestId: The value that you specified when you created the Resolver endpoint.
\n Direction: Whether you want to return inbound or outbound Resolver endpoints. If you specify DIRECTION \n\t\t\t\tfor Name, specify INBOUND or OUTBOUND for Values.
\n HostVPCId: The ID of the VPC that inbound DNS queries pass through on the way from your network to your VPCs in a region, or \n\t\t\t\tthe VPC that outbound queries pass through on the way from your VPCs to your network. In a \n\t\t\t\tCreateResolverEndpoint\n\t\t\t\trequest, SubnetId indirectly identifies the VPC. In a \n\t\t\t\tGetResolverEndpoint\n\t\t\t\trequest, the VPC ID for a Resolver endpoint \n\t\t\t\tis returned in the HostVPCId element.
\n IpAddressCount: The number of IP addresses that you have associated with the Resolver endpoint.
\n Name: The name of the Resolver endpoint.
\n SecurityGroupIds: The IDs of the VPC security groups that you specified when you created the \n\t\t\t\tResolver endpoint.
\n Status: The status of the Resolver endpoint. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: CREATING, OPERATIONAL, UPDATING,\n\t\t\t\tAUTO_RECOVERING, ACTION_NEEDED, or DELETING. For more information, see Status in\n\t\t\t\tResolverEndpoint.
\n ListResolverRules\n
\nValid values for Name include the following:
\n CreatorRequestId: The value that you specified when you created the Resolver rule.
\n DomainName: The domain name for which Resolver is forwarding DNS queries to your network. In the value that \n\t\t\t\tyou specify for Values, include a trailing dot (.) after the domain name. For example, if the domain name is example.com, \n\t\t\t\tspecify the following value. Note the \".\" after com:
\n example.com.\n
\n Name: The name of the Resolver rule.
\n ResolverEndpointId: The ID of the Resolver endpoint that the Resolver rule is associated with.
You can filter on the Resolver endpoint only for rules that have a value of FORWARD for \n\t\t\t\t\tRuleType.
\n Status: The status of the Resolver rule. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: COMPLETE, DELETING, UPDATING, \n\t\t\t\tor FAILED.
\n Type: The type of the Resolver rule. If you specify TYPE \n\t\t\t\tfor Name, specify FORWARD or SYSTEM for Values.
\n ListResolverRuleAssociations\n
\nValid values for Name include the following:
\n Name: The name of the Resolver rule association.
\n ResolverRuleId: The ID of the Resolver rule that is associated with one or more VPCs.
\n Status: The status of the Resolver rule association. If you specify Status for Name, \n\t\t\t\tspecify one of the following status codes for Values: CREATING, COMPLETE, DELETING, or \n\t\t\t\tFAILED.
\n VPCId: The ID of the VPC that the Resolver rule is associated with.
\n ListResolverQueryLogConfigs\n
\nValid values for Name include the following:
\n Arn: The ARN for the query logging configuration.
\n AssociationCount: The number of VPCs that are associated with the query logging configuration.
\n CreationTime: The date and time that the query logging configuration was created, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n CreatorRequestId: A unique string that identifies the request that created the query logging configuration.
\n Destination: The Amazon Web Services service that you want to forward query logs to. Valid values include the following:
\n S3\n
\n CloudWatchLogs\n
\n KinesisFirehose\n
\n DestinationArn: The ARN of the location that Resolver is sending query logs to. This value can be the ARN for an \n\t\t\t\tS3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
\n Id: The ID of the query logging configuration
\n Name: The name of the query logging configuration
\n OwnerId: The Amazon Web Services account ID for the account that created the query logging configuration.
\n ShareStatus: An indication of whether the query logging configuration is shared with other Amazon Web Services accounts, \n\t\t\t\tor was shared with the current account by another Amazon Web Services account. Valid values include: NOT_SHARED, SHARED_WITH_ME, \n\t\t\t\tor SHARED_BY_ME.
\n Status: The status of the query logging configuration. If you specify Status for Name, \n\t\t\t\tspecify the applicable status code for Values: CREATING, CREATED, \n\t\t\t\tDELETING, or FAILED. For more information, see \n\t\t\t\tStatus.\n\t\t\t\t
\n ListResolverQueryLogConfigAssociations\n
\nValid values for Name include the following:
\n CreationTime: The date and time that the VPC was associated with the query logging configuration, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n Error: If the value of Status is FAILED, specify the cause: \n\t\t\t\tDESTINATION_NOT_FOUND or ACCESS_DENIED.
\n Id: The ID of the query logging association.
\n ResolverQueryLogConfigId: The ID of the query logging configuration that a VPC is associated with.
\n ResourceId: The ID of the Amazon VPC that is associated with the query logging configuration.
\n Status: The status of the query logging association. If you specify Status for Name, \n\t\t\t\tspecify the applicable status code for Values: CREATING, CREATED, \n\t\t\t\tDELETING, or FAILED. For more information, see \n\t\t\t Status.\n\t\t\t\t
For Resolver list operations \n\t\t\t(ListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tListResolverQueryLogConfigAssociations),\n\t\t\tand\n\t\t\tListResolverDnssecConfigs), \n\t\t\tan optional specification to return a subset of objects.
\n\t\tTo filter objects, such as Resolver endpoints or Resolver rules, you specify Name and Values. For example, \n\t\t\tto list only inbound Resolver endpoints, specify Direction for Name and specify INBOUND for Values.
For Resolver list operations \n\t\t\t(ListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tListResolverQueryLogConfigAssociations),\n\t\t\tand\n\t\t\tListResolverDnssecConfigs), \n\t\t\tan optional specification to return a subset of objects.
\nTo filter objects, such as Resolver endpoints or Resolver rules, you specify Name and Values. For example, \n\t\t\tto list only inbound Resolver endpoints, specify Direction for Name and specify INBOUND for Values.
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
Configuration of the firewall behavior provided by DNS Firewall for a single VPC from\n\t\t\tAmazonVPC.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetFirewallDomainList": { @@ -2311,6 +2486,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetFirewallDomainListResponse": { @@ -2322,6 +2500,9 @@ "smithy.api#documentation": "The domain list that you requested.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroup": { @@ -2386,6 +2567,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociationResponse": { @@ -2397,6 +2581,9 @@ "smithy.api#documentation": "The association that you requested.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicy": { @@ -2438,6 +2625,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicyResponse": { @@ -2449,6 +2639,9 @@ "smithy.api#documentation": "The Identity and Access Management (Amazon Web Services IAM) policy for sharing the specified rule\n\t\t\tgroup. You can use the policy to share the rule group using Resource Access Manager\n\t\t\t(RAM).
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupRequest": { @@ -2461,6 +2654,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupResponse": { @@ -2472,6 +2668,9 @@ "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetResolverConfig": { @@ -2497,10 +2696,13 @@ }, { "target": "com.amazonaws.route53resolver#ThrottlingException" + }, + { + "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { - "smithy.api#documentation": "Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from\n\t\t\t\tAmazon Virtual Private Cloud.
" + "smithy.api#documentation": "Retrieves the behavior configuration of Route 53 Resolver behavior for a single VPC from\n\t\t\t\tAmazon Virtual Private Cloud.
" } }, "com.amazonaws.route53resolver#GetResolverConfigRequest": { @@ -2513,6 +2715,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetResolverConfigResponse": { @@ -2521,9 +2726,12 @@ "ResolverConfig": { "target": "com.amazonaws.route53resolver#ResolverConfig", "traits": { - "smithy.api#documentation": "Information about the behavior configuration of Route 53 Resolver behavior for the VPC you\n\t\t\tspecified in the GetResolverConfig request.
Information about the behavior configuration of Route 53 Resolver behavior for the VPC you\n\t\t\tspecified in the GetResolverConfig request.
The information about a configuration for DNSSEC validation.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#GetResolverEndpoint": { @@ -2617,6 +2831,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#GetResolverEndpointResponse": { @@ -2628,6 +2845,9 @@ "smithy.api#documentation": "Information about the Resolver endpoint that you specified in a GetResolverEndpoint request.
Information about the Resolver query logging configuration association that you specified in a GetQueryLogConfigAssociation request.
Information about the query logging policy for the query logging configuration that you specified in a \n\t\t\tGetResolverQueryLogConfigPolicy request.
Information about the Resolver query logging configuration that you specified in a GetQueryLogConfig request.
Information about the Resolver rule association that you specified in a GetResolverRuleAssociation request.
The Resolver rule policy for the rule that you specified in a GetResolverRulePolicy request.
Information about the Resolver rule that you specified in a GetResolverRule request.
Imports domain names from a file into a domain list, for use in a DNS firewall rule group.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z, a-z,\n \t 0-9, - (hyphen).
It must be from 1-255 characters in length.
\n \tImports domain names from a file into a domain list, for use in a DNS firewall rule group.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z, a-z,\n \t 0-9, - (hyphen).
It must be from 1-255 characters in length.
\n" + "smithy.api#documentation": "
Status of the import request.
" } }, "StatusMessage": { @@ -3024,6 +3286,9 @@ "smithy.api#documentation": "Additional information about the status of the list, if available.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#InternalServiceErrorException": { @@ -3132,7 +3397,13 @@ "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { - "smithy.api#documentation": "The IP address that you want to use for DNS queries.
" + "smithy.api#documentation": "The IPv4 address that you want to use for DNS queries.
" + } + }, + "Ipv6": { + "target": "com.amazonaws.route53resolver#Ipv6", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe IPv6 address that you want to use for DNS queries.\n\t\t
" } } }, @@ -3158,7 +3429,13 @@ "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { - "smithy.api#documentation": "One IP address that the Resolver endpoint uses for DNS queries.
" + "smithy.api#documentation": "One IPv4 address that the Resolver endpoint uses for DNS queries.
" + } + }, + "Ipv6": { + "target": "com.amazonaws.route53resolver#Ipv6", + "traits": { + "smithy.api#documentation": "\n\t\t\tOne IPv6 address that the Resolver endpoint uses for DNS queries.\n\t\t
" } }, "Status": { @@ -3191,50 +3468,74 @@ } }, "com.amazonaws.route53resolver#IpAddressStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "CREATING", - "name": "Creating" - }, - { - "value": "FAILED_CREATION", - "name": "FailedCreation" - }, - { - "value": "ATTACHING", - "name": "Attaching" - }, - { - "value": "ATTACHED", - "name": "Attached" - }, - { - "value": "REMAP_DETACHING", - "name": "RemapDetaching" - }, - { - "value": "REMAP_ATTACHING", - "name": "RemapAttaching" - }, - { - "value": "DETACHING", - "name": "Detaching" - }, - { - "value": "FAILED_RESOURCE_GONE", - "name": "FailedResourceGone" - }, - { - "value": "DELETING", - "name": "Deleting" - }, - { - "value": "DELETE_FAILED_FAS_EXPIRED", - "name": "DeleteFailedFasExpired" + "type": "enum", + "members": { + "Creating": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATING" + } + }, + "FailedCreation": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED_CREATION" + } + }, + "Attaching": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ATTACHING" + } + }, + "Attached": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ATTACHED" + } + }, + "RemapDetaching": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REMAP_DETACHING" + } + }, + "RemapAttaching": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "REMAP_ATTACHING" + } + }, + "Detaching": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DETACHING" + } + }, + "FailedResourceGone": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FAILED_RESOURCE_GONE" + } + }, + "Deleting": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETING" + } + }, + "DeleteFailedFasExpired": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETE_FAILED_FAS_EXPIRED" + } + }, + "Updating": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPDATING" } - ] + } } }, "com.amazonaws.route53resolver#IpAddressUpdate": { @@ -3255,7 +3556,13 @@ "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { - "smithy.api#documentation": "The new IP address.
" + "smithy.api#documentation": "The new IPv4 address.
" + } + }, + "Ipv6": { + "target": "com.amazonaws.route53resolver#Ipv6", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe new IPv6 address.\n\t\t
" } } }, @@ -3271,7 +3578,7 @@ "traits": { "smithy.api#length": { "min": 1, - "max": 10 + "max": 20 } } }, @@ -3281,6 +3588,15 @@ "target": "com.amazonaws.route53resolver#IpAddressResponse" } }, + "com.amazonaws.route53resolver#Ipv6": { + "type": "string", + "traits": { + "smithy.api#length": { + "min": 7, + "max": 39 + } + } + }, "com.amazonaws.route53resolver#LimitExceededException": { "type": "structure", "members": { @@ -3335,6 +3651,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "FirewallConfigs", "pageSize": "MaxResults" } } @@ -3354,8 +3671,7 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#ListFirewallConfigsMaxResult", "traits": { - "smithy.api#default": null, - "smithy.api#documentation": "The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
The configurations for the firewall behavior provided by DNS Firewall for VPCs from\n\t\t\tAmazon Virtual Private Cloud (Amazon VPC).
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListFirewallDomainLists": { @@ -3410,6 +3732,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "FirewallDomainLists", "pageSize": "MaxResults" } } @@ -3420,8 +3743,7 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, - "smithy.api#documentation": "The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
A list of the domain lists that you have defined.
\nThis might be a partial list of the domain lists that you've defined. For information,\n\t\t\tsee MaxResults.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
A list of the domains in the firewall domain list.
\nThis might be a partial list of the domains that you've defined in the domain list. For\n\t\t\tinformation, see MaxResults.
The setting that determines the processing order of the rule group among the rule\n\t\t\tgroups that are associated with a single VPC. DNS Firewall filters VPC traffic starting\n\t\t\tfrom the rule group with the lowest numeric priority setting.
" } }, @@ -3587,8 +3921,7 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, - "smithy.api#documentation": "The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
A list of your firewall rule group associations.
\nThis might be a partial list of the associations that you have defined. For information, see MaxResults.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
A list of your firewall rule groups.
\nThis might be a partial list of the rule groups that you have defined. For information, see MaxResults.
Optional additional filter for the rules to retrieve.
\nThe setting that determines the processing order of the rules in a rule group. DNS Firewall \n processes the rules in a rule group by order of priority, starting from the lowest setting.
" } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { - "smithy.api#documentation": "Optional additional filter for the rules to retrieve.
\nThe action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
Optional additional filter for the rules to retrieve.
\nThe action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse setting.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults. If more objects are available for retrieval,\n Resolver returns a NextToken value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
A list of the rules that you have defined.
\nThis might be a partial list of the firewall rules that you've defined. For information,\n\t\t\tsee MaxResults.
Retrieves the Resolver configurations that you have defined. \n\t\t\tRoute 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs.
", + "smithy.api#documentation": "Retrieves the Resolver configurations that you have defined. \n\t\t\tRoute 53 Resolver uses the configurations to manage DNS resolution behavior for your VPCs.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "ResolverConfigs", "pageSize": "MaxResults" } } @@ -3823,16 +4177,18 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#ListResolverConfigsMaxResult", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The maximum number of Resolver configurations that you want to return in the response to \n\t\t\ta ListResolverConfigs request. If you don't specify a value for MaxResults, \n\t\t\tup to 100 Resolver configurations are returned.
(Optional) If the current Amazon Web Services account has more than MaxResults Resolver configurations, use \n\t\t\tNextToken to get the second and subsequent pages of results.
For the first ListResolverConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and \n\t\t\tspecify that value for NextToken in the request.
(Optional) If the current Amazon Web Services account has more than MaxResults Resolver configurations, use \n\t\t\tNextToken to get the second and subsequent pages of results.
For the first ListResolverConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and \n\t\t\tspecify that value for NextToken in the request.
If a response includes the last of the Resolver configurations that are associated with the current Amazon Web Services account, \n\t\t\tNextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another \n\t\t\tListResolverConfigs request. \n\t\t\tGet the value of NextToken that Amazon Route 53\n returned in the previous response and include it in \n\t\t\tNextToken in the next request.
If a response includes the last of the Resolver configurations that are associated with the current Amazon Web Services account, \n\t\t\tNextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another \n\t\t\tListResolverConfigs request. \n\t\t\tGet the value of NextToken that Amazon Route 53 returned in the previous response and include it in \n\t\t\tNextToken in the next request.
An array that contains one ResolverConfigs element for each Resolver configuration that is associated \n\t\t\twith the current Amazon Web Services account.
\n Optional: An integer that specifies the maximum number of DNSSEC configuration results that you want Amazon Route 53 to return. \n\t\t\tIf you don't specify a value for MaxResults, Route 53 returns up to 100 configuration per page.
(Optional) If the current Amazon Web Services account has more than MaxResults DNSSEC configurations, use NextToken \n\t\t\tto get the second and subsequent pages of results.
For the first ListResolverDnssecConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and specify that value \n\t\t\tfor NextToken in the request.
(Optional) If the current Amazon Web Services account has more than MaxResults DNSSEC configurations, use NextToken \n\t\t\tto get the second and subsequent pages of results.
For the first ListResolverDnssecConfigs request, omit this value.
For the second and subsequent requests, get the value of NextToken from the previous response and specify that value \n\t\t\tfor NextToken in the request.
An optional specification to return a subset of objects.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#ListResolverDnssecConfigsResponse": { @@ -3919,7 +4281,7 @@ "NextToken": { "target": "com.amazonaws.route53resolver#NextToken", "traits": { - "smithy.api#documentation": "If a response includes the last of the DNSSEC configurations that are associated with the current Amazon Web Services account, \n\t\t\tNextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another \n\t\t\tListResolverDnssecConfigs \n\t\t\trequest. Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in \n\t\t\tNextToken in the next request.
If a response includes the last of the DNSSEC configurations that are associated with the current Amazon Web Services account, \n\t\t\tNextToken doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another \n\t\t\tListResolverDnssecConfigs \n\t\t\trequest. Get the value of NextToken that Amazon Route 53 returned in the previous response and include it in \n\t\t\tNextToken in the next request.
An array that contains one \n\t\t\tResolverDnssecConfig element \n\t\t\tfor each configuration for DNSSEC validation that is associated with the current Amazon Web Services account.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListResolverEndpointIpAddresses": { @@ -3960,6 +4325,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "IpAddresses", "pageSize": "MaxResults" } } @@ -3977,16 +4343,18 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The maximum number of IP addresses that you want to return in the response to a ListResolverEndpointIpAddresses request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 IP addresses.
For the first ListResolverEndpointIpAddresses request, omit this value.
If the specified Resolver endpoint has more than MaxResults IP addresses, you can submit another \n\t\t\tListResolverEndpointIpAddresses request to get the next group of IP addresses. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
For the first ListResolverEndpointIpAddresses request, omit this value.
If the specified Resolver endpoint has more than MaxResults IP addresses, you can submit another \n\t\t\tListResolverEndpointIpAddresses request to get the next group of IP addresses. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
Information about the IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward \n\t\t\tDNS queries to (for inbound endpoints).
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListResolverEndpoints": { @@ -4042,6 +4413,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "ResolverEndpoints", "pageSize": "MaxResults" } } @@ -4052,22 +4424,24 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The maximum number of Resolver endpoints that you want to return in the response to a ListResolverEndpoints request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 Resolver endpoints.
For the first ListResolverEndpoints request, omit this value.
If you have more than MaxResults Resolver endpoints, you can submit another ListResolverEndpoints request \n\t\t\tto get the next group of Resolver endpoints. In the next request, specify the value of NextToken from the previous response.
For the first ListResolverEndpoints request, omit this value.
If you have more than MaxResults Resolver endpoints, you can submit another ListResolverEndpoints request \n\t\t\tto get the next group of Resolver endpoints. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver endpoints, such as all inbound Resolver endpoints.
\n\t\tIf you submit a second or subsequent ListResolverEndpoints request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
An optional specification to return a subset of Resolver endpoints, such as all inbound Resolver endpoints.
\nIf you submit a second or subsequent ListResolverEndpoints request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
The Resolver endpoints that were created by using the current Amazon Web Services account, and that match the specified filters, if any.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociations": { @@ -4126,6 +4503,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "ResolverQueryLogConfigAssociations", "pageSize": "MaxResults" } } @@ -4142,27 +4520,30 @@ "NextToken": { "target": "com.amazonaws.route53resolver#NextToken", "traits": { - "smithy.api#documentation": "For the first ListResolverQueryLogConfigAssociations request, omit this value.
If there are more than MaxResults query logging associations that match the values that you specify for Filters, \n\t\t\tyou can submit another ListResolverQueryLogConfigAssociations request to get the next group of associations. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
For the first ListResolverQueryLogConfigAssociations request, omit this value.
If there are more than MaxResults query logging associations that match the values that you specify for Filters, \n\t\t\tyou can submit another ListResolverQueryLogConfigAssociations request to get the next group of associations. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
An optional specification to return a subset of query logging associations.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same values for Filters, if any, as in the previous request.
An optional specification to return a subset of query logging associations.
\nIf you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same values for Filters, if any, as in the previous request.
The element that you want Resolver to sort query logging associations by.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
\n\t\t\n CreationTime: The ID of the query logging association.
\n Error: If the value of Status is FAILED, the value of Error \n\t\t\t\tindicates the cause:
\n DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED: Permissions don't allow sending logs to the destination.
If Status is a value other than FAILED, ERROR is null.
\n Id: The ID of the query logging association
\n ResolverQueryLogConfigId: The ID of the query logging configuration
\n ResourceId: The ID of the VPC that is associated with the query logging configuration
\n Status: The current status of the configuration. Valid values include the following:
\n CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED: The association between an Amazon VPC and a query logging configuration \n\t\t\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging association.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging association. \n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nThe element that you want Resolver to sort query logging associations by.
\nIf you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
\n\n CreationTime: The ID of the query logging association.
\n Error: If the value of Status is FAILED, the value of Error \n\t\t\t\tindicates the cause:
\n DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED: Permissions don't allow sending logs to the destination.
If Status is a value other than FAILED, ERROR is null.
\n Id: The ID of the query logging association
\n ResolverQueryLogConfigId: The ID of the query logging configuration
\n ResourceId: The ID of the VPC that is associated with the query logging configuration
\n Status: The current status of the configuration. Valid values include the following:
\n CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED: The association between an Amazon VPC and a query logging configuration \n\t\t\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging association.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging association. \n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nIf you specified a value for SortBy, the order that you want query logging associations to be listed in, \n\t\t\tASCENDING or DESCENDING.
If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortOrder, if any, as in the previous request.
If you specified a value for SortBy, the order that you want query logging associations to be listed in, \n\t\t\tASCENDING or DESCENDING.
If you submit a second or subsequent ListResolverQueryLogConfigAssociations request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortOrder, if any, as in the previous request.
A list that contains one ResolverQueryLogConfigAssociations element for each query logging association that matches the \n\t\t\tvalues that you specified for Filter.
The maximum number of query logging configurations that you want to return in the response to a ListResolverQueryLogConfigs request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 query logging configurations.
For the first ListResolverQueryLogConfigs request, omit this value.
If there are more than MaxResults query logging configurations that match the values that you specify for Filters, \n\t\t\tyou can submit another ListResolverQueryLogConfigs request to get the next group of configurations. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
For the first ListResolverQueryLogConfigs request, omit this value.
If there are more than MaxResults query logging configurations that match the values that you specify for Filters, \n\t\t\tyou can submit another ListResolverQueryLogConfigs request to get the next group of configurations. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
An optional specification to return a subset of query logging configurations.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same values for Filters, if any, as in the previous request.
An optional specification to return a subset of query logging configurations.
\nIf you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same values for Filters, if any, as in the previous request.
The element that you want Resolver to sort query logging configurations by.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
\n\t\t\n Arn: The ARN of the query logging configuration
\n AssociationCount: The number of VPCs that are associated with the specified configuration
\n CreationTime: The date and time that Resolver returned when the configuration was created
\n CreatorRequestId: The value that was specified for CreatorRequestId when the configuration was created
\n DestinationArn: The location that logs are sent to
\n Id: The ID of the configuration
\n Name: The name of the configuration
\n OwnerId: The Amazon Web Services account number of the account that created the configuration
\n ShareStatus: Whether the configuration is shared with other Amazon Web Services accounts or shared with the current account by \n\t\t\t\tanother Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
\n Status: The current status of the configuration. Valid values include the following:
\n CREATING: Resolver is creating the query logging configuration.
\n CREATED: The query logging configuration was successfully created. \n\t\t\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging configuration.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging configuration.\n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nThe element that you want Resolver to sort query logging configurations by.
\nIf you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortBy, if any, as in the previous request.
Valid values include the following elements:
\n\n Arn: The ARN of the query logging configuration
\n AssociationCount: The number of VPCs that are associated with the specified configuration
\n CreationTime: The date and time that Resolver returned when the configuration was created
\n CreatorRequestId: The value that was specified for CreatorRequestId when the configuration was created
\n DestinationArn: The location that logs are sent to
\n Id: The ID of the configuration
\n Name: The name of the configuration
\n OwnerId: The Amazon Web Services account number of the account that created the configuration
\n ShareStatus: Whether the configuration is shared with other Amazon Web Services accounts or shared with the current account by \n\t\t\t\tanother Amazon Web Services account. Sharing is configured through Resource Access Manager (RAM).
\n Status: The current status of the configuration. Valid values include the following:
\n CREATING: Resolver is creating the query logging configuration.
\n CREATED: The query logging configuration was successfully created. \n\t\t\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging configuration.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging configuration.\n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nIf you specified a value for SortBy, the order that you want query logging configurations to be listed in, \n\t\t\tASCENDING or DESCENDING.
If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortOrder, if any, as in the previous request.
If you specified a value for SortBy, the order that you want query logging configurations to be listed in, \n\t\t\tASCENDING or DESCENDING.
If you submit a second or subsequent ListResolverQueryLogConfigs request and specify the NextToken parameter, \n\t\t\t\tyou must use the same value for SortOrder, if any, as in the previous request.
A list that contains one ResolverQueryLogConfig element for each query logging configuration that matches the \n\t\t\tvalues that you specified for Filter.
The maximum number of rule associations that you want to return in the response to a ListResolverRuleAssociations request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 rule associations.
For the first ListResolverRuleAssociation request, omit this value.
If you have more than MaxResults rule associations, you can submit another ListResolverRuleAssociation request \n\t\t\tto get the next group of rule associations. In the next request, specify the value of NextToken from the previous response.
For the first ListResolverRuleAssociation request, omit this value.
If you have more than MaxResults rule associations, you can submit another ListResolverRuleAssociation request \n\t\t\tto get the next group of rule associations. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver rules, such as Resolver rules that are associated with the same VPC ID.
\n\t\tIf you submit a second or subsequent ListResolverRuleAssociations request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
An optional specification to return a subset of Resolver rules, such as Resolver rules that are associated with the same VPC ID.
\nIf you submit a second or subsequent ListResolverRuleAssociations request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
The associations that were created between Resolver rules and VPCs using the current Amazon Web Services account, and that match the \n\t\t\tspecified filters, if any.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListResolverRules": { @@ -4411,6 +4807,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "ResolverRules", "pageSize": "MaxResults" } } @@ -4421,22 +4818,24 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The maximum number of Resolver rules that you want to return in the response to a ListResolverRules request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 Resolver rules.
For the first ListResolverRules request, omit this value.
If you have more than MaxResults Resolver rules, you can submit another ListResolverRules request \n\t\t\tto get the next group of Resolver rules. In the next request, specify the value of NextToken from the previous response.
For the first ListResolverRules request, omit this value.
If you have more than MaxResults Resolver rules, you can submit another ListResolverRules request \n\t\t\tto get the next group of Resolver rules. In the next request, specify the value of NextToken from the previous response.
An optional specification to return a subset of Resolver rules, such as all Resolver rules that are associated with the same Resolver endpoint.
\n\t\tIf you submit a second or subsequent ListResolverRules request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
An optional specification to return a subset of Resolver rules, such as all Resolver rules that are associated with the same Resolver endpoint.
\nIf you submit a second or subsequent ListResolverRules request and specify the NextToken parameter, \n\t\t\tyou must use the same values for Filters, if any, as in the previous request.
The Resolver rules that were created using the current Amazon Web Services account and that match the specified filters, if any.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#ListTagsForResource": { @@ -4495,6 +4897,7 @@ "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", + "items": "Tags", "pageSize": "MaxResults" } } @@ -4512,16 +4915,18 @@ "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The maximum number of tags that you want to return in the response to a ListTagsForResource request. \n\t\t\tIf you don't specify a value for MaxResults, Resolver returns up to 100 tags.
For the first ListTagsForResource request, omit this value.
If you have more than MaxResults tags, you can submit another ListTagsForResource request \n\t\t\tto get the next group of tags for the resource. In the next request, specify the value of NextToken from the previous response.
For the first ListTagsForResource request, omit this value.
If you have more than MaxResults tags, you can submit another ListTagsForResource request \n\t\t\tto get the next group of tags for the resource. In the next request, specify the value of NextToken from the previous response.
If more than MaxResults tags match the specified criteria, you can submit another \n\t\t\tListTagsForResource request to get the next group of results. In the next request, specify the value of \n\t\t\tNextToken from the previous response.
An Identity and Access Management policy statement that lists the query logging configurations that you want to share with another Amazon Web Services account \n\t\t\tand the operations that you want the account to be able to perform. You can specify the following operations in the Actions section \n\t\t\tof the statement:
\n route53resolver:AssociateResolverQueryLogConfig\n
\n route53resolver:DisassociateResolverQueryLogConfig\n
\n route53resolver:ListResolverQueryLogConfigAssociations\n
\n route53resolver:ListResolverQueryLogConfigs\n
In the Resource section of the statement, you specify the ARNs for the query logging configurations that you want to share \n\t\t\twith the account that you specified in Arn.
An Identity and Access Management policy statement that lists the query logging configurations that you want to share with another Amazon Web Services account \n\t\t\tand the operations that you want the account to be able to perform. You can specify the following operations in the Actions section \n\t\t\tof the statement:
\n route53resolver:AssociateResolverQueryLogConfig\n
\n route53resolver:DisassociateResolverQueryLogConfig\n
\n route53resolver:ListResolverQueryLogConfigAssociations\n
\n route53resolver:ListResolverQueryLogConfigs\n
In the Resource section of the statement, you specify the ARNs for the query logging configurations that you want to share \n\t\t\twith the account that you specified in Arn.
The response to a PutResolverQueryLogConfigPolicy request.
The response to a PutResolverQueryLogConfigPolicy request.
An Identity and Access Management policy statement that lists the rules that you want to share with another Amazon Web Services account and the operations that you want the account \n\t\t\tto be able to perform. You can specify the following operations in the Action section of the statement:
\n route53resolver:GetResolverRule\n
\n route53resolver:AssociateResolverRule\n
\n route53resolver:DisassociateResolverRule\n
\n route53resolver:ListResolverRules\n
\n route53resolver:ListResolverRuleAssociations\n
In the Resource section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN \n\t\t\tthat you specified in Arn.
An Identity and Access Management policy statement that lists the rules that you want to share with another Amazon Web Services account and the operations that you want the account \n\t\t\tto be able to perform. You can specify the following operations in the Action section of the statement:
\n route53resolver:GetResolverRule\n
\n route53resolver:AssociateResolverRule\n
\n route53resolver:DisassociateResolverRule\n
\n route53resolver:ListResolverRules\n
\n route53resolver:ListResolverRuleAssociations\n
In the Resource section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN \n\t\t\tthat you specified in Arn.
The response to a PutResolverRulePolicy request.
The response to a PutResolverRulePolicy request.
The status of whether or not the Resolver will create autodefined rules for reverse DNS\n\t\t\tlookups. This is enabled by default. The status can be one of following:
\n\t\tStatus of the rules generated by VPCs based on CIDR/Region for reverse DNS resolution. The\n\t\t\tstatus can be one of following:
\n\n\t\t\n ENABLING: Autodefined rules for reverse DNS lookups are being\n\t\t\t\t\tenabled but are not complete.
\n\n ENABLED: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tenabled.
\n\n DISABLING: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tbeing disabled but are not complete.
\n\n DISABLED: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tdisabled.
\nThe status of whether or not the Resolver will create autodefined rules for reverse DNS\n\t\t\tlookups. This is enabled by default. The status can be one of following:
\n\n ENABLING: Autodefined rules for reverse DNS lookups are being\n\t\t\t\t\tenabled but are not complete.
\n\n ENABLED: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tenabled.
\n\n DISABLING: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tbeing disabled but are not complete.
\n\n DISABLED: Autodefined rules for reverse DNS lookups are\n\t\t\t\t\tdisabled.
\nThe validation status for a DNSSEC configuration. The status can be one of the following:
\n\t\t\n ENABLING: DNSSEC validation is being enabled but is not complete.
\n\n ENABLED: DNSSEC validation is enabled.
\n\n DISABLING: DNSSEC validation is being disabled but is not complete.
\n\n DISABLED DNSSEC validation is disabled.
\nThe validation status for a DNSSEC configuration. The status can be one of the following:
\n\n ENABLING: DNSSEC validation is being enabled but is not complete.
\n\n ENABLED: DNSSEC validation is enabled.
\n\n DISABLING: DNSSEC validation is being disabled but is not complete.
\n\n DISABLED DNSSEC validation is disabled.
\nIndicates whether the Resolver endpoint allows inbound or outbound DNS queries:
\n\t\t\n INBOUND: allows DNS queries to your VPC from your network
\n OUTBOUND: allows DNS queries from your VPC to your network
Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:
\n\n INBOUND: allows DNS queries to your VPC from your network
\n OUTBOUND: allows DNS queries from your VPC to your network
A code that specifies the current status of the Resolver endpoint. Valid values include the following:
\n\t\t\n CREATING: Resolver is creating and configuring one or more Amazon VPC network interfaces \n\t\t\t\tfor this endpoint.
\n OPERATIONAL: The Amazon VPC network interfaces for this endpoint are correctly configured and \n\t\t\t\table to pass inbound or outbound DNS queries between your network and Resolver.
\n UPDATING: Resolver is associating or disassociating one or more network interfaces \n\t\t\t\twith this endpoint.
\n AUTO_RECOVERING: Resolver is trying to recover one or more of the network interfaces \n\t\t\t\tthat are associated with this endpoint. During the recovery process, the endpoint functions with limited capacity because of the \n\t\t\t\tlimit on the number of DNS queries per IP address (per network interface). For the current limit, see \n\t\t\t\tLimits on Route 53 Resolver.
\n ACTION_NEEDED: This endpoint is unhealthy, and Resolver can't automatically recover it. \n\t\t\t\tTo resolve the problem, we recommend that you check each IP address that you associated with the endpoint. For each IP address \n\t\t\t\tthat isn't available, add another IP address and then delete the IP address that isn't available. (An endpoint must always include \n\t\t\t\tat least two IP addresses.) A status of ACTION_NEEDED can have a variety of causes. Here are two common causes:
One or more of the network interfaces that are associated with the endpoint were deleted using Amazon VPC.
\nThe network interface couldn't be created for some reason that's outside the control of Resolver.
\n\n DELETING: Resolver is deleting this endpoint and the associated network interfaces.
A code that specifies the current status of the Resolver endpoint. Valid values include the following:
\n\n CREATING: Resolver is creating and configuring one or more Amazon VPC network interfaces \n\t\t\t\tfor this endpoint.
\n OPERATIONAL: The Amazon VPC network interfaces for this endpoint are correctly configured and \n\t\t\t\table to pass inbound or outbound DNS queries between your network and Resolver.
\n UPDATING: Resolver is associating or disassociating one or more network interfaces \n\t\t\t\twith this endpoint.
\n AUTO_RECOVERING: Resolver is trying to recover one or more of the network interfaces \n\t\t\t\tthat are associated with this endpoint. During the recovery process, the endpoint functions with limited capacity because of the \n\t\t\t\tlimit on the number of DNS queries per IP address (per network interface). For the current limit, see \n\t\t\t\tLimits on Route 53 Resolver.
\n ACTION_NEEDED: This endpoint is unhealthy, and Resolver can't automatically recover it. \n\t\t\t\tTo resolve the problem, we recommend that you check each IP address that you associated with the endpoint. For each IP address \n\t\t\t\tthat isn't available, add another IP address and then delete the IP address that isn't available. (An endpoint must always include \n\t\t\t\tat least two IP addresses.) A status of ACTION_NEEDED can have a variety of causes. Here are two common causes:
One or more of the network interfaces that are associated with the endpoint were deleted using Amazon VPC.
\nThe network interface couldn't be created for some reason that's outside the control of Resolver.
\n\n DELETING: Resolver is deleting this endpoint and the associated network interfaces.
The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } + }, + "ResolverEndpointType": { + "target": "com.amazonaws.route53resolver#ResolverEndpointType", + "traits": { + "smithy.api#documentation": "\n\t\t\tThe Resolver endpoint IP address type.\n\t\t
" + } } }, "traits": { - "smithy.api#documentation": "In the response to a \n\t\t\tCreateResolverEndpoint, \n\t\t\tDeleteResolverEndpoint, \n\t\t\tGetResolverEndpoint, \n\t\t\tListResolverEndpoints, \n\t\t\tor \n\t\t\tUpdateResolverEndpoint \n\t\t\trequest, a complex type that contains settings for an existing inbound or outbound Resolver endpoint.
" + "smithy.api#documentation": "In the response to a \n\t\t\tCreateResolverEndpoint, \n\t\t\tDeleteResolverEndpoint, \n\t\t\tGetResolverEndpoint, \n\t\t\tUpdates the name, or ResolverEndpointType for an endpoint, \n\t\t\tor \n\t\t\tUpdateResolverEndpoint \n\t\t\trequest, a complex type that contains settings for an existing inbound or outbound Resolver endpoint.
" } }, "com.amazonaws.route53resolver#ResolverEndpointDirection": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "INBOUND", - "name": "Inbound" - }, - { - "value": "OUTBOUND", - "name": "Outbound" + "type": "enum", + "members": { + "Inbound": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "INBOUND" + } + }, + "Outbound": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OUTBOUND" } - ] + } } }, "com.amazonaws.route53resolver#ResolverEndpointStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "CREATING", - "name": "Creating" - }, - { - "value": "OPERATIONAL", - "name": "Operational" - }, - { - "value": "UPDATING", - "name": "Updating" - }, - { - "value": "AUTO_RECOVERING", - "name": "AutoRecovering" - }, - { - "value": "ACTION_NEEDED", - "name": "ActionNeeded" - }, - { - "value": "DELETING", - "name": "Deleting" + "type": "enum", + "members": { + "Creating": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "CREATING" + } + }, + "Operational": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "OPERATIONAL" + } + }, + "Updating": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "UPDATING" + } + }, + "AutoRecovering": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "AUTO_RECOVERING" + } + }, + "ActionNeeded": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ACTION_NEEDED" + } + }, + "Deleting": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DELETING" + } + } + } + }, + "com.amazonaws.route53resolver#ResolverEndpointType": { + "type": "enum", + "members": { + "IPV6": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IPV6" + } + }, + "IPV4": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "IPV4" + } + }, + "DUALSTACK": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DUALSTACK" } - ] + } } }, "com.amazonaws.route53resolver#ResolverEndpoints": { @@ -5048,7 +5552,7 @@ "Status": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigStatus", "traits": { - "smithy.api#documentation": "The status of the specified query logging configuration. Valid values include the following:
\n\t\t\n CREATING: Resolver is creating the query logging configuration.
\n CREATED: The query logging configuration was successfully created. \n\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging configuration.
\n FAILED: Resolver can't deliver logs to the location that is specified in the query logging configuration. \n\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nThe status of the specified query logging configuration. Valid values include the following:
\n\n CREATING: Resolver is creating the query logging configuration.
\n CREATED: The query logging configuration was successfully created. \n\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging configuration.
\n FAILED: Resolver can't deliver logs to the location that is specified in the query logging configuration. \n\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nThe status of the specified query logging association. Valid values include the following:
\n\t\t\n CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED: The association between an Amazon VPC and a query logging configuration \n\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging association.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging association.
The status of the specified query logging association. Valid values include the following:
\n\n CREATING: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED: The association between an Amazon VPC and a query logging configuration \n\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING: Resolver is deleting this query logging association.
\n FAILED: Resolver either couldn't create or couldn't delete the query logging association.
If the value of Status is FAILED, the value of Error indicates the cause:
\n DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED: Permissions don't allow sending logs to the destination.
If the value of Status is a value other than FAILED, Error is null.
If the value of Status is FAILED, the value of Error indicates the cause:
\n DESTINATION_NOT_FOUND: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED: Permissions don't allow sending logs to the destination.
If the value of Status is a value other than FAILED, Error is null.
When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD \n\t\t\tfor RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD \n\t\t\tfor RuleType. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM for RuleType.
Currently, only Resolver can create rules that have a value of RECURSIVE for RuleType.
When you create a VPC using Amazon VPC, you automatically get DNS resolution within the VPC\n\t\t\tfrom Route 53 Resolver. By default, Resolver answers DNS queries for VPC domain names\n\t\t\tsuch as domain names for EC2 instances or Elastic Load Balancing load balancers.\n\t\t\tResolver performs recursive lookups against public name servers for all other domain\n\t\t\tnames.
\n\n\t\tYou can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
\n\n\t\t\n Forward DNS queries from resolvers on your network to Route 53 Resolver\n
\n\n\t\tDNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers \n\t\t\tto easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. \n\t\t\tFor more information, see \n\t\t\tHow DNS Resolvers \n\t\t\ton Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
\n\t\t\n\t\t\n Conditionally forward queries from a VPC to resolvers on your network\n
\n\n\t\tYou can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. \n\t\t\tTo forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward \n\t\t\t(such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. \n\t\t\tIf a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match \n\t\t\t(acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see \n\t\t\tHow Route 53 Resolver \n\t\t\tForwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
\n\n\t\tLike Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose\n\t\t\twhether to forward queries from your VPCs to your network (outbound queries), from your\n\t\t\tnetwork to your VPCs (inbound queries), or both.
", + "smithy.api#documentation": "When you create a VPC using Amazon VPC, you automatically get DNS resolution within the VPC\n\t\t\tfrom Route 53 Resolver. By default, Resolver answers DNS queries for VPC domain names\n\t\t\tsuch as domain names for EC2 instances or Elastic Load Balancing load balancers.\n\t\t\tResolver performs recursive lookups against public name servers for all other domain\n\t\t\tnames.
\nYou can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
\n\n Forward DNS queries from resolvers on your network to Route 53 Resolver\n
\nDNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers \n\t\t\tto easily resolve domain names for Amazon Web Services resources such as EC2 instances or records in a Route 53 private hosted zone. \n\t\t\tFor more information, see \n\t\t\tHow DNS Resolvers \n\t\t\ton Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
\n\n Conditionally forward queries from a VPC to resolvers on your network\n
\nYou can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. \n\t\t\tTo forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward \n\t\t\t(such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. \n\t\t\tIf a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match \n\t\t\t(acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see \n\t\t\tHow Route 53 Resolver \n\t\t\tForwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
\nLike Amazon VPC, Resolver is Regional. In each Region where you have VPCs, you can choose\n\t\t\twhether to forward queries from your VPCs to your network (outbound queries), from your\n\t\t\tnetwork to your VPCs (inbound queries), or both.
", "smithy.api#title": "Amazon Route 53 Resolver", "smithy.rules#endpointRuleSet": { "version": "1.0", @@ -5821,13 +6359,12 @@ { "conditions": [ { - "fn": "aws.partition", + "fn": "isSet", "argv": [ { - "ref": "Region" + "ref": "Endpoint" } - ], - "assign": "PartitionResult" + ] } ], "type": "tree", @@ -5835,23 +6372,20 @@ { "conditions": [ { - "fn": "isSet", + "fn": "booleanEquals", "argv": [ { - "ref": "Endpoint" - } + "ref": "UseFIPS" + }, + true ] - }, - { - "fn": "parseURL", - "argv": [ - { - "ref": "Endpoint" - } - ], - "assign": "url" } ], + "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "type": "error" + }, + { + "conditions": [], "type": "tree", "rules": [ { @@ -5860,67 +6394,42 @@ "fn": "booleanEquals", "argv": [ { - "ref": "UseFIPS" + "ref": "UseDualStack" }, true ] } ], - "error": "Invalid Configuration: FIPS and custom endpoint are not supported", + "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", "type": "error" }, { "conditions": [], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "error": "Invalid Configuration: Dualstack and custom endpoint are not supported", - "type": "error" + "endpoint": { + "url": { + "ref": "Endpoint" }, - { - "conditions": [], - "endpoint": { - "url": { - "ref": "Endpoint" - }, - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] + "properties": {}, + "headers": {} + }, + "type": "endpoint" } ] - }, + } + ] + }, + { + "conditions": [], + "type": "tree", + "rules": [ { "conditions": [ { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" - }, - true - ] - }, - { - "fn": "booleanEquals", + "fn": "isSet", "argv": [ { - "ref": "UseDualStack" - }, - true + "ref": "Region" + } ] } ], @@ -5929,90 +6438,215 @@ { "conditions": [ { - "fn": "booleanEquals", + "fn": "aws.partition", "argv": [ - true, { - "fn": "getAttr", + "ref": "Region" + } + ], + "assign": "PartitionResult" + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + { + "ref": "UseFIPS" + }, + true + ] + }, + { + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" + }, + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] }, - "supportsFIPS" + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://route53resolver-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "FIPS and DualStack are enabled, but this partition does not support one or both", + "type": "error" } ] }, { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseFIPS" }, - "supportsDualStack" + true ] } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsFIPS" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://route53resolver-fips.{Region}.{PartitionResult#dnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } + ] + }, + { + "conditions": [], + "error": "FIPS is enabled but this partition does not support FIPS", + "type": "error" + } ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://route53resolver-fips.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "FIPS and DualStack are enabled, but this partition does not support one or both", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseFIPS" }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ { - "fn": "booleanEquals", - "argv": [ - true, + "conditions": [ { - "fn": "getAttr", + "fn": "booleanEquals", "argv": [ { - "ref": "PartitionResult" + "ref": "UseDualStack" }, - "supportsFIPS" + true + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [ + { + "fn": "booleanEquals", + "argv": [ + true, + { + "fn": "getAttr", + "argv": [ + { + "ref": "PartitionResult" + }, + "supportsDualStack" + ] + } + ] + } + ], + "type": "tree", + "rules": [ + { + "conditions": [], + "type": "tree", + "rules": [ + { + "conditions": [], + "endpoint": { + "url": "https://route53resolver.{Region}.{PartitionResult#dualStackDnsSuffix}", + "properties": {}, + "headers": {} + }, + "type": "endpoint" + } + ] + } ] + }, + { + "conditions": [], + "error": "DualStack is enabled but this partition does not support DualStack", + "type": "error" } ] - } - ], - "type": "tree", - "rules": [ + }, { "conditions": [], "type": "tree", @@ -6020,7 +6654,7 @@ { "conditions": [], "endpoint": { - "url": "https://route53resolver-fips.{Region}.{PartitionResult#dnsSuffix}", + "url": "https://route53resolver.{Region}.{PartitionResult#dnsSuffix}", "properties": {}, "headers": {} }, @@ -6029,74 +6663,13 @@ ] } ] - }, - { - "conditions": [], - "error": "FIPS is enabled but this partition does not support FIPS", - "type": "error" - } - ] - }, - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - { - "ref": "UseDualStack" - }, - true - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [ - { - "fn": "booleanEquals", - "argv": [ - true, - { - "fn": "getAttr", - "argv": [ - { - "ref": "PartitionResult" - }, - "supportsDualStack" - ] - } - ] - } - ], - "type": "tree", - "rules": [ - { - "conditions": [], - "endpoint": { - "url": "https://route53resolver.{Region}.{PartitionResult#dualStackDnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" - } - ] - }, - { - "conditions": [], - "error": "DualStack is enabled but this partition does not support DualStack", - "type": "error" } ] }, { "conditions": [], - "endpoint": { - "url": "https://route53resolver.{Region}.{PartitionResult#dnsSuffix}", - "properties": {}, - "headers": {} - }, - "type": "endpoint" + "error": "Invalid Configuration: Missing Region", + "type": "error" } ] } @@ -6105,249 +6678,119 @@ "smithy.rules#endpointTests": { "testCases": [ { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-south-1.api.aws" - } - }, - "params": { - "Region": "ap-south-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-south-1 with FIPS enabled and DualStack disabled", + "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.ap-south-1.amazonaws.com" + "url": "https://route53resolver.af-south-1.amazonaws.com" } }, "params": { - "Region": "ap-south-1", + "Region": "af-south-1", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-south-1.api.aws" - } - }, - "params": { - "Region": "ap-south-1", - "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.ap-south-1.amazonaws.com" + "url": "https://route53resolver.ap-east-1.amazonaws.com" } }, "params": { - "Region": "ap-south-1", + "Region": "ap-east-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-south-1.api.aws" - } - }, - "params": { - "Region": "eu-south-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-south-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.eu-south-1.amazonaws.com" + "url": "https://route53resolver.ap-northeast-1.amazonaws.com" } }, "params": { - "Region": "eu-south-1", + "Region": "ap-northeast-1", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-south-1.api.aws" - } - }, - "params": { - "Region": "eu-south-1", - "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.eu-south-1.amazonaws.com" + "url": "https://route53resolver.ap-northeast-2.amazonaws.com" } }, "params": { - "Region": "eu-south-1", + "Region": "ap-northeast-2", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.us-gov-east-1.amazonaws.com" + "url": "https://route53resolver.ap-northeast-3.amazonaws.com" } }, "params": { - "Region": "us-gov-east-1", + "Region": "ap-northeast-3", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-gov-east-1.api.aws" - } - }, - "params": { - "Region": "us-gov-east-1", - "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-gov-east-1.amazonaws.com" + "url": "https://route53resolver.ap-south-1.amazonaws.com" } }, "params": { - "Region": "us-gov-east-1", + "Region": "ap-south-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region me-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.me-central-1.api.aws" - } - }, - "params": { - "Region": "me-central-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region me-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.me-central-1.amazonaws.com" + "url": "https://route53resolver.ap-southeast-1.amazonaws.com" } }, "params": { - "Region": "me-central-1", + "Region": "ap-southeast-1", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region me-central-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.me-central-1.api.aws" - } - }, - "params": { - "Region": "me-central-1", - "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region me-central-1 with FIPS disabled and DualStack disabled", + "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.me-central-1.amazonaws.com" + "url": "https://route53resolver.ap-southeast-2.amazonaws.com" } }, "params": { - "Region": "me-central-1", + "Region": "ap-southeast-2", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ca-central-1.api.aws" - } - }, - "params": { - "Region": "ca-central-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ca-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.ca-central-1.amazonaws.com" + "url": "https://route53resolver.ap-southeast-3.amazonaws.com" } }, "params": { - "Region": "ca-central-1", + "Region": "ap-southeast-3", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ca-central-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ca-central-1.api.aws" - } - }, - "params": { - "Region": "ca-central-1", - "UseDualStack": true, "UseFIPS": false } }, @@ -6365,357 +6808,75 @@ } }, { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-central-1.api.aws" - } - }, - "params": { - "Region": "eu-central-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-central-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.eu-central-1.amazonaws.com" + "url": "https://route53resolver.eu-central-1.amazonaws.com" } }, "params": { "Region": "eu-central-1", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": false } }, { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack enabled", + "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.eu-central-1.api.aws" + "url": "https://route53resolver.eu-north-1.amazonaws.com" } }, "params": { - "Region": "eu-central-1", - "UseDualStack": true, + "Region": "eu-north-1", + "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region eu-central-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-south-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.eu-central-1.amazonaws.com" + "url": "https://route53resolver.eu-south-1.amazonaws.com" } }, "params": { - "Region": "eu-central-1", + "Region": "eu-south-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-iso-west-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS enabled and DualStack disabled", + "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.us-iso-west-1.c2s.ic.gov" + "url": "https://route53resolver.eu-west-1.amazonaws.com" } }, "params": { - "Region": "us-iso-west-1", + "Region": "eu-west-1", "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" - }, - "params": { - "Region": "us-iso-west-1", - "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region us-iso-west-1 with FIPS disabled and DualStack disabled", + "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-iso-west-1.c2s.ic.gov" + "url": "https://route53resolver.eu-west-2.amazonaws.com" } }, "params": { - "Region": "us-iso-west-1", + "Region": "eu-west-2", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-west-1 with FIPS enabled and DualStack enabled", + "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.us-west-1.api.aws" - } - }, - "params": { - "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-west-1.api.aws" - } - }, - "params": { - "Region": "us-west-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-west-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region us-west-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-west-2.api.aws" - } - }, - "params": { - "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-west-2.amazonaws.com" - } - }, - "params": { - "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-west-2.api.aws" - } - }, - "params": { - "Region": "us-west-2", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-west-2.amazonaws.com" - } - }, - "params": { - "Region": "us-west-2", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region af-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.af-south-1.api.aws" - } - }, - "params": { - "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region af-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.af-south-1.amazonaws.com" - } - }, - "params": { - "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region af-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.af-south-1.api.aws" - } - }, - "params": { - "Region": "af-south-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region af-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.af-south-1.amazonaws.com" - } - }, - "params": { - "Region": "af-south-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-north-1.api.aws" - } - }, - "params": { - "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-north-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-north-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-north-1.api.aws" - } - }, - "params": { - "Region": "eu-north-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-north-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-north-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-3.api.aws" - } - }, - "params": { - "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-3.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-3", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-3.api.aws" - } - }, - "params": { - "Region": "eu-west-3", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-west-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-3.amazonaws.com" + "url": "https://route53resolver.eu-west-3.amazonaws.com" } }, "params": { @@ -6725,725 +6886,79 @@ } }, { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-2.api.aws" - } - }, - "params": { - "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-2.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-2.api.aws" - } - }, - "params": { - "Region": "eu-west-2", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-west-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-2.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-2", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-1.api.aws" - } - }, - "params": { - "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.eu-west-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-1.api.aws" - } - }, - "params": { - "Region": "eu-west-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region eu-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.eu-west-1.amazonaws.com" - } - }, - "params": { - "Region": "eu-west-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-3.api.aws" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-3.api.aws" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-3 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-3.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-3", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-2.api.aws" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-2.api.aws" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-2", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-1.api.aws" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-1.api.aws" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-northeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-northeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-northeast-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.me-south-1.api.aws" - } - }, - "params": { - "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region me-south-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.me-south-1.amazonaws.com" - } - }, - "params": { - "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.me-south-1.api.aws" - } - }, - "params": { - "Region": "me-south-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.me-south-1.amazonaws.com" - } - }, - "params": { - "Region": "me-south-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.sa-east-1.api.aws" - } - }, - "params": { - "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region sa-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.sa-east-1.amazonaws.com" - } - }, - "params": { - "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.sa-east-1.api.aws" - } - }, - "params": { - "Region": "sa-east-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.sa-east-1.amazonaws.com" - } - }, - "params": { - "Region": "sa-east-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-east-1.api.aws" - } - }, - "params": { - "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-east-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-east-1.api.aws" - } - }, - "params": { - "Region": "ap-east-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-east-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-east-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-east-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.cn-north-1.api.amazonwebservices.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.cn-north-1.amazonaws.com.cn" - } - }, - "params": { - "Region": "cn-north-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-gov-west-1.api.aws" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-gov-west-1.api.aws" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.us-gov-west-1.amazonaws.com" - } - }, - "params": { - "Region": "us-gov-west-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-1.api.aws" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-southeast-1.api.aws" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-southeast-1 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-southeast-1.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-1", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-2.api.aws" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack enabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-southeast-2.api.aws" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseDualStack": true, - "UseFIPS": false - } - }, - { - "documentation": "For region ap-southeast-2 with FIPS disabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver.ap-southeast-2.amazonaws.com" - } - }, - "params": { - "Region": "ap-southeast-2", - "UseDualStack": false, - "UseFIPS": false - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack enabled", - "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" - }, - "params": { - "Region": "us-iso-east-1", - "UseDualStack": true, - "UseFIPS": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", - "expect": { - "endpoint": { - "url": "https://route53resolver-fips.us-iso-east-1.c2s.ic.gov" - } - }, - "params": { - "Region": "us-iso-east-1", - "UseDualStack": false, - "UseFIPS": true - } - }, - { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region me-south-1 with FIPS disabled and DualStack disabled", "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" + "endpoint": { + "url": "https://route53resolver.me-south-1.amazonaws.com" + } }, "params": { - "Region": "us-iso-east-1", - "UseDualStack": true, + "Region": "me-south-1", + "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region sa-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-iso-east-1.c2s.ic.gov" + "url": "https://route53resolver.sa-east-1.amazonaws.com" } }, "params": { - "Region": "us-iso-east-1", + "Region": "sa-east-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack enabled", + "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-3.api.aws" + "url": "https://route53resolver.us-east-1.amazonaws.com" } }, "params": { - "Region": "ap-southeast-3", - "UseDualStack": true, - "UseFIPS": true + "Region": "us-east-1", + "UseDualStack": false, + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS enabled and DualStack disabled", + "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.ap-southeast-3.amazonaws.com" + "url": "https://route53resolver.us-east-2.amazonaws.com" } }, "params": { - "Region": "ap-southeast-3", + "Region": "us-east-2", "UseDualStack": false, - "UseFIPS": true + "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack enabled", + "documentation": "For region us-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.ap-southeast-3.api.aws" + "url": "https://route53resolver.us-west-1.amazonaws.com" } }, "params": { - "Region": "ap-southeast-3", - "UseDualStack": true, + "Region": "us-west-1", + "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region ap-southeast-3 with FIPS disabled and DualStack disabled", + "documentation": "For region us-west-2 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.ap-southeast-3.amazonaws.com" + "url": "https://route53resolver.us-west-2.amazonaws.com" } }, "params": { - "Region": "ap-southeast-3", + "Region": "us-west-2", "UseDualStack": false, "UseFIPS": false } @@ -7488,130 +7003,158 @@ } }, { - "documentation": "For region us-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-east-1.amazonaws.com" + "url": "https://route53resolver.cn-north-1.amazonaws.com.cn" } }, "params": { - "Region": "us-east-1", + "Region": "cn-north-1", + "UseDualStack": false, + "UseFIPS": false + } + }, + { + "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "expect": { + "endpoint": { + "url": "https://route53resolver.cn-northwest-1.amazonaws.com.cn" + } + }, + "params": { + "Region": "cn-northwest-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.us-east-2.api.aws" + "url": "https://route53resolver-fips.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { - "Region": "us-east-2", + "Region": "cn-north-1", "UseDualStack": true, "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS enabled and DualStack disabled", + "documentation": "For region cn-north-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.us-east-2.amazonaws.com" + "url": "https://route53resolver-fips.cn-north-1.amazonaws.com.cn" } }, "params": { - "Region": "us-east-2", + "Region": "cn-north-1", "UseDualStack": false, "UseFIPS": true } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack enabled", + "documentation": "For region cn-north-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-east-2.api.aws" + "url": "https://route53resolver.cn-north-1.api.amazonwebservices.com.cn" } }, "params": { - "Region": "us-east-2", + "Region": "cn-north-1", "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region us-east-2 with FIPS disabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-east-2.amazonaws.com" + "url": "https://route53resolver.us-gov-east-1.amazonaws.com" } }, "params": { - "Region": "us-east-2", + "Region": "us-gov-east-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-gov-west-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.cn-northwest-1.api.amazonwebservices.com.cn" + "url": "https://route53resolver.us-gov-west-1.amazonaws.com" } }, "params": { - "Region": "cn-northwest-1", + "Region": "us-gov-west-1", + "UseDualStack": false, + "UseFIPS": false + } + }, + { + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack enabled", + "expect": { + "endpoint": { + "url": "https://route53resolver-fips.us-gov-east-1.api.aws" + } + }, + "params": { + "Region": "us-gov-east-1", "UseDualStack": true, "UseFIPS": true } }, { - "documentation": "For region cn-northwest-1 with FIPS enabled and DualStack disabled", + "documentation": "For region us-gov-east-1 with FIPS enabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver-fips.cn-northwest-1.amazonaws.com.cn" + "url": "https://route53resolver-fips.us-gov-east-1.amazonaws.com" } }, "params": { - "Region": "cn-northwest-1", + "Region": "us-gov-east-1", "UseDualStack": false, "UseFIPS": true } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-gov-east-1 with FIPS disabled and DualStack enabled", "expect": { "endpoint": { - "url": "https://route53resolver.cn-northwest-1.api.amazonwebservices.com.cn" + "url": "https://route53resolver.us-gov-east-1.api.aws" } }, "params": { - "Region": "cn-northwest-1", + "Region": "us-gov-east-1", "UseDualStack": true, "UseFIPS": false } }, { - "documentation": "For region cn-northwest-1 with FIPS disabled and DualStack disabled", + "documentation": "For region us-iso-east-1 with FIPS disabled and DualStack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.cn-northwest-1.amazonaws.com.cn" + "url": "https://route53resolver.us-iso-east-1.c2s.ic.gov" } }, "params": { - "Region": "cn-northwest-1", + "Region": "us-iso-east-1", "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-isob-east-1 with FIPS enabled and DualStack enabled", + "documentation": "For region us-iso-east-1 with FIPS enabled and DualStack disabled", "expect": { - "error": "FIPS and DualStack are enabled, but this partition does not support one or both" + "endpoint": { + "url": "https://route53resolver-fips.us-iso-east-1.c2s.ic.gov" + } }, "params": { - "Region": "us-isob-east-1", - "UseDualStack": true, + "Region": "us-iso-east-1", + "UseDualStack": false, "UseFIPS": true } }, @@ -7629,38 +7172,40 @@ } }, { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack enabled", + "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", "expect": { - "error": "DualStack is enabled but this partition does not support DualStack" + "endpoint": { + "url": "https://route53resolver.us-isob-east-1.sc2s.sgov.gov" + } }, "params": { "Region": "us-isob-east-1", - "UseDualStack": true, + "UseDualStack": false, "UseFIPS": false } }, { - "documentation": "For region us-isob-east-1 with FIPS disabled and DualStack disabled", + "documentation": "For custom endpoint with region set and fips disabled and dualstack disabled", "expect": { "endpoint": { - "url": "https://route53resolver.us-isob-east-1.sc2s.sgov.gov" + "url": "https://example.com" } }, "params": { - "Region": "us-isob-east-1", + "Region": "us-east-1", "UseDualStack": false, - "UseFIPS": false + "UseFIPS": false, + "Endpoint": "https://example.com" } }, { - "documentation": "For custom endpoint with fips disabled and dualstack disabled", + "documentation": "For custom endpoint with region not set and fips disabled and dualstack disabled", "expect": { "endpoint": { "url": "https://example.com" } }, "params": { - "Region": "us-east-1", "UseDualStack": false, "UseFIPS": false, "Endpoint": "https://example.com" @@ -7696,22 +7241,26 @@ } }, "com.amazonaws.route53resolver#RuleTypeOption": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "FORWARD", - "name": "Forward" - }, - { - "value": "SYSTEM", - "name": "System" - }, - { - "value": "RECURSIVE", - "name": "Recursive" + "type": "enum", + "members": { + "Forward": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "FORWARD" + } + }, + "System": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SYSTEM" } - ] + }, + "Recursive": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "RECURSIVE" + } + } } }, "com.amazonaws.route53resolver#SecurityGroupIds": { @@ -7730,22 +7279,26 @@ } }, "com.amazonaws.route53resolver#ShareStatus": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "NOT_SHARED", - "name": "NotShared" - }, - { - "value": "SHARED_WITH_ME", - "name": "SharedWithMe" - }, - { - "value": "SHARED_BY_ME", - "name": "SharedByMe" + "type": "enum", + "members": { + "NotShared": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "NOT_SHARED" + } + }, + "SharedWithMe": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SHARED_WITH_ME" + } + }, + "SharedByMe": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "SHARED_BY_ME" } - ] + } } }, "com.amazonaws.route53resolver#SortByKey": { @@ -7758,18 +7311,20 @@ } }, "com.amazonaws.route53resolver#SortOrder": { - "type": "string", - "traits": { - "smithy.api#enum": [ - { - "value": "ASCENDING", - "name": "Ascending" - }, - { - "value": "DESCENDING", - "name": "Descending" + "type": "enum", + "members": { + "Ascending": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "ASCENDING" + } + }, + "Descending": { + "target": "smithy.api#Unit", + "traits": { + "smithy.api#enumValue": "DESCENDING" } - ] + } } }, "com.amazonaws.route53resolver#StatusMessage": { @@ -7889,7 +7444,7 @@ "ResourceArn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable \n\t\t\tGet or List command:
\n GetResolverEndpoint\n
\n\t\t\t\t\n GetResolverRule\n
\n\t\t\t\t\n ListResolverRules\n
\n\t\t\t\tThe Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable \n\t\t\tGet or List command:
\n GetResolverEndpoint\n
\n\n GetResolverRule\n
\n\n ListResolverRules\n
\nOne IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.
", - "smithy.api#required": {} + "smithy.api#documentation": "One IPv4 address that you want to forward DNS queries to.
" } }, "Port": { "target": "com.amazonaws.route53resolver#Port", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The port at Ip that you want to forward DNS queries to.
\n\t\t\tOne IPv6 address that you want to forward DNS queries to.\n\t\t
" + } } }, "traits": { @@ -8010,7 +7575,7 @@ "ResourceArn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { - "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable \n\t\t\tGet or List command:
\n GetResolverEndpoint\n
\n\t\t\t\t\n GetResolverRule\n
\n\t\t\t\t\n ListResolverRules\n
\n\t\t\t\tThe Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable \n\t\t\tGet or List command:
\n GetResolverEndpoint\n
\n\n GetResolverRule\n
\n\n ListResolverRules\n
\nConfiguration of the firewall behavior provided by DNS Firewall for a single VPC.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#UpdateFirewallDomains": { @@ -8134,17 +7711,20 @@ "Operation": { "target": "com.amazonaws.route53resolver#FirewallDomainUpdateOperation", "traits": { - "smithy.api#documentation": "What you want DNS Firewall to do with the domains that you are providing:
\n\n ADD - Add the domains to the ones that are already in the domain list.
\n REMOVE - Search the domain list for the domains and remove them from the list.
\n REPLACE - Update the domain list to exactly match the list that you are providing.
What you want DNS Firewall to do with the domains that you are providing:
\n\n ADD - Add the domains to the ones that are already in the domain list.
\n REMOVE - Search the domain list for the domains and remove them from the list.
\n REPLACE - Update the domain list to exactly match the list that you are providing.
A list of domains to use in the update operation.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z, a-z,\n \t 0-9, - (hyphen).
It must be from 1-255 characters in length.
\n \tA list of domains to use in the update operation.
\nThere is a limit of 1000 domains per request.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with * (asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z, a-z,\n \t 0-9, - (hyphen).
It must be from 1-255 characters in length.
\n" + "smithy.api#documentation": "
Status of the UpdateFirewallDomains request.
Additional information about the status of the list, if available.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#UpdateFirewallRule": { @@ -8253,7 +7836,6 @@ "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule\n\t\t\tgroups that you associate with the specified VPC. DNS Firewall filters VPC traffic\n\t\t\tstarting from the rule group with the lowest numeric priority setting.
\nYou must specify a unique priority for each rule group that you associate with a single VPC. \n To make it easier to insert rule groups later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for a rule group association after you create it.
" } }, @@ -8269,6 +7851,9 @@ "smithy.api#documentation": "The name of the rule group association.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociationResponse": { @@ -8280,6 +7865,9 @@ "smithy.api#documentation": "The association that you just updated.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#UpdateFirewallRuleRequest": { @@ -8302,20 +7890,19 @@ "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { - "smithy.api#default": null, "smithy.api#documentation": "The setting that determines the processing order of the rule in the rule group. DNS Firewall \n processes the rules in a rule group by order of priority, starting from the lowest setting.
\nYou must specify a unique priority for each rule in a rule group. \n To make it easier to insert rules later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for the rules in a rule group at any time.
" } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { - "smithy.api#documentation": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW - Permit the request to go through.
\n ALERT - Permit the request to go through but send an alert to the logs.
\n BLOCK - Disallow the request. This option requires additional details in the rule's BlockResponse.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK.
\n NODATA - Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN - Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE - Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride* settings.
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK with a BlockResponse setting of OVERRIDE.
The name of the rule.
" } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#UpdateFirewallRuleResponse": { @@ -8354,6 +7943,43 @@ "smithy.api#documentation": "The firewall rule that you just updated.
" } } + }, + "traits": { + "smithy.api#output": {} + } + }, + "com.amazonaws.route53resolver#UpdateIpAddress": { + "type": "structure", + "members": { + "IpId": { + "target": "com.amazonaws.route53resolver#ResourceId", + "traits": { + "smithy.api#documentation": " The ID of the IP address, specified by the ResolverEndpointId.
\n\t\t\tThe IPv6 address that you want to use for DNS queries. \n\t\t
", + "smithy.api#required": {} + } + } + }, + "traits": { + "smithy.api#documentation": "\n\t\t\tProvides information about the IP address type in response to UpdateResolverEndpoint. \n\t\t
" + } + }, + "com.amazonaws.route53resolver#UpdateIpAddresses": { + "type": "list", + "member": { + "target": "com.amazonaws.route53resolver#UpdateIpAddress" + }, + "traits": { + "smithy.api#length": { + "min": 0, + "max": 50 + } } }, "com.amazonaws.route53resolver#UpdateResolverConfig": { @@ -8388,10 +8014,13 @@ }, { "target": "com.amazonaws.route53resolver#ThrottlingException" + }, + { + "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { - "smithy.api#documentation": "Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from\n\t\t\t\tAmazon Virtual Private Cloud.
" + "smithy.api#documentation": "Updates the behavior configuration of Route 53 Resolver behavior for a single VPC from\n\t\t\t\tAmazon Virtual Private Cloud.
" } }, "com.amazonaws.route53resolver#UpdateResolverConfigRequest": { @@ -8407,10 +8036,13 @@ "AutodefinedReverseFlag": { "target": "com.amazonaws.route53resolver#AutodefinedReverseFlag", "traits": { - "smithy.api#documentation": "Indicates whether or not the Resolver will create autodefined rules for reverse DNS\n\t\t\tlookups. This is enabled by default. Disabling this option will also affect EC2-Classic\n\t\t\tinstances using ClassicLink. For more information, see ClassicLink in the\n\t\t\t\t\tAmazon EC2 guide.
\n\t\tIt can take some time for the status change to be completed.
\nIndicates whether or not the Resolver will create autodefined rules for reverse DNS\n\t\t\tlookups. This is enabled by default. Disabling this option will also affect EC2-Classic\n\t\t\tinstances using ClassicLink. For more information, see ClassicLink in the\n\t\t\t\t\tAmazon EC2 guide.
\nWe are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic to a VPC in the\n\t\t\tAmazon EC2 guide and the blog EC2-Classic Networking is Retiring – Here’s How to Prepare.
\nIt can take some time for the status change to be completed.
\nAn array that contains settings for the specified Resolver configuration.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#UpdateResolverDnssecConfig": { @@ -8473,6 +8108,9 @@ "smithy.api#required": {} } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#UpdateResolverDnssecConfigResponse": { @@ -8484,6 +8122,9 @@ "smithy.api#documentation": "A complex type that contains settings for the specified DNSSEC configuration.
" } } + }, + "traits": { + "smithy.api#output": {} } }, "com.amazonaws.route53resolver#UpdateResolverEndpoint": { @@ -8512,7 +8153,7 @@ } ], "traits": { - "smithy.api#documentation": "Updates the name of an inbound or an outbound Resolver endpoint.
" + "smithy.api#documentation": "Updates the name, or enpoint type for an inbound or an outbound Resolver endpoint. \n\t\t\tYou can only update between IPV4 and DUALSTACK, IPV6 endpoint type can't be updated to other type.
" } }, "com.amazonaws.route53resolver#UpdateResolverEndpointRequest": { @@ -8530,7 +8171,22 @@ "traits": { "smithy.api#documentation": "The name of the Resolver endpoint that you want to update.
" } + }, + "ResolverEndpointType": { + "target": "com.amazonaws.route53resolver#ResolverEndpointType", + "traits": { + "smithy.api#documentation": "\n\t\t\tSpecifies the endpoint type for what type of IP address the endpoint uses to forward DNS queries.\n\t\t
" + } + }, + "UpdateIpAddresses": { + "target": "com.amazonaws.route53resolver#UpdateIpAddresses", + "traits": { + "smithy.api#documentation": "\n\t\t\tUpdates the Resolver endpoint type to IpV4, Ipv6, or dual-stack.\n\t\t
" + } } + }, + "traits": { + "smithy.api#input": {} } }, "com.amazonaws.route53resolver#UpdateResolverEndpointResponse": { @@ -8542,6 +8198,9 @@ "smithy.api#documentation": "The response to an UpdateResolverEndpoint request.
The response to an UpdateResolverRule request.
You have provided an invalid command. Supported values are ADD,\n\t\t\tREMOVE, or REPLACE a domain.