Information about the Capacity Reservation usage.
* @public */ export interface InstanceUsage { /** *The ID of the Amazon Web Services account that is making use of the Capacity * Reservation.
* @public */ AccountId?: string | undefined; /** *The number of instances the Amazon Web Services account currently has in the Capacity * Reservation.
* @public */ UsedInstanceCount?: number | undefined; } /** * @public */ export interface GetCapacityReservationUsageResult { /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the Capacity Reservation.
* @public */ CapacityReservationId?: string | undefined; /** *The type of instance for which the Capacity Reservation reserves capacity.
* @public */ InstanceType?: string | undefined; /** *The number of instances for which the Capacity Reservation reserves capacity.
* @public */ TotalInstanceCount?: number | undefined; /** *The remaining capacity. Indicates the number of instances that can be launched in the * Capacity Reservation.
* @public */ AvailableInstanceCount?: number | undefined; /** *The current state of the Capacity Reservation. A Capacity Reservation can be in one of * the following states:
*
* active - The capacity is available for use.
* expired - The Capacity Reservation expired automatically at the date and time
* specified in your reservation request. The reserved capacity is no longer available for your use.
* cancelled - The Capacity Reservation was canceled. The reserved capacity is no
* longer available for your use.
* pending - The Capacity Reservation request was successful but the capacity
* provisioning is still pending.
* failed - The Capacity Reservation request has failed. A request can fail due to
* request parameters that are not valid, capacity constraints, or instance limit constraints. You
* can view a failed request for 60 minutes.
* scheduled - (Future-dated Capacity Reservations) The
* future-dated Capacity Reservation request was approved and the Capacity Reservation is scheduled
* for delivery on the requested start date.
* payment-pending - (Capacity Blocks) The upfront
* payment has not been processed yet.
* payment-failed - (Capacity Blocks) The upfront
* payment was not processed in the 12-hour time frame. Your Capacity Block was released.
* assessing - (Future-dated Capacity Reservations)
* Amazon EC2 is assessing your request for a future-dated Capacity Reservation.
* delayed - (Future-dated Capacity Reservations) Amazon EC2
* encountered a delay in provisioning the requested future-dated Capacity Reservation. Amazon EC2 is
* unable to deliver the requested capacity by the requested start date and time.
* unsupported - (Future-dated Capacity Reservations) Amazon EC2
* can't support the future-dated Capacity Reservation request due to capacity constraints. You can view
* unsupported requests for 30 days. The Capacity Reservation will not be delivered.
Information about the Capacity Reservation usage.
* @public */ InstanceUsages?: InstanceUsage[] | undefined; /** ** Indicates whether the Capacity Reservation is interruptible, meaning instances may be terminated when the owner reclaims capacity. *
* @public */ Interruptible?: boolean | undefined; /** ** Information about the capacity allocated to the interruptible Capacity Reservation, including instance counts and allocation status. *
* @public */ InterruptibleCapacityAllocation?: InterruptibleCapacityAllocation | undefined; /** ** Details about the interruption configuration and source reservation for interruptible Capacity Reservations. *
* @public */ InterruptionInfo?: InterruptionInfo | undefined; } /** * @public */ export interface GetCoipPoolUsageRequest { /** *The ID of the address pool.
* @public */ PoolId: string | undefined; /** *One or more filters.
*
* coip-address-usage.allocation-id - The allocation ID of the address.
* coip-address-usage.aws-account-id - The ID of the Amazon Web Services account that is using the customer-owned IP address.
* coip-address-usage.aws-service - The Amazon Web Services service that is using the customer-owned IP address.
* coip-address-usage.co-ip - The customer-owned IP address.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes address usage for a customer-owned address pool.
* @public */ export interface CoipAddressUsage { /** *The allocation ID of the address.
* @public */ AllocationId?: string | undefined; /** *The Amazon Web Services account ID.
* @public */ AwsAccountId?: string | undefined; /** *The Amazon Web Services service.
* @public */ AwsService?: string | undefined; /** *The customer-owned IP address.
* @public */ CoIp?: string | undefined; } /** * @public */ export interface GetCoipPoolUsageResult { /** *The ID of the customer-owned address pool.
* @public */ CoipPoolId?: string | undefined; /** *Information about the address usage.
* @public */ CoipAddressUsages?: CoipAddressUsage[] | undefined; /** *The ID of the local gateway route table.
* @public */ LocalGatewayRouteTableId?: string | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *When enabled, retrieves the latest console output for the instance.
*Default: disabled (false)
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The time at which the output was last updated.
* @public */ Timestamp?: Date | undefined; /** *The console output, base64-encoded. If you are using a command line tool, the tool * decodes the output for you.
* @public */ Output?: string | undefined; } /** * @public */ export interface GetConsoleScreenshotRequest { /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *When set to true, acts as keystroke input and wakes up an instance that's
* in standby or "sleep" mode.
The data that comprises the image.
* @public */ ImageData?: string | undefined; /** *The ID of the instance.
* @public */ InstanceId?: string | undefined; } /** * @public */ export interface GetDeclarativePoliciesReportSummaryRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the report.
* @public */ ReportId: string | undefined; } /** *A summary report for the attribute for a Region.
* @public */ export interface RegionalSummary { /** *The Amazon Web Services Region.
* @public */ RegionName?: string | undefined; /** *The number of accounts in the Region with the same configuration value for the * attribute that is most frequently observed.
* @public */ NumberOfMatchedAccounts?: number | undefined; /** *The number of accounts in the Region with a configuration value different from the * most frequently observed value for the attribute.
* @public */ NumberOfUnmatchedAccounts?: number | undefined; } /** *A summary report for the attribute across all Regions.
* @public */ export interface AttributeSummary { /** *The name of the attribute.
* @public */ AttributeName?: string | undefined; /** *The configuration value that is most frequently observed for the attribute.
* @public */ MostFrequentValue?: string | undefined; /** *The number of accounts with the same configuration value for the attribute that is * most frequently observed.
* @public */ NumberOfMatchedAccounts?: number | undefined; /** *The number of accounts with a configuration value different from the most frequently * observed value for the attribute.
* @public */ NumberOfUnmatchedAccounts?: number | undefined; /** *The summary report for each Region for the attribute.
* @public */ RegionalSummaries?: RegionalSummary[] | undefined; } /** * @public */ export interface GetDeclarativePoliciesReportSummaryResult { /** *The ID of the report.
* @public */ ReportId?: string | undefined; /** *The name of the Amazon S3 bucket where the report is located.
* @public */ S3Bucket?: string | undefined; /** *The prefix for your S3 object.
* @public */ S3Prefix?: string | undefined; /** *The root ID, organizational unit ID, or account ID.
*Format:
*For root: r-ab12
*
For OU: ou-ab12-cdef1234
*
For account: 123456789012
*
The time when the report generation started.
* @public */ StartTime?: Date | undefined; /** *The time when the report generation ended.
* @public */ EndTime?: Date | undefined; /** *The total number of accounts associated with the specified
* targetId.
The number of accounts where attributes could not be retrieved in any Region.
* @public */ NumberOfFailedAccounts?: number | undefined; /** *The attributes described in the report.
* @public */ AttributeSummaries?: AttributeSummary[] | undefined; } /** * @public */ export interface GetDefaultCreditSpecificationRequest { /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The instance family.
* @public */ InstanceFamily: UnlimitedSupportedInstanceFamily | undefined; } /** *Describes the default credit option for CPU usage of a burstable performance instance * family.
* @public */ export interface InstanceFamilyCreditSpecification { /** *The instance family.
* @public */ InstanceFamily?: UnlimitedSupportedInstanceFamily | undefined; /** *The default credit option for CPU usage of the instance family. Valid values are
* standard and unlimited.
The default credit option for CPU usage of the instance family.
* @public */ InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification | undefined; } /** * @public */ export interface GetEbsDefaultKmsKeyIdRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Amazon Resource Name (ARN) of the default KMS key for encryption by default.
* @public */ KmsKeyId?: string | undefined; } /** * @public */ export interface GetEbsEncryptionByDefaultRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Indicates whether encryption by default is enabled.
* @public */ EbsEncryptionByDefault?: boolean | undefined; /** *Reserved for future use.
* @public */ SseType?: SSEType | undefined; } /** * @public */ export interface GetEnabledIpamPolicyRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Indicates whether the IPAM policy is enabled.
* @public */ IpamPolicyEnabled?: boolean | undefined; /** *The ID of the enabled IPAM policy.
* @public */ IpamPolicyId?: string | undefined; /** *The entity that manages the IPAM policy.
* @public */ ManagedBy?: IpamPolicyManagedBy | undefined; } /** *Describes integration options for Amazon Athena.
* @public */ export interface AthenaIntegration { /** *The location in Amazon S3 to store the generated CloudFormation template.
* @public */ IntegrationResultS3DestinationArn: string | undefined; /** *The schedule for adding new partitions to the table.
* @public */ PartitionLoadFrequency: PartitionLoadFrequency | undefined; /** *The start date for the partition.
* @public */ PartitionStartDate?: Date | undefined; /** *The end date for the partition.
* @public */ PartitionEndDate?: Date | undefined; } /** *Describes service integrations with VPC Flow logs.
* @public */ export interface IntegrateServices { /** *Information about the integration with Amazon Athena.
* @public */ AthenaIntegrations?: AthenaIntegration[] | undefined; } /** * @public */ export interface GetFlowLogsIntegrationTemplateRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the flow log.
* @public */ FlowLogId: string | undefined; /** *To store the CloudFormation template in Amazon S3, specify the location in Amazon S3.
* @public */ ConfigDeliveryS3DestinationArn: string | undefined; /** *Information about the service integration.
* @public */ IntegrateServices: IntegrateServices | undefined; } /** * @public */ export interface GetFlowLogsIntegrationTemplateResult { /** *The generated CloudFormation template.
* @public */ Result?: string | undefined; } /** * @public */ export interface GetGroupsForCapacityReservationRequest { /** *The ID of the Capacity Reservation. If you specify a Capacity Reservation that is * shared with you, the operation returns only Capacity Reservation groups that you * own.
* @public */ CapacityReservationId: string | undefined; /** *The token to use to retrieve the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, * see Pagination.
* @public */ MaxResults?: number | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Describes a resource group to which a Capacity Reservation has been added.
* @public */ export interface CapacityReservationGroup { /** *The ARN of the resource group.
* @public */ GroupArn?: string | undefined; /** *The ID of the Amazon Web Services account that owns the resource group.
* @public */ OwnerId?: string | undefined; } /** * @public */ export interface GetGroupsForCapacityReservationResult { /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Information about the resource groups to which the Capacity Reservation has been * added.
* @public */ CapacityReservationGroups?: CapacityReservationGroup[] | undefined; } /** * @public */ export interface GetHostReservationPurchasePreviewRequest { /** *The IDs of the Dedicated Hosts with which the reservation is associated.
* @public */ HostIdSet: string[] | undefined; /** *The offering ID of the reservation.
* @public */ OfferingId: string | undefined; } /** *Describes the result of the purchase.
* @public */ export interface Purchase { /** *The currency in which the UpfrontPrice and HourlyPrice
* amounts are specified. At this time, the only supported currency is
* USD.
The duration of the reservation's term in seconds.
* @public */ Duration?: number | undefined; /** *The IDs of the Dedicated Hosts associated with the reservation.
* @public */ HostIdSet?: string[] | undefined; /** *The ID of the reservation.
* @public */ HostReservationId?: string | undefined; /** *The hourly price of the reservation per hour.
* @public */ HourlyPrice?: string | undefined; /** *The instance family on the Dedicated Host that the reservation can be associated * with.
* @public */ InstanceFamily?: string | undefined; /** *The payment option for the reservation.
* @public */ PaymentOption?: PaymentOption | undefined; /** *The upfront price of the reservation.
* @public */ UpfrontPrice?: string | undefined; } /** * @public */ export interface GetHostReservationPurchasePreviewResult { /** *The currency in which the totalUpfrontPrice and
* totalHourlyPrice amounts are specified. At this time, the only
* supported currency is USD.
The purchase information of the Dedicated Host reservation and the Dedicated Hosts * associated with it.
* @public */ Purchase?: Purchase[] | undefined; /** *The potential total hourly price of the reservation per hour.
* @public */ TotalHourlyPrice?: string | undefined; /** *The potential total upfront price. This is billed immediately.
* @public */ TotalUpfrontPrice?: string | undefined; } /** * @public */ export interface GetImageAncestryRequest { /** *The ID of the AMI whose ancestry you want to trace.
* @public */ ImageId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about a single AMI in the ancestry chain and its source (parent) AMI.
* @public */ export interface ImageAncestryEntry { /** *The date and time when this AMI was created.
* @public */ CreationDate?: Date | undefined; /** *The ID of this AMI.
* @public */ ImageId?: string | undefined; /** *The owner alias (amazon | aws-backup-vault |
* aws-marketplace ) of this AMI, if one is assigned. Otherwise, the value is
* null.
The ID of the parent AMI.
* @public */ SourceImageId?: string | undefined; /** *The Amazon Web Services Region of the parent AMI.
* @public */ SourceImageRegion?: string | undefined; } /** * @public */ export interface GetImageAncestryResult { /** *A list of entries in the AMI ancestry chain, from the specified AMI to the root * AMI.
* @public */ ImageAncestryEntries?: ImageAncestryEntry[] | undefined; } /** * @public */ export interface GetImageBlockPublicAccessStateRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The current state of block public access for AMIs at the account level in the specified * Amazon Web Services Region.
*Possible values:
*
* block-new-sharing - Any attempt to publicly share your AMIs in the
* specified Region is blocked.
* unblocked - Your AMIs in the specified Region can be publicly
* shared.
The entity that manages the state for block public access for AMIs. Possible values * include:
*
* account - The state is managed by the account.
* declarative-policy - The state is managed by a declarative policy and
* can't be modified by the account.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The default instance metadata service (IMDS) settings that were set at the account * level in the specified Amazon Web Services Region.
* @public */ export interface InstanceMetadataDefaultsResponse { /** *Indicates whether IMDSv2 is required.
*
* optional – IMDSv2 is optional, which means that you can
* use either IMDSv2 or IMDSv1.
* required – IMDSv2 is required, which means that IMDSv1 is
* disabled, and you must use IMDSv2.
The maximum number of hops that the metadata token can travel.
* @public */ HttpPutResponseHopLimit?: number | undefined; /** *Indicates whether the IMDS endpoint for an instance is enabled or disabled. When disabled, the instance * metadata can't be accessed.
* @public */ HttpEndpoint?: InstanceMetadataEndpointState | undefined; /** *Indicates whether access to instance tags from the instance metadata is enabled or * disabled. For more information, see View tags for your EC2 * instances using instance metadata in the * Amazon EC2 User Guide.
* @public */ InstanceMetadataTags?: InstanceMetadataTagsState | undefined; /** *The entity that manages the IMDS default settings. Possible values include:
*
* account - The IMDS default settings are managed by the
* account.
* declarative-policy - The IMDS default settings are managed
* by a declarative policy and can't be modified by the account.
The customized exception message that is specified in the declarative policy.
* @public */ ManagedExceptionMessage?: string | undefined; /** *Indicates whether to enforce the requirement of IMDSv2 on an instance at the time of
* launch. When enforcement is enabled, the instance can't launch unless IMDSv2
* (HttpTokens) is set to required.
The account-level default IMDS settings.
* @public */ AccountLevel?: InstanceMetadataDefaultsResponse | undefined; } /** * @public */ export interface GetInstanceTpmEkPubRequest { /** *The ID of the instance for which to get the public endorsement key.
* @public */ InstanceId: string | undefined; /** *The required public endorsement key type.
* @public */ KeyType: EkPubKeyType | undefined; /** *The required public endorsement key format. Specify der for a DER-encoded public
* key that is compatible with OpenSSL. Specify tpmt for a TPM 2.0 format that is
* compatible with tpm2-tools. The returned key is base64 encoded.
Specify this parameter to verify whether the request will succeed, without actually making the
* request. If the request will succeed, the response is DryRunOperation. Otherwise,
* the response is UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The public endorsement key type.
* @public */ KeyType?: EkPubKeyType | undefined; /** *The public endorsement key format.
* @public */ KeyFormat?: EkPubKeyFormat | undefined; /** *The public endorsement key material.
* @public */ KeyValue?: string | undefined; } /** * @public */ export interface GetInstanceTypesFromInstanceRequirementsRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The processor architecture type.
* @public */ ArchitectureTypes: ArchitectureType[] | undefined; /** *The virtualization type.
* @public */ VirtualizationTypes: VirtualizationType[] | undefined; /** *The attributes required for the instance types.
* @public */ InstanceRequirements: InstanceRequirementsRequest | undefined; /** *The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; /** *Reserved.
* @public */ Context?: string | undefined; } /** *The list of instance types with the specified instance attributes.
* @public */ export interface InstanceTypeInfoFromInstanceRequirements { /** *The matching instance type.
* @public */ InstanceType?: string | undefined; } /** * @public */ export interface GetInstanceTypesFromInstanceRequirementsResult { /** *The instance types with the specified instance attributes.
* @public */ InstanceTypes?: InstanceTypeInfoFromInstanceRequirements[] | undefined; /** *The token to include in another request to get the next page of items. This value is null when there
* are no more items to return.
The ID of the instance from which to retrieve the UEFI data.
* @public */ InstanceId: string | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance from which to retrieve the UEFI data.
* @public */ InstanceId?: string | undefined; /** *Base64 representation of the non-volatile UEFI variable store.
* @public */ UefiData?: string | undefined; } /** * @public */ export interface GetIpamAddressHistoryRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The CIDR you want the history of. The CIDR can be an IPv4 or IPv6 IP address range. * If you enter a /16 IPv4 CIDR, you will get records that match it exactly. You will not get records for any subnets within the /16 CIDR.
* @public */ Cidr: string | undefined; /** *The ID of the IPAM scope that the CIDR is in.
* @public */ IpamScopeId: string | undefined; /** *The ID of the VPC you want your history records filtered by.
* @public */ VpcId?: string | undefined; /** *The start of the time period for which you are looking for history. If you omit this option, it will default to the value of EndTime.
* @public */ StartTime?: Date | undefined; /** *The end of the time period for which you are looking for history. If you omit this option, it will default to the current time.
* @public */ EndTime?: Date | undefined; /** *The maximum number of historical results you would like returned per page. Defaults to 100.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *The historical record of a CIDR within an IPAM scope. For more information, see View the history of IP addresses in the Amazon VPC IPAM User Guide. *
* @public */ export interface IpamAddressHistoryRecord { /** *The ID of the resource owner.
* @public */ ResourceOwnerId?: string | undefined; /** *The Amazon Web Services Region of the resource.
* @public */ ResourceRegion?: string | undefined; /** *The type of the resource.
* @public */ ResourceType?: IpamAddressHistoryResourceType | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The CIDR of the resource.
* @public */ ResourceCidr?: string | undefined; /** *The name of the resource.
* @public */ ResourceName?: string | undefined; /** *The compliance status of a resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
* @public */ ResourceComplianceStatus?: IpamComplianceStatus | undefined; /** *The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
* @public */ ResourceOverlapStatus?: IpamOverlapStatus | undefined; /** *The VPC ID of the resource.
* @public */ VpcId?: string | undefined; /** *Sampled start time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the start time may have occurred before this specific time.
* @public */ SampledStartTime?: Date | undefined; /** *Sampled end time of the resource-to-CIDR association within the IPAM scope. Changes are picked up in periodic snapshots, so the end time may have occurred before this specific time.
* @public */ SampledEndTime?: Date | undefined; } /** * @public */ export interface GetIpamAddressHistoryResult { /** *A historical record for a CIDR within an IPAM scope. If the CIDR is associated with an EC2 instance, you will see an object in the response for the instance and one for the network interface.
* @public */ HistoryRecords?: IpamAddressHistoryRecord[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A resource discovery ID.
* @public */ IpamResourceDiscoveryId: string | undefined; /** *The Amazon Web Services Region that the account information is returned from.
* @public */ DiscoveryRegion: string | undefined; /** *Discovered account filters.
* @public */ Filters?: Filter[] | undefined; /** *Specify the pagination token from a previous request to retrieve the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of discovered accounts to return in one page of results.
* @public */ MaxResults?: number | undefined; } /** *The discovery failure reason.
* @public */ export interface IpamDiscoveryFailureReason { /** *The discovery failure code.
*
* assume-role-failure - IPAM could not assume the Amazon Web Services IAM service-linked role. This could be because of any of the following:
SLR has not been created yet and IPAM is still creating it.
*You have opted-out of the IPAM home Region.
*Account you are using as your IPAM account has been suspended.
*
* throttling-failure - IPAM account is already using the allotted transactions per second and IPAM is receiving a throttling error when assuming the Amazon Web Services IAM SLR.
* unauthorized-failure - Amazon Web Services account making the request is not authorized. For more information, see AuthFailure in the Amazon Elastic Compute Cloud API Reference.
The discovery failure message.
* @public */ Message?: string | undefined; } /** *An IPAM discovered account. A discovered account is an Amazon Web Services account that is monitored under a resource discovery. If you have integrated IPAM with Amazon Web Services Organizations, all accounts in the organization are discovered accounts.
* @public */ export interface IpamDiscoveredAccount { /** *The account ID.
* @public */ AccountId?: string | undefined; /** *The Amazon Web Services Region that the account information is returned from. * An account can be discovered in multiple regions and will have a separate discovered account for each Region.
* @public */ DiscoveryRegion?: string | undefined; /** *The resource discovery failure reason.
* @public */ FailureReason?: IpamDiscoveryFailureReason | undefined; /** *The last attempted resource discovery time.
* @public */ LastAttemptedDiscoveryTime?: Date | undefined; /** *The last successful resource discovery time.
* @public */ LastSuccessfulDiscoveryTime?: Date | undefined; /** *The ID of an Organizational Unit in Amazon Web Services Organizations.
* @public */ OrganizationalUnitId?: string | undefined; } /** * @public */ export interface GetIpamDiscoveredAccountsResult { /** *Discovered accounts.
* @public */ IpamDiscoveredAccounts?: IpamDiscoveredAccount[] | undefined; /** *Specify the pagination token from a previous request to retrieve the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamDiscoveredPublicAddressesRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
An IPAM resource discovery ID.
* @public */ IpamResourceDiscoveryId: string | undefined; /** *The Amazon Web Services Region for the IP address.
* @public */ AddressRegion: string | undefined; /** *Filters.
* @public */ Filters?: Filter[] | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of IPAM discovered public addresses to return in one page of results.
* @public */ MaxResults?: number | undefined; } /** *The security group that the resource with the public IP address is in.
* @public */ export interface IpamPublicAddressSecurityGroup { /** *The security group's name.
* @public */ GroupName?: string | undefined; /** *The security group's ID.
* @public */ GroupId?: string | undefined; } /** *A tag for a public IP address discovered by IPAM.
* @public */ export interface IpamPublicAddressTag { /** *The tag's key.
* @public */ Key?: string | undefined; /** *The tag's value.
* @public */ Value?: string | undefined; } /** *Tags for a public IP address discovered by IPAM.
* @public */ export interface IpamPublicAddressTags { /** *Tags for an Elastic IP address.
* @public */ EipTags?: IpamPublicAddressTag[] | undefined; } /** *A public IP Address discovered by IPAM.
* @public */ export interface IpamDiscoveredPublicAddress { /** *The resource discovery ID.
* @public */ IpamResourceDiscoveryId?: string | undefined; /** *The Region of the resource the IP address is assigned to.
* @public */ AddressRegion?: string | undefined; /** *The IP address.
* @public */ Address?: string | undefined; /** *The ID of the owner of the resource the IP address is assigned to.
* @public */ AddressOwnerId?: string | undefined; /** *The allocation ID of the resource the IP address is assigned to.
* @public */ AddressAllocationId?: string | undefined; /** *The association status.
* @public */ AssociationStatus?: IpamPublicAddressAssociationStatus | undefined; /** *The IP address type.
* @public */ AddressType?: IpamPublicAddressType | undefined; /** *The Amazon Web Services service associated with the IP address.
* @public */ Service?: IpamPublicAddressAwsService | undefined; /** *The resource ARN or ID.
* @public */ ServiceResource?: string | undefined; /** *The ID of the VPC that the resource with the assigned IP address is in.
* @public */ VpcId?: string | undefined; /** *The ID of the subnet that the resource with the assigned IP address is in.
* @public */ SubnetId?: string | undefined; /** *The ID of the public IPv4 pool that the resource with the assigned IP address is from.
* @public */ PublicIpv4PoolId?: string | undefined; /** *The network interface ID of the resource with the assigned IP address.
* @public */ NetworkInterfaceId?: string | undefined; /** *The description of the network interface that IP address is assigned to.
* @public */ NetworkInterfaceDescription?: string | undefined; /** *The instance ID of the instance the assigned IP address is assigned to.
* @public */ InstanceId?: string | undefined; /** *Tags associated with the IP address.
* @public */ Tags?: IpamPublicAddressTags | undefined; /** *The Availability Zone (AZ) or Local Zone (LZ) network border group that the resource that the IP address is assigned to is in. Defaults to an AZ network border group. For more information on available Local Zones, see Local Zone availability in the Amazon EC2 User Guide.
* @public */ NetworkBorderGroup?: string | undefined; /** *Security groups associated with the resource that the IP address is assigned to.
* @public */ SecurityGroups?: IpamPublicAddressSecurityGroup[] | undefined; /** *The last successful resource discovery time.
* @public */ SampleTime?: Date | undefined; } /** * @public */ export interface GetIpamDiscoveredPublicAddressesResult { /** *IPAM discovered public addresses.
* @public */ IpamDiscoveredPublicAddresses?: IpamDiscoveredPublicAddress[] | undefined; /** *The oldest successful resource discovery time.
* @public */ OldestSampleTime?: Date | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A resource discovery ID.
* @public */ IpamResourceDiscoveryId: string | undefined; /** *A resource Region.
* @public */ ResourceRegion: string | undefined; /** *Filters.
* @public */ Filters?: Filter[] | undefined; /** *Specify the pagination token from a previous request to retrieve the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of discovered resource CIDRs to return in one page of results.
* @public */ MaxResults?: number | undefined; } /** *An IPAM discovered resource CIDR. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered resource CIDR is the IP address range in CIDR notation that is associated with the resource.
* @public */ export interface IpamDiscoveredResourceCidr { /** *The resource discovery ID.
* @public */ IpamResourceDiscoveryId?: string | undefined; /** *The resource Region.
* @public */ ResourceRegion?: string | undefined; /** *The resource ID.
* @public */ ResourceId?: string | undefined; /** *The resource owner ID.
* @public */ ResourceOwnerId?: string | undefined; /** *The resource CIDR.
* @public */ ResourceCidr?: string | undefined; /** *The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
The resource type.
* @public */ ResourceType?: IpamResourceType | undefined; /** *The resource tags.
* @public */ ResourceTags?: IpamResourceTag[] | undefined; /** *The percentage of IP address space in use. To convert the decimal to a percentage, multiply the decimal by 100. Note the following:
*For resources that are VPCs, this is the percentage of IP address space in the VPC that's taken up by subnet CIDRs. *
*For resources that are subnets, if the subnet has an IPv4 CIDR provisioned to it, this is the percentage of IPv4 address space in the subnet that's in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage of IPv6 address space in use is not represented. The percentage of IPv6 address space in use cannot currently be calculated. *
*For resources that are public IPv4 pools, this is the percentage of IP address space in the pool that's been allocated to Elastic IP addresses (EIPs). *
*The VPC ID.
* @public */ VpcId?: string | undefined; /** *The subnet ID.
* @public */ SubnetId?: string | undefined; /** *For elastic network interfaces, this is the status of whether or not the elastic network interface is attached.
* @public */ NetworkInterfaceAttachmentStatus?: IpamNetworkInterfaceAttachmentStatus | undefined; /** *The last successful resource discovery time.
* @public */ SampleTime?: Date | undefined; /** *The Availability Zone ID.
* @public */ AvailabilityZoneId?: string | undefined; } /** * @public */ export interface GetIpamDiscoveredResourceCidrsResult { /** *Discovered resource CIDRs.
* @public */ IpamDiscoveredResourceCidrs?: IpamDiscoveredResourceCidr[] | undefined; /** *Specify the pagination token from a previous request to retrieve the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamPolicyAllocationRulesRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM policy for which to get allocation rules.
* @public */ IpamPolicyId: string | undefined; /** *One or more filters for the allocation rules.
* @public */ Filters?: Filter[] | undefined; /** *The locale for which to get the allocation rules.
* @public */ Locale?: string | undefined; /** *The resource type for which to get the allocation rules.
*The Amazon Web Services service or resource type that can use IP addresses through IPAM policies. Supported services and resource types include:
*Elastic IP addresses
*The maximum number of results to return in a single call.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Information about an IPAM policy allocation rule.
*Allocation rules are optional configurations within an IPAM policy that map Amazon Web Services resource types to specific IPAM pools. If no rules are defined, the resource types default to using Amazon-provided IP addresses.
* @public */ export interface IpamPolicyAllocationRule { /** *The ID of the source IPAM pool for the allocation rule.
*An IPAM pool is a collection of IP addresses in IPAM that can be allocated to Amazon Web Services resources.
* @public */ SourceIpamPoolId?: string | undefined; } /** *Information about an IPAM policy.
* @public */ export interface IpamPolicyDocument { /** *The ID of the IPAM policy.
* @public */ IpamPolicyId?: string | undefined; /** *The locale of the IPAM policy document.
* @public */ Locale?: string | undefined; /** *The resource type of the IPAM policy document.
*The Amazon Web Services service or resource type that can use IP addresses through IPAM policies. Supported services and resource types include:
*Elastic IP addresses
*The allocation rules in the IPAM policy document.
*Allocation rules are optional configurations within an IPAM policy that map Amazon Web Services resource types to specific IPAM pools. If no rules are defined, the resource types default to using Amazon-provided IP addresses.
* @public */ AllocationRules?: IpamPolicyAllocationRule[] | undefined; } /** * @public */ export interface GetIpamPolicyAllocationRulesResult { /** *The IPAM policy documents containing the allocation rules.
*Allocation rules are optional configurations within an IPAM policy that map Amazon Web Services resource types to specific IPAM pools. If no rules are defined, the resource types default to using Amazon-provided IP addresses.
* @public */ IpamPolicyDocuments?: IpamPolicyDocument[] | undefined; /** *The token to use to retrieve the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamPolicyOrganizationTargetsRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The maximum number of results to return in a single call.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *The ID of the IPAM policy for which to get Amazon Web Services Organizations targets.
* @public */ IpamPolicyId: string | undefined; /** *One or more filters for the Amazon Web Services Organizations targets.
* @public */ Filters?: Filter[] | undefined; } /** *The Amazon Web Services Organizations target for an IPAM policy.
* @public */ export interface IpamPolicyOrganizationTarget { /** *The ID of the Amazon Web Services Organizations target.
*A target can be an individual Amazon Web Services account or an entity within an Amazon Web Services Organization to which an IPAM policy can be applied.
* @public */ OrganizationTargetId?: string | undefined; } /** * @public */ export interface GetIpamPolicyOrganizationTargetsResult { /** *The IDs of the Amazon Web Services Organizations targets.
*A target can be an individual Amazon Web Services account or an entity within an Amazon Web Services Organization to which an IPAM policy can be applied.
* @public */ OrganizationTargets?: IpamPolicyOrganizationTarget[] | undefined; /** *The token to use to retrieve the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamPoolAllocationsRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool you want to see the allocations for.
* @public */ IpamPoolId: string | undefined; /** *The ID of the allocation.
* @public */ IpamPoolAllocationId?: string | undefined; /** *One or more filters for the request. For more information about filtering, see Filtering CLI output.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results you would like returned per page.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamPoolAllocationsResult { /** *The IPAM pool allocations you want information on.
* @public */ IpamPoolAllocations?: IpamPoolAllocation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool you want the CIDR for.
* @public */ IpamPoolId: string | undefined; /** *One or more filters for the request. For more information about filtering, see Filtering CLI output.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results to return in the request.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetIpamPoolCidrsResult { /** *Information about the CIDRs provisioned to an IPAM pool.
* @public */ IpamPoolCidrs?: IpamPoolCidr[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM prefix list resolver whose rules you want to retrieve.
* @public */ IpamPrefixListResolverId: string | undefined; /** *One or more filters to limit the results.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Describes a condition within a CIDR selection rule. Conditions define the criteria for selecting CIDRs from IPAM's database based on resource attributes.
*CIDR selection rules define the business logic for selecting CIDRs from IPAM. If a CIDR matches any of the rules, it will be included. If a rule has multiple conditions, the CIDR has to match every condition of that rule. You can create a prefix list resolver without any CIDR selection rules, but it will generate empty versions (containing no CIDRs) until you add rules.
*There are three rule types. Only 2 of the 3 rule types support conditions - IPAM pool CIDR and Scope resource CIDR. Static CIDR rules cannot have conditions.
** Static CIDR: A fixed list of CIDRs that do not change (like a manual list replicated across Regions)
** IPAM pool CIDR: CIDRs from specific IPAM pools (like all CIDRs from your IPAM production pool)
*If you choose this option, choose the following:
** IPAM scope: Select the IPAM scope to search for resources
** Conditions: *
** Property *
** IPAM pool ID: Select an IPAM pool that contains the resources
** CIDR (like 10.24.34.0/23)
** Operation: Equals/Not equals
** Value: The value on which to match the condition
** Scope resource CIDR: CIDRs from Amazon Web Services resources like VPCs, subnets, EIPs within an IPAM scope
*If you choose this option, choose the following:
** IPAM scope: Select the IPAM scope to search for resources
** Resource type: Select a resource, like a VPC or subnet.
** Conditions:
** Property:
*Resource ID: The unique ID of a resource (like vpc-1234567890abcdef0)
*Resource owner (like 111122223333)
*Resource region (like us-east-1)
*Resource tag (like key: name, value: dev-vpc-1)
*CIDR (like 10.24.34.0/23)
** Operation: Equals/Not equals
** Value: The value on which to match the condition
*The operation to perform when evaluating this condition. Valid values include equals, not-equals, contains, and not-contains.
The ID of the IPAM pool to match against. This condition selects CIDRs that belong to the specified IPAM pool.
* @public */ IpamPoolId?: string | undefined; /** *The ID of the Amazon Web Services resource to match against. This condition selects CIDRs associated with the specified resource.
* @public */ ResourceId?: string | undefined; /** *The Amazon Web Services account ID that owns the resources to match against. This condition selects CIDRs from resources owned by the specified account.
* @public */ ResourceOwner?: string | undefined; /** *The Amazon Web Services Region where the resources are located. This condition selects CIDRs from resources in the specified Region.
* @public */ ResourceRegion?: string | undefined; /** *A tag key-value pair to match against. This condition selects CIDRs from resources that have the specified tag.
* @public */ ResourceTag?: IpamResourceTag | undefined; /** *A CIDR block to match against. This condition selects CIDRs that fall within or match the specified CIDR range.
* @public */ Cidr?: string | undefined; } /** *Describes a CIDR selection rule.
*CIDR selection rules define the business logic for selecting CIDRs from IPAM. If a CIDR matches any of the rules, it will be included. If a rule has multiple conditions, the CIDR has to match every condition of that rule. You can create a prefix list resolver without any CIDR selection rules, but it will generate empty versions (containing no CIDRs) until you add rules.
* @public */ export interface IpamPrefixListResolverRule { /** *The type of CIDR selection rule. Valid values include include for selecting CIDRs that match the conditions, and exclude for excluding CIDRs that match the conditions.
A fixed list of CIDRs that do not change (like a manual list replicated across Regions).
* @public */ StaticCidr?: string | undefined; /** *The ID of the IPAM scope from which to select CIDRs. This determines whether to select from public or private IP address space.
* @public */ IpamScopeId?: string | undefined; /** *For rules of type ipam-resource-cidr, this is the resource type.
The conditions that determine which CIDRs are selected by this rule. Conditions specify criteria such as resource type, tags, account IDs, and Regions.
* @public */ Conditions?: IpamPrefixListResolverRuleCondition[] | undefined; } /** * @public */ export interface GetIpamPrefixListResolverRulesResult { /** *The CIDR selection rules for the IPAM prefix list resolver.
* @public */ Rules?: IpamPrefixListResolverRule[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM prefix list resolver whose version entries you want to retrieve.
* @public */ IpamPrefixListResolverId: string | undefined; /** *The version number of the resolver for which to retrieve CIDR entries. If not specified, the latest version is used.
* @public */ IpamPrefixListResolverVersion: number | undefined; /** *The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Describes a CIDR entry in a specific version of an IPAM prefix list resolver. This represents a CIDR that was selected and synchronized at a particular point in time.
* @public */ export interface IpamPrefixListResolverVersionEntry { /** *The CIDR block that was selected and synchronized in this resolver version.
* @public */ Cidr?: string | undefined; } /** * @public */ export interface GetIpamPrefixListResolverVersionEntriesResult { /** *The CIDR entries for the specified resolver version.
* @public */ Entries?: IpamPrefixListResolverVersionEntry[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM prefix list resolver whose versions you want to retrieve.
* @public */ IpamPrefixListResolverId: string | undefined; /** *Specific version numbers to retrieve. If not specified, all versions are returned.
* @public */ IpamPrefixListResolverVersions?: number[] | undefined; /** *The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *One or more filters to limit the results.
* @public */ Filters?: Filter[] | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Describes a version of an IPAM prefix list resolver.
*Each version is a snapshot of what CIDRs matched your rules at that moment in time. The version number increments every time the CIDR list * changes due to infrastructure changes.
** Version example: *
** Initial State (Version 1) *
*Production environment:
*vpc-prod-web (10.1.0.0/16) - tagged env=prod
*vpc-prod-db (10.2.0.0/16) - tagged env=prod
*Resolver rule: Include all VPCs tagged env=prod
** Version 1 CIDRs: 10.1.0.0/16, 10.2.0.0/16
** Infrastructure Change (Version 2) *
*New VPC added:
*vpc-prod-api (10.3.0.0/16) - tagged env=prod
*IPAM automatically detects the change and creates a new version.
** Version 2 CIDRs: 10.1.0.0/16, 10.2.0.0/16, 10.3.0.0/16
* @public */ export interface IpamPrefixListResolverVersion { /** *The version number of the IPAM prefix list resolver.
*Each version is a snapshot of what CIDRs matched your rules at that moment in time. The version number increments every time the CIDR list * changes due to infrastructure changes.
* @public */ Version?: number | undefined; } /** * @public */ export interface GetIpamPrefixListResolverVersionsResult { /** *Information about the IPAM prefix list resolver versions.
* @public */ IpamPrefixListResolverVersions?: IpamPrefixListResolverVersion[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
One or more filters for the request. For more information about filtering, see Filtering CLI output.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results to return in the request.
* @public */ MaxResults?: number | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *The ID of the scope that the resource is in.
* @public */ IpamScopeId: string | undefined; /** *The ID of the IPAM pool that the resource is in.
* @public */ IpamPoolId?: string | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The resource type.
* @public */ ResourceType?: IpamResourceType | undefined; /** *The resource tag.
* @public */ ResourceTag?: RequestIpamResourceTag | undefined; /** *The ID of the Amazon Web Services account that owns the resource.
* @public */ ResourceOwner?: string | undefined; } /** *The CIDR for an IPAM resource.
* @public */ export interface IpamResourceCidr { /** *The IPAM ID for an IPAM resource.
* @public */ IpamId?: string | undefined; /** *The scope ID for an IPAM resource.
* @public */ IpamScopeId?: string | undefined; /** *The pool ID for an IPAM resource.
* @public */ IpamPoolId?: string | undefined; /** *The Amazon Web Services Region for an IPAM resource.
* @public */ ResourceRegion?: string | undefined; /** *The Amazon Web Services account number of the owner of an IPAM resource.
* @public */ ResourceOwnerId?: string | undefined; /** *The ID of an IPAM resource.
* @public */ ResourceId?: string | undefined; /** *The name of an IPAM resource.
* @public */ ResourceName?: string | undefined; /** *The CIDR for an IPAM resource.
* @public */ ResourceCidr?: string | undefined; /** *The type of IPAM resource.
* @public */ ResourceType?: IpamResourceType | undefined; /** *The tags for an IPAM resource.
* @public */ ResourceTags?: IpamResourceTag[] | undefined; /** *The percentage of IP address space in use. To convert the decimal to a percentage, multiply the decimal by 100. Note the following:
*For resources that are VPCs, this is the percentage of IP address space in the VPC that's taken up by subnet CIDRs. *
*For resources that are subnets, if the subnet has an IPv4 CIDR provisioned to it, this is the percentage of IPv4 address space in the subnet that's in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage of IPv6 address space in use is not represented. The percentage of IPv6 address space in use cannot currently be calculated. *
*For resources that are public IPv4 pools, this is the percentage of IP address space in the pool that's been allocated to Elastic IP addresses (EIPs). *
*The compliance status of the IPAM resource. For more information on compliance statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
* @public */ ComplianceStatus?: IpamComplianceStatus | undefined; /** *The management state of the resource. For more information about management states, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
* @public */ ManagementState?: IpamManagementState | undefined; /** *The overlap status of an IPAM resource. The overlap status tells you if the CIDR for a resource overlaps with another CIDR in the scope. For more information on overlap statuses, see Monitor CIDR usage by resource in the Amazon VPC IPAM User Guide.
* @public */ OverlapStatus?: IpamOverlapStatus | undefined; /** *The ID of a VPC.
* @public */ VpcId?: string | undefined; /** *The Availability Zone ID.
* @public */ AvailabilityZoneId?: string | undefined; } /** * @public */ export interface GetIpamResourceCidrsResult { /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The resource CIDRs.
* @public */ IpamResourceCidrs?: IpamResourceCidr[] | undefined; } /** * @public */ export interface GetLaunchTemplateDataRequest { /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId: string | undefined; } /** * @public */ export interface GetLaunchTemplateDataResult { /** *The instance data.
* @public */ LaunchTemplateData?: ResponseLaunchTemplateData | undefined; } /** * @public */ export interface GetManagedPrefixListAssociationsRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the prefix list.
* @public */ PrefixListId: string | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Describes the resource with which a prefix list is associated.
* @public */ export interface PrefixListAssociation { /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The owner of the resource.
* @public */ ResourceOwner?: string | undefined; } /** * @public */ export interface GetManagedPrefixListAssociationsResult { /** *Information about the associations.
* @public */ PrefixListAssociations?: PrefixListAssociation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the prefix list.
* @public */ PrefixListId: string | undefined; /** *The version of the prefix list for which to return the entries. The default is the current version.
* @public */ TargetVersion?: number | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** *Describes a prefix list entry.
* @public */ export interface PrefixListEntry { /** *The CIDR block.
* @public */ Cidr?: string | undefined; /** *The description.
* @public */ Description?: string | undefined; } /** * @public */ export interface GetManagedPrefixListEntriesResult { /** *Information about the prefix list entries.
* @public */ Entries?: PrefixListEntry[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Describes the managed resource visibility settings for the account.
* @public */ export interface ManagedResourceVisibilitySettings { /** *The default visibility setting for managed resources. A value of
* hidden indicates that managed resources are not included in Describe
* operation responses by default. A value of visible indicates that managed
* resources are included by default.
The managed resource visibility settings for the account.
* @public */ Visibility?: ManagedResourceVisibilitySettings | undefined; } /** * @public */ export interface GetNetworkInsightsAccessScopeAnalysisFindingsRequest { /** *The ID of the Network Access Scope analysis.
* @public */ NetworkInsightsAccessScopeAnalysisId: string | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the Network Access Scope analysis.
* @public */ NetworkInsightsAccessScopeAnalysisId?: string | undefined; /** *The status of Network Access Scope Analysis.
* @public */ AnalysisStatus?: AnalysisStatus | undefined; /** *The findings associated with Network Access Scope Analysis.
* @public */ AnalysisFindings?: AccessScopeAnalysisFinding[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the Network Access Scope.
* @public */ NetworkInsightsAccessScopeId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Network Access Scope content.
* @public */ NetworkInsightsAccessScopeContent?: NetworkInsightsAccessScopeContent | undefined; } /** * @public */ export interface GetPasswordDataRequest { /** *The ID of the Windows instance.
* @public */ InstanceId: string | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the Windows instance.
* @public */ InstanceId?: string | undefined; /** *The time the data was last updated.
* @public */ Timestamp?: Date | undefined; /** *The password of the instance. Returns an empty string if the password is not * available.
* @public */ PasswordData?: string | undefined; } /** *Contains the parameters for GetReservedInstanceExchangeQuote.
* @public */ export interface GetReservedInstancesExchangeQuoteRequest { /** *Checks whether you have the required permissions for the action, without actually making
* the request, and provides an error response. If you have the required permissions, the error
* response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The IDs of the Convertible Reserved Instances to exchange.
* @public */ ReservedInstanceIds: string[] | undefined; /** *The configuration of the target Convertible Reserved Instance to exchange for your current * Convertible Reserved Instances.
* @public */ TargetConfigurations?: TargetConfigurationRequest[] | undefined; } /** *The cost associated with the Reserved Instance.
* @public */ export interface ReservationValue { /** *The hourly rate of the reservation.
* @public */ HourlyPrice?: string | undefined; /** *The balance of the total value (the sum of remainingUpfrontValue + hourlyPrice * number of * hours remaining).
* @public */ RemainingTotalValue?: string | undefined; /** *The remaining upfront cost of the reservation.
* @public */ RemainingUpfrontValue?: string | undefined; } /** *The total value of the Convertible Reserved Instance.
* @public */ export interface ReservedInstanceReservationValue { /** *The total value of the Convertible Reserved Instance that you are exchanging.
* @public */ ReservationValue?: ReservationValue | undefined; /** *The ID of the Convertible Reserved Instance that you are exchanging.
* @public */ ReservedInstanceId?: string | undefined; } /** *Information about the Convertible Reserved Instance offering.
* @public */ export interface TargetConfiguration { /** *The number of instances the Convertible Reserved Instance offering can be applied to. This * parameter is reserved and cannot be specified in a request
* @public */ InstanceCount?: number | undefined; /** *The ID of the Convertible Reserved Instance offering.
* @public */ OfferingId?: string | undefined; } /** *The total value of the new Convertible Reserved Instances.
* @public */ export interface TargetReservationValue { /** *The total value of the Convertible Reserved Instances that make up the exchange. This is * the sum of the list value, remaining upfront price, and additional upfront cost of the * exchange.
* @public */ ReservationValue?: ReservationValue | undefined; /** *The configuration of the Convertible Reserved Instances that make up the exchange.
* @public */ TargetConfiguration?: TargetConfiguration | undefined; } /** *Contains the output of GetReservedInstancesExchangeQuote.
* @public */ export interface GetReservedInstancesExchangeQuoteResult { /** *The currency of the transaction.
* @public */ CurrencyCode?: string | undefined; /** *If true, the exchange is valid. If false, the exchange cannot be
* completed.
The new end date of the reservation term.
* @public */ OutputReservedInstancesWillExpireAt?: Date | undefined; /** *The total true upfront charge for the exchange.
* @public */ PaymentDue?: string | undefined; /** *The cost associated with the Reserved Instance.
* @public */ ReservedInstanceValueRollup?: ReservationValue | undefined; /** *The configuration of your Convertible Reserved Instances.
* @public */ ReservedInstanceValueSet?: ReservedInstanceReservationValue[] | undefined; /** *The cost associated with the Reserved Instance.
* @public */ TargetConfigurationValueRollup?: ReservationValue | undefined; /** *The values of the target Convertible Reserved Instances.
* @public */ TargetConfigurationValueSet?: TargetReservationValue[] | undefined; /** *Describes the reason why the exchange cannot be completed.
* @public */ ValidationFailureReason?: string | undefined; } /** * @public */ export interface GetRouteServerAssociationsRequest { /** *The ID of the route server for which to get association information.
* @public */ RouteServerId: string | undefined; /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the associations for the specified route server.
* @public */ RouteServerAssociations?: RouteServerAssociation[] | undefined; } /** * @public */ export interface GetRouteServerPropagationsRequest { /** *The ID of the route server for which to get propagation information.
* @public */ RouteServerId: string | undefined; /** *The ID of the route table for which to get propagation information.
* @public */ RouteTableId?: string | undefined; /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the route propagations for the specified route server.
* @public */ RouteServerPropagations?: RouteServerPropagation[] | undefined; } /** * @public */ export interface GetRouteServerRoutingDatabaseRequest { /** *The ID of the route server for which to get the routing database.
* @public */ RouteServerId: string | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of routing database entries to return in a single response.
* @public */ MaxResults?: number | undefined; /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Filters to apply to the routing database query.
* @public */ Filters?: Filter[] | undefined; } /** *Describes the installation status of a route in a route table.
* @public */ export interface RouteServerRouteInstallationDetail { /** *The ID of the route table where the route is being installed.
* @public */ RouteTableId?: string | undefined; /** *The current installation status of the route in the route table.
* @public */ RouteInstallationStatus?: RouteServerRouteInstallationStatus | undefined; /** *The reason for the current installation status of the route.
* @public */ RouteInstallationStatusReason?: string | undefined; } /** *Describes a route in the route server's routing database.
* @public */ export interface RouteServerRoute { /** *The ID of the route server endpoint that received this route.
* @public */ RouteServerEndpointId?: string | undefined; /** *The ID of the route server peer that advertised this route.
* @public */ RouteServerPeerId?: string | undefined; /** *Details about the installation status of this route in route tables.
* @public */ RouteInstallationDetails?: RouteServerRouteInstallationDetail[] | undefined; /** *The current status of the route in the routing database. Values are in-rib or in-fib depending on if the routes are in the RIB or the FIB database.
The Routing Information Base (RIB) serves as a database that stores all the routing information and network topology data collected by a router or routing system, such as routes learned from BGP peers. The RIB is constantly updated as new routing information is received or existing routes change. This ensures that the route server always has the most current view of the network topology and can make optimal routing decisions.
*The Forwarding Information Base (FIB) serves as a forwarding table for what route server has determined are the best-path routes in the RIB after evaluating all available routing information and policies. The FIB routes are installed on the route tables. The FIB is recomputed whenever there are changes to the RIB.
* @public */ RouteStatus?: RouteServerRouteStatus | undefined; /** *The destination CIDR block of the route.
* @public */ Prefix?: string | undefined; /** *The AS path attributes of the BGP route.
* @public */ AsPaths?: string[] | undefined; /** *The Multi-Exit Discriminator (MED) value of the BGP route.
* @public */ Med?: number | undefined; /** *The IP address for the next hop.
* @public */ NextHopIp?: string | undefined; } /** * @public */ export interface GetRouteServerRoutingDatabaseResult { /** *Indicates whether routes are being persisted in the routing database.
* @public */ AreRoutesPersisted?: boolean | undefined; /** *The collection of routes in the route server's routing database.
* @public */ Routes?: RouteServerRoute[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The VPC ID where the security group can be used.
* @public */ VpcId: string | undefined; /** *The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; /** *The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The filters. If using multiple filters, the results include security groups which match all filters.
*
* group-id: The security group ID.
* description: The security group's description.
* group-name: The security group name.
* owner-id: The security group owner ID.
* primary-vpc-id: The VPC ID in which the security group was created.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A security group that can be used by interfaces in the VPC.
* @public */ export interface SecurityGroupForVpc { /** *The security group's description.
* @public */ Description?: string | undefined; /** *The security group name.
* @public */ GroupName?: string | undefined; /** *The security group owner ID.
* @public */ OwnerId?: string | undefined; /** *The security group ID.
* @public */ GroupId?: string | undefined; /** *The security group tags.
* @public */ Tags?: Tag[] | undefined; /** *The VPC ID in which the security group was created.
* @public */ PrimaryVpcId?: string | undefined; } /** * @public */ export interface GetSecurityGroupsForVpcResult { /** *The token to include in another request to get the next page of items. This value is null when there are no more items to return.
The security group that can be used by interfaces in the VPC.
* @public */ SecurityGroupForVpcs?: SecurityGroupForVpc[] | undefined; } /** * @public */ export interface GetSerialConsoleAccessStatusRequest { /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
If true, access to the EC2 serial console of all instances is enabled for
* your account. If false, access to the EC2 serial console of all instances
* is disabled for your account.
The entity that manages access to the serial console. Possible values include:
*
* account - Access is managed by the account.
* declarative-policy - Access is managed by a declarative policy and can't
* be modified by the account.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The current state of block public access for snapshots. Possible values include:
*
* block-all-sharing - All public sharing of snapshots is blocked. Users in
* the account can't request new public sharing. Additionally, snapshots that were already
* publicly shared are treated as private and are not publicly available.
* block-new-sharing - Only new public sharing of snapshots is blocked.
* Users in the account can't request new public sharing. However, snapshots that were
* already publicly shared, remain publicly available.
* unblocked - Public sharing is not blocked. Users can publicly share
* snapshots.
The entity that manages the state for block public access for snapshots. Possible * values include:
*
* account - The state is managed by the account.
* declarative-policy - The state is managed by a declarative policy and
* can't be modified by the account.
The architecture type, virtualization type, and other attributes for the instance types. * When you specify instance attributes, Amazon EC2 will identify instance types with those * attributes.
*If you specify InstanceRequirementsWithMetadataRequest, you can't specify
* InstanceTypes.
The architecture type.
* @public */ ArchitectureTypes?: ArchitectureType[] | undefined; /** *The virtualization type.
* @public */ VirtualizationTypes?: VirtualizationType[] | undefined; /** *The attributes for the instance types. When you specify instance attributes, Amazon EC2 will * identify instance types with those attributes.
* @public */ InstanceRequirements?: InstanceRequirementsRequest | undefined; } /** * @public */ export interface GetSpotPlacementScoresRequest { /** *The instance types. We recommend that you specify at least three instance types. If you
* specify one or two instance types, or specify variations of a single instance type (for
* example, an m3.xlarge with and without instance storage), the returned
* placement score will always be low.
If you specify InstanceTypes, you can't specify
* InstanceRequirementsWithMetadata.
The target capacity.
* @public */ TargetCapacity: number | undefined; /** *The unit for the target capacity.
* @public */ TargetCapacityUnitType?: TargetCapacityUnitType | undefined; /** *Specify true so that the response returns a list of scored Availability Zones.
* Otherwise, the response returns a list of scored Regions.
A list of scored Availability Zones is useful if you want to launch all of your Spot * capacity into a single Availability Zone.
* @public */ SingleAvailabilityZone?: boolean | undefined; /** *The Regions used to narrow down the list of Regions to be scored. Enter the Region code,
* for example, us-east-1.
The attributes for the instance types. When you specify instance attributes, Amazon EC2 will * identify instance types with those attributes.
*If you specify InstanceRequirementsWithMetadata, you can't specify
* InstanceTypes.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; } /** *The Spot placement score for this Region or Availability Zone. The score is calculated
* based on the assumption that the capacity-optimized allocation strategy is
* used and that all of the Availability Zones in the Region can be used.
The Region.
* @public */ Region?: string | undefined; /** *The Availability Zone.
* @public */ AvailabilityZoneId?: string | undefined; /** *The placement score, on a scale from 1 to 10. A score of
* 10 indicates that your Spot request is highly likely to succeed in this
* Region or Availability Zone. A score of 1 indicates that your Spot request is
* not likely to succeed.
The Spot placement score for the top 10 Regions or Availability Zones, scored on a scale
* from 1 to 10. Each score
reflects how likely it is that each Region or Availability Zone
* will succeed at fulfilling the specified target capacity
at the time of the Spot
* placement score request. A score of 10 means that your Spot
* capacity request is highly likely to succeed in that Region or Availability Zone.
If you request a Spot placement score for Regions, a high score assumes that your fleet
* request will be configured to use all Availability Zones and the
* capacity-optimized allocation strategy. If you request a Spot placement
* score for Availability Zones, a high score assumes that your fleet request will be
* configured to use a single Availability Zone and the capacity-optimized
* allocation strategy.
Different Regions or Availability Zones might return the same score.
*The Spot placement score serves as a recommendation only. No score guarantees that your * Spot request will be fully or partially fulfilled.
*The token to include in another request to get the next page of items. This value is null when there
* are no more items to return.
One or more filters.
*
* reservationType - The type of reservation (prefix |
* explicit).
* subnet-id - The ID of the subnet.
* tag:Owner and the value TeamA, specify tag:Owner for the filter name and TeamA for the filter value.
* tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
The ID of the subnet.
* @public */ SubnetId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
Information about the IPv4 subnet CIDR reservations.
* @public */ SubnetIpv4CidrReservations?: SubnetCidrReservation[] | undefined; /** *Information about the IPv6 subnet CIDR reservations.
* @public */ SubnetIpv6CidrReservations?: SubnetCidrReservation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the attachment.
* @public */ TransitGatewayAttachmentId: string | undefined; /** *One or more filters. The possible values are:
*
* transit-gateway-route-table-id - The ID of the transit gateway route table.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes a propagation route table.
* @public */ export interface TransitGatewayAttachmentPropagation { /** *The ID of the propagation route table.
* @public */ TransitGatewayRouteTableId?: string | undefined; /** *The state of the propagation route table.
* @public */ State?: TransitGatewayPropagationState | undefined; } /** * @public */ export interface GetTransitGatewayAttachmentPropagationsResult { /** *Information about the propagation route tables.
* @public */ TransitGatewayAttachmentPropagations?: TransitGatewayAttachmentPropagation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway metering policy to retrieve entries for.
* @public */ TransitGatewayMeteringPolicyId: string | undefined; /** *One or more filters to apply when retrieving metering policy entries.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the transit gateway metering policy entries.
* @public */ TransitGatewayMeteringPolicyEntries?: TransitGatewayMeteringPolicyEntry[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId: string | undefined; /** *One or more filters. The possible values are:
*
* resource-id - The ID of the resource.
* resource-type - The type of resource. The valid value is: vpc.
* state - The state of the subnet association. Valid values are
* associated | associating |
* disassociated | disassociating.
* subnet-id - The ID of the subnet.
* transit-gateway-attachment-id - The id of the transit gateway attachment.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the resources associated with the transit gateway multicast domain.
* @public */ export interface TransitGatewayMulticastDomainAssociation { /** *The ID of the transit gateway attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The type of resource, for example a VPC attachment.
* @public */ ResourceType?: TransitGatewayAttachmentResourceType | undefined; /** *The ID of the Amazon Web Services account that owns the transit gateway multicast domain association resource.
* @public */ ResourceOwnerId?: string | undefined; /** *The subnet associated with the transit gateway multicast domain.
* @public */ Subnet?: SubnetAssociation | undefined; } /** * @public */ export interface GetTransitGatewayMulticastDomainAssociationsResult { /** *Information about the multicast domain associations.
* @public */ MulticastDomainAssociations?: TransitGatewayMulticastDomainAssociation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway policy table.
* @public */ TransitGatewayPolicyTableId: string | undefined; /** *The filters associated with the transit gateway policy table.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Returns details about the transit gateway policy table association.
* @public */ Associations?: TransitGatewayPolicyTableAssociation[] | undefined; /** *The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface GetTransitGatewayPolicyTableEntriesRequest { /** *The ID of the transit gateway policy table.
* @public */ TransitGatewayPolicyTableId: string | undefined; /** *The filters associated with the transit gateway policy table.
* @public */ Filters?: Filter[] | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the meta data tags associated with a transit gateway policy rule.
* @public */ export interface TransitGatewayPolicyRuleMetaData { /** *The key name for the transit gateway policy rule meta data tag.
* @public */ MetaDataKey?: string | undefined; /** *The value of the key for the transit gateway policy rule meta data tag.
* @public */ MetaDataValue?: string | undefined; } /** *Describes a rule associated with a transit gateway policy.
* @public */ export interface TransitGatewayPolicyRule { /** *The source CIDR block for the transit gateway policy rule.
* @public */ SourceCidrBlock?: string | undefined; /** *The port range for the transit gateway policy rule. Currently this is set to * (all).
* @public */ SourcePortRange?: string | undefined; /** *The destination CIDR block for the transit gateway policy rule.
* @public */ DestinationCidrBlock?: string | undefined; /** *The port range for the transit gateway policy rule. Currently this is set to * (all).
* @public */ DestinationPortRange?: string | undefined; /** *The protocol used by the transit gateway policy rule.
* @public */ Protocol?: string | undefined; /** *The meta data tags used for the transit gateway policy rule.
* @public */ MetaData?: TransitGatewayPolicyRuleMetaData | undefined; } /** *Describes a transit gateway policy table entry
* @public */ export interface TransitGatewayPolicyTableEntry { /** *The rule number for the transit gateway policy table entry.
* @public */ PolicyRuleNumber?: string | undefined; /** *The policy rule associated with the transit gateway policy table.
* @public */ PolicyRule?: TransitGatewayPolicyRule | undefined; /** *The ID of the target route table.
* @public */ TargetRouteTableId?: string | undefined; } /** * @public */ export interface GetTransitGatewayPolicyTableEntriesResult { /** *The entries for the transit gateway policy table.
* @public */ TransitGatewayPolicyTableEntries?: TransitGatewayPolicyTableEntry[] | undefined; } /** * @public */ export interface GetTransitGatewayPrefixListReferencesRequest { /** *The ID of the transit gateway route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *One or more filters. The possible values are:
*
* attachment.resource-id - The ID of the resource for the attachment.
* attachment.resource-type - The type of resource for the
* attachment. Valid values are vpc | vpn |
* direct-connect-gateway | peering.
* attachment.transit-gateway-attachment-id - The ID of the attachment.
* is-blackhole - Whether traffic matching the route is blocked (true | false).
* prefix-list-id - The ID of the prefix list.
* prefix-list-owner-id - The ID of the owner of the prefix list.
* state - The state of the prefix list reference (pending | available | modifying | deleting).
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the prefix list references.
* @public */ TransitGatewayPrefixListReferences?: TransitGatewayPrefixListReference[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *One or more filters. The possible values are:
*
* resource-id - The ID of the resource.
* resource-type - The resource type. Valid values are vpc
* | vpn | direct-connect-gateway | peering
* | connect.
* transit-gateway-attachment-id - The ID of the attachment.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes an association between a route table and a resource attachment.
* @public */ export interface TransitGatewayRouteTableAssociation { /** *The ID of the attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The resource type. Note that the tgw-peering resource type has been deprecated.
The state of the association.
* @public */ State?: TransitGatewayAssociationState | undefined; } /** * @public */ export interface GetTransitGatewayRouteTableAssociationsResult { /** *Information about the associations.
* @public */ Associations?: TransitGatewayRouteTableAssociation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *One or more filters. The possible values are:
*
* resource-id - The ID of the resource.
* resource-type - The resource type. Valid values are vpc
* | vpn | direct-connect-gateway | peering
* | connect.
* transit-gateway-attachment-id - The ID of the attachment.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes a route table propagation.
* @public */ export interface TransitGatewayRouteTablePropagation { /** *The ID of the attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The type of resource. Note that the tgw-peering resource type has been deprecated.
The state of the resource.
* @public */ State?: TransitGatewayPropagationState | undefined; /** *The ID of the transit gateway route table announcement.
* @public */ TransitGatewayRouteTableAnnouncementId?: string | undefined; } /** * @public */ export interface GetTransitGatewayRouteTablePropagationsResult { /** *Information about the route table propagations.
* @public */ TransitGatewayRouteTablePropagations?: TransitGatewayRouteTablePropagation[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the Verified Access endpoint.
* @public */ VerifiedAccessEndpointId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; } /** * @public */ export interface GetVerifiedAccessEndpointTargetsRequest { /** *The ID of the network CIDR endpoint.
* @public */ VerifiedAccessEndpointId: string | undefined; /** *The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the targets for the specified Verified Access endpoint.
* @public */ export interface VerifiedAccessEndpointTarget { /** *The ID of the Verified Access endpoint.
* @public */ VerifiedAccessEndpointId?: string | undefined; /** *The IP address of the target.
* @public */ VerifiedAccessEndpointTargetIpAddress?: string | undefined; /** *The DNS name of the target.
* @public */ VerifiedAccessEndpointTargetDns?: string | undefined; } /** * @public */ export interface GetVerifiedAccessEndpointTargetsResult { /** *The Verified Access targets.
* @public */ VerifiedAccessEndpointTargets?: VerifiedAccessEndpointTarget[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the Verified Access group.
* @public */ VerifiedAccessGroupId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; } /** * @public */ export interface GetVpcResourcesBlockingEncryptionEnforcementRequest { /** *The ID of the VPC to check for resources blocking encryption enforcement.
* @public */ VpcId: string | undefined; /** *The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes a resource that is not compliant with VPC encryption requirements.
*For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide.
* @public */ export interface VpcEncryptionNonCompliantResource { /** *The ID of the non-compliant resource.
* @public */ Id?: string | undefined; /** *The type of the non-compliant resource.
* @public */ Type?: string | undefined; /** *A description of the non-compliant resource.
* @public */ Description?: string | undefined; /** *Indicates whether the resource can be excluded from encryption enforcement.
* @public */ IsExcludable?: boolean | undefined; } /** * @public */ export interface GetVpcResourcesBlockingEncryptionEnforcementResult { /** *Information about resources that are blocking encryption enforcement.
* @public */ NonCompliantResources?: VpcEncryptionNonCompliantResource[] | undefined; /** *The token to include in another request to get the next page of items. This value is null when there are no more items to return.
The VpnConnectionId specifies the Site-to-Site VPN connection used for the sample
* configuration.
Device identifier provided by the GetVpnConnectionDeviceTypes API.
The IKE version to be used in the sample configuration file for your customer gateway
* device. You can specify one of the following versions: ikev1 or
* ikev2.
The type of sample configuration to generate. Valid values are "compatibility" (includes IKEv1) or "recommended" (throws UnsupportedOperationException for IKEv1).
* @public */ SampleType?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Sample configuration file for the specified customer gateway device.
* @public */ VpnConnectionDeviceSampleConfiguration?: string | undefined; } /** * @public */ export interface GetVpnConnectionDeviceTypesRequest { /** *The maximum number of results returned by GetVpnConnectionDeviceTypes in
* paginated output. When this parameter is used, GetVpnConnectionDeviceTypes
* only returns MaxResults results in a single page along with a
* NextToken response element. The remaining results of the initial
* request can be seen by sending another GetVpnConnectionDeviceTypes request
* with the returned NextToken value. This value can be between 200 and 1000.
* If this parameter is not used, then GetVpnConnectionDeviceTypes returns all
* results.
The NextToken value returned from a previous paginated
* GetVpnConnectionDeviceTypes request where MaxResults was
* used and the results exceeded the value of that parameter. Pagination continues from the
* end of the previous results that returned the NextToken value. This value
* is null when there are no more results to return.
Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
List of customer gateway devices that have a sample configuration file available for * use. You can also see the list of device types with sample configuration files available * under Your customer * gateway device in the Amazon Web Services Site-to-Site VPN User Guide.
* @public */ export interface VpnConnectionDeviceType { /** *Customer gateway device identifier.
* @public */ VpnConnectionDeviceTypeId?: string | undefined; /** *Customer gateway device vendor.
* @public */ Vendor?: string | undefined; /** *Customer gateway device platform.
* @public */ Platform?: string | undefined; /** *Customer gateway device software version.
* @public */ Software?: string | undefined; } /** * @public */ export interface GetVpnConnectionDeviceTypesResult { /** *List of customer gateway devices that have a sample configuration file available for * use.
* @public */ VpnConnectionDeviceTypes?: VpnConnectionDeviceType[] | undefined; /** *The NextToken value to include in a future
* GetVpnConnectionDeviceTypes request. When the results of a
* GetVpnConnectionDeviceTypes request exceed MaxResults,
* this value can be used to retrieve the next page of results. This value is null when
* there are no more results to return.
The ID of the Site-to-Site VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The external IP address of the VPN tunnel.
* @public */ VpnTunnelOutsideIpAddress: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Details for Site-to-Site VPN tunnel endpoint maintenance events.
* @public */ export interface MaintenanceDetails { /** *Verify existence of a pending maintenance.
* @public */ PendingMaintenance?: string | undefined; /** *The timestamp after which Amazon Web Services will automatically apply maintenance.
* @public */ MaintenanceAutoAppliedAfter?: Date | undefined; /** *Timestamp of last applied maintenance.
* @public */ LastMaintenanceApplied?: Date | undefined; } /** * @public */ export interface GetVpnTunnelReplacementStatusResult { /** *The ID of the Site-to-Site VPN connection.
* @public */ VpnConnectionId?: string | undefined; /** *The ID of the transit gateway associated with the VPN connection.
* @public */ TransitGatewayId?: string | undefined; /** *The ID of the customer gateway.
* @public */ CustomerGatewayId?: string | undefined; /** *The ID of the virtual private gateway.
* @public */ VpnGatewayId?: string | undefined; /** *The external IP address of the VPN tunnel.
* @public */ VpnTunnelOutsideIpAddress?: string | undefined; /** *Get details of pending tunnel endpoint maintenance.
* @public */ MaintenanceDetails?: MaintenanceDetails | undefined; } /** * @public */ export interface ImportClientVpnClientCertificateRevocationListRequest { /** *The ID of the Client VPN endpoint to which the client certificate revocation list applies.
* @public */ ClientVpnEndpointId: string | undefined; /** *The client certificate revocation list file. For more information, see Generate a Client Certificate Revocation List in the * Client VPN Administrator Guide.
* @public */ CertificateRevocationList: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
Describes the client-specific data.
* @public */ export interface ClientData { /** *A user-defined comment about the disk upload.
* @public */ Comment?: string | undefined; /** *The time that the disk upload ends.
* @public */ UploadEnd?: Date | undefined; /** *The size of the uploaded disk image, in GiB.
* @public */ UploadSize?: number | undefined; /** *The time that the disk upload starts.
* @public */ UploadStart?: Date | undefined; } /** *Describes the Amazon S3 bucket for the disk image.
* @public */ export interface UserBucket { /** *The name of the Amazon S3 bucket where the disk image is located.
* @public */ S3Bucket?: string | undefined; /** *The file name of the disk image.
* @public */ S3Key?: string | undefined; } /** *Describes the disk container object for an import image task.
* @public */ export interface ImageDiskContainer { /** *The description of the disk image.
* @public */ Description?: string | undefined; /** *The block device mapping for the disk.
* @public */ DeviceName?: string | undefined; /** *The format of the disk image being imported.
*Valid values: OVA | VHD | VHDX | VMDK | RAW
*
The ID of the EBS snapshot to be used for importing the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The URL to the Amazon S3-based disk image being imported. The URL can either be a https URL (https://..) or an * Amazon S3 URL (s3://..)
* @public */ Url?: string | undefined; /** *The S3 bucket for the disk image.
* @public */ UserBucket?: UserBucket | undefined; } /** *The request information of license configurations.
* @public */ export interface ImportImageLicenseConfigurationRequest { /** *The ARN of a license configuration.
* @public */ LicenseConfigurationArn?: string | undefined; } /** * @public */ export interface ImportImageRequest { /** *The architecture of the virtual machine.
*Valid values: i386 | x86_64
*
The client-specific data.
* @public */ ClientData?: ClientData | undefined; /** *The token to enable idempotency for VM import requests.
* @public */ ClientToken?: string | undefined; /** *A description string for the import image task.
* @public */ Description?: string | undefined; /** *Information about the disk containers.
* @public */ DiskContainers?: ImageDiskContainer[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Specifies whether the destination AMI of the imported image should be encrypted. The default KMS key for EBS is used
* unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the
* Amazon Elastic Compute Cloud User Guide.
The target hypervisor platform.
*Valid values: xen
*
An identifier for the symmetric KMS key to use when creating the
* encrypted AMI. This parameter is only required if you want to use a non-default KMS key; if this
* parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is
* specified, the Encrypted flag must also be set.
The KMS key identifier may be provided in any of the following formats:
*Key ID
*Key alias
*ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the key namespace, and then the key ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.
ARN using key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
Amazon Web Services parses KmsKeyId asynchronously, meaning that the action you call may appear to complete even
* though you provided an invalid identifier. This action will eventually report failure.
The specified KMS key must exist in the Region that the AMI is being copied to.
*Amazon EBS does not support asymmetric KMS keys.
* @public */ KmsKeyId?: string | undefined; /** *The license type to be used for the Amazon Machine Image (AMI) after importing.
*Specify AWS to replace the source-system license with an Amazon Web Services
* license or BYOL to retain the source-system license. Leaving this parameter
* undefined is the same as choosing AWS when importing a Windows Server operating
* system, and the same as choosing BYOL when importing a Windows client operating
* system (such as Windows 10) or a Linux operating system.
To use BYOL, you must have existing licenses with rights to use these licenses in a third party
* cloud, such as Amazon Web Services. For more information, see Prerequisites in the
* VM Import/Export User Guide.
The operating system of the virtual machine. If you import a VM that is compatible with * Unified Extensible Firmware Interface (UEFI) using an EBS snapshot, you must specify a value for * the platform.
*Valid values: Windows | Linux
*
The name of the role to use when not using the default role, 'vmimport'.
* @public */ RoleName?: string | undefined; /** *The ARNs of the license configurations.
* @public */ LicenseSpecifications?: ImportImageLicenseConfigurationRequest[] | undefined; /** *The tags to apply to the import image task during creation.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *The usage operation value. For more information, see Licensing options in the VM Import/Export User Guide.
* @public */ UsageOperation?: string | undefined; /** *The boot mode of the virtual machine.
*The uefi-preferred boot mode isn't supported for importing images. For more
* information, see Boot modes in
* the VM Import/Export User Guide.
The architecture of the virtual machine.
* @public */ Architecture?: string | undefined; /** *A description of the import task.
* @public */ Description?: string | undefined; /** *Indicates whether the AMI is encrypted.
* @public */ Encrypted?: boolean | undefined; /** *The target hypervisor of the import task.
* @public */ Hypervisor?: string | undefined; /** *The ID of the Amazon Machine Image (AMI) created by the import task.
* @public */ ImageId?: string | undefined; /** *The task ID of the import image task.
* @public */ ImportTaskId?: string | undefined; /** *The identifier for the symmetric KMS key that was used to create the encrypted AMI.
* @public */ KmsKeyId?: string | undefined; /** *The license type of the virtual machine.
* @public */ LicenseType?: string | undefined; /** *The operating system of the virtual machine.
* @public */ Platform?: string | undefined; /** *The progress of the task.
* @public */ Progress?: string | undefined; /** *Information about the snapshots.
* @public */ SnapshotDetails?: SnapshotDetail[] | undefined; /** *A brief status of the task.
* @public */ Status?: string | undefined; /** *A detailed status message of the import task.
* @public */ StatusMessage?: string | undefined; /** *The ARNs of the license configurations.
* @public */ LicenseSpecifications?: ImportImageLicenseConfigurationResponse[] | undefined; /** *Any tags assigned to the import image task.
* @public */ Tags?: Tag[] | undefined; /** *The usage operation value.
* @public */ UsageOperation?: string | undefined; } /** *Describes a disk image.
* @public */ export interface DiskImageDetail { /** *The disk image format.
* @public */ Format: DiskImageFormat | undefined; /** *The size of the disk image, in GiB.
* @public */ Bytes: number | undefined; /** *A presigned URL for the import manifest stored in Amazon S3 and presented here as an Amazon S3 presigned URL. * For information about creating a presigned URL for an Amazon S3 object, read the "Query String Request Authentication * Alternative" section of the Authenticating REST Requests topic in the Amazon Simple Storage Service Developer * Guide.
*For information about the import manifest referenced by this API action, see VM Import Manifest.
* @public */ ImportManifestUrl: string | undefined; } /** *Describes an EBS volume.
* @public */ export interface VolumeDetail { /** *The size of the volume, in GiB.
* @public */ Size: number | undefined; } /** *Describes a disk image.
* @public */ export interface DiskImage { /** *A description of the disk image.
* @public */ Description?: string | undefined; /** *Information about the disk image.
* @public */ Image?: DiskImageDetail | undefined; /** *Information about the volume.
* @public */ Volume?: VolumeDetail | undefined; } /** *Describes the user data for an instance.
* @public */ export interface UserData { /** *The user data. If you are using an Amazon Web Services SDK or command line tool, Base64-encoding is performed for you, and you * can load the text from a file. Otherwise, you must provide Base64-encoded text.
* @public */ Data?: string | undefined; } /** *Describes the launch specification for VM import.
* @public */ export interface ImportInstanceLaunchSpecification { /** *The architecture of the instance.
* @public */ Architecture?: ArchitectureValues | undefined; /** *The security group names.
* @public */ GroupNames?: string[] | undefined; /** *The security group IDs.
* @public */ GroupIds?: string[] | undefined; /** *Reserved.
* @public */ AdditionalInfo?: string | undefined; /** *The Base64-encoded user data to make available to the instance.
* @public */ UserData?: UserData | undefined; /** *The instance type. For more information about the instance types that you can import, see Instance Types in the * VM Import/Export User Guide.
* @public */ InstanceType?: _InstanceType | undefined; /** *The placement information for the instance.
* @public */ Placement?: Placement | undefined; /** *Indicates whether monitoring is enabled.
* @public */ Monitoring?: boolean | undefined; /** *[EC2-VPC] The ID of the subnet in which to launch the instance.
* @public */ SubnetId?: string | undefined; /** *Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the * operating system command for system shutdown).
* @public */ InstanceInitiatedShutdownBehavior?: ShutdownBehavior | undefined; /** *[EC2-VPC] An available IP address from the IP address range of the subnet.
* @public */ PrivateIpAddress?: string | undefined; } /** * @public */ export interface ImportInstanceRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A description for the instance being imported.
* @public */ Description?: string | undefined; /** *The launch specification.
* @public */ LaunchSpecification?: ImportInstanceLaunchSpecification | undefined; /** *The disk image.
* @public */ DiskImages?: DiskImage[] | undefined; /** *The instance operating system.
* @public */ Platform: PlatformValues | undefined; } /** * @public */ export interface ImportInstanceResult { /** *Information about the conversion task.
* @public */ ConversionTask?: ConversionTask | undefined; } /** * @public */ export interface ImportKeyPairRequest { /** *The tags to apply to the imported key pair.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A unique name for the key pair.
* @public */ KeyName: string | undefined; /** *The public key.
* @public */ PublicKeyMaterial: Uint8Array | undefined; } /** * @public */ export interface ImportKeyPairResult { /** *For RSA key pairs, the key fingerprint is the MD5 public key fingerprint as specified in section 4 of RFC 4716.
*For ED25519 key pairs, the key fingerprint is the base64-encoded SHA-256 digest, which is the default for OpenSSH, starting with OpenSSH 6.8.
*The key pair name that you provided.
* @public */ KeyName?: string | undefined; /** *The ID of the resulting key pair.
* @public */ KeyPairId?: string | undefined; /** *The tags applied to the imported key pair.
* @public */ Tags?: Tag[] | undefined; } /** *The disk container object for the import snapshot request.
* @public */ export interface SnapshotDiskContainer { /** *The description of the disk image being imported.
* @public */ Description?: string | undefined; /** *The format of the disk image being imported.
*Valid values: VHD | VMDK | RAW
*
The URL to the Amazon S3-based disk image being imported. It can either be a https URL (https://..) or an Amazon * S3 URL (s3://..).
* @public */ Url?: string | undefined; /** *The Amazon S3 bucket for the disk image.
* @public */ UserBucket?: UserBucket | undefined; } /** * @public */ export interface ImportSnapshotRequest { /** *The client-specific data.
* @public */ ClientData?: ClientData | undefined; /** *Token to enable idempotency for VM import requests.
* @public */ ClientToken?: string | undefined; /** *The description string for the import snapshot task.
* @public */ Description?: string | undefined; /** *Information about the disk container.
* @public */ DiskContainer?: SnapshotDiskContainer | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Specifies whether the destination snapshot of the imported image should be encrypted. The default KMS key for EBS is
* used unless you specify a non-default KMS key using KmsKeyId. For more information, see Amazon EBS Encryption in the
* Amazon Elastic Compute Cloud User Guide.
An identifier for the symmetric KMS key to use when creating the
* encrypted snapshot. This parameter is only required if you want to use a non-default KMS key; if this
* parameter is not specified, the default KMS key for EBS is used. If a KmsKeyId is
* specified, the Encrypted flag must also be set.
The KMS key identifier may be provided in any of the following formats:
*Key ID
*Key alias
*ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the key namespace, and then the key ID. For example, arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef.
ARN using key alias. The alias ARN contains the arn:aws:kms namespace, followed by the Region of the key, the Amazon Web Services account ID of the key owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
Amazon Web Services parses KmsKeyId asynchronously, meaning that the action you call may appear to complete even
* though you provided an invalid identifier. This action will eventually report failure.
The specified KMS key must exist in the Region that the snapshot is being copied to.
*Amazon EBS does not support asymmetric KMS keys.
* @public */ KmsKeyId?: string | undefined; /** *The name of the role to use when not using the default role, 'vmimport'.
* @public */ RoleName?: string | undefined; /** *The tags to apply to the import snapshot task during creation.
* @public */ TagSpecifications?: TagSpecification[] | undefined; } /** * @public */ export interface ImportSnapshotResult { /** *A description of the import snapshot task.
* @public */ Description?: string | undefined; /** *The ID of the import snapshot task.
* @public */ ImportTaskId?: string | undefined; /** *Information about the import snapshot task.
* @public */ SnapshotTaskDetail?: SnapshotTaskDetail | undefined; /** *Any tags assigned to the import snapshot task.
* @public */ Tags?: Tag[] | undefined; } /** * @public */ export interface ImportVolumeRequest { /** *The ID of the Availability Zone for the resulting EBS volume.
*Either AvailabilityZone or AvailabilityZoneId must be specified,
* but not both.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Availability Zone for the resulting EBS volume.
*Either AvailabilityZone or AvailabilityZoneId must be specified,
* but not both.
The disk image.
* @public */ Image: DiskImageDetail | undefined; /** *A description of the volume.
* @public */ Description?: string | undefined; /** *The volume size.
* @public */ Volume: VolumeDetail | undefined; } /** * @public */ export interface ImportVolumeResult { /** *Information about the conversion task.
* @public */ ConversionTask?: ConversionTask | undefined; } /** * @public */ export interface ListImagesInRecycleBinRequest { /** *The IDs of the AMIs to list. Omit this parameter to list all of the AMIs that are in the * Recycle Bin. You can specify up to 20 IDs in a single request.
* @public */ ImageIds?: string[] | undefined; /** *The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; /** *The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about an AMI that is currently in the Recycle Bin.
* @public */ export interface ImageRecycleBinInfo { /** *The ID of the AMI.
* @public */ ImageId?: string | undefined; /** *The name of the AMI.
* @public */ Name?: string | undefined; /** *The description of the AMI.
* @public */ Description?: string | undefined; /** *The date and time when the AMI entered the Recycle Bin.
* @public */ RecycleBinEnterTime?: Date | undefined; /** *The date and time when the AMI is to be permanently deleted from the Recycle Bin.
* @public */ RecycleBinExitTime?: Date | undefined; } /** * @public */ export interface ListImagesInRecycleBinResult { /** *Information about the AMIs.
* @public */ Images?: ImageRecycleBinInfo[] | undefined; /** *The token to include in another request to get the next page of items. This value is null when there
* are no more items to return.
The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
* @public */ MaxResults?: number | undefined; /** *The token returned from a previous paginated request. * Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; /** *The IDs of the snapshots to list. Omit this parameter to list all of the * snapshots that are in the Recycle Bin.
* @public */ SnapshotIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about a snapshot that is currently in the Recycle Bin.
* @public */ export interface SnapshotRecycleBinInfo { /** *The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The date and time when the snapshot entered the Recycle Bin.
* @public */ RecycleBinEnterTime?: Date | undefined; /** *The date and time when the snapshot is to be permanently deleted from the Recycle Bin.
* @public */ RecycleBinExitTime?: Date | undefined; /** *The description for the snapshot.
* @public */ Description?: string | undefined; /** *The ID of the volume from which the snapshot was created.
* @public */ VolumeId?: string | undefined; } /** * @public */ export interface ListSnapshotsInRecycleBinResult { /** *Information about the snapshots.
* @public */ Snapshots?: SnapshotRecycleBinInfo[] | undefined; /** *The token to include in another request to get the next page of items.
* This value is null when there are no more items to return.
The IDs of the volumes to list. Omit this parameter to list all of the * volumes that are in the Recycle Bin.
* @public */ VolumeIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The maximum number of items to return for this request. * To get the next page of items, make another request with the token returned in the output. * For more information, see Pagination.
*Valid range: 5 - 500
* @public */ MaxResults?: number | undefined; /** *The token returned from a previous paginated request. * Pagination continues from the end of the items returned by the previous request.
* @public */ NextToken?: string | undefined; } /** *Information about a volume that is currently in the Recycle Bin.
* @public */ export interface VolumeRecycleBinInfo { /** *The ID of the volume.
* @public */ VolumeId?: string | undefined; /** *The volume type.
* @public */ VolumeType?: VolumeType | undefined; /** *The state of the volume.
* @public */ State?: VolumeState | undefined; /** *The size of the volume, in GiB.
* @public */ Size?: number | undefined; /** *The number of I/O operations per second (IOPS) for the volume.
* @public */ Iops?: number | undefined; /** *The throughput that the volume supports, in MiB/s.
* @public */ Throughput?: number | undefined; /** *The ARN of the Outpost on which the volume is stored. For more information, see Amazon EBS volumes on Outposts in the * Amazon EBS User Guide.
* @public */ OutpostArn?: string | undefined; /** *The Availability Zone for the volume.
* @public */ AvailabilityZone?: string | undefined; /** *The ID of the Availability Zone for the volume.
* @public */ AvailabilityZoneId?: string | undefined; /** *The ID of the source volume.
* @public */ SourceVolumeId?: string | undefined; /** *The snapshot from which the volume was created, if applicable.
* @public */ SnapshotId?: string | undefined; /** *The service provider that manages the volume.
* @public */ Operator?: OperatorResponse | undefined; /** *The time stamp when volume creation was initiated.
* @public */ CreateTime?: Date | undefined; /** *The date and time when the volume entered the Recycle Bin.
* @public */ RecycleBinEnterTime?: Date | undefined; /** *The date and time when the volume is to be permanently deleted from the Recycle Bin.
* @public */ RecycleBinExitTime?: Date | undefined; } /** * @public */ export interface ListVolumesInRecycleBinResult { /** *Information about the volumes.
* @public */ Volumes?: VolumeRecycleBinInfo[] | undefined; /** *The token to include in another request to get the next page of items.
* This value is null when there are no more items to return.
The ID of the snapshot to lock.
* @public */ SnapshotId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The mode in which to lock the snapshot. Specify one of the following:
*
* governance - Locks the snapshot in governance mode. Snapshots locked in governance
* mode can't be deleted until one of the following conditions are met:
The lock duration expires.
*The snapshot is unlocked by a user with the appropriate permissions.
*Users with the appropriate IAM permissions can unlock the snapshot, increase or decrease the lock
* duration, and change the lock mode to compliance at any time.
If you lock a snapshot in governance mode, omit
* CoolOffPeriod.
* compliance - Locks the snapshot in compliance mode. Snapshots locked in compliance
* mode can't be unlocked by any user. They can be deleted only after the lock duration expires. Users
* can't decrease the lock duration or change the lock mode to governance. However, users
* with appropriate IAM permissions can increase the lock duration at any time.
If you lock a snapshot in compliance mode, you can optionally specify
* CoolOffPeriod.
The cooling-off period during which you can unlock the snapshot or modify the lock settings after * locking the snapshot in compliance mode, in hours. After the cooling-off period expires, you can't * unlock or delete the snapshot, decrease the lock duration, or change the lock mode. You can increase * the lock duration after the cooling-off period expires.
*The cooling-off period is optional when locking a snapshot in compliance mode. If you are locking * the snapshot in governance mode, omit this parameter.
*To lock the snapshot in compliance mode immediately without a cooling-off period, omit this * parameter.
*If you are extending the lock duration for a snapshot that is locked in compliance mode after * the cooling-off period has expired, omit this parameter. If you specify a cooling-period in a such * a request, the request fails.
*Allowed values: Min 1, max 72.
* @public */ CoolOffPeriod?: number | undefined; /** *The period of time for which to lock the snapshot, in days. The snapshot lock will automatically * expire after this period lapses.
*You must specify either this parameter or ExpirationDate, but * not both.
*Allowed values: Min: 1, max 36500
* @public */ LockDuration?: number | undefined; /** *The date and time at which the snapshot lock is to automatically expire, in the UTC time zone
* (YYYY-MM-DDThh:mm:ss.sssZ).
You must specify either this parameter or LockDuration, but * not both.
* @public */ ExpirationDate?: Date | undefined; } /** * @public */ export interface LockSnapshotResult { /** *The ID of the snapshot
* @public */ SnapshotId?: string | undefined; /** *The state of the snapshot lock. Valid states include:
*
* compliance-cooloff - The snapshot has been locked in
* compliance mode but it is still within the cooling-off period. The snapshot can't be
* deleted, but it can be unlocked and the lock settings can be modified by users with
* appropriate permissions.
* governance - The snapshot is locked in governance mode. The
* snapshot can't be deleted, but it can be unlocked and the lock settings can be
* modified by users with appropriate permissions.
* compliance - The snapshot is locked in compliance mode and the
* cooling-off period has expired. The snapshot can't be unlocked or deleted. The lock
* duration can only be increased by users with appropriate permissions.
* expired - The snapshot was locked in compliance or governance
* mode but the lock duration has expired. The snapshot is not locked and can be deleted.
The period of time for which the snapshot is locked, in days.
* @public */ LockDuration?: number | undefined; /** *The compliance mode cooling-off period, in hours.
* @public */ CoolOffPeriod?: number | undefined; /** *The date and time at which the compliance mode cooling-off period expires, in the UTC time zone
* (YYYY-MM-DDThh:mm:ss.sssZ).
The date and time at which the snapshot was locked, in the UTC time zone
* (YYYY-MM-DDThh:mm:ss.sssZ).
The date and time at which the lock will expire, in the UTC time zone
* (YYYY-MM-DDThh:mm:ss.sssZ).
The date and time at which the lock duration started, in the UTC time zone
* (YYYY-MM-DDThh:mm:ss.sssZ).
[EC2-VPC] The allocation ID.
* @public */ AllocationId: string | undefined; /** *The domain name to modify for the IP address.
* @public */ DomainName?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the Elastic IP address.
* @public */ Address?: AddressAttribute | undefined; } /** * @public */ export interface ModifyAvailabilityZoneGroupRequest { /** *The name of the Availability Zone group, Local Zone group, or Wavelength Zone * group.
* @public */ GroupName: string | undefined; /** *Indicates whether to opt in to the zone group. The only valid value is opted-in.
* You must contact Amazon Web Services Support to opt out of a Local Zone or Wavelength Zone group.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Is true if the request succeeds, and an error otherwise.
The ID of the Capacity Reservation.
* @public */ CapacityReservationId: string | undefined; /** *The number of instances for which to reserve capacity. The number of instances can't
* be increased or decreased by more than 1000 in a single request.
The date and time at which the Capacity Reservation expires. When a Capacity
* Reservation expires, the reserved capacity is released and you can no longer launch
* instances into it. The Capacity Reservation's state changes to expired when
* it reaches its end date and time.
The Capacity Reservation is cancelled within an hour from the specified time. For * example, if you specify 5/31/2019, 13:30:55, the Capacity Reservation is guaranteed to * end between 13:30:55 and 14:30:55 on 5/31/2019.
*You must provide an EndDate value if EndDateType is
* limited. Omit EndDate if EndDateType is
* unlimited.
Indicates the way in which the Capacity Reservation ends. A Capacity Reservation can * have one of the following end types:
*
* unlimited - The Capacity Reservation remains active until you
* explicitly cancel it. Do not provide an EndDate value if
* EndDateType is unlimited.
* limited - The Capacity Reservation expires automatically at a
* specified date and time. You must provide an EndDate value if
* EndDateType is limited.
Reserved. Capacity Reservations you have created are accepted by default.
* @public */ Accept?: boolean | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Reserved for future use.
* @public */ AdditionalInfo?: string | undefined; /** * The matching criteria (instance eligibility) that you want to use in the modified
* Capacity Reservation. If you change the instance eligibility of an existing Capacity
* Reservation from targeted to open, any running instances that
* match the attributes of the Capacity Reservation, have the
* CapacityReservationPreference set to open, and are not yet
* running in the Capacity Reservation, will automatically use the modified Capacity
* Reservation.
To modify the instance eligibility, the Capacity Reservation must be completely idle * (zero usage).
* @public */ InstanceMatchCriteria?: InstanceMatchCriteria | undefined; } /** * @public */ export interface ModifyCapacityReservationResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
The ID of the Capacity Reservation Fleet to modify.
* @public */ CapacityReservationFleetId: string | undefined; /** *The total number of capacity units to be reserved by the Capacity Reservation Fleet. * This value, together with the instance type weights that you assign to each instance * type used by the Fleet determine the number of instances for which the Fleet reserves * capacity. Both values are based on units that make sense for your workload. For more * information, see Total target * capacity in the Amazon EC2 User Guide.
* @public */ TotalTargetCapacity?: number | undefined; /** *The date and time at which the Capacity Reservation Fleet expires. When the Capacity
* Reservation Fleet expires, its state changes to expired and all of the
* Capacity Reservations in the Fleet expire.
The Capacity Reservation Fleet expires within an hour after the specified time. For
* example, if you specify 5/31/2019, 13:30:55, the Capacity
* Reservation Fleet is guaranteed to expire between 13:30:55 and
* 14:30:55 on 5/31/2019.
You can't specify EndDate and * RemoveEndDate in the same request.
* @public */ EndDate?: Date | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether to remove the end date from the Capacity Reservation Fleet. If you * remove the end date, the Capacity Reservation Fleet does not expire and it remains * active until you explicitly cancel it using the CancelCapacityReservationFleet action.
*You can't specify RemoveEndDate and EndDate in the same request.
* @public */ RemoveEndDate?: boolean | undefined; } /** * @public */ export interface ModifyCapacityReservationFleetResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
Information about the DNS server to be used.
* @public */ export interface DnsServersOptionsModifyStructure { /** *The IPv4 address range, in CIDR notation, of the DNS servers to be used. You can specify up to * two DNS servers. Ensure that the DNS servers can be reached by the clients. The specified values * overwrite the existing values.
* @public */ CustomDnsServers?: string[] | undefined; /** *Indicates whether DNS servers should be used. Specify False to delete the existing DNS
* servers.
The ID of the Client VPN endpoint to modify.
* @public */ ClientVpnEndpointId: string | undefined; /** *The ARN of the server certificate to be used. The server certificate must be provisioned in * Certificate Manager (ACM).
* @public */ ServerCertificateArn?: string | undefined; /** *Information about the client connection logging options.
*If you enable client connection logging, data about client connections is sent to a * Cloudwatch Logs log stream. The following information is logged:
*Client connection requests
*Client connection results (successful and unsuccessful)
*Reasons for unsuccessful client connection requests
*Client connection termination time
*Information about the DNS servers to be used by Client VPN connections. A Client VPN endpoint can have * up to two DNS servers.
* @public */ DnsServers?: DnsServersOptionsModifyStructure | undefined; /** *The port number to assign to the Client VPN endpoint for TCP and UDP traffic.
*Valid Values: 443 | 1194
*
Default Value: 443
*
A brief description of the Client VPN endpoint.
* @public */ Description?: string | undefined; /** *Indicates whether the VPN is split-tunnel.
*For information about split-tunnel VPN endpoints, see Split-tunnel Client VPN endpoint in the * Client VPN Administrator Guide.
* @public */ SplitTunnel?: boolean | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The IDs of one or more security groups to apply to the target network.
* @public */ SecurityGroupIds?: string[] | undefined; /** *The ID of the VPC to associate with the Client VPN endpoint.
* @public */ VpcId?: string | undefined; /** *Specify whether to enable the self-service portal for the Client VPN endpoint.
* @public */ SelfServicePortal?: SelfServicePortal | undefined; /** *The options for managing connection authorization for new client connections.
* @public */ ClientConnectOptions?: ClientConnectOptions | undefined; /** *The maximum VPN session duration time in hours.
*Valid values: 8 | 10 | 12 | 24
*
Default value: 24
*
Options for enabling a customizable text banner that will be displayed on * Amazon Web Services provided clients when a VPN session is established.
* @public */ ClientLoginBannerOptions?: ClientLoginBannerOptions | undefined; /** *Client route enforcement is a feature of the Client VPN service that helps enforce administrator defined routes on devices connected through the VPN. T * his feature helps improve your security posture by ensuring that network traffic originating from a connected client is not inadvertently sent outside the VPN tunnel.
*Client route enforcement works by monitoring the route table of a connected device for routing policy changes to the VPN connection. If the feature detects any VPN routing policy modifications, it will automatically force an update to the route table, * reverting it back to the expected route configurations.
* @public */ ClientRouteEnforcementOptions?: ClientRouteEnforcementOptions | undefined; /** *Indicates whether the client VPN session is disconnected after the maximum timeout specified in sessionTimeoutHours is reached. If true, users are prompted to reconnect client VPN. If false, client VPN attempts to reconnect automatically. The default value is true.
The Transit Gateway configuration for the Client VPN endpoint. This option is currently not supported.
* @public */ TransitGatewayConfiguration?: TransitGatewayConfigurationInputStructure | undefined; } /** * @public */ export interface ModifyClientVpnEndpointResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The instance family.
* @public */ InstanceFamily: UnlimitedSupportedInstanceFamily | undefined; /** *The credit option for CPU usage of the instance family.
*Valid Values: standard | unlimited
*
The default credit option for CPU usage of the instance family.
* @public */ InstanceFamilyCreditSpecification?: InstanceFamilyCreditSpecification | undefined; } /** * @public */ export interface ModifyEbsDefaultKmsKeyIdRequest { /** *The identifier of the KMS key to use for Amazon EBS encryption.
* If this parameter is not specified, your KMS key for Amazon EBS is used. If KmsKeyId is
* specified, the encrypted state must be true.
You can specify the KMS key using any of the following:
*Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.
*Key alias. For example, alias/ExampleAlias.
*Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.
*Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
*Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, * the action can appear to complete, but eventually fails.
*Amazon EBS does not support asymmetric KMS keys.
* @public */ KmsKeyId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Amazon Resource Name (ARN) of the default KMS key for encryption by default.
* @public */ KmsKeyId?: string | undefined; } /** * @public */ export interface ModifyFleetRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Indicates whether running instances should be terminated if the total target capacity of * the EC2 Fleet is decreased below the current size of the EC2 Fleet.
*Supported only for fleets of type maintain.
The launch template and overrides.
* @public */ LaunchTemplateConfigs?: FleetLaunchTemplateConfigRequest[] | undefined; /** *The ID of the EC2 Fleet.
* @public */ FleetId: string | undefined; /** *The size of the EC2 Fleet.
* @public */ TargetCapacitySpecification?: TargetCapacitySpecificationRequest | undefined; /** *Reserved.
* @public */ Context?: string | undefined; } /** * @public */ export interface ModifyFleetResult { /** *If the request succeeds, the response returns true. If the request fails,
* no response is returned, and instead an error message is returned.
Describes a load permission.
* @public */ export interface LoadPermissionRequest { /** *The name of the group.
* @public */ Group?: PermissionGroup | undefined; /** *The Amazon Web Services account ID.
* @public */ UserId?: string | undefined; } /** *Describes modifications to the load permissions of an Amazon FPGA image (AFI).
* @public */ export interface LoadPermissionModifications { /** *The load permissions to add.
* @public */ Add?: LoadPermissionRequest[] | undefined; /** *The load permissions to remove.
* @public */ Remove?: LoadPermissionRequest[] | undefined; } /** * @public */ export interface ModifyFpgaImageAttributeRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the AFI.
* @public */ FpgaImageId: string | undefined; /** *The name of the attribute.
* @public */ Attribute?: FpgaImageAttributeName | undefined; /** *The operation type.
* @public */ OperationType?: OperationType | undefined; /** *The Amazon Web Services account IDs. This parameter is valid only when modifying the loadPermission attribute.
The user groups. This parameter is valid only when modifying the loadPermission attribute.
The product codes. After you add a product code to an AFI, it can't be removed.
* This parameter is valid only when modifying the productCodes attribute.
The load permission for the AFI.
* @public */ LoadPermission?: LoadPermissionModifications | undefined; /** *A description for the AFI.
* @public */ Description?: string | undefined; /** *A name for the AFI.
* @public */ Name?: string | undefined; } /** * @public */ export interface ModifyFpgaImageAttributeResult { /** *Information about the attribute.
* @public */ FpgaImageAttribute?: FpgaImageAttribute | undefined; } /** * @public */ export interface ModifyHostsRequest { /** *Indicates whether to enable or disable host recovery for the Dedicated Host. For more * information, see Host recovery in * the Amazon EC2 User Guide.
* @public */ HostRecovery?: HostRecovery | undefined; /** *Specifies the instance type to be supported by the Dedicated Host. Specify this * parameter to modify a Dedicated Host to support only a specific instance type.
*If you want to modify a Dedicated Host to support multiple instance types in its * current instance family, omit this parameter and specify InstanceFamily instead. You cannot specify InstanceType and InstanceFamily in the * same request.
* @public */ InstanceType?: string | undefined; /** *Specifies the instance family to be supported by the Dedicated Host. Specify this * parameter to modify a Dedicated Host to support multiple instance types within its * current instance family.
*If you want to modify a Dedicated Host to support a specific instance type only, omit * this parameter and specify InstanceType instead. You * cannot specify InstanceFamily and InstanceType in the same request.
* @public */ InstanceFamily?: string | undefined; /** *Indicates whether to enable or disable host maintenance for the Dedicated Host. For * more information, see Host * maintenance in the Amazon EC2 User Guide.
* @public */ HostMaintenance?: HostMaintenance | undefined; /** *The IDs of the Dedicated Hosts to modify.
* @public */ HostIds: string[] | undefined; /** *Specify whether to enable or disable auto-placement.
* @public */ AutoPlacement?: AutoPlacement | undefined; } /** * @public */ export interface ModifyHostsResult { /** *The IDs of the Dedicated Hosts that were successfully modified.
* @public */ Successful?: string[] | undefined; /** *The IDs of the Dedicated Hosts that could not be modified. Check whether the setting * you requested can be used.
* @public */ Unsuccessful?: UnsuccessfulItem[] | undefined; } /** * @public */ export interface ModifyIdentityIdFormatRequest { /** *The type of resource: bundle | conversion-task | customer-gateway | dhcp-options |
* elastic-ip-allocation | elastic-ip-association |
* export-task | flow-log | image |
* import-task | internet-gateway | network-acl
* | network-acl-association | network-interface |
* network-interface-attachment | prefix-list |
* route-table | route-table-association |
* security-group | subnet |
* subnet-cidr-block-association | vpc |
* vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.
Alternatively, use the all-current option to include all resource types that are
* currently within their opt-in period for longer IDs.
Indicates whether the resource should use longer IDs (17-character IDs)
* @public */ UseLongIds: boolean | undefined; /** *The ARN of the principal, which can be an IAM user, IAM role, or the root user. Specify
* all to modify the ID format for all IAM users, IAM roles, and the root user of
* the account.
The type of resource: bundle | conversion-task | customer-gateway | dhcp-options |
* elastic-ip-allocation | elastic-ip-association |
* export-task | flow-log | image |
* import-task | internet-gateway | network-acl
* | network-acl-association | network-interface |
* network-interface-attachment | prefix-list |
* route-table | route-table-association |
* security-group | subnet |
* subnet-cidr-block-association | vpc |
* vpc-cidr-block-association | vpc-endpoint | vpc-peering-connection | vpn-connection | vpn-gateway.
Alternatively, use the all-current option to include all resource types that are
* currently within their opt-in period for longer IDs.
Indicate whether the resource should use longer IDs (17-character IDs).
* @public */ UseLongIds: boolean | undefined; } /** *Describes a launch permission modification.
* @public */ export interface LaunchPermissionModifications { /** *The Amazon Web Services account ID, organization ARN, or OU ARN to add to the list of * launch permissions for the AMI.
* @public */ Add?: LaunchPermission[] | undefined; /** *The Amazon Web Services account ID, organization ARN, or OU ARN to remove from the list of * launch permissions for the AMI.
* @public */ Remove?: LaunchPermission[] | undefined; } /** *Contains the parameters for ModifyImageAttribute.
* @public */ export interface ModifyImageAttributeRequest { /** *The name of the attribute to modify.
*Valid values: description | imdsSupport |
* launchPermission
*
A new description for the AMI.
* @public */ Description?: AttributeValue | undefined; /** *The ID of the AMI.
* @public */ ImageId: string | undefined; /** *A new launch permission for the AMI.
* @public */ LaunchPermission?: LaunchPermissionModifications | undefined; /** *The operation type. This parameter can be used only when the Attribute
* parameter is launchPermission.
Not supported.
* @public */ ProductCodes?: string[] | undefined; /** *The user groups. This parameter can be used only when the Attribute parameter
* is launchPermission.
The Amazon Web Services account IDs. This parameter can be used only when the
* Attribute parameter is launchPermission.
The value of the attribute being modified. This parameter can be used only when the
* Attribute parameter is description or
* imdsSupport.
The Amazon Resource Name (ARN) of an organization. This parameter can be used only when
* the Attribute parameter is launchPermission.
The Amazon Resource Name (ARN) of an organizational unit (OU). This parameter can be used
* only when the Attribute parameter is launchPermission.
Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances
* launched from this AMI will have HttpTokens automatically set to
* required so that, by default, the instance requires that IMDSv2 is used when
* requesting instance metadata. In addition, HttpPutResponseHopLimit is set to
* 2. For more information, see Configure the AMI in the Amazon EC2 User Guide.
Do not use this parameter unless your AMI software supports IMDSv2. After you set the
* value to v2.0, you can't undo it. The only way to “reset” your AMI is to create
* a new AMI from the underlying snapshot.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Describes information used to set up an EBS volume specified in a block device * mapping.
* @public */ export interface EbsInstanceBlockDeviceSpecification { /** *The ID of the EBS volume.
* @public */ VolumeId?: string | undefined; /** *Indicates whether the volume is deleted on instance termination.
* @public */ DeleteOnTermination?: boolean | undefined; } /** *Describes a block device mapping entry.
* @public */ export interface InstanceBlockDeviceMappingSpecification { /** *The device name. For available device names, see Device names for volumes.
* @public */ DeviceName?: string | undefined; /** *Parameters used to automatically set up EBS volumes when the instance is * launched.
* @public */ Ebs?: EbsInstanceBlockDeviceSpecification | undefined; /** *The virtual device name.
* @public */ VirtualName?: string | undefined; /** *Suppresses the specified device included in the block device mapping.
* @public */ NoDevice?: string | undefined; } /** * @public */ export interface BlobAttributeValue { Value?: Uint8Array | undefined; } /** * @public */ export interface ModifyInstanceAttributeRequest { /** *Enable or disable source/destination checks, which ensure that the instance is either
* the source or the destination of any traffic that it receives. If the value is
* true, source/destination checks are enabled; otherwise, they are
* disabled. The default value is true. You must disable source/destination
* checks if the instance runs services such as network address translation, routing, or
* firewalls.
Indicates whether an instance is enabled for stop protection. For more information, * see Enable stop * protection for your instance.
* * @public */ DisableApiStop?: AttributeBooleanValue | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *The name of the attribute to modify.
*When changing the instance type: If the original instance type is configured for
* configurable bandwidth, and the desired instance type doesn't support configurable
* bandwidth, first set the existing bandwidth configuration to default
* using the ModifyInstanceNetworkPerformanceOptions
* operation.
You can modify the following attributes only: disableApiTermination |
* instanceType | kernel | ramdisk |
* instanceInitiatedShutdownBehavior | blockDeviceMapping
* | userData | sourceDestCheck | groupSet |
* ebsOptimized | sriovNetSupport |
* enaSupport | nvmeSupport | disableApiStop
* | enclaveOptions
*
A new value for the attribute. Use only with the kernel,
* ramdisk, userData, disableApiTermination, or
* instanceInitiatedShutdownBehavior attribute.
Modifies the DeleteOnTermination attribute for volumes that are currently
* attached. The volume must be owned by the caller. If no value is specified for
* DeleteOnTermination, the default is true and the volume is
* deleted when the instance is terminated. You can't modify the DeleteOnTermination
* attribute for volumes that are attached to Amazon Web Services-managed resources.
To add instance store volumes to an Amazon EBS-backed instance, you must add them when * you launch the instance. For more information, see Update the block device mapping when launching an instance in the * Amazon EC2 User Guide.
* @public */ BlockDeviceMappings?: InstanceBlockDeviceMappingSpecification[] | undefined; /** *Enable or disable termination protection for the instance. If the value is true,
* you can't terminate the instance using the Amazon EC2 console, command line interface, or API.
* You can't enable termination protection for Spot Instances.
Changes the instance type to the specified value. For more information, see Instance
* types in the Amazon EC2 User Guide. If the instance type is
* not valid, the error returned is InvalidInstanceAttributeValue.
Changes the instance's kernel to the specified value. We recommend that you use * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.
* @public */ Kernel?: AttributeValue | undefined; /** *Changes the instance's RAM disk to the specified value. We recommend that you use * PV-GRUB instead of kernels and RAM disks. For more information, see PV-GRUB.
* @public */ Ramdisk?: AttributeValue | undefined; /** *Changes the instance's user data to the specified value. User data must be base64-encoded. * Depending on the tool or SDK that you're using, the base64-encoding might be performed for you. * For more information, see Work with instance user data.
* @public */ UserData?: BlobAttributeValue | undefined; /** *Specifies whether an instance stops or terminates when you initiate shutdown from the * instance (using the operating system command for system shutdown).
* @public */ InstanceInitiatedShutdownBehavior?: AttributeValue | undefined; /** *Replaces the security groups of the instance with the specified security groups. * You must specify the ID of at least one security group, even if it's just the default * security group for the VPC.
* @public */ Groups?: string[] | undefined; /** *Specifies whether the instance is optimized for Amazon EBS I/O. This optimization * provides dedicated throughput to Amazon EBS and an optimized configuration stack to * provide optimal EBS I/O performance. This optimization isn't available with all instance * types. Additional usage charges apply when using an EBS Optimized instance.
* @public */ EbsOptimized?: AttributeBooleanValue | undefined; /** *Set to simple to enable enhanced networking with the Intel 82599 Virtual
* Function interface for the instance.
There is no way to disable enhanced networking with the Intel 82599 Virtual Function * interface at this time.
*This option is supported only for HVM instances. Specifying this option with a PV * instance can make it unreachable.
* @public */ SriovNetSupport?: AttributeValue | undefined; /** *Set to true to enable enhanced networking with ENA for the
* instance.
This option is supported only for HVM instances. Specifying this option with a PV * instance can make it unreachable.
* @public */ EnaSupport?: AttributeBooleanValue | undefined; } /** *Describes an instance's Capacity Reservation targeting option.
*Use the CapacityReservationPreference parameter to configure the instance
* to run as an On-Demand Instance, to run in any open Capacity Reservation
* that has matching attributes, or to run only in a Capacity Reservation or Capacity
* Reservation group. Use the CapacityReservationTarget parameter to
* explicitly target a specific Capacity Reservation or a Capacity Reservation
* group.
You can only specify CapacityReservationPreference and
* CapacityReservationTarget if the
* CapacityReservationPreference is
* capacity-reservations-only.
Indicates the instance's Capacity Reservation preferences. Possible preferences * include:
*
* capacity-reservations-only - The instance will only run in a
* Capacity Reservation or Capacity Reservation group. If capacity isn't available,
* the instance will fail to launch.
* open - The instance can run in any open Capacity
* Reservation that has matching attributes (instance type, platform, Availability
* Zone, and tenancy). If capacity isn't available, the instance runs as an
* On-Demand Instance.
* none - The instance doesn't run in a Capacity Reservation even if
* one is available. The instance runs as an On-Demand Instance.
Information about the target Capacity Reservation or Capacity Reservation * group.
* @public */ CapacityReservationTarget?: CapacityReservationTarget | undefined; } /** * @public */ export interface ModifyInstanceCapacityReservationAttributesRequest { /** *The ID of the instance to be modified.
* @public */ InstanceId: string | undefined; /** *Information about the Capacity Reservation targeting option.
* @public */ CapacityReservationSpecification: CapacityReservationSpecification | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the EC2 Instance Connect Endpoint to modify.
* @public */ InstanceConnectEndpointId: string | undefined; /** *The new IP address type for the EC2 Instance Connect Endpoint.
*
* PreserveClientIp is only supported on IPv4 EC2 Instance Connect
* Endpoints. To use PreserveClientIp, the value for
* IpAddressType must be ipv4.
Changes the security groups for the EC2 Instance Connect Endpoint. The new set of * groups you specify replaces the current set. You must specify at least one group, even * if it's just the default security group in the VPC. You must specify the ID of the * security group, not the name.
* @public */ SecurityGroupIds?: string[] | undefined; /** *Indicates whether the client IP address is preserved as the source when you connect to a resource. * The following are the possible values.
*
* true - Use the IP address of the client. Your instance must have an IPv4 address.
* false - Use the IP address of the network interface.
Is true if the request succeeds and an error otherwise.
The ID of the instance to update.
* @public */ InstanceId: string | undefined; /** *The number of CPU cores to activate for the specified instance.
* @public */ CoreCount?: number | undefined; /** *The number of threads to run for each CPU core.
* @public */ ThreadsPerCore?: number | undefined; /** *Indicates whether to enable or disable nested virtualization for the instance. * When nested virtualization is enabled, Virtual Secure Mode (VSM) is automatically disabled for the instance.
* @public */ NestedVirtualization?: NestedVirtualizationSpecification | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance that was updated.
* @public */ InstanceId?: string | undefined; /** *The number of CPU cores that are running for the specified instance after the * update.
* @public */ CoreCount?: number | undefined; /** *The number of threads that are running per CPU core for the specified * instance after the update.
* @public */ ThreadsPerCore?: number | undefined; /** *Indicates whether nested virtualization has been enabled or disabled.
* @public */ NestedVirtualization?: NestedVirtualizationSpecification | undefined; } /** *Describes the credit option for CPU usage of a burstable performance instance.
* @public */ export interface InstanceCreditSpecificationRequest { /** *The ID of the instance.
* @public */ InstanceId: string | undefined; /** *The credit option for CPU usage of the instance.
*Valid values: standard | unlimited
*
T3 instances with host tenancy do not support the unlimited
* CPU credit option.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring * Idempotency.
* @public */ ClientToken?: string | undefined; /** *Information about the credit option for CPU usage.
* @public */ InstanceCreditSpecifications: InstanceCreditSpecificationRequest[] | undefined; } /** *Describes the burstable performance instance whose credit option for CPU usage was * successfully modified.
* @public */ export interface SuccessfulInstanceCreditSpecificationItem { /** *The ID of the instance.
* @public */ InstanceId?: string | undefined; } /** *Information about the error for the burstable performance instance whose credit option * for CPU usage was not modified.
* @public */ export interface UnsuccessfulInstanceCreditSpecificationItemError { /** *The error code.
* @public */ Code?: UnsuccessfulInstanceCreditSpecificationErrorCode | undefined; /** *The applicable error message.
* @public */ Message?: string | undefined; } /** *Describes the burstable performance instance whose credit option for CPU usage was not * modified.
* @public */ export interface UnsuccessfulInstanceCreditSpecificationItem { /** *The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The applicable error for the burstable performance instance whose credit option for * CPU usage was not modified.
* @public */ Error?: UnsuccessfulInstanceCreditSpecificationItemError | undefined; } /** * @public */ export interface ModifyInstanceCreditSpecificationResult { /** *Information about the instances whose credit option for CPU usage was successfully * modified.
* @public */ SuccessfulInstanceCreditSpecifications?: SuccessfulInstanceCreditSpecificationItem[] | undefined; /** *Information about the instances whose credit option for CPU usage was not * modified.
* @public */ UnsuccessfulInstanceCreditSpecifications?: UnsuccessfulInstanceCreditSpecificationItem[] | undefined; } /** * @public */ export interface ModifyInstanceEventStartTimeRequest { /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance with the scheduled event.
* @public */ InstanceId: string | undefined; /** *The ID of the event whose date and time you are modifying.
* @public */ InstanceEventId: string | undefined; /** *The new date and time when the event will take place.
* @public */ NotBefore: Date | undefined; } /** * @public */ export interface ModifyInstanceEventStartTimeResult { /** *Information about the event.
* @public */ Event?: InstanceStatusEvent | undefined; } /** * @public */ export interface ModifyInstanceEventWindowRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The name of the event window.
* @public */ Name?: string | undefined; /** *The ID of the event window.
* @public */ InstanceEventWindowId: string | undefined; /** *The time ranges of the event window.
* @public */ TimeRanges?: InstanceEventWindowTimeRangeRequest[] | undefined; /** *The cron expression of the event window, for example, * 0-4,20-23 * *
* 1,5.
Constraints:
*Only hour and day of the week values are supported.
*For day of the week values, you can specify either integers 0 through
* 6, or alternative single values SUN through
* SAT.
The minute, month, and year must be specified by *.
The hour value must be one or a multiple range, for example, 0-4 or
* 0-4,20-23.
Each hour range must be >= 2 hours, for example, 0-2 or
* 20-23.
The event window must be >= 4 hours. The combined total time ranges in the event * window must be >= 4 hours.
*For more information about cron expressions, see cron on the Wikipedia * website.
* @public */ CronExpression?: string | undefined; } /** * @public */ export interface ModifyInstanceEventWindowResult { /** *Information about the event window.
* @public */ InstanceEventWindow?: InstanceEventWindow | undefined; } /** * @public */ export interface ModifyInstanceMaintenanceOptionsRequest { /** *The ID of the instance.
* @public */ InstanceId: string | undefined; /** *Disables the automatic recovery behavior of your instance or sets it to * default.
* @public */ AutoRecovery?: InstanceAutoRecoveryState | undefined; /** *Specifies whether to attempt reboot migration during a user-initiated reboot of an
* instance that has a scheduled system-reboot event:
* default - Amazon EC2 attempts to migrate the instance to
* new hardware (reboot migration). If successful, the system-reboot
* event is cleared. If unsuccessful, an in-place reboot occurs and the event
* remains scheduled.
* disabled - Amazon EC2 keeps the instance on the same
* hardware (in-place reboot). The system-reboot event remains
* scheduled.
This setting only applies to supported instances that have a scheduled reboot event. * For more information, see Enable or disable reboot migration in the * Amazon EC2 User Guide.
* @public */ RebootMigration?: InstanceRebootMigrationState | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *Provides information on the current automatic recovery behavior of your * instance.
* @public */ AutoRecovery?: InstanceAutoRecoveryState | undefined; /** *Specifies whether to attempt reboot migration during a user-initiated reboot of an
* instance that has a scheduled system-reboot event:
* default - Amazon EC2 attempts to migrate the instance to
* new hardware (reboot migration). If successful, the system-reboot
* event is cleared. If unsuccessful, an in-place reboot occurs and the event
* remains scheduled.
* disabled - Amazon EC2 keeps the instance on the same
* hardware (in-place reboot). The system-reboot event remains
* scheduled.
This setting only applies to supported instances that have a scheduled reboot event. * For more information, see Enable or disable reboot migration in the * Amazon EC2 User Guide.
* @public */ RebootMigration?: InstanceRebootMigrationState | undefined; } /** * @public */ export interface ModifyInstanceMetadataDefaultsRequest { /** *Indicates whether IMDSv2 is required.
*
* optional – IMDSv2 is optional, which means that you can
* use either IMDSv2 or IMDSv1.
* required – IMDSv2 is required, which means that IMDSv1 is
* disabled, and you must use IMDSv2.
The maximum number of hops that the metadata token can travel. To indicate no
* preference, specify -1.
Possible values: Integers from 1 to 64, and -1
* to indicate no preference
Enables or disables the IMDS endpoint on an instance. When disabled, the instance * metadata can't be accessed.
* @public */ HttpEndpoint?: DefaultInstanceMetadataEndpointState | undefined; /** *Enables or disables access to an instance's tags from the instance metadata. For more * information, see View tags for your EC2 * instances using instance metadata in the * Amazon EC2 User Guide.
* @public */ InstanceMetadataTags?: DefaultInstanceMetadataTagsState | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Specifies whether to enforce the requirement of IMDSv2 on an instance at the time of
* launch. When enforcement is enabled, the instance can't launch unless IMDSv2
* (HttpTokens) is set to required. For more information, see
* Enforce IMDSv2 at the account level in the
* Amazon EC2 User Guide.
If the request succeeds, the response returns true. If the request fails,
* no response is returned, and instead an error message is returned.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *Indicates whether IMDSv2 is required.
*
* optional - IMDSv2 is optional. You can choose whether to send a
* session token in your instance metadata retrieval requests. If you retrieve
* IAM role credentials without a session token, you receive the IMDSv1 role
* credentials. If you retrieve IAM role credentials using a valid session token,
* you receive the IMDSv2 role credentials.
* required - IMDSv2 is required. You must send a session token
* in your instance metadata retrieval requests. With this option, retrieving the
* IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are
* not available.
Default:
*If the value of ImdsSupport for the Amazon Machine Image (AMI)
* for your instance is v2.0 and the account level default is set to
* no-preference, the default is required.
If the value of ImdsSupport for the Amazon Machine Image (AMI)
* for your instance is v2.0, but the account level default is set to
* V1 or V2, the default is optional.
The default value can also be affected by other combinations of parameters. For more * information, see Order of precedence for instance metadata options in the * Amazon EC2 User Guide.
* @public */ HttpTokens?: HttpTokensState | undefined; /** *The desired HTTP PUT response hop limit for instance metadata requests. The larger the * number, the further instance metadata requests can travel. If no parameter is specified, * the existing state is maintained.
*Possible values: Integers from 1 to 64
* @public */ HttpPutResponseHopLimit?: number | undefined; /** *Enables or disables the HTTP metadata endpoint on your instances. If this parameter is * not specified, the existing state is maintained.
*If you specify a value of disabled, you cannot access your instance
* metadata.
Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Enables or disables the IPv6 endpoint for the instance metadata service. * Applies only if you enabled the HTTP metadata endpoint.
* @public */ HttpProtocolIpv6?: InstanceMetadataProtocolState | undefined; /** *Set to enabled to allow access to instance tags from the instance
* metadata. Set to disabled to turn off access to instance tags from the
* instance metadata. For more information, see View tags for your EC2
* instances using instance metadata.
The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The metadata options for the instance.
* @public */ InstanceMetadataOptions?: InstanceMetadataOptionsResponse | undefined; } /** * @public */ export interface ModifyInstanceNetworkPerformanceRequest { /** *The ID of the instance to update.
* @public */ InstanceId: string | undefined; /** *Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows:
*This option uses the standard bandwidth configuration for your instance type.
*This option boosts your networking baseline bandwidth and reduces your EBS * baseline bandwidth.
*This option boosts your EBS baseline bandwidth and reduces your networking * baseline bandwidth.
*Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The instance ID that was updated.
* @public */ InstanceId?: string | undefined; /** *Contains the updated configuration for bandwidth weighting on the specified instance.
* @public */ BandwidthWeighting?: InstanceBandwidthWeighting | undefined; } /** * @public */ export interface ModifyInstancePlacementRequest { /** *The name of the placement group in which to place the instance. For spread placement
* groups, the instance must have a tenancy of default. For cluster and
* partition placement groups, the instance must have a tenancy of default or
* dedicated.
To remove an instance from a placement group, specify an empty string ("").
* @public */ GroupName?: string | undefined; /** *The number of the partition in which to place the instance. Valid only if the
* placement group strategy is set to partition.
The ARN of the host resource group in which to place the instance. The instance must
* have a tenancy of host to specify this parameter.
The Group Id of a placement group. You must specify the Placement Group Group Id to launch an instance in a shared placement * group.
* @public */ GroupId?: string | undefined; /** *The ID of the instance that you are modifying.
* @public */ InstanceId: string | undefined; /** *The tenancy for the instance.
*For T3 instances, you must launch the instance on a Dedicated Host to use a
* tenancy of host. You can't change the tenancy from
* host to dedicated or default.
* Attempting to make one of these unsupported tenancy changes results in an
* InvalidRequest error code.
The affinity setting for the instance. For more information, see Host affinity in the Amazon EC2 User Guide.
* @public */ Affinity?: Affinity | undefined; /** *The ID of the Dedicated Host with which to associate the instance.
* @public */ HostId?: string | undefined; } /** * @public */ export interface ModifyInstancePlacementResult { /** *Is true if the request succeeds, and an error otherwise.
Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
*For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide *
* @public */ export interface RemoveIpamOperatingRegion { /** *The name of the operating Region you want to remove.
* @public */ RegionName?: string | undefined; } /** * @public */ export interface ModifyIpamRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM you want to modify.
* @public */ IpamId: string | undefined; /** *The description of the IPAM you want to modify.
* @public */ Description?: string | undefined; /** *Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
*For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide.
* @public */ AddOperatingRegions?: AddIpamOperatingRegion[] | undefined; /** *The operating Regions to remove.
* @public */ RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined; /** *IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
* @public */ Tier?: IpamTier | undefined; /** *Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
* @public */ EnablePrivateGua?: boolean | undefined; /** *A metered account is an Amazon Web Services account that is charged for active IP addresses managed in IPAM. For more information, see Enable cost distribution in the Amazon VPC IPAM User Guide.
*Possible values:
*
* ipam-owner (default): The Amazon Web Services account which owns the IPAM is charged for all active IP addresses managed in IPAM.
* resource-owner: The Amazon Web Services account that owns the IP address is charged for the active IP address.
The results of the modification.
* @public */ Ipam?: Ipam | undefined; } /** *Information about a requested IPAM policy allocation rule.
*Allocation rules are optional configurations within an IPAM policy that map Amazon Web Services resource types to specific IPAM pools. If no rules are defined, the resource types default to using Amazon-provided IP addresses.
* @public */ export interface IpamPolicyAllocationRuleRequest { /** *The ID of the source IPAM pool for the requested allocation rule.
*An IPAM pool is a collection of IP addresses in IPAM that can be allocated to Amazon Web Services resources.
* @public */ SourceIpamPoolId?: string | undefined; } /** * @public */ export interface ModifyIpamPolicyAllocationRulesRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM policy whose allocation rules you want to modify.
* @public */ IpamPolicyId: string | undefined; /** *The locale for which to modify the allocation rules.
* @public */ Locale: string | undefined; /** *The resource type for which to modify the allocation rules.
*The Amazon Web Services service or resource type that can use IP addresses through IPAM policies. Supported services and resource types include:
*Elastic IP addresses
*The new allocation rules to apply to the IPAM policy.
*Allocation rules are optional configurations within an IPAM policy that map Amazon Web Services resource types to specific IPAM pools. If no rules are defined, the resource types default to using Amazon-provided IP addresses.
* @public */ AllocationRules?: IpamPolicyAllocationRuleRequest[] | undefined; } /** * @public */ export interface ModifyIpamPolicyAllocationRulesResult { /** *The modified IPAM policy containing the updated allocation rules.
* @public */ IpamPolicyDocument?: IpamPolicyDocument | undefined; } /** * @public */ export interface ModifyIpamPoolRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool you want to modify.
* @public */ IpamPoolId: string | undefined; /** *The description of the IPAM pool you want to modify.
* @public */ Description?: string | undefined; /** *If true, IPAM will continuously look for resources within the CIDR range of this pool * and automatically import them as allocations into your IPAM. The CIDRs that will be allocated for * these resources must not already be allocated to other resources in order for the import to succeed. IPAM will import * a CIDR regardless of its compliance with the pool's allocation rules, so a resource might be imported and subsequently * marked as noncompliant. If IPAM discovers multiple CIDRs that overlap, IPAM will import the largest CIDR only. If IPAM * discovers multiple CIDRs with matching CIDRs, IPAM will randomly import one of them only. *
*A locale must be set on the pool for this feature to work.
* @public */ AutoImport?: boolean | undefined; /** *The minimum netmask length required for CIDR allocations in this IPAM pool to be compliant. Possible * netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128. The minimum netmask * length must be less than the maximum netmask length.
* @public */ AllocationMinNetmaskLength?: number | undefined; /** *The maximum netmask length possible for CIDR allocations in this IPAM pool to be compliant. Possible * netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.The maximum netmask * length must be greater than the minimum netmask length.
* @public */ AllocationMaxNetmaskLength?: number | undefined; /** *The default netmask length for allocations added to this pool. If, for example, the CIDR assigned to this pool is 10.0.0.0/8 and you enter 16 here, new allocations will default to 10.0.0.0/16.
* @public */ AllocationDefaultNetmaskLength?: number | undefined; /** *Clear the default netmask length allocation rule for this pool.
* @public */ ClearAllocationDefaultNetmaskLength?: boolean | undefined; /** *Add tag allocation rules to a pool. For more information about allocation rules, see Create a top-level pool in the Amazon VPC IPAM User Guide.
* @public */ AddAllocationResourceTags?: RequestIpamResourceTag[] | undefined; /** *Remove tag allocation rules from a pool.
* @public */ RemoveAllocationResourceTags?: RequestIpamResourceTag[] | undefined; } /** * @public */ export interface ModifyIpamPoolResult { /** *The results of the modification.
* @public */ IpamPool?: IpamPool | undefined; } /** * @public */ export interface ModifyIpamPrefixListResolverRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM prefix list resolver to modify.
* @public */ IpamPrefixListResolverId: string | undefined; /** *A new description for the IPAM prefix list resolver.
* @public */ Description?: string | undefined; /** *The updated CIDR selection rules for the resolver. These rules replace the existing rules entirely.
* @public */ Rules?: IpamPrefixListResolverRuleRequest[] | undefined; } /** * @public */ export interface ModifyIpamPrefixListResolverResult { /** *Information about the modified IPAM prefix list resolver.
* @public */ IpamPrefixListResolver?: IpamPrefixListResolver | undefined; } /** * @public */ export interface ModifyIpamPrefixListResolverTargetRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM prefix list resolver target to modify.
* @public */ IpamPrefixListResolverTargetId: string | undefined; /** *The desired version of the prefix list to target. This allows you to pin the target to a specific version.
* @public */ DesiredVersion?: number | undefined; /** *Indicates whether the resolver target should automatically track the latest version of the prefix list. When enabled, the target will always synchronize with the most current version.
*Choose this for automatic updates when you want your prefix lists to stay current with infrastructure changes without manual intervention.
* @public */ TrackLatestVersion?: boolean | undefined; /** *A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface ModifyIpamPrefixListResolverTargetResult { /** *Information about the modified IPAM prefix list resolver target.
* @public */ IpamPrefixListResolverTarget?: IpamPrefixListResolverTarget | undefined; } /** * @public */ export interface ModifyIpamResourceCidrRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the resource you want to modify.
* @public */ ResourceId: string | undefined; /** *The CIDR of the resource you want to modify.
* @public */ ResourceCidr: string | undefined; /** *The Amazon Web Services Region of the resource you want to modify.
* @public */ ResourceRegion: string | undefined; /** *The ID of the current scope that the resource CIDR is in.
* @public */ CurrentIpamScopeId: string | undefined; /** *The ID of the scope you want to transfer the resource CIDR to.
* @public */ DestinationIpamScopeId?: string | undefined; /** *Determines if the resource is monitored by IPAM. If a resource is monitored, the resource is discovered by IPAM and you can view details about the resource’s CIDR.
* @public */ Monitored: boolean | undefined; } /** * @public */ export interface ModifyIpamResourceCidrResult { /** *The CIDR of the resource.
* @public */ IpamResourceCidr?: IpamResourceCidr | undefined; } /** *Remove an Organizational Unit (OU) exclusion to your IPAM. If your IPAM is integrated with Amazon Web Services Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. There is a limit on the number of exclusions you can create. For more information, see Quotas for your IPAM in the Amazon VPC IPAM User Guide.
* @public */ export interface RemoveIpamOrganizationalUnitExclusion { /** *An Amazon Web Services Organizations entity path. Build the path for the OU(s) using Amazon Web Services Organizations IDs separated by a /. Include all child OUs by ending the path with /*.
Example 1
*Path to a child OU: o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-ghi0-awsccccc/ou-jkl0-awsddddd/
*
In this example, o-a1b2c3d4e5 is the organization ID, r-f6g7h8i9j0example is the root ID , ou-ghi0-awsccccc is an OU ID, and ou-jkl0-awsddddd is a child OU ID.
IPAM will not manage the IP addresses in accounts in the child OU.
*Example 2
*Path where all child OUs will be part of the exclusion: o-a1b2c3d4e5/r-f6g7h8i9j0example/ou-ghi0-awsccccc/*
*
In this example, IPAM will not manage the IP addresses in accounts in the OU (ou-ghi0-awsccccc) or in accounts in any OUs that are children of the OU.
For more information on how to construct an entity path, see Understand the Amazon Web Services Organizations entity path in the Amazon Web Services Identity and Access Management User Guide.
* @public */ OrganizationsEntityPath?: string | undefined; } /** * @public */ export interface ModifyIpamResourceDiscoveryRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A resource discovery ID.
* @public */ IpamResourceDiscoveryId: string | undefined; /** *A resource discovery description.
* @public */ Description?: string | undefined; /** *Add operating Regions to the resource discovery. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
* @public */ AddOperatingRegions?: AddIpamOperatingRegion[] | undefined; /** *Remove operating Regions.
* @public */ RemoveOperatingRegions?: RemoveIpamOperatingRegion[] | undefined; /** *Add an Organizational Unit (OU) exclusion to your IPAM. If your IPAM is integrated with Amazon Web Services Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. There is a limit on the number of exclusions you can create. For more information, see Quotas for your IPAM in the Amazon VPC IPAM User Guide.
*The resulting set of exclusions must not result in "overlap", meaning two or more OU * exclusions must not exclude the same OU. For more information and examples, see the Amazon Web Services CLI request process in Add or remove OU exclusions * in the Amazon VPC User Guide.
*Remove an Organizational Unit (OU) exclusion to your IPAM. If your IPAM is integrated with Amazon Web Services Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. There is a limit on the number of exclusions you can create. For more information, see Quotas for your IPAM in the Amazon VPC IPAM User Guide.
*The resulting set of exclusions must not result in "overlap", meaning two or more OU * exclusions must not exclude the same OU. For more information and examples, see the Amazon Web Services CLI request process in Add or remove OU exclusions * in the Amazon VPC User Guide.
*A resource discovery.
* @public */ IpamResourceDiscovery?: IpamResourceDiscovery | undefined; } /** * @public */ export interface ModifyIpamScopeRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the scope you want to modify.
* @public */ IpamScopeId: string | undefined; /** *The description of the scope you want to modify.
* @public */ Description?: string | undefined; /** *The configuration that links an Amazon VPC IPAM scope to an external authority system. It specifies the type of external system and the external resource identifier that identifies your account or instance in that system.
*In IPAM, an external authority is a third-party IP address management system that provides CIDR blocks when you provision address space for top-level IPAM pools. This allows you to use your existing IP management system to control which address ranges are allocated to Amazon Web Services while using Amazon VPC IPAM to manage subnets within those ranges.
* @public */ ExternalAuthorityConfiguration?: ExternalAuthorityConfiguration | undefined; /** *Remove the external authority configuration. true to remove.
The results of the modification.
* @public */ IpamScope?: IpamScope | undefined; } /** * @public */ export interface ModifyLaunchTemplateRequest { /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Unique, case-sensitive identifier you provide to ensure the idempotency of the * request. If a client token isn't specified, a randomly generated token is used in the * request to ensure idempotency.
*For more information, see Ensuring * idempotency.
*Constraint: Maximum 128 ASCII characters.
* @public */ ClientToken?: string | undefined; /** *The ID of the launch template.
*You must specify either the launch template ID or the launch template name, but not * both.
* @public */ LaunchTemplateId?: string | undefined; /** *The name of the launch template.
*You must specify either the launch template ID or the launch template name, but not * both.
* @public */ LaunchTemplateName?: string | undefined; /** *The version number of the launch template to set as the default version.
* @public */ DefaultVersion?: string | undefined; } /** * @public */ export interface ModifyLaunchTemplateResult { /** *Information about the launch template.
* @public */ LaunchTemplate?: LaunchTemplate | undefined; } /** * @public */ export interface ModifyLocalGatewayRouteRequest { /** *The CIDR block used for destination matches. The value that you provide must match the CIDR of an existing route in the table.
* @public */ DestinationCidrBlock?: string | undefined; /** *The ID of the local gateway route table.
* @public */ LocalGatewayRouteTableId: string | undefined; /** ** The ID of the virtual interface group. *
* @public */ LocalGatewayVirtualInterfaceGroupId?: string | undefined; /** *The ID of the network interface.
* @public */ NetworkInterfaceId?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
* The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. You
* cannot use DestinationPrefixListId and DestinationCidrBlock in the same request.
*
Information about the local gateway route table.
* @public */ Route?: LocalGatewayRoute | undefined; } /** *An entry for a prefix list.
* @public */ export interface RemovePrefixListEntry { /** *The CIDR block.
* @public */ Cidr: string | undefined; } /** * @public */ export interface ModifyManagedPrefixListRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the prefix list.
* @public */ PrefixListId: string | undefined; /** *The current version of the prefix list.
* @public */ CurrentVersion?: number | undefined; /** *A name for the prefix list.
* @public */ PrefixListName?: string | undefined; /** *One or more entries to add to the prefix list.
* @public */ AddEntries?: AddPrefixListEntry[] | undefined; /** *One or more entries to remove from the prefix list.
* @public */ RemoveEntries?: RemovePrefixListEntry[] | undefined; /** *The maximum number of entries for the prefix list. You cannot modify the entries * of a prefix list and modify the size of a prefix list at the same time.
*If any of the resources that reference the prefix list cannot support the new * maximum size, the modify operation fails. Check the state message for the IDs of * the first ten resources that do not support the new maximum size.
* @public */ MaxEntries?: number | undefined; /** *Indicates whether synchronization with an IPAM prefix list resolver should be enabled for this managed prefix list. When enabled, the prefix list CIDRs are automatically updated based on the associated resolver's CIDR selection rules.
* @public */ IpamPrefixListResolverSyncEnabled?: boolean | undefined; } /** * @public */ export interface ModifyManagedPrefixListResult { /** *Information about the prefix list.
* @public */ PrefixList?: ManagedPrefixList | undefined; } /** * @public */ export interface ModifyManagedResourceVisibilityRequest { /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The default visibility setting for managed resources. Valid values:
* hidden | visible.
The updated managed resource visibility settings for the account.
* @public */ Visibility?: ManagedResourceVisibilitySettings | undefined; } /** *Describes an attachment change.
* @public */ export interface NetworkInterfaceAttachmentChanges { /** *The default number of the ENA queues.
* @public */ DefaultEnaQueueCount?: boolean | undefined; /** *The number of ENA queues to be created with the instance.
* @public */ EnaQueueCount?: number | undefined; /** *The ID of the network interface attachment.
* @public */ AttachmentId?: string | undefined; /** *Indicates whether the network interface is deleted when the instance is * terminated.
* @public */ DeleteOnTermination?: boolean | undefined; } /** *Contains the parameters for ModifyNetworkInterfaceAttribute.
* @public */ export interface ModifyNetworkInterfaceAttributeRequest { /** *Updates the ENA Express configuration for the network interface that’s attached to the * instance.
* @public */ EnaSrdSpecification?: EnaSrdSpecification | undefined; /** *If you’re modifying a network interface in a dual-stack or IPv6-only subnet, you have * the option to assign a primary IPv6 IP address. A primary IPv6 address is an IPv6 GUA * address associated with an ENI that you have enabled to use a primary IPv6 address. Use * this option if the instance that this ENI will be attached to relies on its IPv6 address * not changing. Amazon Web Services will automatically assign an IPv6 address associated * with the ENI attached to your instance to be the primary IPv6 address. Once you enable * an IPv6 GUA address to be a primary IPv6, you cannot disable it. When you enable an IPv6 * GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 * address until the instance is terminated or the network interface is detached. If you * have multiple IPv6 addresses associated with an ENI attached to your instance and you * enable a primary IPv6 address, the first IPv6 GUA address associated with the ENI * becomes the primary IPv6 address.
* @public */ EnablePrimaryIpv6?: boolean | undefined; /** *A connection tracking specification.
* @public */ ConnectionTrackingSpecification?: ConnectionTrackingSpecificationRequest | undefined; /** *Indicates whether to assign a public IPv4 address to a network interface. This option * can be enabled for any network interface but will only apply to the primary network * interface (eth0).
* @public */ AssociatePublicIpAddress?: boolean | undefined; /** *A list of subnet IDs to associate with the network interface.
* @public */ AssociatedSubnetIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The ID of the network interface.
* @public */ NetworkInterfaceId: string | undefined; /** *A description for the network interface.
* @public */ Description?: AttributeValue | undefined; /** *Enable or disable source/destination checks, which ensure that the instance is either
* the source or the destination of any traffic that it receives. If the value is
* true, source/destination checks are enabled; otherwise, they are
* disabled. The default value is true. You must disable source/destination
* checks if the instance runs services such as network address translation, routing, or
* firewalls.
Changes the security groups for the network interface. The new set of groups you * specify replaces the current set. You must specify at least one group, even if it's just * the default security group in the VPC. You must specify the ID of the security group, * not the name.
* @public */ Groups?: string[] | undefined; /** *Information about the interface attachment. If modifying the delete on
* termination attribute, you must specify the ID of the interface
* attachment.
Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name * must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name * must be based on the instance ID. For dual-stack subnets, you can specify whether DNS * names use the instance IPv4 address or the instance ID.
* @public */ PrivateDnsHostnameType?: HostnameType | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS A * records.
* @public */ EnableResourceNameDnsARecord?: boolean | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA * records.
* @public */ EnableResourceNameDnsAAAARecord?: boolean | undefined; } /** * @public */ export interface ModifyPrivateDnsNameOptionsResult { /** *Returns true if the request succeeds; otherwise, it returns an
* error.
A network interface ID.
* @public */ NetworkInterfaceId: string | undefined; /** *The public hostname type. For more information, see EC2 instance hostnames, DNS names, and domains in the Amazon EC2 User Guide.
*
* public-dual-stack-dns-name: A dual-stack public hostname for a network interface. Requests from within the VPC resolve to both the private IPv4 address and the IPv6 Global Unicast Address of the network interface. Requests from the internet resolve to both the public IPv4 and the IPv6 GUA address of the network interface.
* public-ipv4-dns-name: An IPv4-enabled public hostname for a network interface. Requests from within the VPC resolve to the private primary IPv4 address of the network interface. Requests from the internet resolve to the public IPv4 address of the network interface.
* public-ipv6-dns-name: An IPv6-enabled public hostname for a network interface. Requests from within the VPC or from the internet resolve to the IPv6 GUA of the network interface.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Whether or not the request was successful.
* @public */ Successful?: boolean | undefined; } /** *Contains the parameters for ModifyReservedInstances.
* @public */ export interface ModifyReservedInstancesRequest { /** *The IDs of the Reserved Instances to modify.
* @public */ ReservedInstancesIds: string[] | undefined; /** *A unique, case-sensitive token you provide to ensure idempotency of your modification * request. For more information, see Ensuring * Idempotency.
* @public */ ClientToken?: string | undefined; /** *The configuration settings for the Reserved Instances to modify.
* @public */ TargetConfigurations: ReservedInstancesConfiguration[] | undefined; } /** *Contains the output of ModifyReservedInstances.
* @public */ export interface ModifyReservedInstancesResult { /** *The ID for the modification.
* @public */ ReservedInstancesModificationId?: string | undefined; } /** * @public */ export interface ModifyRouteServerRequest { /** *The ID of the route server to modify.
* @public */ RouteServerId: string | undefined; /** *Specifies whether to persist routes after all BGP sessions are terminated.
*enable: Routes will be persisted in FIB and RIB after all BGP sessions are terminated.
*disable: Routes will not be persisted in FIB and RIB after all BGP sessions are terminated.
*reset: If a route server has persisted routes due to all BGP sessions having ended, reset will withdraw all routes and reset route server to an empty FIB and RIB.
*The number of minutes a route server will wait after BGP is re-established to unpersist the routes in the FIB and RIB. Value must be in the range of 1-5. Required if PersistRoutes is enabled.
If you set the duration to 1 minute, then when your network appliance re-establishes BGP with route server, it has 1 minute to relearn it's adjacent network and advertise those routes to route server before route server resumes normal functionality. In most cases, 1 minute is probably sufficient. If, however, you have concerns that your BGP network may not be capable of fully re-establishing and re-learning everything in 1 minute, you can increase the duration up to 5 minutes.
* @public */ PersistRoutesDuration?: number | undefined; /** *Specifies whether to enable SNS notifications for route server events. Enabling SNS notifications persists BGP status changes to an SNS topic provisioned by Amazon Web Services.
* @public */ SnsNotificationsEnabled?: boolean | undefined; /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.