Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ASG ¶ added in v0.92.0
type ASG interface {
// Attaches one or more EC2 instances to the specified Auto Scaling group. When you
// attach instances, Amazon EC2 Auto Scaling increases the desired capacity of the
// group by the number of instances being attached. If the number of instances
// being attached plus the desired capacity of the group exceeds the maximum size
// of the group, the operation fails. If there is a Classic Load Balancer attached
// to your Auto Scaling group, the instances are also registered with the load
// balancer. If there are target groups attached to your Auto Scaling group, the
// instances are also registered with the target groups. For more information, see
// Attach EC2 instances to your Auto Scaling group
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/attach-instance-asg.html)
// in the Amazon EC2 Auto Scaling User Guide.
AttachInstances(ctx context.Context, params *AttachInstancesInput, optFns ...func(*Options)) (*AttachInstancesOutput, error)
// Attaches one or more target groups to the specified Auto Scaling group. This
// operation is used with the following load balancer types:
//
// * Application Load
// Balancer - Operates at the application layer (layer 7) and supports HTTP and
// HTTPS.
//
// * Network Load Balancer - Operates at the transport layer (layer 4) and
// supports TCP, TLS, and UDP.
//
// * Gateway Load Balancer - Operates at the network
// layer (layer 3).
//
// To describe the target groups for an Auto Scaling group, call
// the DescribeLoadBalancerTargetGroups API. To detach the target group from the
// Auto Scaling group, call the DetachLoadBalancerTargetGroups API. This operation
// is additive and does not detach existing target groups or Classic Load Balancers
// from the Auto Scaling group. For more information, see Elastic Load Balancing
// and Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html)
// in the Amazon EC2 Auto Scaling User Guide.
AttachLoadBalancerTargetGroups(ctx context.Context, params *AttachLoadBalancerTargetGroupsInput, optFns ...func(*Options)) (*AttachLoadBalancerTargetGroupsOutput, error)
// To attach an Application Load Balancer, Network Load Balancer, or Gateway Load
// Balancer, use the AttachLoadBalancerTargetGroups API operation instead. Attaches
// one or more Classic Load Balancers to the specified Auto Scaling group. Amazon
// EC2 Auto Scaling registers the running instances with these Classic Load
// Balancers. To describe the load balancers for an Auto Scaling group, call the
// DescribeLoadBalancers API. To detach the load balancer from the Auto Scaling
// group, call the DetachLoadBalancers API. This operation is additive and does not
// detach existing Classic Load Balancers or target groups from the Auto Scaling
// group. For more information, see Elastic Load Balancing and Amazon EC2 Auto
// Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html)
// in the Amazon EC2 Auto Scaling User Guide.
AttachLoadBalancers(ctx context.Context, params *AttachLoadBalancersInput, optFns ...func(*Options)) (*AttachLoadBalancersOutput, error)
// Deletes one or more scheduled actions for the specified Auto Scaling group.
BatchDeleteScheduledAction(ctx context.Context, params *BatchDeleteScheduledActionInput, optFns ...func(*Options)) (*BatchDeleteScheduledActionOutput, error)
// Creates or updates one or more scheduled scaling actions for an Auto Scaling
// group.
BatchPutScheduledUpdateGroupAction(ctx context.Context, params *BatchPutScheduledUpdateGroupActionInput, optFns ...func(*Options)) (*BatchPutScheduledUpdateGroupActionOutput, error)
// Cancels an instance refresh operation in progress. Cancellation does not roll
// back any replacements that have already been completed, but it prevents new
// replacements from being started. This operation is part of the instance refresh
// feature
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)
// in Amazon EC2 Auto Scaling, which helps you update instances in your Auto
// Scaling group after you make configuration changes.
CancelInstanceRefresh(ctx context.Context, params *CancelInstanceRefreshInput, optFns ...func(*Options)) (*CancelInstanceRefreshOutput, error)
// Completes the lifecycle action for the specified token or instance with the
// specified result. This step is a part of the procedure for adding a lifecycle
// hook to an Auto Scaling group:
//
// * (Optional) Create a launch template or launch
// configuration with a user data script that runs while an instance is in a wait
// state due to a lifecycle hook.
//
// * (Optional) Create a Lambda function and a rule
// that allows Amazon EventBridge to invoke your Lambda function when an instance
// is put into a wait state due to a lifecycle hook.
//
// * (Optional) Create a
// notification target and an IAM role. The target can be either an Amazon SQS
// queue or an Amazon SNS topic. The role allows Amazon EC2 Auto Scaling to publish
// lifecycle notifications to the target.
//
// * Create the lifecycle hook. Specify
// whether the hook is used when the instances launch or terminate.
//
// * If you need
// more time, record the lifecycle action heartbeat to keep the instance in a wait
// state.
//
// * If you finish before the timeout period ends, send a callback by using
// the CompleteLifecycleAction API call.
//
// For more information, see Amazon EC2 Auto
// Scaling lifecycle hooks
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) in
// the Amazon EC2 Auto Scaling User Guide.
CompleteLifecycleAction(ctx context.Context, params *CompleteLifecycleActionInput, optFns ...func(*Options)) (*CompleteLifecycleActionOutput, error)
// We strongly recommend using a launch template when calling this operation to
// ensure full functionality for Amazon EC2 Auto Scaling and Amazon EC2. Creates an
// Auto Scaling group with the specified name and attributes. If you exceed your
// maximum limit of Auto Scaling groups, the call fails. To query this limit, call
// the DescribeAccountLimits API. For information about updating this limit, see
// Amazon EC2 Auto Scaling service quotas
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html)
// in the Amazon EC2 Auto Scaling User Guide. For introductory exercises for
// creating an Auto Scaling group, see Getting started with Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/GettingStartedTutorial.html)
// and Tutorial: Set up a scaled and load-balanced application
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-register-lbs-with-asg.html)
// in the Amazon EC2 Auto Scaling User Guide. For more information, see Auto
// Scaling groups
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/AutoScalingGroup.html) in
// the Amazon EC2 Auto Scaling User Guide. Every Auto Scaling group has three size
// parameters (DesiredCapacity, MaxSize, and MinSize). Usually, you set these sizes
// based on a specific number of instances. However, if you configure a mixed
// instances policy that defines weights for the instance types, you must specify
// these sizes with the same units that you use for weighting instances.
CreateAutoScalingGroup(ctx context.Context, params *CreateAutoScalingGroupInput, optFns ...func(*Options)) (*CreateAutoScalingGroupOutput, error)
// Creates a launch configuration. If you exceed your maximum limit of launch
// configurations, the call fails. To query this limit, call the
// DescribeAccountLimits API. For information about updating this limit, see Amazon
// EC2 Auto Scaling service quotas
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html)
// in the Amazon EC2 Auto Scaling User Guide. For more information, see Launch
// configurations
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/LaunchConfiguration.html)
// in the Amazon EC2 Auto Scaling User Guide.
CreateLaunchConfiguration(ctx context.Context, params *CreateLaunchConfigurationInput, optFns ...func(*Options)) (*CreateLaunchConfigurationOutput, error)
// Creates or updates tags for the specified Auto Scaling group. When you specify a
// tag with a key that already exists, the operation overwrites the previous tag
// definition, and you do not get an error message. For more information, see
// Tagging Auto Scaling groups and instances
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html)
// in the Amazon EC2 Auto Scaling User Guide.
CreateOrUpdateTags(ctx context.Context, params *CreateOrUpdateTagsInput, optFns ...func(*Options)) (*CreateOrUpdateTagsOutput, error)
// Deletes the specified Auto Scaling group. If the group has instances or scaling
// activities in progress, you must specify the option to force the deletion in
// order for it to succeed. If the group has policies, deleting the group deletes
// the policies, the underlying alarm actions, and any alarm that no longer has an
// associated action. To remove instances from the Auto Scaling group before
// deleting it, call the DetachInstances API with the list of instances and the
// option to decrement the desired capacity. This ensures that Amazon EC2 Auto
// Scaling does not launch replacement instances. To terminate all instances before
// deleting the Auto Scaling group, call the UpdateAutoScalingGroup API and set the
// minimum size and desired capacity of the Auto Scaling group to zero.
DeleteAutoScalingGroup(ctx context.Context, params *DeleteAutoScalingGroupInput, optFns ...func(*Options)) (*DeleteAutoScalingGroupOutput, error)
// Deletes the specified launch configuration. The launch configuration must not be
// attached to an Auto Scaling group. When this call completes, the launch
// configuration is no longer available for use.
DeleteLaunchConfiguration(ctx context.Context, params *DeleteLaunchConfigurationInput, optFns ...func(*Options)) (*DeleteLaunchConfigurationOutput, error)
// Deletes the specified lifecycle hook. If there are any outstanding lifecycle
// actions, they are completed first (ABANDON for launching instances, CONTINUE for
// terminating instances).
DeleteLifecycleHook(ctx context.Context, params *DeleteLifecycleHookInput, optFns ...func(*Options)) (*DeleteLifecycleHookOutput, error)
// Deletes the specified notification.
DeleteNotificationConfiguration(ctx context.Context, params *DeleteNotificationConfigurationInput, optFns ...func(*Options)) (*DeleteNotificationConfigurationOutput, error)
// Deletes the specified scaling policy. Deleting either a step scaling policy or a
// simple scaling policy deletes the underlying alarm action, but does not delete
// the alarm, even if it no longer has an associated action. For more information,
// see Deleting a scaling policy
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/deleting-scaling-policy.html)
// in the Amazon EC2 Auto Scaling User Guide.
DeletePolicy(ctx context.Context, params *DeletePolicyInput, optFns ...func(*Options)) (*DeletePolicyOutput, error)
// Deletes the specified scheduled action.
DeleteScheduledAction(ctx context.Context, params *DeleteScheduledActionInput, optFns ...func(*Options)) (*DeleteScheduledActionOutput, error)
// Deletes the specified tags.
DeleteTags(ctx context.Context, params *DeleteTagsInput, optFns ...func(*Options)) (*DeleteTagsOutput, error)
// Deletes the warm pool for the specified Auto Scaling group. For more
// information, see Warm pools for Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)
// in the Amazon EC2 Auto Scaling User Guide.
DeleteWarmPool(ctx context.Context, params *DeleteWarmPoolInput, optFns ...func(*Options)) (*DeleteWarmPoolOutput, error)
// Describes the current Amazon EC2 Auto Scaling resource quotas for your account.
// When you establish an Amazon Web Services account, the account has initial
// quotas on the maximum number of Auto Scaling groups and launch configurations
// that you can create in a given Region. For more information, see Amazon EC2 Auto
// Scaling service quotas
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-account-limits.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeAccountLimits(ctx context.Context, params *DescribeAccountLimitsInput, optFns ...func(*Options)) (*DescribeAccountLimitsOutput, error)
// Describes the available adjustment types for step scaling and simple scaling
// policies. The following adjustment types are supported:
//
// * ChangeInCapacity
//
// *
// ExactCapacity
//
// * PercentChangeInCapacity
DescribeAdjustmentTypes(ctx context.Context, params *DescribeAdjustmentTypesInput, optFns ...func(*Options)) (*DescribeAdjustmentTypesOutput, error)
// Gets information about the Auto Scaling groups in the account and Region. If you
// specify Auto Scaling group names, the output includes information for only the
// specified Auto Scaling groups. If you specify filters, the output includes
// information for only those Auto Scaling groups that meet the filter criteria. If
// you do not specify group names or filters, the output includes information for
// all Auto Scaling groups. This operation also returns information about instances
// in Auto Scaling groups. To retrieve information about the instances in a warm
// pool, you must call the DescribeWarmPool API.
DescribeAutoScalingGroups(ctx context.Context, params *DescribeAutoScalingGroupsInput, optFns ...func(*Options)) (*DescribeAutoScalingGroupsOutput, error)
// Gets information about the Auto Scaling instances in the account and Region.
DescribeAutoScalingInstances(ctx context.Context, params *DescribeAutoScalingInstancesInput, optFns ...func(*Options)) (*DescribeAutoScalingInstancesOutput, error)
// Describes the notification types that are supported by Amazon EC2 Auto Scaling.
DescribeAutoScalingNotificationTypes(ctx context.Context, params *DescribeAutoScalingNotificationTypesInput, optFns ...func(*Options)) (*DescribeAutoScalingNotificationTypesOutput, error)
// Gets information about the instance refreshes for the specified Auto Scaling
// group. This operation is part of the instance refresh feature
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)
// in Amazon EC2 Auto Scaling, which helps you update instances in your Auto
// Scaling group after you make configuration changes. To help you determine the
// status of an instance refresh, this operation returns information about the
// instance refreshes you previously initiated, including their status, end time,
// the percentage of the instance refresh that is complete, and the number of
// instances remaining to update before the instance refresh is complete. The
// following are the possible statuses:
//
// * Pending - The request was created, but
// the operation has not started.
//
// * InProgress - The operation is in progress.
//
// *
// Successful - The operation completed successfully.
//
// * Failed - The operation
// failed to complete. You can troubleshoot using the status reason and the scaling
// activities.
//
// * Cancelling - An ongoing operation is being cancelled.
// Cancellation does not roll back any replacements that have already been
// completed, but it prevents new replacements from being started.
//
// * Cancelled -
// The operation is cancelled.
DescribeInstanceRefreshes(ctx context.Context, params *DescribeInstanceRefreshesInput, optFns ...func(*Options)) (*DescribeInstanceRefreshesOutput, error)
// Gets information about the launch configurations in the account and Region.
DescribeLaunchConfigurations(ctx context.Context, params *DescribeLaunchConfigurationsInput, optFns ...func(*Options)) (*DescribeLaunchConfigurationsOutput, error)
// Describes the available types of lifecycle hooks. The following hook types are
// supported:
//
// * autoscaling:EC2_INSTANCE_LAUNCHING
//
// *
// autoscaling:EC2_INSTANCE_TERMINATING
DescribeLifecycleHookTypes(ctx context.Context, params *DescribeLifecycleHookTypesInput, optFns ...func(*Options)) (*DescribeLifecycleHookTypesOutput, error)
// Gets information about the lifecycle hooks for the specified Auto Scaling group.
DescribeLifecycleHooks(ctx context.Context, params *DescribeLifecycleHooksInput, optFns ...func(*Options)) (*DescribeLifecycleHooksOutput, error)
// Gets information about the load balancer target groups for the specified Auto
// Scaling group. To determine the availability of registered instances, use the
// State element in the response. When you attach a target group to an Auto Scaling
// group, the initial State value is Adding. The state transitions to Added after
// all Auto Scaling instances are registered with the target group. If Elastic Load
// Balancing health checks are enabled for the Auto Scaling group, the state
// transitions to InService after at least one Auto Scaling instance passes the
// health check. When the target group is in the InService state, Amazon EC2 Auto
// Scaling can terminate and replace any instances that are reported as unhealthy.
// If no registered instances pass the health checks, the target group doesn't
// enter the InService state. Target groups also have an InService state if you
// attach them in the CreateAutoScalingGroup API call. If your target group state
// is InService, but it is not working properly, check the scaling activities by
// calling DescribeScalingActivities and take any corrective actions necessary. For
// help with failed health checks, see Troubleshooting Amazon EC2 Auto Scaling:
// Health checks
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ts-as-healthchecks.html)
// in the Amazon EC2 Auto Scaling User Guide. For more information, see Elastic
// Load Balancing and Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeLoadBalancerTargetGroups(ctx context.Context, params *DescribeLoadBalancerTargetGroupsInput, optFns ...func(*Options)) (*DescribeLoadBalancerTargetGroupsOutput, error)
// Gets information about the load balancers for the specified Auto Scaling group.
// This operation describes only Classic Load Balancers. If you have Application
// Load Balancers, Network Load Balancers, or Gateway Load Balancers, use the
// DescribeLoadBalancerTargetGroups API instead. To determine the availability of
// registered instances, use the State element in the response. When you attach a
// load balancer to an Auto Scaling group, the initial State value is Adding. The
// state transitions to Added after all Auto Scaling instances are registered with
// the load balancer. If Elastic Load Balancing health checks are enabled for the
// Auto Scaling group, the state transitions to InService after at least one Auto
// Scaling instance passes the health check. When the load balancer is in the
// InService state, Amazon EC2 Auto Scaling can terminate and replace any instances
// that are reported as unhealthy. If no registered instances pass the health
// checks, the load balancer doesn't enter the InService state. Load balancers also
// have an InService state if you attach them in the CreateAutoScalingGroup API
// call. If your load balancer state is InService, but it is not working properly,
// check the scaling activities by calling DescribeScalingActivities and take any
// corrective actions necessary. For help with failed health checks, see
// Troubleshooting Amazon EC2 Auto Scaling: Health checks
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ts-as-healthchecks.html)
// in the Amazon EC2 Auto Scaling User Guide. For more information, see Elastic
// Load Balancing and Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-load-balancer.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeLoadBalancers(ctx context.Context, params *DescribeLoadBalancersInput, optFns ...func(*Options)) (*DescribeLoadBalancersOutput, error)
// Describes the available CloudWatch metrics for Amazon EC2 Auto Scaling. The
// GroupStandbyInstances metric is not returned by default. You must explicitly
// request this metric when calling the EnableMetricsCollection API.
DescribeMetricCollectionTypes(ctx context.Context, params *DescribeMetricCollectionTypesInput, optFns ...func(*Options)) (*DescribeMetricCollectionTypesOutput, error)
// Gets information about the Amazon SNS notifications that are configured for one
// or more Auto Scaling groups.
DescribeNotificationConfigurations(ctx context.Context, params *DescribeNotificationConfigurationsInput, optFns ...func(*Options)) (*DescribeNotificationConfigurationsOutput, error)
// Gets information about the scaling policies in the account and Region.
DescribePolicies(ctx context.Context, params *DescribePoliciesInput, optFns ...func(*Options)) (*DescribePoliciesOutput, error)
// Gets information about the scaling activities in the account and Region. When
// scaling events occur, you see a record of the scaling activity in the scaling
// activities. For more information, see Verifying a scaling activity for an Auto
// Scaling group
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-verify-scaling-activity.html)
// in the Amazon EC2 Auto Scaling User Guide. If the scaling event succeeds, the
// value of the StatusCode element in the response is Successful. If an attempt to
// launch instances failed, the StatusCode value is Failed or Cancelled and the
// StatusMessage element in the response indicates the cause of the failure. For
// help interpreting the StatusMessage, see Troubleshooting Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/CHAP_Troubleshooting.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeScalingActivities(ctx context.Context, params *DescribeScalingActivitiesInput, optFns ...func(*Options)) (*DescribeScalingActivitiesOutput, error)
// Describes the scaling process types for use with the ResumeProcesses and
// SuspendProcesses APIs.
DescribeScalingProcessTypes(ctx context.Context, params *DescribeScalingProcessTypesInput, optFns ...func(*Options)) (*DescribeScalingProcessTypesOutput, error)
// Gets information about the scheduled actions that haven't run or that have not
// reached their end time. To describe the scaling activities for scheduled actions
// that have already run, call the DescribeScalingActivities API.
DescribeScheduledActions(ctx context.Context, params *DescribeScheduledActionsInput, optFns ...func(*Options)) (*DescribeScheduledActionsOutput, error)
// Describes the specified tags. You can use filters to limit the results. For
// example, you can query for the tags for a specific Auto Scaling group. You can
// specify multiple values for a filter. A tag must match at least one of the
// specified values for it to be included in the results. You can also specify
// multiple filters. The result includes information for a particular tag only if
// it matches all the filters. If there's no match, no special message is returned.
// For more information, see Tagging Auto Scaling groups and instances
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeTags(ctx context.Context, params *DescribeTagsInput, optFns ...func(*Options)) (*DescribeTagsOutput, error)
// Describes the termination policies supported by Amazon EC2 Auto Scaling. For
// more information, see Controlling which Auto Scaling instances terminate during
// scale in
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeTerminationPolicyTypes(ctx context.Context, params *DescribeTerminationPolicyTypesInput, optFns ...func(*Options)) (*DescribeTerminationPolicyTypesOutput, error)
// Gets information about a warm pool and its instances. For more information, see
// Warm pools for Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)
// in the Amazon EC2 Auto Scaling User Guide.
DescribeWarmPool(ctx context.Context, params *DescribeWarmPoolInput, optFns ...func(*Options)) (*DescribeWarmPoolOutput, error)
// Removes one or more instances from the specified Auto Scaling group. After the
// instances are detached, you can manage them independent of the Auto Scaling
// group. If you do not specify the option to decrement the desired capacity,
// Amazon EC2 Auto Scaling launches instances to replace the ones that are
// detached. If there is a Classic Load Balancer attached to the Auto Scaling
// group, the instances are deregistered from the load balancer. If there are
// target groups attached to the Auto Scaling group, the instances are deregistered
// from the target groups. For more information, see Detach EC2 instances from your
// Auto Scaling group
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/detach-instance-asg.html)
// in the Amazon EC2 Auto Scaling User Guide.
DetachInstances(ctx context.Context, params *DetachInstancesInput, optFns ...func(*Options)) (*DetachInstancesOutput, error)
// Detaches one or more target groups from the specified Auto Scaling group.
DetachLoadBalancerTargetGroups(ctx context.Context, params *DetachLoadBalancerTargetGroupsInput, optFns ...func(*Options)) (*DetachLoadBalancerTargetGroupsOutput, error)
// Detaches one or more Classic Load Balancers from the specified Auto Scaling
// group. This operation detaches only Classic Load Balancers. If you have
// Application Load Balancers, Network Load Balancers, or Gateway Load Balancers,
// use the DetachLoadBalancerTargetGroups API instead. When you detach a load
// balancer, it enters the Removing state while deregistering the instances in the
// group. When all instances are deregistered, then you can no longer describe the
// load balancer using the DescribeLoadBalancers API call. The instances remain
// running.
DetachLoadBalancers(ctx context.Context, params *DetachLoadBalancersInput, optFns ...func(*Options)) (*DetachLoadBalancersOutput, error)
// Disables group metrics for the specified Auto Scaling group.
DisableMetricsCollection(ctx context.Context, params *DisableMetricsCollectionInput, optFns ...func(*Options)) (*DisableMetricsCollectionOutput, error)
// Enables group metrics for the specified Auto Scaling group. For more
// information, see Monitoring CloudWatch metrics for your Auto Scaling groups and
// instances
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html)
// in the Amazon EC2 Auto Scaling User Guide.
EnableMetricsCollection(ctx context.Context, params *EnableMetricsCollectionInput, optFns ...func(*Options)) (*EnableMetricsCollectionOutput, error)
// Moves the specified instances into the standby state. If you choose to decrement
// the desired capacity of the Auto Scaling group, the instances can enter standby
// as long as the desired capacity of the Auto Scaling group after the instances
// are placed into standby is equal to or greater than the minimum capacity of the
// group. If you choose not to decrement the desired capacity of the Auto Scaling
// group, the Auto Scaling group launches new instances to replace the instances on
// standby. For more information, see Temporarily removing instances from your Auto
// Scaling group
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html)
// in the Amazon EC2 Auto Scaling User Guide.
EnterStandby(ctx context.Context, params *EnterStandbyInput, optFns ...func(*Options)) (*EnterStandbyOutput, error)
// Executes the specified policy. This can be useful for testing the design of your
// scaling policy.
ExecutePolicy(ctx context.Context, params *ExecutePolicyInput, optFns ...func(*Options)) (*ExecutePolicyOutput, error)
// Moves the specified instances out of the standby state. After you put the
// instances back in service, the desired capacity is incremented. For more
// information, see Temporarily removing instances from your Auto Scaling group
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-enter-exit-standby.html)
// in the Amazon EC2 Auto Scaling User Guide.
ExitStandby(ctx context.Context, params *ExitStandbyInput, optFns ...func(*Options)) (*ExitStandbyOutput, error)
// Retrieves the forecast data for a predictive scaling policy. Load forecasts are
// predictions of the hourly load values using historical load data from CloudWatch
// and an analysis of historical trends. Capacity forecasts are represented as
// predicted values for the minimum capacity that is needed on an hourly basis,
// based on the hourly load forecast. A minimum of 24 hours of data is required to
// create the initial forecasts. However, having a full 14 days of historical data
// results in more accurate forecasts. For more information, see Predictive scaling
// for Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-predictive-scaling.html)
// in the Amazon EC2 Auto Scaling User Guide.
GetPredictiveScalingForecast(ctx context.Context, params *GetPredictiveScalingForecastInput, optFns ...func(*Options)) (*GetPredictiveScalingForecastOutput, error)
// Creates or updates a lifecycle hook for the specified Auto Scaling group.
// Lifecycle hooks let you create solutions that are aware of events in the Auto
// Scaling instance lifecycle, and then perform a custom action on instances when
// the corresponding lifecycle event occurs. This step is a part of the procedure
// for adding a lifecycle hook to an Auto Scaling group:
//
// * (Optional) Create a
// launch template or launch configuration with a user data script that runs while
// an instance is in a wait state due to a lifecycle hook.
//
// * (Optional) Create a
// Lambda function and a rule that allows Amazon EventBridge to invoke your Lambda
// function when an instance is put into a wait state due to a lifecycle hook.
//
// *
// (Optional) Create a notification target and an IAM role. The target can be
// either an Amazon SQS queue or an Amazon SNS topic. The role allows Amazon EC2
// Auto Scaling to publish lifecycle notifications to the target.
//
// * Create the
// lifecycle hook. Specify whether the hook is used when the instances launch or
// terminate.
//
// * If you need more time, record the lifecycle action heartbeat to
// keep the instance in a wait state using the RecordLifecycleActionHeartbeat API
// call.
//
// * If you finish before the timeout period ends, send a callback by using
// the CompleteLifecycleAction API call.
//
// For more information, see Amazon EC2 Auto
// Scaling lifecycle hooks
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) in
// the Amazon EC2 Auto Scaling User Guide. If you exceed your maximum limit of
// lifecycle hooks, which by default is 50 per Auto Scaling group, the call fails.
// You can view the lifecycle hooks for an Auto Scaling group using the
// DescribeLifecycleHooks API call. If you are no longer using a lifecycle hook,
// you can delete it by calling the DeleteLifecycleHook API.
PutLifecycleHook(ctx context.Context, params *PutLifecycleHookInput, optFns ...func(*Options)) (*PutLifecycleHookOutput, error)
// Configures an Auto Scaling group to send notifications when specified events
// take place. Subscribers to the specified topic can have messages delivered to an
// endpoint such as a web server or an email address. This configuration overwrites
// any existing configuration. For more information, see Getting Amazon SNS
// notifications when your Auto Scaling group scales
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html)
// in the Amazon EC2 Auto Scaling User Guide. If you exceed your maximum limit of
// SNS topics, which is 10 per Auto Scaling group, the call fails.
PutNotificationConfiguration(ctx context.Context, params *PutNotificationConfigurationInput, optFns ...func(*Options)) (*PutNotificationConfigurationOutput, error)
// Creates or updates a scaling policy for an Auto Scaling group. Scaling policies
// are used to scale an Auto Scaling group based on configurable metrics. If no
// policies are defined, the dynamic scaling and predictive scaling features are
// not used. For more information about using dynamic scaling, see Target tracking
// scaling policies
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-target-tracking.html)
// and Step and simple scaling policies
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-scaling-simple-step.html)
// in the Amazon EC2 Auto Scaling User Guide. For more information about using
// predictive scaling, see Predictive scaling for Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-predictive-scaling.html)
// in the Amazon EC2 Auto Scaling User Guide. You can view the scaling policies for
// an Auto Scaling group using the DescribePolicies API call. If you are no longer
// using a scaling policy, you can delete it by calling the DeletePolicy API.
PutScalingPolicy(ctx context.Context, params *PutScalingPolicyInput, optFns ...func(*Options)) (*PutScalingPolicyOutput, error)
// Creates or updates a scheduled scaling action for an Auto Scaling group. For
// more information, see Scheduled scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/schedule_time.html) in
// the Amazon EC2 Auto Scaling User Guide. You can view the scheduled actions for
// an Auto Scaling group using the DescribeScheduledActions API call. If you are no
// longer using a scheduled action, you can delete it by calling the
// DeleteScheduledAction API.
PutScheduledUpdateGroupAction(ctx context.Context, params *PutScheduledUpdateGroupActionInput, optFns ...func(*Options)) (*PutScheduledUpdateGroupActionOutput, error)
// Creates or updates a warm pool for the specified Auto Scaling group. A warm pool
// is a pool of pre-initialized EC2 instances that sits alongside the Auto Scaling
// group. Whenever your application needs to scale out, the Auto Scaling group can
// draw on the warm pool to meet its new desired capacity. For more information and
// example configurations, see Warm pools for Amazon EC2 Auto Scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-warm-pools.html)
// in the Amazon EC2 Auto Scaling User Guide. This operation must be called from
// the Region in which the Auto Scaling group was created. This operation cannot be
// called on an Auto Scaling group that has a mixed instances policy or a launch
// template or launch configuration that requests Spot Instances. You can view the
// instances in the warm pool using the DescribeWarmPool API call. If you are no
// longer using a warm pool, you can delete it by calling the DeleteWarmPool API.
PutWarmPool(ctx context.Context, params *PutWarmPoolInput, optFns ...func(*Options)) (*PutWarmPoolOutput, error)
// Records a heartbeat for the lifecycle action associated with the specified token
// or instance. This extends the timeout by the length of time defined using the
// PutLifecycleHook API call. This step is a part of the procedure for adding a
// lifecycle hook to an Auto Scaling group:
//
// * (Optional) Create a launch template
// or launch configuration with a user data script that runs while an instance is
// in a wait state due to a lifecycle hook.
//
// * (Optional) Create a Lambda function
// and a rule that allows Amazon EventBridge to invoke your Lambda function when an
// instance is put into a wait state due to a lifecycle hook.
//
// * (Optional) Create
// a notification target and an IAM role. The target can be either an Amazon SQS
// queue or an Amazon SNS topic. The role allows Amazon EC2 Auto Scaling to publish
// lifecycle notifications to the target.
//
// * Create the lifecycle hook. Specify
// whether the hook is used when the instances launch or terminate.
//
// * If you need
// more time, record the lifecycle action heartbeat to keep the instance in a wait
// state.
//
// * If you finish before the timeout period ends, send a callback by using
// the CompleteLifecycleAction API call.
//
// For more information, see Amazon EC2 Auto
// Scaling lifecycle hooks
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) in
// the Amazon EC2 Auto Scaling User Guide.
RecordLifecycleActionHeartbeat(ctx context.Context, params *RecordLifecycleActionHeartbeatInput, optFns ...func(*Options)) (*RecordLifecycleActionHeartbeatOutput, error)
// Resumes the specified suspended auto scaling processes, or all suspended
// process, for the specified Auto Scaling group. For more information, see
// Suspending and resuming scaling processes
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html)
// in the Amazon EC2 Auto Scaling User Guide.
ResumeProcesses(ctx context.Context, params *ResumeProcessesInput, optFns ...func(*Options)) (*ResumeProcessesOutput, error)
// Sets the size of the specified Auto Scaling group. If a scale-in activity occurs
// as a result of a new DesiredCapacity value that is lower than the current size
// of the group, the Auto Scaling group uses its termination policy to determine
// which instances to terminate. For more information, see Manual scaling
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-manual-scaling.html)
// in the Amazon EC2 Auto Scaling User Guide.
SetDesiredCapacity(ctx context.Context, params *SetDesiredCapacityInput, optFns ...func(*Options)) (*SetDesiredCapacityOutput, error)
// Sets the health status of the specified instance. For more information, see
// Health checks for Auto Scaling instances
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/healthcheck.html) in the
// Amazon EC2 Auto Scaling User Guide.
SetInstanceHealth(ctx context.Context, params *SetInstanceHealthInput, optFns ...func(*Options)) (*SetInstanceHealthOutput, error)
// Updates the instance protection settings of the specified instances. This
// operation cannot be called on instances in a warm pool. For more information
// about preventing instances that are part of an Auto Scaling group from
// terminating on scale in, see Using instance scale-in protection
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-protection.html)
// in the Amazon EC2 Auto Scaling User Guide. If you exceed your maximum limit of
// instance IDs, which is 50 per Auto Scaling group, the call fails.
SetInstanceProtection(ctx context.Context, params *SetInstanceProtectionInput, optFns ...func(*Options)) (*SetInstanceProtectionOutput, error)
// Starts a new instance refresh operation. An instance refresh performs a rolling
// replacement of all or some instances in an Auto Scaling group. Each instance is
// terminated first and then replaced, which temporarily reduces the capacity
// available within your Auto Scaling group. This operation is part of the instance
// refresh feature
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/asg-instance-refresh.html)
// in Amazon EC2 Auto Scaling, which helps you update instances in your Auto
// Scaling group. This feature is helpful, for example, when you have a new AMI or
// a new user data script. You just need to create a new launch template that
// specifies the new AMI or user data script. Then start an instance refresh to
// immediately begin the process of updating instances in the group. If the call
// succeeds, it creates a new instance refresh request with a unique ID that you
// can use to track its progress. To query its status, call the
// DescribeInstanceRefreshes API. To describe the instance refreshes that have
// already run, call the DescribeInstanceRefreshes API. To cancel an instance
// refresh operation in progress, use the CancelInstanceRefresh API.
StartInstanceRefresh(ctx context.Context, params *StartInstanceRefreshInput, optFns ...func(*Options)) (*StartInstanceRefreshOutput, error)
// Suspends the specified auto scaling processes, or all processes, for the
// specified Auto Scaling group. If you suspend either the Launch or Terminate
// process types, it can prevent other process types from functioning properly. For
// more information, see Suspending and resuming scaling processes
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-suspend-resume-processes.html)
// in the Amazon EC2 Auto Scaling User Guide. To resume processes that have been
// suspended, call the ResumeProcesses API.
SuspendProcesses(ctx context.Context, params *SuspendProcessesInput, optFns ...func(*Options)) (*SuspendProcessesOutput, error)
// Terminates the specified instance and optionally adjusts the desired group size.
// This operation cannot be called on instances in a warm pool. This call simply
// makes a termination request. The instance is not terminated immediately. When an
// instance is terminated, the instance status changes to terminated. You can't
// connect to or start an instance after you've terminated it. If you do not
// specify the option to decrement the desired capacity, Amazon EC2 Auto Scaling
// launches instances to replace the ones that are terminated. By default, Amazon
// EC2 Auto Scaling balances instances across all Availability Zones. If you
// decrement the desired capacity, your Auto Scaling group can become unbalanced
// between Availability Zones. Amazon EC2 Auto Scaling tries to rebalance the
// group, and rebalancing might terminate instances in other zones. For more
// information, see Rebalancing activities
// (https://docs.aws.amazon.com/autoscaling/ec2/userguide/auto-scaling-benefits.html#AutoScalingBehavior.InstanceUsage)
// in the Amazon EC2 Auto Scaling User Guide.
TerminateInstanceInAutoScalingGroup(ctx context.Context, params *TerminateInstanceInAutoScalingGroupInput, optFns ...func(*Options)) (*TerminateInstanceInAutoScalingGroupOutput, error)
// We strongly recommend that all Auto Scaling groups use launch templates to
// ensure full functionality for Amazon EC2 Auto Scaling and Amazon EC2. Updates
// the configuration for the specified Auto Scaling group. To update an Auto
// Scaling group, specify the name of the group and the parameter that you want to
// change. Any parameters that you don't specify are not changed by this update
// request. The new settings take effect on any scaling activities after this call
// returns. If you associate a new launch configuration or template with an Auto
// Scaling group, all new instances will get the updated configuration. Existing
// instances continue to run with the configuration that they were originally
// launched with. When you update a group to specify a mixed instances policy
// instead of a launch configuration or template, existing instances may be
// replaced to match the new purchasing options that you specified in the policy.
// For example, if the group currently has 100% On-Demand capacity and the policy
// specifies 50% Spot capacity, this means that half of your instances will be
// gradually terminated and relaunched as Spot Instances. When replacing instances,
// Amazon EC2 Auto Scaling launches new instances before terminating the old ones,
// so that updating your group does not compromise the performance or availability
// of your application. Note the following about changing DesiredCapacity, MaxSize,
// or MinSize:
//
// * If a scale-in activity occurs as a result of a new
// DesiredCapacity value that is lower than the current size of the group, the Auto
// Scaling group uses its termination policy to determine which instances to
// terminate.
//
// * If you specify a new value for MinSize without specifying a value
// for DesiredCapacity, and the new MinSize is larger than the current size of the
// group, this sets the group's DesiredCapacity to the new MinSize value.
//
// * If you
// specify a new value for MaxSize without specifying a value for DesiredCapacity,
// and the new MaxSize is smaller than the current size of the group, this sets the
// group's DesiredCapacity to the new MaxSize value.
//
// To see which parameters have
// been set, call the DescribeAutoScalingGroups API. To view the scaling policies
// for an Auto Scaling group, call the DescribePolicies API. If the group has
// scaling policies, you can update them by calling the PutScalingPolicy API.
UpdateAutoScalingGroup(ctx context.Context, params *UpdateAutoScalingGroupInput, optFns ...func(*Options)) (*UpdateAutoScalingGroupOutput, error)
}
ASG provides an interface to the AWS ASG service.
type CloudFormation ¶
type CloudFormation interface {
// Activates a public third-party extension, making it available for use in stack
// templates. For more information, see Using public extensions
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-public.html)
// in the CloudFormation User Guide. Once you have activated a public third-party
// extension in your account and region, use SetTypeConfiguration to specify
// configuration properties for the extension. For more information, see
// Configuring extensions at the account level
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-register.html#registry-set-configuration)
// in the CloudFormation User Guide.
ActivateType(ctx context.Context, params *ActivateTypeInput, optFns ...func(*Options)) (*ActivateTypeOutput, error)
// Returns configuration data for the specified CloudFormation extensions, from the
// CloudFormation registry for the account and region. For more information, see
// Configuring extensions at the account level
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-register.html#registry-set-configuration)
// in the CloudFormation User Guide.
BatchDescribeTypeConfigurations(ctx context.Context, params *BatchDescribeTypeConfigurationsInput, optFns ...func(*Options)) (*BatchDescribeTypeConfigurationsOutput, error)
// Cancels an update on the specified stack. If the call completes successfully,
// the stack rolls back the update and reverts to the previous stack configuration.
// You can cancel only stacks that are in the UPDATE_IN_PROGRESS state.
CancelUpdateStack(ctx context.Context, params *CancelUpdateStackInput, optFns ...func(*Options)) (*CancelUpdateStackOutput, error)
// For a specified stack that's in the UPDATE_ROLLBACK_FAILED state, continues
// rolling it back to the UPDATE_ROLLBACK_COMPLETE state. Depending on the cause of
// the failure, you can manually fix the error
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-update-rollback-failed)
// and continue the rollback. By continuing the rollback, you can return your stack
// to a working state (the UPDATE_ROLLBACK_COMPLETE state), and then try to update
// the stack again. A stack goes into the UPDATE_ROLLBACK_FAILED state when
// CloudFormation can't roll back all changes after a failed stack update. For
// example, you might have a stack that's rolling back to an old database instance
// that was deleted outside of CloudFormation. Because CloudFormation doesn't know
// the database was deleted, it assumes that the database instance still exists and
// attempts to roll back to it, causing the update rollback to fail.
ContinueUpdateRollback(ctx context.Context, params *ContinueUpdateRollbackInput, optFns ...func(*Options)) (*ContinueUpdateRollbackOutput, error)
// Creates a list of changes that will be applied to a stack so that you can review
// the changes before executing them. You can create a change set for a stack that
// doesn't exist or an existing stack. If you create a change set for a stack that
// doesn't exist, the change set shows all of the resources that CloudFormation
// will create. If you create a change set for an existing stack, CloudFormation
// compares the stack's information with the information that you submit in the
// change set and lists the differences. Use change sets to understand which
// resources CloudFormation will create or change, and how it will change resources
// in an existing stack, before you create or update a stack. To create a change
// set for a stack that doesn't exist, for the ChangeSetType parameter, specify
// CREATE. To create a change set for an existing stack, specify UPDATE for the
// ChangeSetType parameter. To create a change set for an import operation, specify
// IMPORT for the ChangeSetType parameter. After the CreateChangeSet call
// successfully completes, CloudFormation starts creating the change set. To check
// the status of the change set or to review it, use the DescribeChangeSet action.
// When you are satisfied with the changes the change set will make, execute the
// change set by using the ExecuteChangeSet action. CloudFormation doesn't make
// changes until you execute the change set. To create a change set for the entire
// stack hierarchy, set IncludeNestedStacks to True.
CreateChangeSet(ctx context.Context, params *CreateChangeSetInput, optFns ...func(*Options)) (*CreateChangeSetOutput, error)
// Creates a stack as specified in the template. After the call completes
// successfully, the stack creation starts. You can check the status of the stack
// through the DescribeStacksoperation.
CreateStack(ctx context.Context, params *CreateStackInput, optFns ...func(*Options)) (*CreateStackOutput, error)
// Creates stack instances for the specified accounts, within the specified Amazon
// Web Services Regions. A stack instance refers to a stack in a specific account
// and Region. You must specify at least one value for either Accounts or
// DeploymentTargets, and you must specify at least one value for Regions.
CreateStackInstances(ctx context.Context, params *CreateStackInstancesInput, optFns ...func(*Options)) (*CreateStackInstancesOutput, error)
// Creates a stack set.
CreateStackSet(ctx context.Context, params *CreateStackSetInput, optFns ...func(*Options)) (*CreateStackSetOutput, error)
// Deactivates a public extension that was previously activated in this account and
// region. Once deactivated, an extension can't be used in any CloudFormation
// operation. This includes stack update operations where the stack template
// includes the extension, even if no updates are being made to the extension. In
// addition, deactivated extensions aren't automatically updated if a new version
// of the extension is released.
DeactivateType(ctx context.Context, params *DeactivateTypeInput, optFns ...func(*Options)) (*DeactivateTypeOutput, error)
// Deletes the specified change set. Deleting change sets ensures that no one
// executes the wrong change set. If the call successfully completes,
// CloudFormation successfully deleted the change set. If IncludeNestedStacks
// specifies True during the creation of the nested change set, then
// DeleteChangeSet will delete all change sets that belong to the stacks hierarchy
// and will also delete all change sets for nested stacks with the status of
// REVIEW_IN_PROGRESS.
DeleteChangeSet(ctx context.Context, params *DeleteChangeSetInput, optFns ...func(*Options)) (*DeleteChangeSetOutput, error)
// Deletes a specified stack. Once the call completes successfully, stack deletion
// starts. Deleted stacks don't show up in the DescribeStacks operation if the
// deletion has been completed successfully.
DeleteStack(ctx context.Context, params *DeleteStackInput, optFns ...func(*Options)) (*DeleteStackOutput, error)
// Deletes stack instances for the specified accounts, in the specified Amazon Web
// Services Regions.
DeleteStackInstances(ctx context.Context, params *DeleteStackInstancesInput, optFns ...func(*Options)) (*DeleteStackInstancesOutput, error)
// Deletes a stack set. Before you can delete a stack set, all of its member stack
// instances must be deleted. For more information about how to do this, see
// DeleteStackInstances.
DeleteStackSet(ctx context.Context, params *DeleteStackSetInput, optFns ...func(*Options)) (*DeleteStackSetOutput, error)
// Marks an extension or extension version as DEPRECATED in the CloudFormation
// registry, removing it from active use. Deprecated extensions or extension
// versions cannot be used in CloudFormation operations. To deregister an entire
// extension, you must individually deregister all active versions of that
// extension. If an extension has only a single active version, deregistering that
// version results in the extension itself being deregistered and marked as
// deprecated in the registry. You can't deregister the default version of an
// extension if there are other active version of that extension. If you do
// deregister the default version of an extension, the extension type itself is
// deregistered as well and marked as deprecated. To view the deprecation status of
// an extension or extension version, use DescribeType
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeType.html).
DeregisterType(ctx context.Context, params *DeregisterTypeInput, optFns ...func(*Options)) (*DeregisterTypeOutput, error)
// Retrieves your account's CloudFormation limits, such as the maximum number of
// stacks that you can create in your account. For more information about account
// limits, see CloudFormation Quotas
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cloudformation-limits.html)
// in the CloudFormation User Guide.
DescribeAccountLimits(ctx context.Context, params *DescribeAccountLimitsInput, optFns ...func(*Options)) (*DescribeAccountLimitsOutput, error)
// Returns the inputs for the change set and a list of changes that CloudFormation
// will make if you execute the change set. For more information, see Updating
// Stacks Using Change Sets
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-changesets.html)
// in the CloudFormation User Guide.
DescribeChangeSet(ctx context.Context, params *DescribeChangeSetInput, optFns ...func(*Options)) (*DescribeChangeSetOutput, error)
// Returns hook-related information for the change set and a list of changes that
// CloudFormation makes when you run the change set.
DescribeChangeSetHooks(ctx context.Context, params *DescribeChangeSetHooksInput, optFns ...func(*Options)) (*DescribeChangeSetHooksOutput, error)
// Returns information about a CloudFormation extension publisher. If you don't
// supply a PublisherId, and you have registered as an extension publisher,
// DescribePublisher returns information about your own publisher account. For more
// information on registering as a publisher, see:
//
// * RegisterPublisher
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterPublisher.html)
//
// *
// Publishing extensions to make them available for public use
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html)
// in the CloudFormation CLI User Guide
DescribePublisher(ctx context.Context, params *DescribePublisherInput, optFns ...func(*Options)) (*DescribePublisherOutput, error)
// Returns information about a stack drift detection operation. A stack drift
// detection operation detects whether a stack's actual configuration differs, or
// has drifted, from it's expected configuration, as defined in the stack template
// and any values specified as template parameters. A stack is considered to have
// drifted if one or more of its resources have drifted. For more information on
// stack and resource drift, see Detecting Unregulated Configuration Changes to
// Stacks and Resources
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
// Use DetectStackDrift to initiate a stack drift detection operation.
// DetectStackDrift returns a StackDriftDetectionId you can use to monitor the
// progress of the operation using DescribeStackDriftDetectionStatus. Once the
// drift detection operation has completed, use DescribeStackResourceDrifts to
// return drift information about the stack and its resources.
DescribeStackDriftDetectionStatus(ctx context.Context, params *DescribeStackDriftDetectionStatusInput, optFns ...func(*Options)) (*DescribeStackDriftDetectionStatusOutput, error)
// Returns all stack related events for a specified stack in reverse chronological
// order. For more information about a stack's event history, go to Stacks
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/concept-stack.html)
// in the CloudFormation User Guide. You can list events for stacks that have
// failed to create or have been deleted by specifying the unique stack identifier
// (stack ID).
DescribeStackEvents(ctx context.Context, params *DescribeStackEventsInput, optFns ...func(*Options)) (*DescribeStackEventsOutput, error)
// Returns the stack instance that's associated with the specified stack set,
// Amazon Web Services account, and Region. For a list of stack instances that are
// associated with a specific stack set, use ListStackInstances.
DescribeStackInstance(ctx context.Context, params *DescribeStackInstanceInput, optFns ...func(*Options)) (*DescribeStackInstanceOutput, error)
// Returns a description of the specified resource in the specified stack. For
// deleted stacks, DescribeStackResource returns resource information for up to 90
// days after the stack has been deleted.
DescribeStackResource(ctx context.Context, params *DescribeStackResourceInput, optFns ...func(*Options)) (*DescribeStackResourceOutput, error)
// Returns drift information for the resources that have been checked for drift in
// the specified stack. This includes actual and expected configuration values for
// resources where CloudFormation detects configuration drift. For a given stack,
// there will be one StackResourceDrift for each stack resource that has been
// checked for drift. Resources that haven't yet been checked for drift aren't
// included. Resources that don't currently support drift detection aren't checked,
// and so not included. For a list of resources that support drift detection, see
// Resources that Support Drift Detection
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift-resource-list.html).
// Use DetectStackResourceDrift to detect drift on individual resources, or
// DetectStackDrift to detect drift on all supported resources for a given stack.
DescribeStackResourceDrifts(ctx context.Context, params *DescribeStackResourceDriftsInput, optFns ...func(*Options)) (*DescribeStackResourceDriftsOutput, error)
// Returns Amazon Web Services resource descriptions for running and deleted
// stacks. If StackName is specified, all the associated resources that are part of
// the stack are returned. If PhysicalResourceId is specified, the associated
// resources of the stack that the resource belongs to are returned. Only the first
// 100 resources will be returned. If your stack has more resources than this, you
// should use ListStackResources instead. For deleted stacks,
// DescribeStackResources returns resource information for up to 90 days after the
// stack has been deleted. You must specify either StackName or PhysicalResourceId,
// but not both. In addition, you can specify LogicalResourceId to filter the
// returned result. For more information about resources, the LogicalResourceId and
// PhysicalResourceId, go to the CloudFormation User Guide
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/). A
// ValidationError is returned if you specify both StackName and PhysicalResourceId
// in the same request.
DescribeStackResources(ctx context.Context, params *DescribeStackResourcesInput, optFns ...func(*Options)) (*DescribeStackResourcesOutput, error)
// Returns the description of the specified stack set.
DescribeStackSet(ctx context.Context, params *DescribeStackSetInput, optFns ...func(*Options)) (*DescribeStackSetOutput, error)
// Returns the description of the specified stack set operation.
DescribeStackSetOperation(ctx context.Context, params *DescribeStackSetOperationInput, optFns ...func(*Options)) (*DescribeStackSetOperationOutput, error)
// Returns the description for the specified stack; if no stack name was specified,
// then it returns the description for all the stacks created. If the stack doesn't
// exist, an ValidationError is returned.
DescribeStacks(ctx context.Context, params *DescribeStacksInput, optFns ...func(*Options)) (*DescribeStacksOutput, error)
// Returns detailed information about an extension that has been registered. If you
// specify a VersionId, DescribeType returns information about that specific
// extension version. Otherwise, it returns information about the default extension
// version.
DescribeType(ctx context.Context, params *DescribeTypeInput, optFns ...func(*Options)) (*DescribeTypeOutput, error)
// Returns information about an extension's registration, including its current
// status and type and version identifiers. When you initiate a registration
// request using RegisterType, you can then use DescribeTypeRegistration to monitor
// the progress of that registration request. Once the registration request has
// completed, use DescribeType to return detailed information about an extension.
DescribeTypeRegistration(ctx context.Context, params *DescribeTypeRegistrationInput, optFns ...func(*Options)) (*DescribeTypeRegistrationOutput, error)
// Detects whether a stack's actual configuration differs, or has drifted, from
// it's expected configuration, as defined in the stack template and any values
// specified as template parameters. For each resource in the stack that supports
// drift detection, CloudFormation compares the actual configuration of the
// resource with its expected template configuration. Only resource properties
// explicitly defined in the stack template are checked for drift. A stack is
// considered to have drifted if one or more of its resources differ from their
// expected template configurations. For more information, see Detecting
// Unregulated Configuration Changes to Stacks and Resources
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
// Use DetectStackDrift to detect drift on all supported resources for a given
// stack, or DetectStackResourceDrift to detect drift on individual resources. For
// a list of stack resources that currently support drift detection, see Resources
// that Support Drift Detection
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift-resource-list.html).
// DetectStackDrift can take up to several minutes, depending on the number of
// resources contained within the stack. Use DescribeStackDriftDetectionStatus to
// monitor the progress of a detect stack drift operation. Once the drift detection
// operation has completed, use DescribeStackResourceDrifts to return drift
// information about the stack and its resources. When detecting drift on a stack,
// CloudFormation doesn't detect drift on any nested stacks belonging to that
// stack. Perform DetectStackDrift directly on the nested stack itself.
DetectStackDrift(ctx context.Context, params *DetectStackDriftInput, optFns ...func(*Options)) (*DetectStackDriftOutput, error)
// Returns information about whether a resource's actual configuration differs, or
// has drifted, from it's expected configuration, as defined in the stack template
// and any values specified as template parameters. This information includes
// actual and expected property values for resources in which CloudFormation
// detects drift. Only resource properties explicitly defined in the stack template
// are checked for drift. For more information about stack and resource drift, see
// Detecting Unregulated Configuration Changes to Stacks and Resources
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html).
// Use DetectStackResourceDrift to detect drift on individual resources, or
// DetectStackDrift to detect drift on all resources in a given stack that support
// drift detection. Resources that don't currently support drift detection can't be
// checked. For a list of resources that support drift detection, see Resources
// that Support Drift Detection
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift-resource-list.html).
DetectStackResourceDrift(ctx context.Context, params *DetectStackResourceDriftInput, optFns ...func(*Options)) (*DetectStackResourceDriftOutput, error)
// Detect drift on a stack set. When CloudFormation performs drift detection on a
// stack set, it performs drift detection on the stack associated with each stack
// instance in the stack set. For more information, see How CloudFormation performs
// drift detection on a stack set
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html).
// DetectStackSetDrift returns the OperationId of the stack set drift detection
// operation. Use this operation id with DescribeStackSetOperation to monitor the
// progress of the drift detection operation. The drift detection operation may
// take some time, depending on the number of stack instances included in the stack
// set, in addition to the number of resources included in each stack. Once the
// operation has completed, use the following actions to return drift
// information:
//
// * Use DescribeStackSet to return detailed information about the
// stack set, including detailed information about the last completed drift
// operation performed on the stack set. (Information about drift operations that
// are in progress isn't included.)
//
// * Use ListStackInstances to return a list of
// stack instances belonging to the stack set, including the drift status and last
// drift time checked of each instance.
//
// * Use DescribeStackInstance to return
// detailed information about a specific stack instance, including its drift status
// and last drift time checked.
//
// For more information on performing a drift
// detection operation on a stack set, see Detecting unmanaged changes in stack
// sets
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacksets-drift.html).
// You can only run a single drift detection operation on a given stack set at one
// time. To stop a drift detection stack set operation, use StopStackSetOperation.
DetectStackSetDrift(ctx context.Context, params *DetectStackSetDriftInput, optFns ...func(*Options)) (*DetectStackSetDriftOutput, error)
// Returns the estimated monthly cost of a template. The return value is an Amazon
// Web Services Simple Monthly Calculator URL with a query string that describes
// the resources required to run the template.
EstimateTemplateCost(ctx context.Context, params *EstimateTemplateCostInput, optFns ...func(*Options)) (*EstimateTemplateCostOutput, error)
// Updates a stack using the input information that was provided when the specified
// change set was created. After the call successfully completes, CloudFormation
// starts updating the stack. Use the DescribeStacks action to view the status of
// the update. When you execute a change set, CloudFormation deletes all other
// change sets associated with the stack because they aren't valid for the updated
// stack. If a stack policy is associated with the stack, CloudFormation enforces
// the policy during the update. You can't specify a temporary stack policy that
// overrides the current policy. To create a change set for the entire stack
// hierarchy, IncludeNestedStacks must have been set to True.
ExecuteChangeSet(ctx context.Context, params *ExecuteChangeSetInput, optFns ...func(*Options)) (*ExecuteChangeSetOutput, error)
// Returns the stack policy for a specified stack. If a stack doesn't have a
// policy, a null value is returned.
GetStackPolicy(ctx context.Context, params *GetStackPolicyInput, optFns ...func(*Options)) (*GetStackPolicyOutput, error)
// Returns the template body for a specified stack. You can get the template for
// running or deleted stacks. For deleted stacks, GetTemplate returns the template
// for up to 90 days after the stack has been deleted. If the template doesn't
// exist, a ValidationError is returned.
GetTemplate(ctx context.Context, params *GetTemplateInput, optFns ...func(*Options)) (*GetTemplateOutput, error)
// Returns information about a new or existing template. The GetTemplateSummary
// action is useful for viewing parameter information, such as default parameter
// values and parameter types, before you create or update a stack or stack set.
// You can use the GetTemplateSummary action when you submit a template, or you can
// get template information for a stack set, or a running or deleted stack. For
// deleted stacks, GetTemplateSummary returns the template information for up to 90
// days after the stack has been deleted. If the template doesn't exist, a
// ValidationError is returned.
GetTemplateSummary(ctx context.Context, params *GetTemplateSummaryInput, optFns ...func(*Options)) (*GetTemplateSummaryOutput, error)
// Import existing stacks into a new stack sets. Use the stack import operation to
// import up to 10 stacks into a new stack set in the same account as the source
// stack or in a different administrator account and Region, by specifying the
// stack ID of the stack you intend to import. ImportStacksToStackSet is only
// supported by self-managed permissions.
ImportStacksToStackSet(ctx context.Context, params *ImportStacksToStackSetInput, optFns ...func(*Options)) (*ImportStacksToStackSetOutput, error)
// Returns the ID and status of each active change set for a stack. For example,
// CloudFormation lists change sets that are in the CREATE_IN_PROGRESS or
// CREATE_PENDING state.
ListChangeSets(ctx context.Context, params *ListChangeSetsInput, optFns ...func(*Options)) (*ListChangeSetsOutput, error)
// Lists all exported output values in the account and Region in which you call
// this action. Use this action to see the exported output values that you can
// import into other stacks. To import values, use the Fn::ImportValue
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-importvalue.html)
// function. For more information, see CloudFormation export stack output values
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-exports.html).
ListExports(ctx context.Context, params *ListExportsInput, optFns ...func(*Options)) (*ListExportsOutput, error)
// Lists all stacks that are importing an exported output value. To modify or
// remove an exported output value, first use this action to see which stacks are
// using it. To see the exported output values in your account, see ListExports.
// For more information about importing an exported output value, see the
// Fn::ImportValue
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-importvalue.html)
// function.
ListImports(ctx context.Context, params *ListImportsInput, optFns ...func(*Options)) (*ListImportsOutput, error)
// Returns summary information about stack instances that are associated with the
// specified stack set. You can filter for stack instances that are associated with
// a specific Amazon Web Services account name or Region, or that have a specific
// status.
ListStackInstances(ctx context.Context, params *ListStackInstancesInput, optFns ...func(*Options)) (*ListStackInstancesOutput, error)
// Returns descriptions of all resources of the specified stack. For deleted
// stacks, ListStackResources returns resource information for up to 90 days after
// the stack has been deleted.
ListStackResources(ctx context.Context, params *ListStackResourcesInput, optFns ...func(*Options)) (*ListStackResourcesOutput, error)
// Returns summary information about the results of a stack set operation.
ListStackSetOperationResults(ctx context.Context, params *ListStackSetOperationResultsInput, optFns ...func(*Options)) (*ListStackSetOperationResultsOutput, error)
// Returns summary information about operations performed on a stack set.
ListStackSetOperations(ctx context.Context, params *ListStackSetOperationsInput, optFns ...func(*Options)) (*ListStackSetOperationsOutput, error)
// Returns summary information about stack sets that are associated with the
// user.
//
// * [Self-managed permissions] If you set the CallAs parameter to SELF
// while signed in to your Amazon Web Services account, ListStackSets returns all
// self-managed stack sets in your Amazon Web Services account.
//
// * [Service-managed
// permissions] If you set the CallAs parameter to SELF while signed in to the
// organization's management account, ListStackSets returns all stack sets in the
// management account.
//
// * [Service-managed permissions] If you set the CallAs
// parameter to DELEGATED_ADMIN while signed in to your member account,
// ListStackSets returns all stack sets with service-managed permissions in the
// management account.
ListStackSets(ctx context.Context, params *ListStackSetsInput, optFns ...func(*Options)) (*ListStackSetsOutput, error)
// Returns the summary information for stacks whose status matches the specified
// StackStatusFilter. Summary information for stacks that have been deleted is kept
// for 90 days after the stack is deleted. If no StackStatusFilter is specified,
// summary information for all stacks is returned (including existing stacks and
// stacks that have been deleted).
ListStacks(ctx context.Context, params *ListStacksInput, optFns ...func(*Options)) (*ListStacksOutput, error)
// Returns a list of registration tokens for the specified extension(s).
ListTypeRegistrations(ctx context.Context, params *ListTypeRegistrationsInput, optFns ...func(*Options)) (*ListTypeRegistrationsOutput, error)
// Returns summary information about the versions of an extension.
ListTypeVersions(ctx context.Context, params *ListTypeVersionsInput, optFns ...func(*Options)) (*ListTypeVersionsOutput, error)
// Returns summary information about extension that have been registered with
// CloudFormation.
ListTypes(ctx context.Context, params *ListTypesInput, optFns ...func(*Options)) (*ListTypesOutput, error)
// Publishes the specified extension to the CloudFormation registry as a public
// extension in this region. Public extensions are available for use by all
// CloudFormation users. For more information on publishing extensions, see
// Publishing extensions to make them available for public use
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html)
// in the CloudFormation CLI User Guide. To publish an extension, you must be
// registered as a publisher with CloudFormation. For more information, see
// RegisterPublisher
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_RegisterPublisher.html).
PublishType(ctx context.Context, params *PublishTypeInput, optFns ...func(*Options)) (*PublishTypeOutput, error)
// Reports progress of a resource handler to CloudFormation. Reserved for use by
// the CloudFormation CLI
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/what-is-cloudformation-cli.html).
// Don't use this API in your code.
RecordHandlerProgress(ctx context.Context, params *RecordHandlerProgressInput, optFns ...func(*Options)) (*RecordHandlerProgressOutput, error)
// Registers your account as a publisher of public extensions in the CloudFormation
// registry. Public extensions are available for use by all CloudFormation users.
// This publisher ID applies to your account in all Amazon Web Services Regions.
// For information on requirements for registering as a public extension publisher,
// see Registering your account to publish CloudFormation extensions
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-prereqs)
// in the CloudFormation CLI User Guide.
RegisterPublisher(ctx context.Context, params *RegisterPublisherInput, optFns ...func(*Options)) (*RegisterPublisherOutput, error)
// Registers an extension with the CloudFormation service. Registering an extension
// makes it available for use in CloudFormation templates in your Amazon Web
// Services account, and includes:
//
// * Validating the extension schema.
//
// *
// Determining which handlers, if any, have been specified for the extension.
//
// *
// Making the extension available for use in your account.
//
// For more information on
// how to develop extensions and ready them for registration, see Creating Resource
// Providers
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-types.html)
// in the CloudFormation CLI User Guide. You can have a maximum of 50 resource
// extension versions registered at a time. This maximum is per account and per
// region. Use DeregisterType to deregister specific extension versions if
// necessary. Once you have initiated a registration request using RegisterType,
// you can use DescribeTypeRegistration to monitor the progress of the registration
// request. Once you have registered a private extension in your account and
// region, use SetTypeConfiguration to specify configuration properties for the
// extension. For more information, see Configuring extensions at the account level
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-register.html#registry-set-configuration)
// in the CloudFormation User Guide.
RegisterType(ctx context.Context, params *RegisterTypeInput, optFns ...func(*Options)) (*RegisterTypeOutput, error)
// When specifying RollbackStack, you preserve the state of previously provisioned
// resources when an operation fails. You can check the status of the stack through
// the DescribeStacks operation. Rolls back the specified stack to the last known
// stable state from CREATE_FAILED or UPDATE_FAILED stack statuses. This operation
// will delete a stack if it doesn't contain a last known stable state. A last
// known stable state includes any status in a *_COMPLETE. This includes the
// following stack statuses.
//
// * CREATE_COMPLETE
//
// * UPDATE_COMPLETE
//
// *
// UPDATE_ROLLBACK_COMPLETE
//
// * IMPORT_COMPLETE
//
// * IMPORT_ROLLBACK_COMPLETE
RollbackStack(ctx context.Context, params *RollbackStackInput, optFns ...func(*Options)) (*RollbackStackOutput, error)
// Sets a stack policy for a specified stack.
SetStackPolicy(ctx context.Context, params *SetStackPolicyInput, optFns ...func(*Options)) (*SetStackPolicyOutput, error)
// Specifies the configuration data for a registered CloudFormation extension, in
// the given account and region. To view the current configuration data for an
// extension, refer to the ConfigurationSchema element of DescribeType. For more
// information, see Configuring extensions at the account level
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/registry-register.html#registry-set-configuration)
// in the CloudFormation User Guide. It's strongly recommended that you use dynamic
// references to restrict sensitive configuration definitions, such as third-party
// credentials. For more details on dynamic references, see Using dynamic
// references to specify template values (https://docs.aws.amazon.com/) in the
// CloudFormation User Guide.
SetTypeConfiguration(ctx context.Context, params *SetTypeConfigurationInput, optFns ...func(*Options)) (*SetTypeConfigurationOutput, error)
// Specify the default version of an extension. The default version of an extension
// will be used in CloudFormation operations.
SetTypeDefaultVersion(ctx context.Context, params *SetTypeDefaultVersionInput, optFns ...func(*Options)) (*SetTypeDefaultVersionOutput, error)
// Sends a signal to the specified resource with a success or failure status. You
// can use the SignalResource operation in conjunction with a creation policy or
// update policy. CloudFormation doesn't proceed with a stack creation or update
// until resources receive the required number of signals or the timeout period is
// exceeded. The SignalResource operation is useful in cases where you want to send
// signals from anywhere other than an Amazon EC2 instance.
SignalResource(ctx context.Context, params *SignalResourceInput, optFns ...func(*Options)) (*SignalResourceOutput, error)
// Stops an in-progress operation on a stack set and its associated stack
// instances. StackSets will cancel all the unstarted stack instance deployments
// and wait for those are in-progress to complete.
StopStackSetOperation(ctx context.Context, params *StopStackSetOperationInput, optFns ...func(*Options)) (*StopStackSetOperationOutput, error)
// Tests a registered extension to make sure it meets all necessary requirements
// for being published in the CloudFormation registry.
//
// * For resource types, this
// includes passing all contracts tests defined for the type.
//
// * For modules, this
// includes determining if the module's model meets all necessary
// requirements.
//
// For more information, see Testing your public extension prior to
// publishing
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/publish-extension.html#publish-extension-testing)
// in the CloudFormation CLI User Guide. If you don't specify a version,
// CloudFormation uses the default version of the extension in your account and
// region for testing. To perform testing, CloudFormation assumes the execution
// role specified when the type was registered. For more information, see
// RegisterType. Once you've initiated testing on an extension using TestType, you
// can use DescribeType
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_DescribeType.html)
// to monitor the current test status and test status description for the
// extension. An extension must have a test status of PASSED before it can be
// published. For more information, see Publishing extensions to make them
// available for public use
// (https://docs.aws.amazon.com/cloudformation-cli/latest/userguide/resource-type-publish.html)
// in the CloudFormation CLI User Guide.
TestType(ctx context.Context, params *TestTypeInput, optFns ...func(*Options)) (*TestTypeOutput, error)
// Updates a stack as specified in the template. After the call completes
// successfully, the stack update starts. You can check the status of the stack
// through the DescribeStacks action. To get a copy of the template for an existing
// stack, you can use the GetTemplate action. For more information about creating
// an update template, updating a stack, and monitoring the progress of the update,
// see Updating a Stack
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks.html).
UpdateStack(ctx context.Context, params *UpdateStackInput, optFns ...func(*Options)) (*UpdateStackOutput, error)
// Updates the parameter values for stack instances for the specified accounts,
// within the specified Amazon Web Services Regions. A stack instance refers to a
// stack in a specific account and Region. You can only update stack instances in
// Amazon Web Services Regions and accounts where they already exist; to create
// additional stack instances, use CreateStackInstances
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_CreateStackInstances.html).
// During stack set updates, any parameters overridden for a stack instance aren't
// updated, but retain their overridden value. You can only update the parameter
// values that are specified in the stack set; to add or delete a parameter itself,
// use UpdateStackSet
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackSet.html)
// to update the stack set template. If you add a parameter to a template, before
// you can override the parameter value specified in the stack set you must first
// use UpdateStackSet
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/APIReference/API_UpdateStackSet.html)
// to update all stack instances with the updated template and parameter value
// specified in the stack set. Once a stack instance has been updated with the new
// parameter, you can then override the parameter value using UpdateStackInstances.
UpdateStackInstances(ctx context.Context, params *UpdateStackInstancesInput, optFns ...func(*Options)) (*UpdateStackInstancesOutput, error)
// Updates the stack set, and associated stack instances in the specified accounts
// and Amazon Web Services Regions. Even if the stack set operation created by
// updating the stack set fails (completely or partially, below or above a
// specified failure tolerance), the stack set is updated with your changes.
// Subsequent CreateStackInstances calls on the specified stack set use the updated
// stack set.
UpdateStackSet(ctx context.Context, params *UpdateStackSetInput, optFns ...func(*Options)) (*UpdateStackSetOutput, error)
// Updates termination protection for the specified stack. If a user attempts to
// delete a stack with termination protection enabled, the operation fails and the
// stack remains unchanged. For more information, see Protecting a Stack From Being
// Deleted
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-protect-stacks.html)
// in the CloudFormation User Guide. For nested stacks
// (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-nested-stacks.html),
// termination protection is set on the root stack and can't be changed directly on
// the nested stack.
UpdateTerminationProtection(ctx context.Context, params *UpdateTerminationProtectionInput, optFns ...func(*Options)) (*UpdateTerminationProtectionOutput, error)
// Validates a specified template. CloudFormation first checks if the template is
// valid JSON. If it isn't, CloudFormation checks if the template is valid YAML. If
// both these checks fail, CloudFormation returns a template validation error.
ValidateTemplate(ctx context.Context, params *ValidateTemplateInput, optFns ...func(*Options)) (*ValidateTemplateOutput, error)
}
CloudFormation provides an interface to the AWS CloudFormation service.
type CloudTrail ¶ added in v0.92.0
type CloudTrail interface {
// Adds one or more tags to a trail, up to a limit of 50. Overwrites an existing
// tag's value when a new value is specified for an existing tag key. Tag key names
// must be unique for a trail; you cannot have two keys with the same name but
// different values. If you specify a key without a value, the tag will be created
// with the specified key and a value of null. You can tag a trail that applies to
// all Amazon Web Services Regions only from the Region in which the trail was
// created (also known as its home region).
AddTags(ctx context.Context, params *AddTagsInput, optFns ...func(*Options)) (*AddTagsOutput, error)
// Cancels a query if the query is not in a terminated state, such as CANCELLED,
// FAILED, TIMED_OUT, or FINISHED. You must specify an ARN value for
// EventDataStore. The ID of the query that you want to cancel is also required.
// When you run CancelQuery, the query status might show as CANCELLED even if the
// operation is not yet finished.
CancelQuery(ctx context.Context, params *CancelQueryInput, optFns ...func(*Options)) (*CancelQueryOutput, error)
// Creates a new event data store.
CreateEventDataStore(ctx context.Context, params *CreateEventDataStoreInput, optFns ...func(*Options)) (*CreateEventDataStoreOutput, error)
// Creates a trail that specifies the settings for delivery of log data to an
// Amazon S3 bucket.
CreateTrail(ctx context.Context, params *CreateTrailInput, optFns ...func(*Options)) (*CreateTrailOutput, error)
// Disables the event data store specified by EventDataStore, which accepts an
// event data store ARN. After you run DeleteEventDataStore, the event data store
// enters a PENDING_DELETION state, and is automatically deleted after a wait
// period of seven days. TerminationProtectionEnabled must be set to False on the
// event data store; this operation cannot work if TerminationProtectionEnabled is
// True. After you run DeleteEventDataStore on an event data store, you cannot run
// ListQueries, DescribeQuery, or GetQueryResults on queries that are using an
// event data store in a PENDING_DELETION state. An event data store in the
// PENDING_DELETION state does not incur costs.
DeleteEventDataStore(ctx context.Context, params *DeleteEventDataStoreInput, optFns ...func(*Options)) (*DeleteEventDataStoreOutput, error)
// Deletes a trail. This operation must be called from the region in which the
// trail was created. DeleteTrail cannot be called on the shadow trails (replicated
// trails in other regions) of a trail that is enabled in all regions.
DeleteTrail(ctx context.Context, params *DeleteTrailInput, optFns ...func(*Options)) (*DeleteTrailOutput, error)
// Returns metadata about a query, including query run time in milliseconds, number
// of events scanned and matched, and query status. You must specify an ARN for
// EventDataStore, and a value for QueryID.
DescribeQuery(ctx context.Context, params *DescribeQueryInput, optFns ...func(*Options)) (*DescribeQueryOutput, error)
// Retrieves settings for one or more trails associated with the current region for
// your account.
DescribeTrails(ctx context.Context, params *DescribeTrailsInput, optFns ...func(*Options)) (*DescribeTrailsOutput, error)
// Returns information about an event data store specified as either an ARN or the
// ID portion of the ARN.
GetEventDataStore(ctx context.Context, params *GetEventDataStoreInput, optFns ...func(*Options)) (*GetEventDataStoreOutput, error)
// Describes the settings for the event selectors that you configured for your
// trail. The information returned for your event selectors includes the
// following:
//
// * If your event selector includes read-only events, write-only
// events, or all events. This applies to both management events and data
// events.
//
// * If your event selector includes management events.
//
// * If your event
// selector includes data events, the resources on which you are logging data
// events.
//
// For more information, see Logging Data and Management Events for Trails
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
// in the CloudTrail User Guide.
GetEventSelectors(ctx context.Context, params *GetEventSelectorsInput, optFns ...func(*Options)) (*GetEventSelectorsOutput, error)
// Describes the settings for the Insights event selectors that you configured for
// your trail. GetInsightSelectors shows if CloudTrail Insights event logging is
// enabled on the trail, and if it is, which insight types are enabled. If you run
// GetInsightSelectors on a trail that does not have Insights events enabled, the
// operation throws the exception InsightNotEnabledException For more information,
// see Logging CloudTrail Insights Events for Trails
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-insights-events-with-cloudtrail.html)
// in the CloudTrail User Guide.
GetInsightSelectors(ctx context.Context, params *GetInsightSelectorsInput, optFns ...func(*Options)) (*GetInsightSelectorsOutput, error)
// Gets event data results of a query. You must specify the QueryID value returned
// by the StartQuery operation, and an ARN for EventDataStore.
GetQueryResults(ctx context.Context, params *GetQueryResultsInput, optFns ...func(*Options)) (*GetQueryResultsOutput, error)
// Returns settings information for a specified trail.
GetTrail(ctx context.Context, params *GetTrailInput, optFns ...func(*Options)) (*GetTrailOutput, error)
// Returns a JSON-formatted list of information about the specified trail. Fields
// include information on delivery errors, Amazon SNS and Amazon S3 errors, and
// start and stop logging times for each trail. This operation returns trail status
// from a single region. To return trail status from all regions, you must call the
// operation on each region.
GetTrailStatus(ctx context.Context, params *GetTrailStatusInput, optFns ...func(*Options)) (*GetTrailStatusOutput, error)
// Returns information about all event data stores in the account, in the current
// region.
ListEventDataStores(ctx context.Context, params *ListEventDataStoresInput, optFns ...func(*Options)) (*ListEventDataStoresOutput, error)
// Returns all public keys whose private keys were used to sign the digest files
// within the specified time range. The public key is needed to validate digest
// files that were signed with its corresponding private key. CloudTrail uses
// different private and public key pairs per region. Each digest file is signed
// with a private key unique to its region. When you validate a digest file from a
// specific region, you must look in the same region for its corresponding public
// key.
ListPublicKeys(ctx context.Context, params *ListPublicKeysInput, optFns ...func(*Options)) (*ListPublicKeysOutput, error)
// Returns a list of queries and query statuses for the past seven days. You must
// specify an ARN value for EventDataStore. Optionally, to shorten the list of
// results, you can specify a time range, formatted as timestamps, by adding
// StartTime and EndTime parameters, and a QueryStatus value. Valid values for
// QueryStatus include QUEUED, RUNNING, FINISHED, FAILED, TIMED_OUT, or CANCELLED.
ListQueries(ctx context.Context, params *ListQueriesInput, optFns ...func(*Options)) (*ListQueriesOutput, error)
// Lists the tags for the trail in the current region.
ListTags(ctx context.Context, params *ListTagsInput, optFns ...func(*Options)) (*ListTagsOutput, error)
// Lists trails that are in the current account.
ListTrails(ctx context.Context, params *ListTrailsInput, optFns ...func(*Options)) (*ListTrailsOutput, error)
// Looks up management events
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-management-events)
// or CloudTrail Insights events
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/cloudtrail-concepts.html#cloudtrail-concepts-insights-events)
// that are captured by CloudTrail. You can look up events that occurred in a
// region within the last 90 days. Lookup supports the following attributes for
// management events:
//
// * Amazon Web Services access key
//
// * Event ID
//
// * Event
// name
//
// * Event source
//
// * Read only
//
// * Resource name
//
// * Resource type
//
// * User
// name
//
// Lookup supports the following attributes for Insights events:
//
// * Event
// ID
//
// * Event name
//
// * Event source
//
// All attributes are optional. The default
// number of results returned is 50, with a maximum of 50 possible. The response
// includes a token that you can use to get the next page of results. The rate of
// lookup requests is limited to two per second, per account, per region. If this
// limit is exceeded, a throttling error occurs.
LookupEvents(ctx context.Context, params *LookupEventsInput, optFns ...func(*Options)) (*LookupEventsOutput, error)
// Configures an event selector or advanced event selectors for your trail. Use
// event selectors or advanced event selectors to specify management and data event
// settings for your trail. By default, trails created without specific event
// selectors are configured to log all read and write management events, and no
// data events. When an event occurs in your account, CloudTrail evaluates the
// event selectors or advanced event selectors in all trails. For each trail, if
// the event matches any event selector, the trail processes and logs the event. If
// the event doesn't match any event selector, the trail doesn't log the event.
// Example
//
// * You create an event selector for a trail and specify that you want
// write-only events.
//
// * The EC2 GetConsoleOutput and RunInstances API operations
// occur in your account.
//
// * CloudTrail evaluates whether the events match your
// event selectors.
//
// * The RunInstances is a write-only event and it matches your
// event selector. The trail logs the event.
//
// * The GetConsoleOutput is a read-only
// event that doesn't match your event selector. The trail doesn't log the
// event.
//
// The PutEventSelectors operation must be called from the region in which
// the trail was created; otherwise, an InvalidHomeRegionException exception is
// thrown. You can configure up to five event selectors for each trail. For more
// information, see Logging data and management events for trails
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-management-and-data-events-with-cloudtrail.html)
// and Quotas in CloudTrail
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html)
// in the CloudTrail User Guide. You can add advanced event selectors, and
// conditions for your advanced event selectors, up to a maximum of 500 values for
// all conditions and selectors on a trail. You can use either
// AdvancedEventSelectors or EventSelectors, but not both. If you apply
// AdvancedEventSelectors to a trail, any existing EventSelectors are overwritten.
// For more information about advanced event selectors, see Logging data events for
// trails
// (https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html)
// in the CloudTrail User Guide.
PutEventSelectors(ctx context.Context, params *PutEventSelectorsInput, optFns ...func(*Options)) (*PutEventSelectorsOutput, error)
// Lets you enable Insights event logging by specifying the Insights selectors that
// you want to enable on an existing trail. You also use PutInsightSelectors to
// turn off Insights event logging, by passing an empty list of insight types. The
// valid Insights event types in this release are ApiErrorRateInsight and
// ApiCallRateInsight.
PutInsightSelectors(ctx context.Context, params *PutInsightSelectorsInput, optFns ...func(*Options)) (*PutInsightSelectorsOutput, error)
// Removes the specified tags from a trail.
RemoveTags(ctx context.Context, params *RemoveTagsInput, optFns ...func(*Options)) (*RemoveTagsOutput, error)
// Restores a deleted event data store specified by EventDataStore, which accepts
// an event data store ARN. You can only restore a deleted event data store within
// the seven-day wait period after deletion. Restoring an event data store can take
// several minutes, depending on the size of the event data store.
RestoreEventDataStore(ctx context.Context, params *RestoreEventDataStoreInput, optFns ...func(*Options)) (*RestoreEventDataStoreOutput, error)
// Starts the recording of Amazon Web Services API calls and log file delivery for
// a trail. For a trail that is enabled in all regions, this operation must be
// called from the region in which the trail was created. This operation cannot be
// called on the shadow trails (replicated trails in other regions) of a trail that
// is enabled in all regions.
StartLogging(ctx context.Context, params *StartLoggingInput, optFns ...func(*Options)) (*StartLoggingOutput, error)
// Starts a CloudTrail Lake query. The required QueryStatement parameter provides
// your SQL query, enclosed in single quotation marks.
StartQuery(ctx context.Context, params *StartQueryInput, optFns ...func(*Options)) (*StartQueryOutput, error)
// Suspends the recording of Amazon Web Services API calls and log file delivery
// for the specified trail. Under most circumstances, there is no need to use this
// action. You can update a trail without stopping it first. This action is the
// only way to stop recording. For a trail enabled in all regions, this operation
// must be called from the region in which the trail was created, or an
// InvalidHomeRegionException will occur. This operation cannot be called on the
// shadow trails (replicated trails in other regions) of a trail enabled in all
// regions.
StopLogging(ctx context.Context, params *StopLoggingInput, optFns ...func(*Options)) (*StopLoggingOutput, error)
// Updates an event data store. The required EventDataStore value is an ARN or the
// ID portion of the ARN. Other parameters are optional, but at least one optional
// parameter must be specified, or CloudTrail throws an error. RetentionPeriod is
// in days, and valid values are integers between 90 and 2555. By default,
// TerminationProtection is enabled. AdvancedEventSelectors includes or excludes
// management and data events in your event data store; for more information about
// AdvancedEventSelectors, see PutEventSelectorsRequest$AdvancedEventSelectors.
UpdateEventDataStore(ctx context.Context, params *UpdateEventDataStoreInput, optFns ...func(*Options)) (*UpdateEventDataStoreOutput, error)
// Updates trail settings that control what events you are logging, and how to
// handle log files. Changes to a trail do not require stopping the CloudTrail
// service. Use this action to designate an existing bucket for log delivery. If
// the existing bucket has previously been a target for CloudTrail log files, an
// IAM policy exists for the bucket. UpdateTrail must be called from the region in
// which the trail was created; otherwise, an InvalidHomeRegionException is thrown.
UpdateTrail(ctx context.Context, params *UpdateTrailInput, optFns ...func(*Options)) (*UpdateTrailOutput, error)
}
CloudTrail provides an interface to the AWS CloudTrail service.
type CloudWatchLogs ¶ added in v0.92.0
type CloudWatchLogs interface {
// Associates the specified Key Management Service customer master key (CMK) with
// the specified log group. Associating an KMS CMK with a log group overrides any
// existing associations between the log group and a CMK. After a CMK is associated
// with a log group, all newly ingested data for the log group is encrypted using
// the CMK. This association is stored as long as the data encrypted with the CMK
// is still within CloudWatch Logs. This enables CloudWatch Logs to decrypt this
// data whenever it is requested. CloudWatch Logs supports only symmetric CMKs. Do
// not use an associate an asymmetric CMK with your log group. For more
// information, see Using Symmetric and Asymmetric Keys
// (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html).
// It can take up to 5 minutes for this operation to take effect. If you attempt to
// associate a CMK with a log group but the CMK does not exist or the CMK is
// disabled, you receive an InvalidParameterException error.
AssociateKmsKey(ctx context.Context, params *AssociateKmsKeyInput, optFns ...func(*Options)) (*AssociateKmsKeyOutput, error)
// Cancels the specified export task. The task must be in the PENDING or RUNNING
// state.
CancelExportTask(ctx context.Context, params *CancelExportTaskInput, optFns ...func(*Options)) (*CancelExportTaskOutput, error)
// Creates an export task, which allows you to efficiently export data from a log
// group to an Amazon S3 bucket. When you perform a CreateExportTask operation, you
// must use credentials that have permission to write to the S3 bucket that you
// specify as the destination. This is an asynchronous call. If all the required
// information is provided, this operation initiates an export task and responds
// with the ID of the task. After the task has started, you can use
// DescribeExportTasks
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeExportTasks.html)
// to get the status of the export task. Each account can only have one active
// (RUNNING or PENDING) export task at a time. To cancel an export task, use
// CancelExportTask
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CancelExportTask.html).
// You can export logs from multiple log groups or multiple time ranges to the same
// S3 bucket. To separate out log data for each export task, you can specify a
// prefix to be used as the Amazon S3 key prefix for all exported objects.
// Exporting to S3 buckets that are encrypted with AES-256 is supported. Exporting
// to S3 buckets encrypted with SSE-KMS is not supported.
CreateExportTask(ctx context.Context, params *CreateExportTaskInput, optFns ...func(*Options)) (*CreateExportTaskOutput, error)
// Creates a log group with the specified name. You can create up to 20,000 log
// groups per account. You must use the following guidelines when naming a log
// group:
//
// * Log group names must be unique within a region for an Amazon Web
// Services account.
//
// * Log group names can be between 1 and 512 characters
// long.
//
// * Log group names consist of the following characters: a-z, A-Z, 0-9, '_'
// (underscore), '-' (hyphen), '/' (forward slash), '.' (period), and '#' (number
// sign)
//
// When you create a log group, by default the log events in the log group
// never expire. To set a retention policy so that events expire and are deleted
// after a specified time, use PutRetentionPolicy
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html).
// If you associate a Key Management Service customer master key (CMK) with the log
// group, ingested data is encrypted using the CMK. This association is stored as
// long as the data encrypted with the CMK is still within CloudWatch Logs. This
// enables CloudWatch Logs to decrypt this data whenever it is requested. If you
// attempt to associate a CMK with the log group but the CMK does not exist or the
// CMK is disabled, you receive an InvalidParameterException error. CloudWatch Logs
// supports only symmetric CMKs. Do not associate an asymmetric CMK with your log
// group. For more information, see Using Symmetric and Asymmetric Keys
// (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html).
CreateLogGroup(ctx context.Context, params *CreateLogGroupInput, optFns ...func(*Options)) (*CreateLogGroupOutput, error)
// Creates a log stream for the specified log group. A log stream is a sequence of
// log events that originate from a single source, such as an application instance
// or a resource that is being monitored. There is no limit on the number of log
// streams that you can create for a log group. There is a limit of 50 TPS on
// CreateLogStream operations, after which transactions are throttled. You must use
// the following guidelines when naming a log stream:
//
// * Log stream names must be
// unique within the log group.
//
// * Log stream names can be between 1 and 512
// characters long.
//
// * The ':' (colon) and '*' (asterisk) characters are not
// allowed.
CreateLogStream(ctx context.Context, params *CreateLogStreamInput, optFns ...func(*Options)) (*CreateLogStreamOutput, error)
// Deletes the specified destination, and eventually disables all the subscription
// filters that publish to it. This operation does not delete the physical resource
// encapsulated by the destination.
DeleteDestination(ctx context.Context, params *DeleteDestinationInput, optFns ...func(*Options)) (*DeleteDestinationOutput, error)
// Deletes the specified log group and permanently deletes all the archived log
// events associated with the log group.
DeleteLogGroup(ctx context.Context, params *DeleteLogGroupInput, optFns ...func(*Options)) (*DeleteLogGroupOutput, error)
// Deletes the specified log stream and permanently deletes all the archived log
// events associated with the log stream.
DeleteLogStream(ctx context.Context, params *DeleteLogStreamInput, optFns ...func(*Options)) (*DeleteLogStreamOutput, error)
// Deletes the specified metric filter.
DeleteMetricFilter(ctx context.Context, params *DeleteMetricFilterInput, optFns ...func(*Options)) (*DeleteMetricFilterOutput, error)
// Deletes a saved CloudWatch Logs Insights query definition. A query definition
// contains details about a saved CloudWatch Logs Insights query. Each
// DeleteQueryDefinition operation can delete one query definition. You must have
// the logs:DeleteQueryDefinition permission to be able to perform this operation.
DeleteQueryDefinition(ctx context.Context, params *DeleteQueryDefinitionInput, optFns ...func(*Options)) (*DeleteQueryDefinitionOutput, error)
// Deletes a resource policy from this account. This revokes the access of the
// identities in that policy to put log events to this account.
DeleteResourcePolicy(ctx context.Context, params *DeleteResourcePolicyInput, optFns ...func(*Options)) (*DeleteResourcePolicyOutput, error)
// Deletes the specified retention policy. Log events do not expire if they belong
// to log groups without a retention policy.
DeleteRetentionPolicy(ctx context.Context, params *DeleteRetentionPolicyInput, optFns ...func(*Options)) (*DeleteRetentionPolicyOutput, error)
// Deletes the specified subscription filter.
DeleteSubscriptionFilter(ctx context.Context, params *DeleteSubscriptionFilterInput, optFns ...func(*Options)) (*DeleteSubscriptionFilterOutput, error)
// Lists all your destinations. The results are ASCII-sorted by destination name.
DescribeDestinations(ctx context.Context, params *DescribeDestinationsInput, optFns ...func(*Options)) (*DescribeDestinationsOutput, error)
// Lists the specified export tasks. You can list all your export tasks or filter
// the results based on task ID or task status.
DescribeExportTasks(ctx context.Context, params *DescribeExportTasksInput, optFns ...func(*Options)) (*DescribeExportTasksOutput, error)
// Lists the specified log groups. You can list all your log groups or filter the
// results by prefix. The results are ASCII-sorted by log group name. CloudWatch
// Logs doesn’t support IAM policies that control access to the DescribeLogGroups
// action by using the aws:ResourceTag/key-name condition key. Other CloudWatch
// Logs actions do support the use of the aws:ResourceTag/key-name condition key
// to control access. For more information about using tags to control access, see
// Controlling access to Amazon Web Services resources using tags
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html).
DescribeLogGroups(ctx context.Context, params *DescribeLogGroupsInput, optFns ...func(*Options)) (*DescribeLogGroupsOutput, error)
// Lists the log streams for the specified log group. You can list all the log
// streams or filter the results by prefix. You can also control how the results
// are ordered. This operation has a limit of five transactions per second, after
// which transactions are throttled.
DescribeLogStreams(ctx context.Context, params *DescribeLogStreamsInput, optFns ...func(*Options)) (*DescribeLogStreamsOutput, error)
// Lists the specified metric filters. You can list all of the metric filters or
// filter the results by log name, prefix, metric name, or metric namespace. The
// results are ASCII-sorted by filter name.
DescribeMetricFilters(ctx context.Context, params *DescribeMetricFiltersInput, optFns ...func(*Options)) (*DescribeMetricFiltersOutput, error)
// Returns a list of CloudWatch Logs Insights queries that are scheduled,
// executing, or have been executed recently in this account. You can request all
// queries or limit it to queries of a specific log group or queries with a certain
// status.
DescribeQueries(ctx context.Context, params *DescribeQueriesInput, optFns ...func(*Options)) (*DescribeQueriesOutput, error)
// This operation returns a paginated list of your saved CloudWatch Logs Insights
// query definitions. You can use the queryDefinitionNamePrefix parameter to limit
// the results to only the query definitions that have names that start with a
// certain string.
DescribeQueryDefinitions(ctx context.Context, params *DescribeQueryDefinitionsInput, optFns ...func(*Options)) (*DescribeQueryDefinitionsOutput, error)
// Lists the resource policies in this account.
DescribeResourcePolicies(ctx context.Context, params *DescribeResourcePoliciesInput, optFns ...func(*Options)) (*DescribeResourcePoliciesOutput, error)
// Lists the subscription filters for the specified log group. You can list all the
// subscription filters or filter the results by prefix. The results are
// ASCII-sorted by filter name.
DescribeSubscriptionFilters(ctx context.Context, params *DescribeSubscriptionFiltersInput, optFns ...func(*Options)) (*DescribeSubscriptionFiltersOutput, error)
// Disassociates the associated Key Management Service customer master key (CMK)
// from the specified log group. After the KMS CMK is disassociated from the log
// group, CloudWatch Logs stops encrypting newly ingested data for the log group.
// All previously ingested data remains encrypted, and CloudWatch Logs requires
// permissions for the CMK whenever the encrypted data is requested. Note that it
// can take up to 5 minutes for this operation to take effect.
DisassociateKmsKey(ctx context.Context, params *DisassociateKmsKeyInput, optFns ...func(*Options)) (*DisassociateKmsKeyOutput, error)
// Lists log events from the specified log group. You can list all the log events
// or filter the results using a filter pattern, a time range, and the name of the
// log stream. By default, this operation returns as many log events as can fit in
// 1 MB (up to 10,000 log events) or all the events found within the time range
// that you specify. If the results include a token, then there are more log events
// available, and you can get additional results by specifying the token in a
// subsequent call. This operation can return empty results while there are more
// log events available through the token. The returned log events are sorted by
// event timestamp, the timestamp when the event was ingested by CloudWatch Logs,
// and the ID of the PutLogEvents request.
FilterLogEvents(ctx context.Context, params *FilterLogEventsInput, optFns ...func(*Options)) (*FilterLogEventsOutput, error)
// Lists log events from the specified log stream. You can list all of the log
// events or filter using a time range. By default, this operation returns as many
// log events as can fit in a response size of 1MB (up to 10,000 log events). You
// can get additional log events by specifying one of the tokens in a subsequent
// call. This operation can return empty results while there are more log events
// available through the token.
GetLogEvents(ctx context.Context, params *GetLogEventsInput, optFns ...func(*Options)) (*GetLogEventsOutput, error)
// Returns a list of the fields that are included in log events in the specified
// log group, along with the percentage of log events that contain each field. The
// search is limited to a time period that you specify. In the results, fields that
// start with @ are fields generated by CloudWatch Logs. For example, @timestamp is
// the timestamp of each log event. For more information about the fields that are
// generated by CloudWatch logs, see Supported Logs and Discovered Fields
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html).
// The response results are sorted by the frequency percentage, starting with the
// highest percentage.
GetLogGroupFields(ctx context.Context, params *GetLogGroupFieldsInput, optFns ...func(*Options)) (*GetLogGroupFieldsOutput, error)
// Retrieves all of the fields and values of a single log event. All fields are
// retrieved, even if the original query that produced the logRecordPointer
// retrieved only a subset of fields. Fields are returned as field name/field value
// pairs. The full unparsed log event is returned within @message.
GetLogRecord(ctx context.Context, params *GetLogRecordInput, optFns ...func(*Options)) (*GetLogRecordOutput, error)
// Returns the results from the specified query. Only the fields requested in the
// query are returned, along with a @ptr field, which is the identifier for the log
// record. You can use the value of @ptr in a GetLogRecord
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html)
// operation to get the full log record. GetQueryResults does not start a query
// execution. To run a query, use StartQuery
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html).
// If the value of the Status field in the output is Running, this operation
// returns only partial results. If you see a value of Scheduled or Running for the
// status, you can retry the operation later to see the final results.
GetQueryResults(ctx context.Context, params *GetQueryResultsInput, optFns ...func(*Options)) (*GetQueryResultsOutput, error)
// Lists the tags for the specified log group.
ListTagsLogGroup(ctx context.Context, params *ListTagsLogGroupInput, optFns ...func(*Options)) (*ListTagsLogGroupOutput, error)
// Creates or updates a destination. This operation is used only to create
// destinations for cross-account subscriptions. A destination encapsulates a
// physical resource (such as an Amazon Kinesis stream) and enables you to
// subscribe to a real-time stream of log events for a different account, ingested
// using PutLogEvents
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html).
// Through an access policy, a destination controls what is written to it. By
// default, PutDestination does not set any access policy with the destination,
// which means a cross-account user cannot call PutSubscriptionFilter
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html)
// against this destination. To enable this, the destination owner must call
// PutDestinationPolicy
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html)
// after PutDestination. To perform a PutDestination operation, you must also have
// the iam:PassRole permission.
PutDestination(ctx context.Context, params *PutDestinationInput, optFns ...func(*Options)) (*PutDestinationOutput, error)
// Creates or updates an access policy associated with an existing destination. An
// access policy is an IAM policy document
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html) that
// is used to authorize claims to register a subscription filter against a given
// destination. If multiple Amazon Web Services accounts are sending logs to this
// destination, each sender account must be listed separately in the policy. The
// policy does not support specifying * as the Principal or the use of the
// aws:PrincipalOrgId global key.
PutDestinationPolicy(ctx context.Context, params *PutDestinationPolicyInput, optFns ...func(*Options)) (*PutDestinationPolicyOutput, error)
// Uploads a batch of log events to the specified log stream. You must include the
// sequence token obtained from the response of the previous call. An upload in a
// newly created log stream does not require a sequence token. You can also get the
// sequence token in the expectedSequenceToken field from
// InvalidSequenceTokenException. If you call PutLogEvents twice within a narrow
// time period using the same value for sequenceToken, both calls might be
// successful or one might be rejected. The batch of events must satisfy the
// following constraints:
//
// * The maximum batch size is 1,048,576 bytes. This size
// is calculated as the sum of all event messages in UTF-8, plus 26 bytes for each
// log event.
//
// * None of the log events in the batch can be more than 2 hours in
// the future.
//
// * None of the log events in the batch can be older than 14 days or
// older than the retention period of the log group.
//
// * The log events in the batch
// must be in chronological order by their timestamp. The timestamp is the time the
// event occurred, expressed as the number of milliseconds after Jan 1, 1970
// 00:00:00 UTC. (In Amazon Web Services Tools for PowerShell and the Amazon Web
// Services SDK for .NET, the timestamp is specified in .NET format:
// yyyy-mm-ddThh:mm:ss. For example, 2017-09-15T13:45:30.)
//
// * A batch of log events
// in a single request cannot span more than 24 hours. Otherwise, the operation
// fails.
//
// * The maximum number of log events in a batch is 10,000.
//
// * There is a
// quota of 5 requests per second per log stream. Additional requests are
// throttled. This quota can't be changed.
//
// If a call to PutLogEvents returns
// "UnrecognizedClientException" the most likely cause is an invalid Amazon Web
// Services access key ID or secret key.
PutLogEvents(ctx context.Context, params *PutLogEventsInput, optFns ...func(*Options)) (*PutLogEventsOutput, error)
// Creates or updates a metric filter and associates it with the specified log
// group. Metric filters allow you to configure rules to extract metric data from
// log events ingested through PutLogEvents
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html).
// The maximum number of metric filters that can be associated with a log group is
// 100. When you create a metric filter, you can also optionally assign a unit and
// dimensions to the metric that is created. Metrics extracted from log events are
// charged as custom metrics. To prevent unexpected high charges, do not specify
// high-cardinality fields such as IPAddress or requestID as dimensions. Each
// different value found for a dimension is treated as a separate metric and
// accrues charges as a separate custom metric. To help prevent accidental high
// charges, Amazon disables a metric filter if it generates 1000 different
// name/value pairs for the dimensions that you have specified within a certain
// amount of time. You can also set up a billing alarm to alert you if your charges
// are higher than expected. For more information, see Creating a Billing Alarm to
// Monitor Your Estimated Amazon Web Services Charges
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html).
PutMetricFilter(ctx context.Context, params *PutMetricFilterInput, optFns ...func(*Options)) (*PutMetricFilterOutput, error)
// Creates or updates a query definition for CloudWatch Logs Insights. For more
// information, see Analyzing Log Data with CloudWatch Logs Insights
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html).
// To update a query definition, specify its queryDefinitionId in your request. The
// values of name, queryString, and logGroupNames are changed to the values that
// you specify in your update operation. No current values are retained from the
// current query definition. For example, if you update a current query definition
// that includes log groups, and you don't specify the logGroupNames parameter in
// your update operation, the query definition changes to contain no log groups.
// You must have the logs:PutQueryDefinition permission to be able to perform this
// operation.
PutQueryDefinition(ctx context.Context, params *PutQueryDefinitionInput, optFns ...func(*Options)) (*PutQueryDefinitionOutput, error)
// Creates or updates a resource policy allowing other Amazon Web Services services
// to put log events to this account, such as Amazon Route 53. An account can have
// up to 10 resource policies per Amazon Web Services Region.
PutResourcePolicy(ctx context.Context, params *PutResourcePolicyInput, optFns ...func(*Options)) (*PutResourcePolicyOutput, error)
// Sets the retention of the specified log group. A retention policy allows you to
// configure the number of days for which to retain log events in the specified log
// group.
PutRetentionPolicy(ctx context.Context, params *PutRetentionPolicyInput, optFns ...func(*Options)) (*PutRetentionPolicyOutput, error)
// Creates or updates a subscription filter and associates it with the specified
// log group. Subscription filters allow you to subscribe to a real-time stream of
// log events ingested through PutLogEvents
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html)
// and have them delivered to a specific destination. When log events are sent to
// the receiving service, they are Base64 encoded and compressed with the gzip
// format. The following destinations are supported for subscription filters:
//
// * An
// Amazon Kinesis stream belonging to the same account as the subscription filter,
// for same-account delivery.
//
// * A logical destination that belongs to a different
// account, for cross-account delivery.
//
// * An Amazon Kinesis Firehose delivery
// stream that belongs to the same account as the subscription filter, for
// same-account delivery.
//
// * An Lambda function that belongs to the same account as
// the subscription filter, for same-account delivery.
//
// Each log group can have up
// to two subscription filters associated with it. If you are updating an existing
// filter, you must specify the correct name in filterName. To perform a
// PutSubscriptionFilter operation, you must also have the iam:PassRole permission.
PutSubscriptionFilter(ctx context.Context, params *PutSubscriptionFilterInput, optFns ...func(*Options)) (*PutSubscriptionFilterOutput, error)
// Schedules a query of a log group using CloudWatch Logs Insights. You specify the
// log group and time range to query and the query string to use. For more
// information, see CloudWatch Logs Insights Query Syntax
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html).
// Queries time out after 15 minutes of execution. If your queries are timing out,
// reduce the time range being searched or partition your query into a number of
// queries.
StartQuery(ctx context.Context, params *StartQueryInput, optFns ...func(*Options)) (*StartQueryOutput, error)
// Stops a CloudWatch Logs Insights query that is in progress. If the query has
// already ended, the operation returns an error indicating that the specified
// query is not running.
StopQuery(ctx context.Context, params *StopQueryInput, optFns ...func(*Options)) (*StopQueryOutput, error)
// Adds or updates the specified tags for the specified log group. To list the tags
// for a log group, use ListTagsLogGroup
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html).
// To remove tags, use UntagLogGroup
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagLogGroup.html).
// For more information about tags, see Tag Log Groups in Amazon CloudWatch Logs
// (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html#log-group-tagging)
// in the Amazon CloudWatch Logs User Guide. CloudWatch Logs doesn’t support IAM
// policies that prevent users from assigning specified tags to log groups using
// the aws:Resource/key-name or aws:TagKeys condition keys. For more information
// about using tags to control access, see Controlling access to Amazon Web
// Services resources using tags
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html).
TagLogGroup(ctx context.Context, params *TagLogGroupInput, optFns ...func(*Options)) (*TagLogGroupOutput, error)
// Tests the filter pattern of a metric filter against a sample of log event
// messages. You can use this operation to validate the correctness of a metric
// filter pattern.
TestMetricFilter(ctx context.Context, params *TestMetricFilterInput, optFns ...func(*Options)) (*TestMetricFilterOutput, error)
// Removes the specified tags from the specified log group. To list the tags for a
// log group, use ListTagsLogGroup
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsLogGroup.html).
// To add tags, use TagLogGroup
// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagLogGroup.html).
// CloudWatch Logs doesn’t support IAM policies that prevent users from assigning
// specified tags to log groups using the aws:Resource/key-name or aws:TagKeys
// condition keys.
UntagLogGroup(ctx context.Context, params *UntagLogGroupInput, optFns ...func(*Options)) (*UntagLogGroupOutput, error)
}
CloudWatchLogs provides an interface to the AWS CloudWatchLogs service.
type ELB ¶ added in v0.91.0
type ELB interface {
// Adds the specified tags to the specified load balancer. Each load balancer can
// have a maximum of 10 tags. Each tag consists of a key and an optional value. If
// a tag with the same key is already associated with the load balancer, AddTags
// updates its value. For more information, see Tag Your Classic Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/add-remove-tags.html)
// in the Classic Load Balancers Guide.
AddTags(ctx context.Context, params *AddTagsInput, optFns ...func(*Options)) (*AddTagsOutput, error)
// Associates one or more security groups with your load balancer in a virtual
// private cloud (VPC). The specified security groups override the previously
// associated security groups. For more information, see Security Groups for Load
// Balancers in a VPC
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-security-groups.html#elb-vpc-security-groups)
// in the Classic Load Balancers Guide.
ApplySecurityGroupsToLoadBalancer(ctx context.Context, params *ApplySecurityGroupsToLoadBalancerInput, optFns ...func(*Options)) (*ApplySecurityGroupsToLoadBalancerOutput, error)
// Adds one or more subnets to the set of configured subnets for the specified load
// balancer. The load balancer evenly distributes requests across all registered
// subnets. For more information, see Add or Remove Subnets for Your Load Balancer
// in a VPC
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-manage-subnets.html)
// in the Classic Load Balancers Guide.
AttachLoadBalancerToSubnets(ctx context.Context, params *AttachLoadBalancerToSubnetsInput, optFns ...func(*Options)) (*AttachLoadBalancerToSubnetsOutput, error)
// Specifies the health check settings to use when evaluating the health state of
// your EC2 instances. For more information, see Configure Health Checks for Your
// Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-healthchecks.html)
// in the Classic Load Balancers Guide.
ConfigureHealthCheck(ctx context.Context, params *ConfigureHealthCheckInput, optFns ...func(*Options)) (*ConfigureHealthCheckOutput, error)
// Generates a stickiness policy with sticky session lifetimes that follow that of
// an application-generated cookie. This policy can be associated only with
// HTTP/HTTPS listeners. This policy is similar to the policy created by
// CreateLBCookieStickinessPolicy, except that the lifetime of the special Elastic
// Load Balancing cookie, AWSELB, follows the lifetime of the application-generated
// cookie specified in the policy configuration. The load balancer only inserts a
// new stickiness cookie when the application response includes a new application
// cookie. If the application cookie is explicitly removed or expires, the session
// stops being sticky until a new application cookie is issued. For more
// information, see Application-Controlled Session Stickiness
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application)
// in the Classic Load Balancers Guide.
CreateAppCookieStickinessPolicy(ctx context.Context, params *CreateAppCookieStickinessPolicyInput, optFns ...func(*Options)) (*CreateAppCookieStickinessPolicyOutput, error)
// Generates a stickiness policy with sticky session lifetimes controlled by the
// lifetime of the browser (user-agent) or a specified expiration period. This
// policy can be associated only with HTTP/HTTPS listeners. When a load balancer
// implements this policy, the load balancer uses a special cookie to track the
// instance for each request. When the load balancer receives a request, it first
// checks to see if this cookie is present in the request. If so, the load balancer
// sends the request to the application server specified in the cookie. If not, the
// load balancer sends the request to a server that is chosen based on the existing
// load-balancing algorithm. A cookie is inserted into the response for binding
// subsequent requests from the same user to that server. The validity of the
// cookie is based on the cookie expiration time, which is specified in the policy
// configuration. For more information, see Duration-Based Session Stickiness
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration)
// in the Classic Load Balancers Guide.
CreateLBCookieStickinessPolicy(ctx context.Context, params *CreateLBCookieStickinessPolicyInput, optFns ...func(*Options)) (*CreateLBCookieStickinessPolicyOutput, error)
// Creates a Classic Load Balancer. You can add listeners, security groups,
// subnets, and tags when you create your load balancer, or you can add them later
// using CreateLoadBalancerListeners, ApplySecurityGroupsToLoadBalancer,
// AttachLoadBalancerToSubnets, and AddTags. To describe your current load
// balancers, see DescribeLoadBalancers. When you are finished with a load
// balancer, you can delete it using DeleteLoadBalancer. You can create up to 20
// load balancers per region per account. You can request an increase for the
// number of load balancers for your account. For more information, see Limits for
// Your Classic Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html)
// in the Classic Load Balancers Guide.
CreateLoadBalancer(ctx context.Context, params *CreateLoadBalancerInput, optFns ...func(*Options)) (*CreateLoadBalancerOutput, error)
// Creates one or more listeners for the specified load balancer. If a listener
// with the specified port does not already exist, it is created; otherwise, the
// properties of the new listener must match the properties of the existing
// listener. For more information, see Listeners for Your Classic Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-listener-config.html)
// in the Classic Load Balancers Guide.
CreateLoadBalancerListeners(ctx context.Context, params *CreateLoadBalancerListenersInput, optFns ...func(*Options)) (*CreateLoadBalancerListenersOutput, error)
// Creates a policy with the specified attributes for the specified load balancer.
// Policies are settings that are saved for your load balancer and that can be
// applied to the listener or the application server, depending on the policy type.
CreateLoadBalancerPolicy(ctx context.Context, params *CreateLoadBalancerPolicyInput, optFns ...func(*Options)) (*CreateLoadBalancerPolicyOutput, error)
// Deletes the specified load balancer. If you are attempting to recreate a load
// balancer, you must reconfigure all settings. The DNS name associated with a
// deleted load balancer are no longer usable. The name and associated DNS record
// of the deleted load balancer no longer exist and traffic sent to any of its IP
// addresses is no longer delivered to your instances. If the load balancer does
// not exist or has already been deleted, the call to DeleteLoadBalancer still
// succeeds.
DeleteLoadBalancer(ctx context.Context, params *DeleteLoadBalancerInput, optFns ...func(*Options)) (*DeleteLoadBalancerOutput, error)
// Deletes the specified listeners from the specified load balancer.
DeleteLoadBalancerListeners(ctx context.Context, params *DeleteLoadBalancerListenersInput, optFns ...func(*Options)) (*DeleteLoadBalancerListenersOutput, error)
// Deletes the specified policy from the specified load balancer. This policy must
// not be enabled for any listeners.
DeleteLoadBalancerPolicy(ctx context.Context, params *DeleteLoadBalancerPolicyInput, optFns ...func(*Options)) (*DeleteLoadBalancerPolicyOutput, error)
// Deregisters the specified instances from the specified load balancer. After the
// instance is deregistered, it no longer receives traffic from the load balancer.
// You can use DescribeLoadBalancers to verify that the instance is deregistered
// from the load balancer. For more information, see Register or De-Register EC2
// Instances
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html)
// in the Classic Load Balancers Guide.
DeregisterInstancesFromLoadBalancer(ctx context.Context, params *DeregisterInstancesFromLoadBalancerInput, optFns ...func(*Options)) (*DeregisterInstancesFromLoadBalancerOutput, error)
// Describes the current Elastic Load Balancing resource limits for your AWS
// account. For more information, see Limits for Your Classic Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-limits.html)
// in the Classic Load Balancers Guide.
DescribeAccountLimits(ctx context.Context, params *DescribeAccountLimitsInput, optFns ...func(*Options)) (*DescribeAccountLimitsOutput, error)
// Describes the state of the specified instances with respect to the specified
// load balancer. If no instances are specified, the call describes the state of
// all instances that are currently registered with the load balancer. If instances
// are specified, their state is returned even if they are no longer registered
// with the load balancer. The state of terminated instances is not returned.
DescribeInstanceHealth(ctx context.Context, params *DescribeInstanceHealthInput, optFns ...func(*Options)) (*DescribeInstanceHealthOutput, error)
// Describes the attributes for the specified load balancer.
DescribeLoadBalancerAttributes(ctx context.Context, params *DescribeLoadBalancerAttributesInput, optFns ...func(*Options)) (*DescribeLoadBalancerAttributesOutput, error)
// Describes the specified policies. If you specify a load balancer name, the
// action returns the descriptions of all policies created for the load balancer.
// If you specify a policy name associated with your load balancer, the action
// returns the description of that policy. If you don't specify a load balancer
// name, the action returns descriptions of the specified sample policies, or
// descriptions of all sample policies. The names of the sample policies have the
// ELBSample- prefix.
DescribeLoadBalancerPolicies(ctx context.Context, params *DescribeLoadBalancerPoliciesInput, optFns ...func(*Options)) (*DescribeLoadBalancerPoliciesOutput, error)
// Describes the specified load balancer policy types or all load balancer policy
// types. The description of each type indicates how it can be used. For example,
// some policies can be used only with layer 7 listeners, some policies can be used
// only with layer 4 listeners, and some policies can be used only with your EC2
// instances. You can use CreateLoadBalancerPolicy to create a policy configuration
// for any of these policy types. Then, depending on the policy type, use either
// SetLoadBalancerPoliciesOfListener or SetLoadBalancerPoliciesForBackendServer to
// set the policy.
DescribeLoadBalancerPolicyTypes(ctx context.Context, params *DescribeLoadBalancerPolicyTypesInput, optFns ...func(*Options)) (*DescribeLoadBalancerPolicyTypesOutput, error)
// Describes the specified the load balancers. If no load balancers are specified,
// the call describes all of your load balancers.
DescribeLoadBalancers(ctx context.Context, params *DescribeLoadBalancersInput, optFns ...func(*Options)) (*DescribeLoadBalancersOutput, error)
// Describes the tags associated with the specified load balancers.
DescribeTags(ctx context.Context, params *DescribeTagsInput, optFns ...func(*Options)) (*DescribeTagsOutput, error)
// Removes the specified subnets from the set of configured subnets for the load
// balancer. After a subnet is removed, all EC2 instances registered with the load
// balancer in the removed subnet go into the OutOfService state. Then, the load
// balancer balances the traffic among the remaining routable subnets.
DetachLoadBalancerFromSubnets(ctx context.Context, params *DetachLoadBalancerFromSubnetsInput, optFns ...func(*Options)) (*DetachLoadBalancerFromSubnetsOutput, error)
// Removes the specified Availability Zones from the set of Availability Zones for
// the specified load balancer in EC2-Classic or a default VPC. For load balancers
// in a non-default VPC, use DetachLoadBalancerFromSubnets. There must be at least
// one Availability Zone registered with a load balancer at all times. After an
// Availability Zone is removed, all instances registered with the load balancer
// that are in the removed Availability Zone go into the OutOfService state. Then,
// the load balancer attempts to equally balance the traffic among its remaining
// Availability Zones. For more information, see Add or Remove Availability Zones
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html)
// in the Classic Load Balancers Guide.
DisableAvailabilityZonesForLoadBalancer(ctx context.Context, params *DisableAvailabilityZonesForLoadBalancerInput, optFns ...func(*Options)) (*DisableAvailabilityZonesForLoadBalancerOutput, error)
// Adds the specified Availability Zones to the set of Availability Zones for the
// specified load balancer in EC2-Classic or a default VPC. For load balancers in a
// non-default VPC, use AttachLoadBalancerToSubnets. The load balancer evenly
// distributes requests across all its registered Availability Zones that contain
// instances. For more information, see Add or Remove Availability Zones
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-az.html)
// in the Classic Load Balancers Guide.
EnableAvailabilityZonesForLoadBalancer(ctx context.Context, params *EnableAvailabilityZonesForLoadBalancerInput, optFns ...func(*Options)) (*EnableAvailabilityZonesForLoadBalancerOutput, error)
// Modifies the attributes of the specified load balancer. You can modify the load
// balancer attributes, such as AccessLogs, ConnectionDraining, and
// CrossZoneLoadBalancing by either enabling or disabling them. Or, you can modify
// the load balancer attribute ConnectionSettings by specifying an idle connection
// timeout value for your load balancer. For more information, see the following in
// the Classic Load Balancers Guide:
//
// * Cross-Zone Load Balancing
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-disable-crosszone-lb.html)
//
// *
// Connection Draining
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-conn-drain.html)
//
// *
// Access Logs
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/access-log-collection.html)
//
// *
// Idle Connection Timeout
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html)
ModifyLoadBalancerAttributes(ctx context.Context, params *ModifyLoadBalancerAttributesInput, optFns ...func(*Options)) (*ModifyLoadBalancerAttributesOutput, error)
// Adds the specified instances to the specified load balancer. The instance must
// be a running instance in the same network as the load balancer (EC2-Classic or
// the same VPC). If you have EC2-Classic instances and a load balancer in a VPC
// with ClassicLink enabled, you can link the EC2-Classic instances to that VPC and
// then register the linked EC2-Classic instances with the load balancer in the
// VPC. Note that RegisterInstanceWithLoadBalancer completes when the request has
// been registered. Instance registration takes a little time to complete. To check
// the state of the registered instances, use DescribeLoadBalancers or
// DescribeInstanceHealth. After the instance is registered, it starts receiving
// traffic and requests from the load balancer. Any instance that is not in one of
// the Availability Zones registered for the load balancer is moved to the
// OutOfService state. If an Availability Zone is added to the load balancer later,
// any instances registered with the load balancer move to the InService state. To
// deregister instances from a load balancer, use
// DeregisterInstancesFromLoadBalancer. For more information, see Register or
// De-Register EC2 Instances
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-deregister-register-instances.html)
// in the Classic Load Balancers Guide.
RegisterInstancesWithLoadBalancer(ctx context.Context, params *RegisterInstancesWithLoadBalancerInput, optFns ...func(*Options)) (*RegisterInstancesWithLoadBalancerOutput, error)
// Removes one or more tags from the specified load balancer.
RemoveTags(ctx context.Context, params *RemoveTagsInput, optFns ...func(*Options)) (*RemoveTagsOutput, error)
// Sets the certificate that terminates the specified listener's SSL connections.
// The specified certificate replaces any prior certificate that was used on the
// same load balancer and port. For more information about updating your SSL
// certificate, see Replace the SSL Certificate for Your Load Balancer
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-update-ssl-cert.html)
// in the Classic Load Balancers Guide.
SetLoadBalancerListenerSSLCertificate(ctx context.Context, params *SetLoadBalancerListenerSSLCertificateInput, optFns ...func(*Options)) (*SetLoadBalancerListenerSSLCertificateOutput, error)
// Replaces the set of policies associated with the specified port on which the EC2
// instance is listening with a new set of policies. At this time, only the
// back-end server authentication policy type can be applied to the instance ports;
// this policy type is composed of multiple public key policies. Each time you use
// SetLoadBalancerPoliciesForBackendServer to enable the policies, use the
// PolicyNames parameter to list the policies that you want to enable. You can use
// DescribeLoadBalancers or DescribeLoadBalancerPolicies to verify that the policy
// is associated with the EC2 instance. For more information about enabling
// back-end instance authentication, see Configure Back-end Instance Authentication
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-create-https-ssl-load-balancer.html#configure_backendauth_clt)
// in the Classic Load Balancers Guide. For more information about Proxy Protocol,
// see Configure Proxy Protocol Support
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/enable-proxy-protocol.html)
// in the Classic Load Balancers Guide.
SetLoadBalancerPoliciesForBackendServer(ctx context.Context, params *SetLoadBalancerPoliciesForBackendServerInput, optFns ...func(*Options)) (*SetLoadBalancerPoliciesForBackendServerOutput, error)
// Replaces the current set of policies for the specified load balancer port with
// the specified set of policies. To enable back-end server authentication, use
// SetLoadBalancerPoliciesForBackendServer. For more information about setting
// policies, see Update the SSL Negotiation Configuration
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-config-update.html),
// Duration-Based Session Stickiness
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-duration),
// and Application-Controlled Session Stickiness
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html#enable-sticky-sessions-application)
// in the Classic Load Balancers Guide.
SetLoadBalancerPoliciesOfListener(ctx context.Context, params *SetLoadBalancerPoliciesOfListenerInput, optFns ...func(*Options)) (*SetLoadBalancerPoliciesOfListenerOutput, error)
}
ELB provides an interface to the AWS ELB service.
type ELBV2 ¶ added in v0.91.0
type ELBV2 interface {
// Adds the specified SSL server certificate to the certificate list for the
// specified HTTPS or TLS listener. If the certificate in already in the
// certificate list, the call is successful but the certificate is not added again.
// For more information, see HTTPS listeners
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html)
// in the Application Load Balancers Guide or TLS listeners
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html)
// in the Network Load Balancers Guide.
AddListenerCertificates(ctx context.Context, params *AddListenerCertificatesInput, optFns ...func(*Options)) (*AddListenerCertificatesOutput, error)
// Adds the specified tags to the specified Elastic Load Balancing resource. You
// can tag your Application Load Balancers, Network Load Balancers, Gateway Load
// Balancers, target groups, listeners, and rules. Each tag consists of a key and
// an optional value. If a resource already has a tag with the same key, AddTags
// updates its value.
AddTags(ctx context.Context, params *AddTagsInput, optFns ...func(*Options)) (*AddTagsOutput, error)
// Creates a listener for the specified Application Load Balancer, Network Load
// Balancer, or Gateway Load Balancer. For more information, see the following:
//
// *
// Listeners for your Application Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html)
//
// *
// Listeners for your Network Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-listeners.html)
//
// *
// Listeners for your Gateway Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/gateway-listeners.html)
//
// This
// operation is idempotent, which means that it completes at most one time. If you
// attempt to create multiple listeners with the same settings, each call succeeds.
CreateListener(ctx context.Context, params *CreateListenerInput, optFns ...func(*Options)) (*CreateListenerOutput, error)
// Creates an Application Load Balancer, Network Load Balancer, or Gateway Load
// Balancer. For more information, see the following:
//
// * Application Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html)
//
// *
// Network Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html)
//
// *
// Gateway Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/gateway-load-balancers.html)
//
// This
// operation is idempotent, which means that it completes at most one time. If you
// attempt to create multiple load balancers with the same settings, each call
// succeeds.
CreateLoadBalancer(ctx context.Context, params *CreateLoadBalancerInput, optFns ...func(*Options)) (*CreateLoadBalancerOutput, error)
// Creates a rule for the specified listener. The listener must be associated with
// an Application Load Balancer. Each rule consists of a priority, one or more
// actions, and one or more conditions. Rules are evaluated in priority order, from
// the lowest value to the highest value. When the conditions for a rule are met,
// its actions are performed. If the conditions for no rules are met, the actions
// for the default rule are performed. For more information, see Listener rules
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-listeners.html#listener-rules)
// in the Application Load Balancers Guide.
CreateRule(ctx context.Context, params *CreateRuleInput, optFns ...func(*Options)) (*CreateRuleOutput, error)
// Creates a target group. For more information, see the following:
//
// * Target
// groups for your Application Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html)
//
// *
// Target groups for your Network Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html)
//
// *
// Target groups for your Gateway Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/target-groups.html)
//
// This
// operation is idempotent, which means that it completes at most one time. If you
// attempt to create multiple target groups with the same settings, each call
// succeeds.
CreateTargetGroup(ctx context.Context, params *CreateTargetGroupInput, optFns ...func(*Options)) (*CreateTargetGroupOutput, error)
// Deletes the specified listener. Alternatively, your listener is deleted when you
// delete the load balancer to which it is attached.
DeleteListener(ctx context.Context, params *DeleteListenerInput, optFns ...func(*Options)) (*DeleteListenerOutput, error)
// Deletes the specified Application Load Balancer, Network Load Balancer, or
// Gateway Load Balancer. Deleting a load balancer also deletes its listeners. You
// can't delete a load balancer if deletion protection is enabled. If the load
// balancer does not exist or has already been deleted, the call succeeds. Deleting
// a load balancer does not affect its registered targets. For example, your EC2
// instances continue to run and are still registered to their target groups. If
// you no longer need these EC2 instances, you can stop or terminate them.
DeleteLoadBalancer(ctx context.Context, params *DeleteLoadBalancerInput, optFns ...func(*Options)) (*DeleteLoadBalancerOutput, error)
// Deletes the specified rule. You can't delete the default rule.
DeleteRule(ctx context.Context, params *DeleteRuleInput, optFns ...func(*Options)) (*DeleteRuleOutput, error)
// Deletes the specified target group. You can delete a target group if it is not
// referenced by any actions. Deleting a target group also deletes any associated
// health checks. Deleting a target group does not affect its registered targets.
// For example, any EC2 instances continue to run until you stop or terminate them.
DeleteTargetGroup(ctx context.Context, params *DeleteTargetGroupInput, optFns ...func(*Options)) (*DeleteTargetGroupOutput, error)
// Deregisters the specified targets from the specified target group. After the
// targets are deregistered, they no longer receive traffic from the load balancer.
DeregisterTargets(ctx context.Context, params *DeregisterTargetsInput, optFns ...func(*Options)) (*DeregisterTargetsOutput, error)
// Describes the current Elastic Load Balancing resource limits for your Amazon Web
// Services account. For more information, see the following:
//
// * Quotas for your
// Application Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-limits.html)
//
// *
// Quotas for your Network Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-limits.html)
//
// *
// Quotas for your Gateway Load Balancers
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/quotas-limits.html)
DescribeAccountLimits(ctx context.Context, params *DescribeAccountLimitsInput, optFns ...func(*Options)) (*DescribeAccountLimitsOutput, error)
// Describes the default certificate and the certificate list for the specified
// HTTPS or TLS listener. If the default certificate is also in the certificate
// list, it appears twice in the results (once with IsDefault set to true and once
// with IsDefault set to false). For more information, see SSL certificates
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#https-listener-certificates)
// in the Application Load Balancers Guide or Server certificates
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#tls-listener-certificate)
// in the Network Load Balancers Guide.
DescribeListenerCertificates(ctx context.Context, params *DescribeListenerCertificatesInput, optFns ...func(*Options)) (*DescribeListenerCertificatesOutput, error)
// Describes the specified listeners or the listeners for the specified Application
// Load Balancer, Network Load Balancer, or Gateway Load Balancer. You must specify
// either a load balancer or one or more listeners.
DescribeListeners(ctx context.Context, params *DescribeListenersInput, optFns ...func(*Options)) (*DescribeListenersOutput, error)
// Describes the attributes for the specified Application Load Balancer, Network
// Load Balancer, or Gateway Load Balancer. For more information, see the
// following:
//
// * Load balancer attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/application-load-balancers.html#load-balancer-attributes)
// in the Application Load Balancers Guide
//
// * Load balancer attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/network-load-balancers.html#load-balancer-attributes)
// in the Network Load Balancers Guide
//
// * Load balancer attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/gateway-load-balancers.html#load-balancer-attributes)
// in the Gateway Load Balancers Guide
DescribeLoadBalancerAttributes(ctx context.Context, params *DescribeLoadBalancerAttributesInput, optFns ...func(*Options)) (*DescribeLoadBalancerAttributesOutput, error)
// Describes the specified load balancers or all of your load balancers.
DescribeLoadBalancers(ctx context.Context, params *DescribeLoadBalancersInput, optFns ...func(*Options)) (*DescribeLoadBalancersOutput, error)
// Describes the specified rules or the rules for the specified listener. You must
// specify either a listener or one or more rules.
DescribeRules(ctx context.Context, params *DescribeRulesInput, optFns ...func(*Options)) (*DescribeRulesOutput, error)
// Describes the specified policies or all policies used for SSL negotiation. For
// more information, see Security policies
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies)
// in the Application Load Balancers Guide or Security policies
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies)
// in the Network Load Balancers Guide.
DescribeSSLPolicies(ctx context.Context, params *DescribeSSLPoliciesInput, optFns ...func(*Options)) (*DescribeSSLPoliciesOutput, error)
// Describes the tags for the specified Elastic Load Balancing resources. You can
// describe the tags for one or more Application Load Balancers, Network Load
// Balancers, Gateway Load Balancers, target groups, listeners, or rules.
DescribeTags(ctx context.Context, params *DescribeTagsInput, optFns ...func(*Options)) (*DescribeTagsOutput, error)
// Describes the attributes for the specified target group. For more information,
// see the following:
//
// * Target group attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/load-balancer-target-groups.html#target-group-attributes)
// in the Application Load Balancers Guide
//
// * Target group attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/load-balancer-target-groups.html#target-group-attributes)
// in the Network Load Balancers Guide
//
// * Target group attributes
// (https://docs.aws.amazon.com/elasticloadbalancing/latest/gateway/target-groups.html#target-group-attributes)
// in the Gateway Load Balancers Guide
DescribeTargetGroupAttributes(ctx context.Context, params *DescribeTargetGroupAttributesInput, optFns ...func(*Options)) (*DescribeTargetGroupAttributesOutput, error)
// Describes the specified target groups or all of your target groups. By default,
// all target groups are described. Alternatively, you can specify one of the
// following to filter the results: the ARN of the load balancer, the names of one
// or more target groups, or the ARNs of one or more target groups.
DescribeTargetGroups(ctx context.Context, params *DescribeTargetGroupsInput, optFns ...func(*Options)) (*DescribeTargetGroupsOutput, error)
// Describes the health of the specified targets or all of your targets.
DescribeTargetHealth(ctx context.Context, params *DescribeTargetHealthInput, optFns ...func(*Options)) (*DescribeTargetHealthOutput, error)
// Replaces the specified properties of the specified listener. Any properties that
// you do not specify remain unchanged. Changing the protocol from HTTPS to HTTP,
// or from TLS to TCP, removes the security policy and default certificate
// properties. If you change the protocol from HTTP to HTTPS, or from TCP to TLS,
// you must add the security policy and default certificate properties. To add an
// item to a list, remove an item from a list, or update an item in a list, you
// must provide the entire list. For example, to add an action, specify a list with
// the current actions plus the new action.
ModifyListener(ctx context.Context, params *ModifyListenerInput, optFns ...func(*Options)) (*ModifyListenerOutput, error)
// Modifies the specified attributes of the specified Application Load Balancer,
// Network Load Balancer, or Gateway Load Balancer. If any of the specified
// attributes can't be modified as requested, the call fails. Any existing
// attributes that you do not modify retain their current values.
ModifyLoadBalancerAttributes(ctx context.Context, params *ModifyLoadBalancerAttributesInput, optFns ...func(*Options)) (*ModifyLoadBalancerAttributesOutput, error)
// Replaces the specified properties of the specified rule. Any properties that you
// do not specify are unchanged. To add an item to a list, remove an item from a
// list, or update an item in a list, you must provide the entire list. For
// example, to add an action, specify a list with the current actions plus the new
// action.
ModifyRule(ctx context.Context, params *ModifyRuleInput, optFns ...func(*Options)) (*ModifyRuleOutput, error)
// Modifies the health checks used when evaluating the health state of the targets
// in the specified target group.
ModifyTargetGroup(ctx context.Context, params *ModifyTargetGroupInput, optFns ...func(*Options)) (*ModifyTargetGroupOutput, error)
// Modifies the specified attributes of the specified target group.
ModifyTargetGroupAttributes(ctx context.Context, params *ModifyTargetGroupAttributesInput, optFns ...func(*Options)) (*ModifyTargetGroupAttributesOutput, error)
// Registers the specified targets with the specified target group. If the target
// is an EC2 instance, it must be in the running state when you register it. By
// default, the load balancer routes requests to registered targets using the
// protocol and port for the target group. Alternatively, you can override the port
// for a target when you register it. You can register each EC2 instance or IP
// address with the same target group multiple times using different ports. With a
// Network Load Balancer, you cannot register instances by instance ID if they have
// the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1,
// HS1, M1, M2, M3, and T1. You can register instances of these types by IP
// address.
RegisterTargets(ctx context.Context, params *RegisterTargetsInput, optFns ...func(*Options)) (*RegisterTargetsOutput, error)
// Removes the specified certificate from the certificate list for the specified
// HTTPS or TLS listener.
RemoveListenerCertificates(ctx context.Context, params *RemoveListenerCertificatesInput, optFns ...func(*Options)) (*RemoveListenerCertificatesOutput, error)
// Removes the specified tags from the specified Elastic Load Balancing resources.
// You can remove the tags for one or more Application Load Balancers, Network Load
// Balancers, Gateway Load Balancers, target groups, listeners, or rules.
RemoveTags(ctx context.Context, params *RemoveTagsInput, optFns ...func(*Options)) (*RemoveTagsOutput, error)
// Sets the type of IP addresses used by the subnets of the specified Application
// Load Balancer or Network Load Balancer.
SetIpAddressType(ctx context.Context, params *SetIpAddressTypeInput, optFns ...func(*Options)) (*SetIpAddressTypeOutput, error)
// Sets the priorities of the specified rules. You can reorder the rules as long as
// there are no priority conflicts in the new order. Any existing rules that you do
// not specify retain their current priority.
SetRulePriorities(ctx context.Context, params *SetRulePrioritiesInput, optFns ...func(*Options)) (*SetRulePrioritiesOutput, error)
// Associates the specified security groups with the specified Application Load
// Balancer. The specified security groups override the previously associated
// security groups. You can't specify a security group for a Network Load Balancer
// or Gateway Load Balancer.
SetSecurityGroups(ctx context.Context, params *SetSecurityGroupsInput, optFns ...func(*Options)) (*SetSecurityGroupsOutput, error)
// Enables the Availability Zones for the specified public subnets for the
// specified Application Load Balancer or Network Load Balancer. The specified
// subnets replace the previously enabled subnets. When you specify subnets for a
// Network Load Balancer, you must include all subnets that were enabled
// previously, with their existing configurations, plus any additional subnets.
SetSubnets(ctx context.Context, params *SetSubnetsInput, optFns ...func(*Options)) (*SetSubnetsOutput, error)
}
ELBV2 provides an interface to the AWS ELBV2 service.
type SSM ¶ added in v0.91.0
type SSM interface {
// Adds or overwrites one or more tags for the specified resource. Tags are
// metadata that you can assign to your documents, managed nodes, maintenance
// windows, Parameter Store parameters, and patch baselines. Tags enable you to
// categorize your resources in different ways, for example, by purpose, owner, or
// environment. Each tag consists of a key and an optional value, both of which you
// define. For example, you could define a set of tags for your account's managed
// nodes that helps you track each node's owner and stack level. For example:
//
// *
// Key=Owner,Value=DbAdmin
//
// * Key=Owner,Value=SysAdmin
//
// * Key=Owner,Value=Dev
//
// *
// Key=Stack,Value=Production
//
// * Key=Stack,Value=Pre-Production
//
// *
// Key=Stack,Value=Test
//
// Each resource can have a maximum of 50 tags. We recommend
// that you devise a set of tag keys that meets your needs for each resource type.
// Using a consistent set of tag keys makes it easier for you to manage your
// resources. You can search and filter the resources based on the tags you add.
// Tags don't have any semantic meaning to and are interpreted strictly as a string
// of characters. For more information about using tags with Amazon Elastic Compute
// Cloud (Amazon EC2) instances, see Tagging your Amazon EC2 resources
// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) in the
// Amazon EC2 User Guide.
AddTagsToResource(ctx context.Context, params *AddTagsToResourceInput, optFns ...func(*Options)) (*AddTagsToResourceOutput, error)
// Associates a related item to a Systems Manager OpsCenter OpsItem. For example,
// you can associate an Incident Manager incident or analysis with an OpsItem.
// Incident Manager and OpsCenter are capabilities of Amazon Web Services Systems
// Manager.
AssociateOpsItemRelatedItem(ctx context.Context, params *AssociateOpsItemRelatedItemInput, optFns ...func(*Options)) (*AssociateOpsItemRelatedItemOutput, error)
// Attempts to cancel the command specified by the Command ID. There is no
// guarantee that the command will be terminated and the underlying process
// stopped.
CancelCommand(ctx context.Context, params *CancelCommandInput, optFns ...func(*Options)) (*CancelCommandOutput, error)
// Stops a maintenance window execution that is already in progress and cancels any
// tasks in the window that haven't already starting running. Tasks already in
// progress will continue to completion.
CancelMaintenanceWindowExecution(ctx context.Context, params *CancelMaintenanceWindowExecutionInput, optFns ...func(*Options)) (*CancelMaintenanceWindowExecutionOutput, error)
// Generates an activation code and activation ID you can use to register your
// on-premises servers, edge devices, or virtual machine (VM) with Amazon Web
// Services Systems Manager. Registering these machines with Systems Manager makes
// it possible to manage them using Systems Manager capabilities. You use the
// activation code and ID when installing SSM Agent on machines in your hybrid
// environment. For more information about requirements for managing on-premises
// machines using Systems Manager, see Setting up Amazon Web Services Systems
// Manager for hybrid environments
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances.html)
// in the Amazon Web Services Systems Manager User Guide. Amazon Elastic Compute
// Cloud (Amazon EC2) instances, edge devices, and on-premises servers and VMs that
// are configured for Systems Manager are all called managed nodes.
CreateActivation(ctx context.Context, params *CreateActivationInput, optFns ...func(*Options)) (*CreateActivationOutput, error)
// A State Manager association defines the state that you want to maintain on your
// managed nodes. For example, an association can specify that anti-virus software
// must be installed and running on your managed nodes, or that certain ports must
// be closed. For static targets, the association specifies a schedule for when the
// configuration is reapplied. For dynamic targets, such as an Amazon Web Services
// resource group or an Amazon Web Services autoscaling group, State Manager, a
// capability of Amazon Web Services Systems Manager applies the configuration when
// new managed nodes are added to the group. The association also specifies actions
// to take when applying the configuration. For example, an association for
// anti-virus software might run once a day. If the software isn't installed, then
// State Manager installs it. If the software is installed, but the service isn't
// running, then the association might instruct State Manager to start the service.
CreateAssociation(ctx context.Context, params *CreateAssociationInput, optFns ...func(*Options)) (*CreateAssociationOutput, error)
// Associates the specified Amazon Web Services Systems Manager document (SSM
// document) with the specified managed nodes or targets. When you associate a
// document with one or more managed nodes using IDs or tags, Amazon Web Services
// Systems Manager Agent (SSM Agent) running on the managed node processes the
// document and configures the node as specified. If you associate a document with
// a managed node that already has an associated document, the system returns the
// AssociationAlreadyExists exception.
CreateAssociationBatch(ctx context.Context, params *CreateAssociationBatchInput, optFns ...func(*Options)) (*CreateAssociationBatchOutput, error)
// Creates a Amazon Web Services Systems Manager (SSM document). An SSM document
// defines the actions that Systems Manager performs on your managed nodes. For
// more information about SSM documents, including information about supported
// schemas, features, and syntax, see Amazon Web Services Systems Manager Documents
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-ssm-docs.html)
// in the Amazon Web Services Systems Manager User Guide.
CreateDocument(ctx context.Context, params *CreateDocumentInput, optFns ...func(*Options)) (*CreateDocumentOutput, error)
// Creates a new maintenance window. The value you specify for Duration determines
// the specific end time for the maintenance window based on the time it begins. No
// maintenance window tasks are permitted to start after the resulting endtime
// minus the number of hours you specify for Cutoff. For example, if the
// maintenance window starts at 3 PM, the duration is three hours, and the value
// you specify for Cutoff is one hour, no maintenance window tasks can start after
// 5 PM.
CreateMaintenanceWindow(ctx context.Context, params *CreateMaintenanceWindowInput, optFns ...func(*Options)) (*CreateMaintenanceWindowOutput, error)
// Creates a new OpsItem. You must have permission in Identity and Access
// Management (IAM) to create a new OpsItem. For more information, see Getting
// started with OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html)
// in the Amazon Web Services Systems Manager User Guide. Operations engineers and
// IT professionals use Amazon Web Services Systems Manager OpsCenter to view,
// investigate, and remediate operational issues impacting the performance and
// health of their Amazon Web Services resources. For more information, see Amazon
// Web Services Systems Manager OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) in
// the Amazon Web Services Systems Manager User Guide.
CreateOpsItem(ctx context.Context, params *CreateOpsItemInput, optFns ...func(*Options)) (*CreateOpsItemOutput, error)
// If you create a new application in Application Manager, Amazon Web Services
// Systems Manager calls this API operation to specify information about the new
// application, including the application type.
CreateOpsMetadata(ctx context.Context, params *CreateOpsMetadataInput, optFns ...func(*Options)) (*CreateOpsMetadataOutput, error)
// Creates a patch baseline. For information about valid key-value pairs in
// PatchFilters for each supported operating system type, see PatchFilter.
CreatePatchBaseline(ctx context.Context, params *CreatePatchBaselineInput, optFns ...func(*Options)) (*CreatePatchBaselineOutput, error)
// A resource data sync helps you view data from multiple sources in a single
// location. Amazon Web Services Systems Manager offers two types of resource data
// sync: SyncToDestination and SyncFromSource. You can configure Systems Manager
// Inventory to use the SyncToDestination type to synchronize Inventory data from
// multiple Amazon Web Services Regions to a single Amazon Simple Storage Service
// (Amazon S3) bucket. For more information, see Configuring resource data sync for
// Inventory
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-datasync.html)
// in the Amazon Web Services Systems Manager User Guide. You can configure Systems
// Manager Explorer to use the SyncFromSource type to synchronize operational work
// items (OpsItems) and operational data (OpsData) from multiple Amazon Web
// Services Regions to a single Amazon S3 bucket. This type can synchronize
// OpsItems and OpsData from multiple Amazon Web Services accounts and Amazon Web
// Services Regions or EntireOrganization by using Organizations. For more
// information, see Setting up Systems Manager Explorer to display data from
// multiple accounts and Regions
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resource-data-sync.html)
// in the Amazon Web Services Systems Manager User Guide. A resource data sync is
// an asynchronous operation that returns immediately. After a successful initial
// sync is completed, the system continuously syncs data. To check the status of a
// sync, use the ListResourceDataSync. By default, data isn't encrypted in Amazon
// S3. We strongly recommend that you enable encryption in Amazon S3 to ensure
// secure data storage. We also recommend that you secure access to the Amazon S3
// bucket by creating a restrictive bucket policy.
CreateResourceDataSync(ctx context.Context, params *CreateResourceDataSyncInput, optFns ...func(*Options)) (*CreateResourceDataSyncOutput, error)
// Deletes an activation. You aren't required to delete an activation. If you
// delete an activation, you can no longer use it to register additional managed
// nodes. Deleting an activation doesn't de-register managed nodes. You must
// manually de-register managed nodes.
DeleteActivation(ctx context.Context, params *DeleteActivationInput, optFns ...func(*Options)) (*DeleteActivationOutput, error)
// Disassociates the specified Amazon Web Services Systems Manager document (SSM
// document) from the specified managed node. If you created the association by
// using the Targets parameter, then you must delete the association by using the
// association ID. When you disassociate a document from a managed node, it doesn't
// change the configuration of the node. To change the configuration state of a
// managed node after you disassociate a document, you must create a new document
// with the desired configuration and associate it with the node.
DeleteAssociation(ctx context.Context, params *DeleteAssociationInput, optFns ...func(*Options)) (*DeleteAssociationOutput, error)
// Deletes the Amazon Web Services Systems Manager document (SSM document) and all
// managed node associations to the document. Before you delete the document, we
// recommend that you use DeleteAssociation to disassociate all managed nodes that
// are associated with the document.
DeleteDocument(ctx context.Context, params *DeleteDocumentInput, optFns ...func(*Options)) (*DeleteDocumentOutput, error)
// Delete a custom inventory type or the data associated with a custom Inventory
// type. Deleting a custom inventory type is also referred to as deleting a custom
// inventory schema.
DeleteInventory(ctx context.Context, params *DeleteInventoryInput, optFns ...func(*Options)) (*DeleteInventoryOutput, error)
// Deletes a maintenance window.
DeleteMaintenanceWindow(ctx context.Context, params *DeleteMaintenanceWindowInput, optFns ...func(*Options)) (*DeleteMaintenanceWindowOutput, error)
// Delete OpsMetadata related to an application.
DeleteOpsMetadata(ctx context.Context, params *DeleteOpsMetadataInput, optFns ...func(*Options)) (*DeleteOpsMetadataOutput, error)
// Delete a parameter from the system. After deleting a parameter, wait for at
// least 30 seconds to create a parameter with the same name.
DeleteParameter(ctx context.Context, params *DeleteParameterInput, optFns ...func(*Options)) (*DeleteParameterOutput, error)
// Delete a list of parameters. After deleting a parameter, wait for at least 30
// seconds to create a parameter with the same name.
DeleteParameters(ctx context.Context, params *DeleteParametersInput, optFns ...func(*Options)) (*DeleteParametersOutput, error)
// Deletes a patch baseline.
DeletePatchBaseline(ctx context.Context, params *DeletePatchBaselineInput, optFns ...func(*Options)) (*DeletePatchBaselineOutput, error)
// Deletes a resource data sync configuration. After the configuration is deleted,
// changes to data on managed nodes are no longer synced to or from the target.
// Deleting a sync configuration doesn't delete data.
DeleteResourceDataSync(ctx context.Context, params *DeleteResourceDataSyncInput, optFns ...func(*Options)) (*DeleteResourceDataSyncOutput, error)
// Removes the server or virtual machine from the list of registered servers. You
// can reregister the node again at any time. If you don't plan to use Run Command
// on the server, we suggest uninstalling SSM Agent first.
DeregisterManagedInstance(ctx context.Context, params *DeregisterManagedInstanceInput, optFns ...func(*Options)) (*DeregisterManagedInstanceOutput, error)
// Removes a patch group from a patch baseline.
DeregisterPatchBaselineForPatchGroup(ctx context.Context, params *DeregisterPatchBaselineForPatchGroupInput, optFns ...func(*Options)) (*DeregisterPatchBaselineForPatchGroupOutput, error)
// Removes a target from a maintenance window.
DeregisterTargetFromMaintenanceWindow(ctx context.Context, params *DeregisterTargetFromMaintenanceWindowInput, optFns ...func(*Options)) (*DeregisterTargetFromMaintenanceWindowOutput, error)
// Removes a task from a maintenance window.
DeregisterTaskFromMaintenanceWindow(ctx context.Context, params *DeregisterTaskFromMaintenanceWindowInput, optFns ...func(*Options)) (*DeregisterTaskFromMaintenanceWindowOutput, error)
// Describes details about the activation, such as the date and time the activation
// was created, its expiration date, the Identity and Access Management (IAM) role
// assigned to the managed nodes in the activation, and the number of nodes
// registered by using this activation.
DescribeActivations(ctx context.Context, params *DescribeActivationsInput, optFns ...func(*Options)) (*DescribeActivationsOutput, error)
// Describes the association for the specified target or managed node. If you
// created the association by using the Targets parameter, then you must retrieve
// the association by using the association ID.
DescribeAssociation(ctx context.Context, params *DescribeAssociationInput, optFns ...func(*Options)) (*DescribeAssociationOutput, error)
// Views information about a specific execution of a specific association.
DescribeAssociationExecutionTargets(ctx context.Context, params *DescribeAssociationExecutionTargetsInput, optFns ...func(*Options)) (*DescribeAssociationExecutionTargetsOutput, error)
// Views all executions for a specific association ID.
DescribeAssociationExecutions(ctx context.Context, params *DescribeAssociationExecutionsInput, optFns ...func(*Options)) (*DescribeAssociationExecutionsOutput, error)
// Provides details about all active and terminated Automation executions.
DescribeAutomationExecutions(ctx context.Context, params *DescribeAutomationExecutionsInput, optFns ...func(*Options)) (*DescribeAutomationExecutionsOutput, error)
// Information about all active and terminated step executions in an Automation
// workflow.
DescribeAutomationStepExecutions(ctx context.Context, params *DescribeAutomationStepExecutionsInput, optFns ...func(*Options)) (*DescribeAutomationStepExecutionsOutput, error)
// Lists all patches eligible to be included in a patch baseline.
DescribeAvailablePatches(ctx context.Context, params *DescribeAvailablePatchesInput, optFns ...func(*Options)) (*DescribeAvailablePatchesOutput, error)
// Describes the specified Amazon Web Services Systems Manager document (SSM
// document).
DescribeDocument(ctx context.Context, params *DescribeDocumentInput, optFns ...func(*Options)) (*DescribeDocumentOutput, error)
// Describes the permissions for a Amazon Web Services Systems Manager document
// (SSM document). If you created the document, you are the owner. If a document is
// shared, it can either be shared privately (by specifying a user's Amazon Web
// Services account ID) or publicly (All).
DescribeDocumentPermission(ctx context.Context, params *DescribeDocumentPermissionInput, optFns ...func(*Options)) (*DescribeDocumentPermissionOutput, error)
// All associations for the managed node(s).
DescribeEffectiveInstanceAssociations(ctx context.Context, params *DescribeEffectiveInstanceAssociationsInput, optFns ...func(*Options)) (*DescribeEffectiveInstanceAssociationsOutput, error)
// Retrieves the current effective patches (the patch and the approval state) for
// the specified patch baseline. Applies to patch baselines for Windows only.
DescribeEffectivePatchesForPatchBaseline(ctx context.Context, params *DescribeEffectivePatchesForPatchBaselineInput, optFns ...func(*Options)) (*DescribeEffectivePatchesForPatchBaselineOutput, error)
// The status of the associations for the managed node(s).
DescribeInstanceAssociationsStatus(ctx context.Context, params *DescribeInstanceAssociationsStatusInput, optFns ...func(*Options)) (*DescribeInstanceAssociationsStatusOutput, error)
// Describes one or more of your managed nodes, including information about the
// operating system platform, the version of SSM Agent installed on the managed
// node, node status, and so on. If you specify one or more managed node IDs, it
// returns information for those managed nodes. If you don't specify node IDs, it
// returns information for all your managed nodes. If you specify a node ID that
// isn't valid or a node that you don't own, you receive an error. The IamRole
// field for this API operation is the Identity and Access Management (IAM) role
// assigned to on-premises managed nodes. This call doesn't return the IAM role for
// EC2 instances.
DescribeInstanceInformation(ctx context.Context, params *DescribeInstanceInformationInput, optFns ...func(*Options)) (*DescribeInstanceInformationOutput, error)
// Retrieves the high-level patch state of one or more managed nodes.
DescribeInstancePatchStates(ctx context.Context, params *DescribeInstancePatchStatesInput, optFns ...func(*Options)) (*DescribeInstancePatchStatesOutput, error)
// Retrieves the high-level patch state for the managed nodes in the specified
// patch group.
DescribeInstancePatchStatesForPatchGroup(ctx context.Context, params *DescribeInstancePatchStatesForPatchGroupInput, optFns ...func(*Options)) (*DescribeInstancePatchStatesForPatchGroupOutput, error)
// Retrieves information about the patches on the specified managed node and their
// state relative to the patch baseline being used for the node.
DescribeInstancePatches(ctx context.Context, params *DescribeInstancePatchesInput, optFns ...func(*Options)) (*DescribeInstancePatchesOutput, error)
// Describes a specific delete inventory operation.
DescribeInventoryDeletions(ctx context.Context, params *DescribeInventoryDeletionsInput, optFns ...func(*Options)) (*DescribeInventoryDeletionsOutput, error)
// Retrieves the individual task executions (one per target) for a particular task
// run as part of a maintenance window execution.
DescribeMaintenanceWindowExecutionTaskInvocations(ctx context.Context, params *DescribeMaintenanceWindowExecutionTaskInvocationsInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowExecutionTaskInvocationsOutput, error)
// For a given maintenance window execution, lists the tasks that were run.
DescribeMaintenanceWindowExecutionTasks(ctx context.Context, params *DescribeMaintenanceWindowExecutionTasksInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowExecutionTasksOutput, error)
// Lists the executions of a maintenance window. This includes information about
// when the maintenance window was scheduled to be active, and information about
// tasks registered and run with the maintenance window.
DescribeMaintenanceWindowExecutions(ctx context.Context, params *DescribeMaintenanceWindowExecutionsInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowExecutionsOutput, error)
// Retrieves information about upcoming executions of a maintenance window.
DescribeMaintenanceWindowSchedule(ctx context.Context, params *DescribeMaintenanceWindowScheduleInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowScheduleOutput, error)
// Lists the targets registered with the maintenance window.
DescribeMaintenanceWindowTargets(ctx context.Context, params *DescribeMaintenanceWindowTargetsInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowTargetsOutput, error)
// Lists the tasks in a maintenance window. For maintenance window tasks without a
// specified target, you can't supply values for --max-errors and
// --max-concurrency. Instead, the system inserts a placeholder value of 1, which
// may be reported in the response to this command. These values don't affect the
// running of your task and can be ignored.
DescribeMaintenanceWindowTasks(ctx context.Context, params *DescribeMaintenanceWindowTasksInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowTasksOutput, error)
// Retrieves the maintenance windows in an Amazon Web Services account.
DescribeMaintenanceWindows(ctx context.Context, params *DescribeMaintenanceWindowsInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowsOutput, error)
// Retrieves information about the maintenance window targets or tasks that a
// managed node is associated with.
DescribeMaintenanceWindowsForTarget(ctx context.Context, params *DescribeMaintenanceWindowsForTargetInput, optFns ...func(*Options)) (*DescribeMaintenanceWindowsForTargetOutput, error)
// Query a set of OpsItems. You must have permission in Identity and Access
// Management (IAM) to query a list of OpsItems. For more information, see Getting
// started with OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html)
// in the Amazon Web Services Systems Manager User Guide. Operations engineers and
// IT professionals use Amazon Web Services Systems Manager OpsCenter to view,
// investigate, and remediate operational issues impacting the performance and
// health of their Amazon Web Services resources. For more information, see
// OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) in
// the Amazon Web Services Systems Manager User Guide.
DescribeOpsItems(ctx context.Context, params *DescribeOpsItemsInput, optFns ...func(*Options)) (*DescribeOpsItemsOutput, error)
// Get information about a parameter. Request results are returned on a best-effort
// basis. If you specify MaxResults in the request, the response includes
// information up to the limit specified. The number of items returned, however,
// can be between zero and the value of MaxResults. If the service reaches an
// internal limit while processing the results, it stops the operation and returns
// the matching values up to that point and a NextToken. You can specify the
// NextToken in a subsequent call to get the next set of results. If you change the
// KMS key alias for the KMS key used to encrypt a parameter, then you must also
// update the key alias the parameter uses to reference KMS. Otherwise,
// DescribeParameters retrieves whatever the original key alias was referencing.
DescribeParameters(ctx context.Context, params *DescribeParametersInput, optFns ...func(*Options)) (*DescribeParametersOutput, error)
// Lists the patch baselines in your Amazon Web Services account.
DescribePatchBaselines(ctx context.Context, params *DescribePatchBaselinesInput, optFns ...func(*Options)) (*DescribePatchBaselinesOutput, error)
// Returns high-level aggregated patch compliance state information for a patch
// group.
DescribePatchGroupState(ctx context.Context, params *DescribePatchGroupStateInput, optFns ...func(*Options)) (*DescribePatchGroupStateOutput, error)
// Lists all patch groups that have been registered with patch baselines.
DescribePatchGroups(ctx context.Context, params *DescribePatchGroupsInput, optFns ...func(*Options)) (*DescribePatchGroupsOutput, error)
// Lists the properties of available patches organized by product, product family,
// classification, severity, and other properties of available patches. You can use
// the reported properties in the filters you specify in requests for operations
// such as CreatePatchBaseline, UpdatePatchBaseline, DescribeAvailablePatches, and
// DescribePatchBaselines. The following section lists the properties that can be
// used in filters for each major operating system type: AMAZON_LINUX Valid
// properties: PRODUCT | CLASSIFICATION | SEVERITY AMAZON_LINUX_2 Valid properties:
// PRODUCT | CLASSIFICATION | SEVERITY CENTOS Valid properties: PRODUCT |
// CLASSIFICATION | SEVERITY DEBIAN Valid properties: PRODUCT | PRIORITY MACOS
// Valid properties: PRODUCT | CLASSIFICATION ORACLE_LINUX Valid properties:
// PRODUCT | CLASSIFICATION | SEVERITY REDHAT_ENTERPRISE_LINUX Valid properties:
// PRODUCT | CLASSIFICATION | SEVERITY SUSE Valid properties: PRODUCT |
// CLASSIFICATION | SEVERITY UBUNTU Valid properties: PRODUCT | PRIORITY WINDOWS
// Valid properties: PRODUCT | PRODUCT_FAMILY | CLASSIFICATION | MSRC_SEVERITY
DescribePatchProperties(ctx context.Context, params *DescribePatchPropertiesInput, optFns ...func(*Options)) (*DescribePatchPropertiesOutput, error)
// Retrieves a list of all active sessions (both connected and disconnected) or
// terminated sessions from the past 30 days.
DescribeSessions(ctx context.Context, params *DescribeSessionsInput, optFns ...func(*Options)) (*DescribeSessionsOutput, error)
// Deletes the association between an OpsItem and a related item. For example, this
// API operation can delete an Incident Manager incident from an OpsItem. Incident
// Manager is a capability of Amazon Web Services Systems Manager.
DisassociateOpsItemRelatedItem(ctx context.Context, params *DisassociateOpsItemRelatedItemInput, optFns ...func(*Options)) (*DisassociateOpsItemRelatedItemOutput, error)
// Get detailed information about a particular Automation execution.
GetAutomationExecution(ctx context.Context, params *GetAutomationExecutionInput, optFns ...func(*Options)) (*GetAutomationExecutionOutput, error)
// Gets the state of a Amazon Web Services Systems Manager change calendar at the
// current time or a specified time. If you specify a time, GetCalendarState
// returns the state of the calendar at that specific time, and returns the next
// time that the change calendar state will transition. If you don't specify a
// time, GetCalendarState uses the current time. Change Calendar entries have two
// possible states: OPEN or CLOSED. If you specify more than one calendar in a
// request, the command returns the status of OPEN only if all calendars in the
// request are open. If one or more calendars in the request are closed, the status
// returned is CLOSED. For more information about Change Calendar, a capability of
// Amazon Web Services Systems Manager, see Amazon Web Services Systems Manager
// Change Calendar
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-change-calendar.html)
// in the Amazon Web Services Systems Manager User Guide.
GetCalendarState(ctx context.Context, params *GetCalendarStateInput, optFns ...func(*Options)) (*GetCalendarStateOutput, error)
// Returns detailed information about command execution for an invocation or
// plugin. GetCommandInvocation only gives the execution status of a plugin in a
// document. To get the command execution status on a specific managed node, use
// ListCommandInvocations. To get the command execution status across managed
// nodes, use ListCommands.
GetCommandInvocation(ctx context.Context, params *GetCommandInvocationInput, optFns ...func(*Options)) (*GetCommandInvocationOutput, error)
// Retrieves the Session Manager connection status for a managed node to determine
// whether it is running and ready to receive Session Manager connections.
GetConnectionStatus(ctx context.Context, params *GetConnectionStatusInput, optFns ...func(*Options)) (*GetConnectionStatusOutput, error)
// Retrieves the default patch baseline. Amazon Web Services Systems Manager
// supports creating multiple default patch baselines. For example, you can create
// a default patch baseline for each operating system. If you don't specify an
// operating system value, the default patch baseline for Windows is returned.
GetDefaultPatchBaseline(ctx context.Context, params *GetDefaultPatchBaselineInput, optFns ...func(*Options)) (*GetDefaultPatchBaselineOutput, error)
// Retrieves the current snapshot for the patch baseline the managed node uses.
// This API is primarily used by the AWS-RunPatchBaseline Systems Manager document
// (SSM document). If you run the command locally, such as with the Command Line
// Interface (CLI), the system attempts to use your local Amazon Web Services
// credentials and the operation fails. To avoid this, you can run the command in
// the Amazon Web Services Systems Manager console. Use Run Command, a capability
// of Amazon Web Services Systems Manager, with an SSM document that enables you to
// target a managed node with a script or command. For example, run the command
// using the AWS-RunShellScript document or the AWS-RunPowerShellScript document.
GetDeployablePatchSnapshotForInstance(ctx context.Context, params *GetDeployablePatchSnapshotForInstanceInput, optFns ...func(*Options)) (*GetDeployablePatchSnapshotForInstanceOutput, error)
// Gets the contents of the specified Amazon Web Services Systems Manager document
// (SSM document).
GetDocument(ctx context.Context, params *GetDocumentInput, optFns ...func(*Options)) (*GetDocumentOutput, error)
// Query inventory information. This includes managed node status, such as Stopped
// or Terminated.
GetInventory(ctx context.Context, params *GetInventoryInput, optFns ...func(*Options)) (*GetInventoryOutput, error)
// Return a list of inventory type names for the account, or return a list of
// attribute names for a specific Inventory item type.
GetInventorySchema(ctx context.Context, params *GetInventorySchemaInput, optFns ...func(*Options)) (*GetInventorySchemaOutput, error)
// Retrieves a maintenance window.
GetMaintenanceWindow(ctx context.Context, params *GetMaintenanceWindowInput, optFns ...func(*Options)) (*GetMaintenanceWindowOutput, error)
// Retrieves details about a specific a maintenance window execution.
GetMaintenanceWindowExecution(ctx context.Context, params *GetMaintenanceWindowExecutionInput, optFns ...func(*Options)) (*GetMaintenanceWindowExecutionOutput, error)
// Retrieves the details about a specific task run as part of a maintenance window
// execution.
GetMaintenanceWindowExecutionTask(ctx context.Context, params *GetMaintenanceWindowExecutionTaskInput, optFns ...func(*Options)) (*GetMaintenanceWindowExecutionTaskOutput, error)
// Retrieves information about a specific task running on a specific target.
GetMaintenanceWindowExecutionTaskInvocation(ctx context.Context, params *GetMaintenanceWindowExecutionTaskInvocationInput, optFns ...func(*Options)) (*GetMaintenanceWindowExecutionTaskInvocationOutput, error)
// Retrieves the details of a maintenance window task. For maintenance window tasks
// without a specified target, you can't supply values for --max-errors and
// --max-concurrency. Instead, the system inserts a placeholder value of 1, which
// may be reported in the response to this command. These values don't affect the
// running of your task and can be ignored. To retrieve a list of tasks in a
// maintenance window, instead use the DescribeMaintenanceWindowTasks command.
GetMaintenanceWindowTask(ctx context.Context, params *GetMaintenanceWindowTaskInput, optFns ...func(*Options)) (*GetMaintenanceWindowTaskOutput, error)
// Get information about an OpsItem by using the ID. You must have permission in
// Identity and Access Management (IAM) to view information about an OpsItem. For
// more information, see Getting started with OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html)
// in the Amazon Web Services Systems Manager User Guide. Operations engineers and
// IT professionals use Amazon Web Services Systems Manager OpsCenter to view,
// investigate, and remediate operational issues impacting the performance and
// health of their Amazon Web Services resources. For more information, see
// OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) in
// the Amazon Web Services Systems Manager User Guide.
GetOpsItem(ctx context.Context, params *GetOpsItemInput, optFns ...func(*Options)) (*GetOpsItemOutput, error)
// View operational metadata related to an application in Application Manager.
GetOpsMetadata(ctx context.Context, params *GetOpsMetadataInput, optFns ...func(*Options)) (*GetOpsMetadataOutput, error)
// View a summary of operations metadata (OpsData) based on specified filters and
// aggregators. OpsData can include information about Amazon Web Services Systems
// Manager OpsCenter operational workitems (OpsItems) as well as information about
// any Amazon Web Services resource or service configured to report OpsData to
// Amazon Web Services Systems Manager Explorer.
GetOpsSummary(ctx context.Context, params *GetOpsSummaryInput, optFns ...func(*Options)) (*GetOpsSummaryOutput, error)
// Get information about a single parameter by specifying the parameter name. To
// get information about more than one parameter at a time, use the GetParameters
// operation.
GetParameter(ctx context.Context, params *GetParameterInput, optFns ...func(*Options)) (*GetParameterOutput, error)
// Retrieves the history of all changes to a parameter. If you change the KMS key
// alias for the KMS key used to encrypt a parameter, then you must also update the
// key alias the parameter uses to reference KMS. Otherwise, GetParameterHistory
// retrieves whatever the original key alias was referencing.
GetParameterHistory(ctx context.Context, params *GetParameterHistoryInput, optFns ...func(*Options)) (*GetParameterHistoryOutput, error)
// Get information about one or more parameters by specifying multiple parameter
// names. To get information about a single parameter, you can use the GetParameter
// operation instead.
GetParameters(ctx context.Context, params *GetParametersInput, optFns ...func(*Options)) (*GetParametersOutput, error)
// Retrieve information about one or more parameters in a specific hierarchy.
// Request results are returned on a best-effort basis. If you specify MaxResults
// in the request, the response includes information up to the limit specified. The
// number of items returned, however, can be between zero and the value of
// MaxResults. If the service reaches an internal limit while processing the
// results, it stops the operation and returns the matching values up to that point
// and a NextToken. You can specify the NextToken in a subsequent call to get the
// next set of results.
GetParametersByPath(ctx context.Context, params *GetParametersByPathInput, optFns ...func(*Options)) (*GetParametersByPathOutput, error)
// Retrieves information about a patch baseline.
GetPatchBaseline(ctx context.Context, params *GetPatchBaselineInput, optFns ...func(*Options)) (*GetPatchBaselineOutput, error)
// Retrieves the patch baseline that should be used for the specified patch group.
GetPatchBaselineForPatchGroup(ctx context.Context, params *GetPatchBaselineForPatchGroupInput, optFns ...func(*Options)) (*GetPatchBaselineForPatchGroupOutput, error)
// ServiceSetting is an account-level setting for an Amazon Web Services service.
// This setting defines how a user interacts with or uses a service or a feature of
// a service. For example, if an Amazon Web Services service charges money to the
// account based on feature or service usage, then the Amazon Web Services service
// team might create a default setting of false. This means the user can't use this
// feature unless they change the setting to true and intentionally opt in for a
// paid feature. Services map a SettingId object to a setting value. Amazon Web
// Services services teams define the default value for a SettingId. You can't
// create a new SettingId, but you can overwrite the default value if you have the
// ssm:UpdateServiceSetting permission for the setting. Use the
// UpdateServiceSetting API operation to change the default setting. Or use the
// ResetServiceSetting to change the value back to the original value defined by
// the Amazon Web Services service team. Query the current service setting for the
// Amazon Web Services account.
GetServiceSetting(ctx context.Context, params *GetServiceSettingInput, optFns ...func(*Options)) (*GetServiceSettingOutput, error)
// A parameter label is a user-defined alias to help you manage different versions
// of a parameter. When you modify a parameter, Amazon Web Services Systems Manager
// automatically saves a new version and increments the version number by one. A
// label can help you remember the purpose of a parameter when there are multiple
// versions. Parameter labels have the following requirements and restrictions.
//
// *
// A version of a parameter can have a maximum of 10 labels.
//
// * You can't attach
// the same label to different versions of the same parameter. For example, if
// version 1 has the label Production, then you can't attach Production to version
// 2.
//
// * You can move a label from one version of a parameter to another.
//
// * You
// can't create a label when you create a new parameter. You must attach a label to
// a specific version of a parameter.
//
// * If you no longer want to use a parameter
// label, then you can either delete it or move it to a different version of a
// parameter.
//
// * A label can have a maximum of 100 characters.
//
// * Labels can
// contain letters (case sensitive), numbers, periods (.), hyphens (-), or
// underscores (_).
//
// * Labels can't begin with a number, "aws" or "ssm" (not case
// sensitive). If a label fails to meet these requirements, then the label isn't
// associated with a parameter and the system displays it in the list of
// InvalidLabels.
LabelParameterVersion(ctx context.Context, params *LabelParameterVersionInput, optFns ...func(*Options)) (*LabelParameterVersionOutput, error)
// Retrieves all versions of an association for a specific association ID.
ListAssociationVersions(ctx context.Context, params *ListAssociationVersionsInput, optFns ...func(*Options)) (*ListAssociationVersionsOutput, error)
// Returns all State Manager associations in the current Amazon Web Services
// account and Amazon Web Services Region. You can limit the results to a specific
// State Manager association document or managed node by specifying a filter. State
// Manager is a capability of Amazon Web Services Systems Manager.
ListAssociations(ctx context.Context, params *ListAssociationsInput, optFns ...func(*Options)) (*ListAssociationsOutput, error)
// An invocation is copy of a command sent to a specific managed node. A command
// can apply to one or more managed nodes. A command invocation applies to one
// managed node. For example, if a user runs SendCommand against three managed
// nodes, then a command invocation is created for each requested managed node ID.
// ListCommandInvocations provide status about command execution.
ListCommandInvocations(ctx context.Context, params *ListCommandInvocationsInput, optFns ...func(*Options)) (*ListCommandInvocationsOutput, error)
// Lists the commands requested by users of the Amazon Web Services account.
ListCommands(ctx context.Context, params *ListCommandsInput, optFns ...func(*Options)) (*ListCommandsOutput, error)
// For a specified resource ID, this API operation returns a list of compliance
// statuses for different resource types. Currently, you can only specify one
// resource ID per call. List results depend on the criteria specified in the
// filter.
ListComplianceItems(ctx context.Context, params *ListComplianceItemsInput, optFns ...func(*Options)) (*ListComplianceItemsOutput, error)
// Returns a summary count of compliant and non-compliant resources for a
// compliance type. For example, this call can return State Manager associations,
// patches, or custom compliance types according to the filter criteria that you
// specify.
ListComplianceSummaries(ctx context.Context, params *ListComplianceSummariesInput, optFns ...func(*Options)) (*ListComplianceSummariesOutput, error)
// Information about approval reviews for a version of a change template in Change
// Manager.
ListDocumentMetadataHistory(ctx context.Context, params *ListDocumentMetadataHistoryInput, optFns ...func(*Options)) (*ListDocumentMetadataHistoryOutput, error)
// List all versions for a document.
ListDocumentVersions(ctx context.Context, params *ListDocumentVersionsInput, optFns ...func(*Options)) (*ListDocumentVersionsOutput, error)
// Returns all Systems Manager (SSM) documents in the current Amazon Web Services
// account and Amazon Web Services Region. You can limit the results of this
// request by using a filter.
ListDocuments(ctx context.Context, params *ListDocumentsInput, optFns ...func(*Options)) (*ListDocumentsOutput, error)
// A list of inventory items returned by the request.
ListInventoryEntries(ctx context.Context, params *ListInventoryEntriesInput, optFns ...func(*Options)) (*ListInventoryEntriesOutput, error)
// Returns a list of all OpsItem events in the current Amazon Web Services Region
// and Amazon Web Services account. You can limit the results to events associated
// with specific OpsItems by specifying a filter.
ListOpsItemEvents(ctx context.Context, params *ListOpsItemEventsInput, optFns ...func(*Options)) (*ListOpsItemEventsOutput, error)
// Lists all related-item resources associated with a Systems Manager OpsCenter
// OpsItem. OpsCenter is a capability of Amazon Web Services Systems Manager.
ListOpsItemRelatedItems(ctx context.Context, params *ListOpsItemRelatedItemsInput, optFns ...func(*Options)) (*ListOpsItemRelatedItemsOutput, error)
// Amazon Web Services Systems Manager calls this API operation when displaying all
// Application Manager OpsMetadata objects or blobs.
ListOpsMetadata(ctx context.Context, params *ListOpsMetadataInput, optFns ...func(*Options)) (*ListOpsMetadataOutput, error)
// Returns a resource-level summary count. The summary includes information about
// compliant and non-compliant statuses and detailed compliance-item severity
// counts, according to the filter criteria you specify.
ListResourceComplianceSummaries(ctx context.Context, params *ListResourceComplianceSummariesInput, optFns ...func(*Options)) (*ListResourceComplianceSummariesOutput, error)
// Lists your resource data sync configurations. Includes information about the
// last time a sync attempted to start, the last sync status, and the last time a
// sync successfully completed. The number of sync configurations might be too
// large to return using a single call to ListResourceDataSync. You can limit the
// number of sync configurations returned by using the MaxResults parameter. To
// determine whether there are more sync configurations to list, check the value of
// NextToken in the output. If there are more sync configurations to list, you can
// request them by specifying the NextToken returned in the call to the parameter
// of a subsequent call.
ListResourceDataSync(ctx context.Context, params *ListResourceDataSyncInput, optFns ...func(*Options)) (*ListResourceDataSyncOutput, error)
// Returns a list of the tags assigned to the specified resource. For information
// about the ID format for each supported resource type, see AddTagsToResource.
ListTagsForResource(ctx context.Context, params *ListTagsForResourceInput, optFns ...func(*Options)) (*ListTagsForResourceOutput, error)
// Shares a Amazon Web Services Systems Manager document (SSM document)publicly or
// privately. If you share a document privately, you must specify the Amazon Web
// Services user account IDs for those people who can use the document. If you
// share a document publicly, you must specify All as the account ID.
ModifyDocumentPermission(ctx context.Context, params *ModifyDocumentPermissionInput, optFns ...func(*Options)) (*ModifyDocumentPermissionOutput, error)
// Registers a compliance type and other compliance details on a designated
// resource. This operation lets you register custom compliance details with a
// resource. This call overwrites existing compliance information on the resource,
// so you must provide a full list of compliance items each time that you send the
// request. ComplianceType can be one of the following:
//
// * ExecutionId: The
// execution ID when the patch, association, or custom compliance item was
// applied.
//
// * ExecutionType: Specify patch, association, or Custom:string.
//
// *
// ExecutionTime. The time the patch, association, or custom compliance item was
// applied to the managed node.
//
// * Id: The patch, association, or custom compliance
// ID.
//
// * Title: A title.
//
// * Status: The status of the compliance item. For
// example, approved for patches, or Failed for associations.
//
// * Severity: A patch
// severity. For example, critical.
//
// * DocumentName: An SSM document name. For
// example, AWS-RunPatchBaseline.
//
// * DocumentVersion: An SSM document version
// number. For example, 4.
//
// * Classification: A patch classification. For example,
// security updates.
//
// * PatchBaselineId: A patch baseline ID.
//
// * PatchSeverity: A
// patch severity. For example, Critical.
//
// * PatchState: A patch state. For
// example, InstancesWithFailedPatches.
//
// * PatchGroup: The name of a patch
// group.
//
// * InstalledTime: The time the association, patch, or custom compliance
// item was applied to the resource. Specify the time by using the following
// format: yyyy-MM-dd'T'HH:mm:ss'Z'
PutComplianceItems(ctx context.Context, params *PutComplianceItemsInput, optFns ...func(*Options)) (*PutComplianceItemsOutput, error)
// Bulk update custom inventory items on one or more managed nodes. The request
// adds an inventory item, if it doesn't already exist, or updates an inventory
// item, if it does exist.
PutInventory(ctx context.Context, params *PutInventoryInput, optFns ...func(*Options)) (*PutInventoryOutput, error)
// Add a parameter to the system.
PutParameter(ctx context.Context, params *PutParameterInput, optFns ...func(*Options)) (*PutParameterOutput, error)
// Defines the default patch baseline for the relevant operating system. To reset
// the Amazon Web Services-predefined patch baseline as the default, specify the
// full patch baseline Amazon Resource Name (ARN) as the baseline ID value. For
// example, for CentOS, specify
// arn:aws:ssm:us-east-2:733109147000:patchbaseline/pb-0574b43a65ea646ed instead of
// pb-0574b43a65ea646ed.
RegisterDefaultPatchBaseline(ctx context.Context, params *RegisterDefaultPatchBaselineInput, optFns ...func(*Options)) (*RegisterDefaultPatchBaselineOutput, error)
// Registers a patch baseline for a patch group.
RegisterPatchBaselineForPatchGroup(ctx context.Context, params *RegisterPatchBaselineForPatchGroupInput, optFns ...func(*Options)) (*RegisterPatchBaselineForPatchGroupOutput, error)
// Registers a target with a maintenance window.
RegisterTargetWithMaintenanceWindow(ctx context.Context, params *RegisterTargetWithMaintenanceWindowInput, optFns ...func(*Options)) (*RegisterTargetWithMaintenanceWindowOutput, error)
// Adds a new task to a maintenance window.
RegisterTaskWithMaintenanceWindow(ctx context.Context, params *RegisterTaskWithMaintenanceWindowInput, optFns ...func(*Options)) (*RegisterTaskWithMaintenanceWindowOutput, error)
// Removes tag keys from the specified resource.
RemoveTagsFromResource(ctx context.Context, params *RemoveTagsFromResourceInput, optFns ...func(*Options)) (*RemoveTagsFromResourceOutput, error)
// ServiceSetting is an account-level setting for an Amazon Web Services service.
// This setting defines how a user interacts with or uses a service or a feature of
// a service. For example, if an Amazon Web Services service charges money to the
// account based on feature or service usage, then the Amazon Web Services service
// team might create a default setting of "false". This means the user can't use
// this feature unless they change the setting to "true" and intentionally opt in
// for a paid feature. Services map a SettingId object to a setting value. Amazon
// Web Services services teams define the default value for a SettingId. You can't
// create a new SettingId, but you can overwrite the default value if you have the
// ssm:UpdateServiceSetting permission for the setting. Use the GetServiceSetting
// API operation to view the current value. Use the UpdateServiceSetting API
// operation to change the default setting. Reset the service setting for the
// account to the default value as provisioned by the Amazon Web Services service
// team.
ResetServiceSetting(ctx context.Context, params *ResetServiceSettingInput, optFns ...func(*Options)) (*ResetServiceSettingOutput, error)
// Reconnects a session to a managed node after it has been disconnected.
// Connections can be resumed for disconnected sessions, but not terminated
// sessions. This command is primarily for use by client machines to automatically
// reconnect during intermittent network issues. It isn't intended for any other
// use.
ResumeSession(ctx context.Context, params *ResumeSessionInput, optFns ...func(*Options)) (*ResumeSessionOutput, error)
// Sends a signal to an Automation execution to change the current behavior or
// status of the execution.
SendAutomationSignal(ctx context.Context, params *SendAutomationSignalInput, optFns ...func(*Options)) (*SendAutomationSignalOutput, error)
// Runs commands on one or more managed nodes.
SendCommand(ctx context.Context, params *SendCommandInput, optFns ...func(*Options)) (*SendCommandOutput, error)
// Runs an association immediately and only one time. This operation can be helpful
// when troubleshooting associations.
StartAssociationsOnce(ctx context.Context, params *StartAssociationsOnceInput, optFns ...func(*Options)) (*StartAssociationsOnceOutput, error)
// Initiates execution of an Automation runbook.
StartAutomationExecution(ctx context.Context, params *StartAutomationExecutionInput, optFns ...func(*Options)) (*StartAutomationExecutionOutput, error)
// Creates a change request for Change Manager. The Automation runbooks specified
// in the change request run only after all required approvals for the change
// request have been received.
StartChangeRequestExecution(ctx context.Context, params *StartChangeRequestExecutionInput, optFns ...func(*Options)) (*StartChangeRequestExecutionOutput, error)
// Initiates a connection to a target (for example, a managed node) for a Session
// Manager session. Returns a URL and token that can be used to open a WebSocket
// connection for sending input and receiving outputs. Amazon Web Services CLI
// usage: start-session is an interactive command that requires the Session Manager
// plugin to be installed on the client machine making the call. For information,
// see Install the Session Manager plugin for the Amazon Web Services CLI
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/session-manager-working-with-install-plugin.html)
// in the Amazon Web Services Systems Manager User Guide. Amazon Web Services Tools
// for PowerShell usage: Start-SSMSession isn't currently supported by Amazon Web
// Services Tools for PowerShell on Windows local machines.
StartSession(ctx context.Context, params *StartSessionInput, optFns ...func(*Options)) (*StartSessionOutput, error)
// Stop an Automation that is currently running.
StopAutomationExecution(ctx context.Context, params *StopAutomationExecutionInput, optFns ...func(*Options)) (*StopAutomationExecutionOutput, error)
// Permanently ends a session and closes the data connection between the Session
// Manager client and SSM Agent on the managed node. A terminated session can't be
// resumed.
TerminateSession(ctx context.Context, params *TerminateSessionInput, optFns ...func(*Options)) (*TerminateSessionOutput, error)
// Remove a label or labels from a parameter.
UnlabelParameterVersion(ctx context.Context, params *UnlabelParameterVersionInput, optFns ...func(*Options)) (*UnlabelParameterVersionOutput, error)
// Updates an association. You can update the association name and version, the
// document version, schedule, parameters, and Amazon Simple Storage Service
// (Amazon S3) output. When you call UpdateAssociation, the system removes all
// optional parameters from the request and overwrites the association with null
// values for those parameters. This is by design. You must specify all optional
// parameters in the call, even if you are not changing the parameters. This
// includes the Name parameter. Before calling this API action, we recommend that
// you call the DescribeAssociation API operation and make a note of all optional
// parameters required for your UpdateAssociation call. In order to call this API
// operation, your Identity and Access Management (IAM) user account, group, or
// role must be configured with permission to call the DescribeAssociation API
// operation. If you don't have permission to call DescribeAssociation, then you
// receive the following error: An error occurred (AccessDeniedException) when
// calling the UpdateAssociation operation: User: <user_arn> isn't authorized to
// perform: ssm:DescribeAssociation on resource: <resource_arn> When you update an
// association, the association immediately runs against the specified targets. You
// can add the ApplyOnlyAtCronInterval parameter to run the association during the
// next schedule run.
UpdateAssociation(ctx context.Context, params *UpdateAssociationInput, optFns ...func(*Options)) (*UpdateAssociationOutput, error)
// Updates the status of the Amazon Web Services Systems Manager document (SSM
// document) associated with the specified managed node. UpdateAssociationStatus is
// primarily used by the Amazon Web Services Systems Manager Agent (SSM Agent) to
// report status updates about your associations and is only used for associations
// created with the InstanceId legacy parameter.
UpdateAssociationStatus(ctx context.Context, params *UpdateAssociationStatusInput, optFns ...func(*Options)) (*UpdateAssociationStatusOutput, error)
// Updates one or more values for an SSM document.
UpdateDocument(ctx context.Context, params *UpdateDocumentInput, optFns ...func(*Options)) (*UpdateDocumentOutput, error)
// Set the default version of a document. If you change a document version for a
// State Manager association, Systems Manager immediately runs the association
// unless you previously specifed the apply-only-at-cron-interval parameter.
UpdateDocumentDefaultVersion(ctx context.Context, params *UpdateDocumentDefaultVersionInput, optFns ...func(*Options)) (*UpdateDocumentDefaultVersionOutput, error)
// Updates information related to approval reviews for a specific version of a
// change template in Change Manager.
UpdateDocumentMetadata(ctx context.Context, params *UpdateDocumentMetadataInput, optFns ...func(*Options)) (*UpdateDocumentMetadataOutput, error)
// Updates an existing maintenance window. Only specified parameters are modified.
// The value you specify for Duration determines the specific end time for the
// maintenance window based on the time it begins. No maintenance window tasks are
// permitted to start after the resulting endtime minus the number of hours you
// specify for Cutoff. For example, if the maintenance window starts at 3 PM, the
// duration is three hours, and the value you specify for Cutoff is one hour, no
// maintenance window tasks can start after 5 PM.
UpdateMaintenanceWindow(ctx context.Context, params *UpdateMaintenanceWindowInput, optFns ...func(*Options)) (*UpdateMaintenanceWindowOutput, error)
// Modifies the target of an existing maintenance window. You can change the
// following:
//
// * Name
//
// * Description
//
// * Owner
//
// * IDs for an ID target
//
// * Tags for a
// Tag target
//
// * From any supported tag type to another. The three supported tag
// types are ID target, Tag target, and resource group. For more information, see
// Target.
//
// If a parameter is null, then the corresponding field isn't modified.
UpdateMaintenanceWindowTarget(ctx context.Context, params *UpdateMaintenanceWindowTargetInput, optFns ...func(*Options)) (*UpdateMaintenanceWindowTargetOutput, error)
// Modifies a task assigned to a maintenance window. You can't change the task
// type, but you can change the following values:
//
// * TaskARN. For example, you can
// change a RUN_COMMAND task from AWS-RunPowerShellScript to AWS-RunShellScript.
//
// *
// ServiceRoleArn
//
// * TaskInvocationParameters
//
// * Priority
//
// * MaxConcurrency
//
// *
// MaxErrors
//
// One or more targets must be specified for maintenance window Run
// Command-type tasks. Depending on the task, targets are optional for other
// maintenance window task types (Automation, Lambda, and Step Functions). For more
// information about running tasks that don't specify targets, see Registering
// maintenance window tasks without targets
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/maintenance-windows-targetless-tasks.html)
// in the Amazon Web Services Systems Manager User Guide. If the value for a
// parameter in UpdateMaintenanceWindowTask is null, then the corresponding field
// isn't modified. If you set Replace to true, then all fields required by the
// RegisterTaskWithMaintenanceWindow operation are required for this request.
// Optional fields that aren't specified are set to null. When you update a
// maintenance window task that has options specified in TaskInvocationParameters,
// you must provide again all the TaskInvocationParameters values that you want to
// retain. The values you don't specify again are removed. For example, suppose
// that when you registered a Run Command task, you specified
// TaskInvocationParameters values for Comment, NotificationConfig, and
// OutputS3BucketName. If you update the maintenance window task and specify only a
// different OutputS3BucketName value, the values for Comment and
// NotificationConfig are removed.
UpdateMaintenanceWindowTask(ctx context.Context, params *UpdateMaintenanceWindowTaskInput, optFns ...func(*Options)) (*UpdateMaintenanceWindowTaskOutput, error)
// Changes the Identity and Access Management (IAM) role that is assigned to the
// on-premises server, edge device, or virtual machines (VM). IAM roles are first
// assigned to these hybrid nodes during the activation process. For more
// information, see CreateActivation.
UpdateManagedInstanceRole(ctx context.Context, params *UpdateManagedInstanceRoleInput, optFns ...func(*Options)) (*UpdateManagedInstanceRoleOutput, error)
// Edit or change an OpsItem. You must have permission in Identity and Access
// Management (IAM) to update an OpsItem. For more information, see Getting started
// with OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html)
// in the Amazon Web Services Systems Manager User Guide. Operations engineers and
// IT professionals use Amazon Web Services Systems Manager OpsCenter to view,
// investigate, and remediate operational issues impacting the performance and
// health of their Amazon Web Services resources. For more information, see
// OpsCenter
// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) in
// the Amazon Web Services Systems Manager User Guide.
UpdateOpsItem(ctx context.Context, params *UpdateOpsItemInput, optFns ...func(*Options)) (*UpdateOpsItemOutput, error)
// Amazon Web Services Systems Manager calls this API operation when you edit
// OpsMetadata in Application Manager.
UpdateOpsMetadata(ctx context.Context, params *UpdateOpsMetadataInput, optFns ...func(*Options)) (*UpdateOpsMetadataOutput, error)
// Modifies an existing patch baseline. Fields not specified in the request are
// left unchanged. For information about valid key-value pairs in PatchFilters for
// each supported operating system type, see PatchFilter.
UpdatePatchBaseline(ctx context.Context, params *UpdatePatchBaselineInput, optFns ...func(*Options)) (*UpdatePatchBaselineOutput, error)
// Update a resource data sync. After you create a resource data sync for a Region,
// you can't change the account options for that sync. For example, if you create a
// sync in the us-east-2 (Ohio) Region and you choose the Include only the current
// account option, you can't edit that sync later and choose the Include all
// accounts from my Organizations configuration option. Instead, you must delete
// the first resource data sync, and create a new one. This API operation only
// supports a resource data sync that was created with a SyncFromSource SyncType.
UpdateResourceDataSync(ctx context.Context, params *UpdateResourceDataSyncInput, optFns ...func(*Options)) (*UpdateResourceDataSyncOutput, error)
// ServiceSetting is an account-level setting for an Amazon Web Services service.
// This setting defines how a user interacts with or uses a service or a feature of
// a service. For example, if an Amazon Web Services service charges money to the
// account based on feature or service usage, then the Amazon Web Services service
// team might create a default setting of "false". This means the user can't use
// this feature unless they change the setting to "true" and intentionally opt in
// for a paid feature. Services map a SettingId object to a setting value. Amazon
// Web Services services teams define the default value for a SettingId. You can't
// create a new SettingId, but you can overwrite the default value if you have the
// ssm:UpdateServiceSetting permission for the setting. Use the GetServiceSetting
// API operation to view the current value. Or, use the ResetServiceSetting to
// change the value back to the original value defined by the Amazon Web Services
// service team. Update the service setting for the account.
UpdateServiceSetting(ctx context.Context, params *UpdateServiceSettingInput, optFns ...func(*Options)) (*UpdateServiceSettingOutput, error)
}
SSM provides an interface to the AWS SSM service.
type STS ¶
type STS interface {
// Returns a set of temporary security credentials that you can use to access
// Amazon Web Services resources that you might not normally have access to. These
// temporary credentials consist of an access key ID, a secret access key, and a
// security token. Typically, you use AssumeRole within your account or for
// cross-account access. For a comparison of AssumeRole with other API operations
// that produce temporary credentials, see Requesting Temporary Security
// Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
// and Comparing the Amazon Web Services STS API operations
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide. Permissions The temporary security credentials created by
// AssumeRole can be used to make API calls to any Amazon Web Services service with
// the following exception: You cannot call the Amazon Web Services STS
// GetFederationToken or GetSessionToken API operations. (Optional) You can pass
// inline or managed session policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to use as
// managed session policies. The plaintext that you use for both inline and managed
// session policies can't exceed 2,048 characters. Passing policies to this
// operation returns new temporary credentials. The resulting session's permissions
// are the intersection of the role's identity-based policy and the session
// policies. You can use the role's temporary credentials in subsequent Amazon Web
// Services API calls to access resources in the account that owns the role. You
// cannot use session policies to grant more permissions than those allowed by the
// identity-based policy of the role that is being assumed. For more information,
// see Session Policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide. When you create a role, you create two policies: A role
// trust policy that specifies who can assume the role and a permissions policy
// that specifies what can be done with the role. You specify the trusted principal
// who is allowed to assume the role in the role trust policy. To assume a role
// from a different account, your Amazon Web Services account must be trusted by
// the role. The trust relationship is defined in the role's trust policy when the
// role is created. That trust policy states which accounts are allowed to delegate
// that access to users in the account. A user who wants to access a role in a
// different account must also have permissions that are delegated from the user
// account administrator. The administrator must attach a policy that allows the
// user to call AssumeRole for the ARN of the role in the other account. To allow a
// user to assume a role in the same account, you can do either of the
// following:
//
// * Attach a policy to the user that allows the user to call
// AssumeRole (as long as the role's trust policy trusts the account).
//
// * Add the
// user as a principal directly in the role's trust policy.
//
// You can do either
// because the role’s trust policy acts as an IAM resource-based policy. When a
// resource-based policy grants access to a principal in the same account, no
// additional identity-based policy is required. For more information about trust
// policies and resource-based policies, see IAM Policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) in the
// IAM User Guide. Tags (Optional) You can pass tag key-value pairs to your
// session. These tags are called session tags. For more information about session
// tags, see Passing Session Tags in STS
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the
// IAM User Guide. An administrator must grant you the permissions necessary to
// pass session tags. The administrator can also create granular permissions to
// allow you to pass only specific session tags. For more information, see
// Tutorial: Using Tags for Attribute-Based Access Control
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
// in the IAM User Guide. You can set the session tags as transitive. Transitive
// tags persist during role chaining. For more information, see Chaining Roles with
// Session Tags
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
// in the IAM User Guide. Using MFA with AssumeRole (Optional) You can include
// multi-factor authentication (MFA) information when you call AssumeRole. This is
// useful for cross-account scenarios to ensure that the user that assumes the role
// has been authenticated with an Amazon Web Services MFA device. In that scenario,
// the trust policy of the role being assumed includes a condition that tests for
// MFA authentication. If the caller does not include valid MFA information, the
// request to assume the role is denied. The condition in a trust policy that tests
// for MFA authentication might look like the following example. "Condition":
// {"Bool": {"aws:MultiFactorAuthPresent": true}} For more information, see
// Configuring MFA-Protected API Access
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/MFAProtectedAPI.html) in the
// IAM User Guide guide. To use MFA with AssumeRole, you pass values for the
// SerialNumber and TokenCode parameters. The SerialNumber value identifies the
// user's hardware or virtual MFA device. The TokenCode is the time-based one-time
// password (TOTP) that the MFA device produces.
AssumeRole(ctx context.Context, params *AssumeRoleInput, optFns ...func(*Options)) (*AssumeRoleOutput, error)
// Returns a set of temporary security credentials for users who have been
// authenticated via a SAML authentication response. This operation provides a
// mechanism for tying an enterprise identity store or directory to role-based
// Amazon Web Services access without user-specific credentials or configuration.
// For a comparison of AssumeRoleWithSAML with the other API operations that
// produce temporary credentials, see Requesting Temporary Security Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
// and Comparing the Amazon Web Services STS API operations
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide. The temporary security credentials returned by this
// operation consist of an access key ID, a secret access key, and a security
// token. Applications can use these temporary security credentials to sign calls
// to Amazon Web Services services. Session Duration By default, the temporary
// security credentials created by AssumeRoleWithSAML last for one hour. However,
// you can use the optional DurationSeconds parameter to specify the duration of
// your session. Your role session lasts for the duration that you specify, or
// until the time specified in the SAML authentication response's
// SessionNotOnOrAfter value, whichever is shorter. You can provide a
// DurationSeconds value from 900 seconds (15 minutes) up to the maximum session
// duration setting for the role. This setting can have a value from 1 hour to 12
// hours. To learn how to view the maximum value for your role, see View the
// Maximum Session Duration Setting for a Role
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
// in the IAM User Guide. The maximum session duration limit applies when you use
// the AssumeRole* API operations or the assume-role* CLI commands. However the
// limit does not apply when you use those operations to create a console URL. For
// more information, see Using IAM Roles
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the IAM
// User Guide. Role chaining
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining)
// limits your CLI or Amazon Web Services API role session to a maximum of one
// hour. When you use the AssumeRole API operation to assume a role, you can
// specify the duration of your role session with the DurationSeconds parameter.
// You can specify a parameter value of up to 43200 seconds (12 hours), depending
// on the maximum session duration setting for your role. However, if you assume a
// role using role chaining and provide a DurationSeconds parameter value greater
// than one hour, the operation fails. Permissions The temporary security
// credentials created by AssumeRoleWithSAML can be used to make API calls to any
// Amazon Web Services service with the following exception: you cannot call the
// STS GetFederationToken or GetSessionToken API operations. (Optional) You can
// pass inline or managed session policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to use as
// managed session policies. The plaintext that you use for both inline and managed
// session policies can't exceed 2,048 characters. Passing policies to this
// operation returns new temporary credentials. The resulting session's permissions
// are the intersection of the role's identity-based policy and the session
// policies. You can use the role's temporary credentials in subsequent Amazon Web
// Services API calls to access resources in the account that owns the role. You
// cannot use session policies to grant more permissions than those allowed by the
// identity-based policy of the role that is being assumed. For more information,
// see Session Policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide. Calling AssumeRoleWithSAML does not require the use of
// Amazon Web Services security credentials. The identity of the caller is
// validated by using keys in the metadata document that is uploaded for the SAML
// provider entity for your identity provider. Calling AssumeRoleWithSAML can
// result in an entry in your CloudTrail logs. The entry includes the value in the
// NameID element of the SAML assertion. We recommend that you use a NameIDType
// that is not associated with any personally identifiable information (PII). For
// example, you could instead use the persistent identifier
// (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). Tags (Optional) You can
// configure your IdP to pass attributes into your SAML assertion as session tags.
// Each session tag consists of a key name and an associated value. For more
// information about session tags, see Passing Session Tags in STS
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the
// IAM User Guide. You can pass up to 50 session tags. The plaintext session tag
// keys can’t exceed 128 characters and the values can’t exceed 256 characters. For
// these and additional limits, see IAM and STS Character Limits
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
// in the IAM User Guide. An Amazon Web Services conversion compresses the passed
// session policies and session tags into a packed binary format that has a
// separate limit. Your request can fail for this limit even if your plaintext
// meets the other requirements. The PackedPolicySize response element indicates by
// percentage how close the policies and tags for your request are to the upper
// size limit. You can pass a session tag with the same key as a tag that is
// attached to the role. When you do, session tags override the role's tags with
// the same key. An administrator must grant you the permissions necessary to pass
// session tags. The administrator can also create granular permissions to allow
// you to pass only specific session tags. For more information, see Tutorial:
// Using Tags for Attribute-Based Access Control
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
// in the IAM User Guide. You can set the session tags as transitive. Transitive
// tags persist during role chaining. For more information, see Chaining Roles with
// Session Tags
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
// in the IAM User Guide. SAML Configuration Before your application can call
// AssumeRoleWithSAML, you must configure your SAML identity provider (IdP) to
// issue the claims required by Amazon Web Services. Additionally, you must use
// Identity and Access Management (IAM) to create a SAML provider entity in your
// Amazon Web Services account that represents your identity provider. You must
// also create an IAM role that specifies this SAML provider in its trust policy.
// For more information, see the following resources:
//
// * About SAML 2.0-based
// Federation
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html)
// in the IAM User Guide.
//
// * Creating SAML Identity Providers
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html)
// in the IAM User Guide.
//
// * Configuring a Relying Party and Claims
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html)
// in the IAM User Guide.
//
// * Creating a Role for SAML 2.0 Federation
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html)
// in the IAM User Guide.
AssumeRoleWithSAML(ctx context.Context, params *AssumeRoleWithSAMLInput, optFns ...func(*Options)) (*AssumeRoleWithSAMLOutput, error)
// Returns a set of temporary security credentials for users who have been
// authenticated in a mobile or web application with a web identity provider.
// Example providers include the OAuth 2.0 providers Login with Amazon and
// Facebook, or any OpenID Connect-compatible identity provider such as Google or
// Amazon Cognito federated identities
// (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html).
// For mobile applications, we recommend that you use Amazon Cognito. You can use
// Amazon Cognito with the Amazon Web Services SDK for iOS Developer Guide
// (http://aws.amazon.com/sdkforios/) and the Amazon Web Services SDK for Android
// Developer Guide (http://aws.amazon.com/sdkforandroid/) to uniquely identify a
// user. You can also supply the user with a consistent identity throughout the
// lifetime of an application. To learn more about Amazon Cognito, see Amazon
// Cognito Overview
// (https://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840)
// in Amazon Web Services SDK for Android Developer Guide and Amazon Cognito
// Overview
// (https://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664)
// in the Amazon Web Services SDK for iOS Developer Guide. Calling
// AssumeRoleWithWebIdentity does not require the use of Amazon Web Services
// security credentials. Therefore, you can distribute an application (for example,
// on mobile devices) that requests temporary security credentials without
// including long-term Amazon Web Services credentials in the application. You also
// don't need to deploy server-based proxy services that use long-term Amazon Web
// Services credentials. Instead, the identity of the caller is validated by using
// a token from the web identity provider. For a comparison of
// AssumeRoleWithWebIdentity with the other API operations that produce temporary
// credentials, see Requesting Temporary Security Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
// and Comparing the Amazon Web Services STS API operations
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide. The temporary security credentials returned by this API
// consist of an access key ID, a secret access key, and a security token.
// Applications can use these temporary security credentials to sign calls to
// Amazon Web Services service API operations. Session Duration By default, the
// temporary security credentials created by AssumeRoleWithWebIdentity last for one
// hour. However, you can use the optional DurationSeconds parameter to specify the
// duration of your session. You can provide a value from 900 seconds (15 minutes)
// up to the maximum session duration setting for the role. This setting can have a
// value from 1 hour to 12 hours. To learn how to view the maximum value for your
// role, see View the Maximum Session Duration Setting for a Role
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session)
// in the IAM User Guide. The maximum session duration limit applies when you use
// the AssumeRole* API operations or the assume-role* CLI commands. However the
// limit does not apply when you use those operations to create a console URL. For
// more information, see Using IAM Roles
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) in the IAM
// User Guide. Permissions The temporary security credentials created by
// AssumeRoleWithWebIdentity can be used to make API calls to any Amazon Web
// Services service with the following exception: you cannot call the STS
// GetFederationToken or GetSessionToken API operations. (Optional) You can pass
// inline or managed session policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to use as
// managed session policies. The plaintext that you use for both inline and managed
// session policies can't exceed 2,048 characters. Passing policies to this
// operation returns new temporary credentials. The resulting session's permissions
// are the intersection of the role's identity-based policy and the session
// policies. You can use the role's temporary credentials in subsequent Amazon Web
// Services API calls to access resources in the account that owns the role. You
// cannot use session policies to grant more permissions than those allowed by the
// identity-based policy of the role that is being assumed. For more information,
// see Session Policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide. Tags (Optional) You can configure your IdP to pass
// attributes into your web identity token as session tags. Each session tag
// consists of a key name and an associated value. For more information about
// session tags, see Passing Session Tags in STS
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the
// IAM User Guide. You can pass up to 50 session tags. The plaintext session tag
// keys can’t exceed 128 characters and the values can’t exceed 256 characters. For
// these and additional limits, see IAM and STS Character Limits
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length)
// in the IAM User Guide. An Amazon Web Services conversion compresses the passed
// session policies and session tags into a packed binary format that has a
// separate limit. Your request can fail for this limit even if your plaintext
// meets the other requirements. The PackedPolicySize response element indicates by
// percentage how close the policies and tags for your request are to the upper
// size limit. You can pass a session tag with the same key as a tag that is
// attached to the role. When you do, the session tag overrides the role tag with
// the same key. An administrator must grant you the permissions necessary to pass
// session tags. The administrator can also create granular permissions to allow
// you to pass only specific session tags. For more information, see Tutorial:
// Using Tags for Attribute-Based Access Control
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
// in the IAM User Guide. You can set the session tags as transitive. Transitive
// tags persist during role chaining. For more information, see Chaining Roles with
// Session Tags
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining)
// in the IAM User Guide. Identities Before your application can call
// AssumeRoleWithWebIdentity, you must have an identity token from a supported
// identity provider and create a role that the application can assume. The role
// that your application assumes must trust the identity provider that is
// associated with the identity token. In other words, the identity provider must
// be specified in the role's trust policy. Calling AssumeRoleWithWebIdentity can
// result in an entry in your CloudTrail logs. The entry includes the Subject
// (http://openid.net/specs/openid-connect-core-1_0.html#Claims) of the provided
// web identity token. We recommend that you avoid using any personally
// identifiable information (PII) in this field. For example, you could instead use
// a GUID or a pairwise identifier, as suggested in the OIDC specification
// (http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes). For more
// information about how to use web identity federation and the
// AssumeRoleWithWebIdentity API, see the following resources:
//
// * Using Web
// Identity Federation API Operations for Mobile Apps
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html)
// and Federation Through a Web-based Identity Provider
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity).
//
// *
// Web Identity Federation Playground
// (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/).
// Walk through the process of authenticating through Login with Amazon, Facebook,
// or Google, getting temporary security credentials, and then using those
// credentials to make a request to Amazon Web Services.
//
// * Amazon Web Services SDK
// for iOS Developer Guide (http://aws.amazon.com/sdkforios/) and Amazon Web
// Services SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/).
// These toolkits contain sample apps that show how to invoke the identity
// providers. The toolkits then show how to use the information from these
// providers to get and use temporary security credentials.
//
// * Web Identity
// Federation with Mobile Applications
// (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications).
// This article discusses web identity federation and shows an example of how to
// use web identity federation to get access to content in Amazon S3.
AssumeRoleWithWebIdentity(ctx context.Context, params *AssumeRoleWithWebIdentityInput, optFns ...func(*Options)) (*AssumeRoleWithWebIdentityOutput, error)
// Decodes additional information about the authorization status of a request from
// an encoded message returned in response to an Amazon Web Services request. For
// example, if a user is not authorized to perform an operation that he or she has
// requested, the request returns a Client.UnauthorizedOperation response (an HTTP
// 403 response). Some Amazon Web Services operations additionally return an
// encoded message that can provide details about this authorization failure. Only
// certain Amazon Web Services operations return an encoded authorization message.
// The documentation for an individual operation indicates whether that operation
// returns an encoded message in addition to returning an HTTP code. The message is
// encoded because the details of the authorization status can contain privileged
// information that the user who requested the operation should not see. To decode
// an authorization status message, a user must be granted permissions through an
// IAM policy
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) to
// request the DecodeAuthorizationMessage (sts:DecodeAuthorizationMessage) action.
// The decoded message includes the following type of information:
//
// * Whether the
// request was denied due to an explicit deny or due to the absence of an explicit
// allow. For more information, see Determining Whether a Request is Allowed or
// Denied
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow)
// in the IAM User Guide.
//
// * The principal who made the request.
//
// * The requested
// action.
//
// * The requested resource.
//
// * The values of condition keys in the
// context of the user's request.
DecodeAuthorizationMessage(ctx context.Context, params *DecodeAuthorizationMessageInput, optFns ...func(*Options)) (*DecodeAuthorizationMessageOutput, error)
// Returns the account identifier for the specified access key ID. Access keys
// consist of two parts: an access key ID (for example, AKIAIOSFODNN7EXAMPLE) and a
// secret access key (for example, wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY). For
// more information about access keys, see Managing Access Keys for IAM Users
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html)
// in the IAM User Guide. When you pass an access key ID to this operation, it
// returns the ID of the Amazon Web Services account to which the keys belong.
// Access key IDs beginning with AKIA are long-term credentials for an IAM user or
// the Amazon Web Services account root user. Access key IDs beginning with ASIA
// are temporary credentials that are created using STS operations. If the account
// in the response belongs to you, you can sign in as the root user and review your
// root user access keys. Then, you can pull a credentials report
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html)
// to learn which IAM user owns the keys. To learn who requested the temporary
// credentials for an ASIA access key, view the STS events in your CloudTrail logs
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html)
// in the IAM User Guide. This operation does not indicate the state of the access
// key. The key might be active, inactive, or deleted. Active keys might not have
// permissions to perform an operation. Providing a deleted access key might return
// an error that the key doesn't exist.
GetAccessKeyInfo(ctx context.Context, params *GetAccessKeyInfoInput, optFns ...func(*Options)) (*GetAccessKeyInfoOutput, error)
// Returns details about the IAM user or role whose credentials are used to call
// the operation. No permissions are required to perform this operation. If an
// administrator adds a policy to your IAM user or role that explicitly denies
// access to the sts:GetCallerIdentity action, you can still perform this
// operation. Permissions are not required because the same information is returned
// when an IAM user or role is denied access. To view an example response, see I Am
// Not Authorized to Perform: iam:DeleteVirtualMFADevice
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa)
// in the IAM User Guide.
GetCallerIdentity(ctx context.Context, params *GetCallerIdentityInput, optFns ...func(*Options)) (*GetCallerIdentityOutput, error)
// Returns a set of temporary security credentials (consisting of an access key ID,
// a secret access key, and a security token) for a federated user. A typical use
// is in a proxy application that gets temporary security credentials on behalf of
// distributed applications inside a corporate network. You must call the
// GetFederationToken operation using the long-term security credentials of an IAM
// user. As a result, this call is appropriate in contexts where those credentials
// can be safely stored, usually in a server-based application. For a comparison of
// GetFederationToken with the other API operations that produce temporary
// credentials, see Requesting Temporary Security Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
// and Comparing the Amazon Web Services STS API operations
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide. You can create a mobile-based or browser-based app that
// can authenticate users using a web identity provider like Login with Amazon,
// Facebook, Google, or an OpenID Connect-compatible identity provider. In this
// case, we recommend that you use Amazon Cognito (http://aws.amazon.com/cognito/)
// or AssumeRoleWithWebIdentity. For more information, see Federation Through a
// Web-based Identity Provider
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity)
// in the IAM User Guide. You can also call GetFederationToken using the security
// credentials of an Amazon Web Services account root user, but we do not recommend
// it. Instead, we recommend that you create an IAM user for the purpose of the
// proxy application. Then attach a policy to the IAM user that limits federated
// users to only the actions and resources that they need to access. For more
// information, see IAM Best Practices
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) in the
// IAM User Guide. Session duration The temporary credentials are valid for the
// specified duration, from 900 seconds (15 minutes) up to a maximum of 129,600
// seconds (36 hours). The default session duration is 43,200 seconds (12 hours).
// Temporary credentials obtained by using the Amazon Web Services account root
// user credentials have a maximum duration of 3,600 seconds (1 hour). Permissions
// You can use the temporary credentials created by GetFederationToken in any
// Amazon Web Services service except the following:
//
// * You cannot call any IAM
// operations using the CLI or the Amazon Web Services API.
//
// * You cannot call any
// STS operations except GetCallerIdentity.
//
// You must pass an inline or managed
// session policy
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// to this operation. You can pass a single JSON policy document to use as an
// inline session policy. You can also specify up to 10 managed policies to use as
// managed session policies. The plaintext that you use for both inline and managed
// session policies can't exceed 2,048 characters. Though the session policy
// parameters are optional, if you do not pass a policy, then the resulting
// federated user session has no permissions. When you pass session policies, the
// session permissions are the intersection of the IAM user policies and the
// session policies that you pass. This gives you a way to further restrict the
// permissions for a federated user. You cannot use session policies to grant more
// permissions than those that are defined in the permissions policy of the IAM
// user. For more information, see Session Policies
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session)
// in the IAM User Guide. For information about using GetFederationToken to create
// temporary security credentials, see GetFederationToken—Federation Through a
// Custom Identity Broker
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getfederationtoken).
// You can use the credentials to access a resource that has a resource-based
// policy. If that policy specifically references the federated user session in the
// Principal element of the policy, the session has the permissions allowed by the
// policy. These permissions are granted in addition to the permissions granted by
// the session policies. Tags (Optional) You can pass tag key-value pairs to your
// session. These are called session tags. For more information about session tags,
// see Passing Session Tags in STS
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) in the
// IAM User Guide. You can create a mobile-based or browser-based app that can
// authenticate users using a web identity provider like Login with Amazon,
// Facebook, Google, or an OpenID Connect-compatible identity provider. In this
// case, we recommend that you use Amazon Cognito (http://aws.amazon.com/cognito/)
// or AssumeRoleWithWebIdentity. For more information, see Federation Through a
// Web-based Identity Provider
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity)
// in the IAM User Guide. An administrator must grant you the permissions necessary
// to pass session tags. The administrator can also create granular permissions to
// allow you to pass only specific session tags. For more information, see
// Tutorial: Using Tags for Attribute-Based Access Control
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/tutorial_attribute-based-access-control.html)
// in the IAM User Guide. Tag key–value pairs are not case sensitive, but case is
// preserved. This means that you cannot have separate Department and department
// tag keys. Assume that the user that you are federating has the
// Department=Marketing tag and you pass the department=engineering session tag.
// Department and department are not saved as separate tags, and the session tag
// passed in the request takes precedence over the user tag.
GetFederationToken(ctx context.Context, params *GetFederationTokenInput, optFns ...func(*Options)) (*GetFederationTokenOutput, error)
// Returns a set of temporary credentials for an Amazon Web Services account or IAM
// user. The credentials consist of an access key ID, a secret access key, and a
// security token. Typically, you use GetSessionToken if you want to use MFA to
// protect programmatic calls to specific Amazon Web Services API operations like
// Amazon EC2 StopInstances. MFA-enabled IAM users would need to call
// GetSessionToken and submit an MFA code that is associated with their MFA device.
// Using the temporary security credentials that are returned from the call, IAM
// users can then make programmatic calls to API operations that require MFA
// authentication. If you do not supply a correct MFA code, then the API returns an
// access denied error. For a comparison of GetSessionToken with the other API
// operations that produce temporary credentials, see Requesting Temporary Security
// Credentials
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html)
// and Comparing the Amazon Web Services STS API operations
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison)
// in the IAM User Guide. Session Duration The GetSessionToken operation must be
// called by using the long-term Amazon Web Services security credentials of the
// Amazon Web Services account root user or an IAM user. Credentials that are
// created by IAM users are valid for the duration that you specify. This duration
// can range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36
// hours), with a default of 43,200 seconds (12 hours). Credentials based on
// account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds
// (1 hour), with a default of 1 hour. Permissions The temporary security
// credentials created by GetSessionToken can be used to make API calls to any
// Amazon Web Services service with the following exceptions:
//
// * You cannot call
// any IAM API operations unless MFA authentication information is included in the
// request.
//
// * You cannot call any STS API except AssumeRole or
// GetCallerIdentity.
//
// We recommend that you do not call GetSessionToken with
// Amazon Web Services account root user credentials. Instead, follow our best
// practices
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users)
// by creating one or more IAM users, giving them the necessary permissions, and
// using IAM users for everyday interaction with Amazon Web Services. The
// credentials that are returned by GetSessionToken are based on permissions
// associated with the user whose credentials were used to call the operation. If
// GetSessionToken is called using Amazon Web Services account root user
// credentials, the temporary credentials have root user permissions. Similarly, if
// GetSessionToken is called using the credentials of an IAM user, the temporary
// credentials have the same permissions as the IAM user. For more information
// about using GetSessionToken to create temporary credentials, go to Temporary
// Credentials for Users in Untrusted Environments
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken)
// in the IAM User Guide.
GetSessionToken(ctx context.Context, params *GetSessionTokenInput, optFns ...func(*Options)) (*GetSessionTokenOutput, error)
}
STS provides an interface to the AWS STS service.
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.