Information about the modified route server.
* @public */ RouteServer?: RouteServer | undefined; } /** *Describes a security group rule.
*You must specify exactly one of the following parameters, based on the rule type:
*CidrIpv4
*CidrIpv6
*PrefixListId
*ReferencedGroupId
** Amazon Web Services canonicalizes IPv4 and IPv6 CIDRs. For example, if you specify 100.68.0.18/18 for the CIDR block, * Amazon Web Services canonicalizes the CIDR block to 100.68.0.0/18. Any subsequent DescribeSecurityGroups and DescribeSecurityGroupRules calls will * return the canonicalized form of the CIDR block. Additionally, if you attempt to add another rule with the * non-canonical form of the CIDR (such as 100.68.0.18/18) and there is already a rule for the canonicalized * form of the CIDR block (such as 100.68.0.0/18), the API throws an duplicate rule error.
*When you modify a rule, you cannot change the rule type. For example, if the rule
* uses an IPv4 address range, you must use CidrIpv4 to specify a new IPv4
* address range.
The IP protocol name (tcp, udp, icmp,
* icmpv6) or number (see Protocol Numbers).
Use -1 to specify all protocols.
If the protocol is TCP or UDP, this is the start of the port range. * If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types).
* @public */ FromPort?: number | undefined; /** *If the protocol is TCP or UDP, this is the end of the port range. * If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). * If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes).
* @public */ ToPort?: number | undefined; /** *The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.
* @public */ CidrIpv4?: string | undefined; /** *The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.
* @public */ CidrIpv6?: string | undefined; /** *The ID of the prefix list.
* @public */ PrefixListId?: string | undefined; /** *The ID of the security group that is referenced in the security group rule.
* @public */ ReferencedGroupId?: string | undefined; /** *The description of the security group rule.
* @public */ Description?: string | undefined; } /** *Describes an update to a security group rule.
* @public */ export interface SecurityGroupRuleUpdate { /** *The ID of the security group rule.
* @public */ SecurityGroupRuleId: string | undefined; /** *Information about the security group rule.
* @public */ SecurityGroupRule?: SecurityGroupRuleRequest | undefined; } /** * @public */ export interface ModifySecurityGroupRulesRequest { /** *The ID of the security group.
* @public */ GroupId: string | undefined; /** *Information about the security group properties to update.
* @public */ SecurityGroupRules: SecurityGroupRuleUpdate[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an error.
Describes modifications to the list of create volume permissions for a volume.
* @public */ export interface CreateVolumePermissionModifications { /** *Adds the specified Amazon Web Services account ID or group to the list.
* @public */ Add?: CreateVolumePermission[] | undefined; /** *Removes the specified Amazon Web Services account ID or group from the list.
* @public */ Remove?: CreateVolumePermission[] | undefined; } /** * @public */ export interface ModifySnapshotAttributeRequest { /** *The snapshot attribute to modify. Only volume creation permissions can be modified.
* @public */ Attribute?: SnapshotAttributeName | undefined; /** *A JSON representation of the snapshot attribute modification.
* @public */ CreateVolumePermission?: CreateVolumePermissionModifications | undefined; /** *The group to modify for the snapshot.
* @public */ GroupNames?: string[] | undefined; /** *The type of operation to perform to the attribute.
* @public */ OperationType?: OperationType | undefined; /** *The ID of the snapshot.
* @public */ SnapshotId: string | undefined; /** *The account ID to modify for the snapshot.
* @public */ UserIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the snapshot.
* @public */ SnapshotId: string | undefined; /** *The name of the storage tier. You must specify archive.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The date and time when the archive process was started.
* @public */ TieringStartTime?: Date | undefined; } /** *Contains the parameters for ModifySpotFleetRequest.
* @public */ export interface ModifySpotFleetRequestRequest { /** *The launch template and overrides. You can only use this parameter if you specified a
* launch template (LaunchTemplateConfigs) in your Spot Fleet request. If you
* specified LaunchSpecifications in your Spot Fleet request, then omit this
* parameter.
The number of On-Demand Instances in the fleet.
* @public */ OnDemandTargetCapacity?: number | undefined; /** *Reserved.
* @public */ Context?: string | undefined; /** *The ID of the Spot Fleet request.
* @public */ SpotFleetRequestId: string | undefined; /** *The size of the fleet.
* @public */ TargetCapacity?: number | undefined; /** *Indicates whether running instances should be terminated if the target capacity * of the Spot Fleet request is decreased below the current size of the Spot Fleet.
*Supported only for fleets of type maintain.
Contains the output of ModifySpotFleetRequest.
* @public */ export interface ModifySpotFleetRequestResponse { /** *If the request succeeds, the response returns true. If the request fails,
* no response is returned, and instead an error message is returned.
Specify true to indicate that network interfaces created in the
* specified subnet should be assigned an IPv6 address. This includes a network interface
* that's created when launching an instance into the subnet (the instance therefore
* receives an IPv6 address).
If you enable the IPv6 addressing feature for your subnet, your network interface
* or instance only receives an IPv6 address if it's created using version
* 2016-11-15 or later of the Amazon EC2 API.
Specify true to indicate that network interfaces attached to instances created in the
* specified subnet should be assigned a public IPv4 address.
Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses * associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
* @public */ MapPublicIpOnLaunch?: AttributeBooleanValue | undefined; /** *The ID of the subnet.
* @public */ SubnetId: string | undefined; /** *Specify true to indicate that network interfaces attached to instances created in the
* specified subnet should be assigned a customer-owned IPv4 address.
When this value is true, you must specify the customer-owned IP pool using CustomerOwnedIpv4Pool.
The customer-owned IPv4 address pool associated with the subnet.
*You must set this value when you specify true for MapCustomerOwnedIpOnLaunch.
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet * should return synthetic IPv6 addresses for IPv4-only destinations.
*You must first configure a NAT gateway in a public subnet (separate from the subnet
* containing the IPv6-only workloads). For example, the subnet containing the NAT gateway
* should have a 0.0.0.0/0 route pointing to the internet gateway. For more
* information, see Configure DNS64 and NAT64 in the Amazon VPC User Guide.
The type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an * instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance * DNS name must be based on the instance ID (resource-name).
* @public */ PrivateDnsHostnameTypeOnLaunch?: HostnameType | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
* @public */ EnableResourceNameDnsARecordOnLaunch?: AttributeBooleanValue | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.
* @public */ EnableResourceNameDnsAAAARecordOnLaunch?: AttributeBooleanValue | undefined; /** *
* Indicates the device position for local network interfaces in this subnet. For example,
* 1 indicates local network interfaces in this subnet are the secondary
* network interface (eth1). A local network interface cannot be the primary network
* interface (eth0).
*
* Specify true to indicate that local network interfaces at the current
* position should be disabled.
*
The ID of the Traffic Mirror filter.
* @public */ TrafficMirrorFilterId: string | undefined; /** *The network service, for example Amazon DNS, that you want to mirror.
* @public */ AddNetworkServices?: TrafficMirrorNetworkService[] | undefined; /** *The network service, for example Amazon DNS, that you no longer want to mirror.
* @public */ RemoveNetworkServices?: TrafficMirrorNetworkService[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Traffic Mirror filter that the network service is associated with.
* @public */ TrafficMirrorFilter?: TrafficMirrorFilter | undefined; } /** * @public */ export interface ModifyTrafficMirrorFilterRuleRequest { /** *The ID of the Traffic Mirror rule.
* @public */ TrafficMirrorFilterRuleId: string | undefined; /** *The type of traffic to assign to the rule.
* @public */ TrafficDirection?: TrafficDirection | undefined; /** *The number of the Traffic Mirror rule. This number must be unique for each Traffic Mirror rule in a given * direction. The rules are processed in ascending order by rule number.
* @public */ RuleNumber?: number | undefined; /** *The action to assign to the rule.
* @public */ RuleAction?: TrafficMirrorRuleAction | undefined; /** *The destination ports that are associated with the Traffic Mirror rule.
* @public */ DestinationPortRange?: TrafficMirrorPortRangeRequest | undefined; /** *The port range to assign to the Traffic Mirror rule.
* @public */ SourcePortRange?: TrafficMirrorPortRangeRequest | undefined; /** *The protocol, for example TCP, to assign to the Traffic Mirror rule.
* @public */ Protocol?: number | undefined; /** *The destination CIDR block to assign to the Traffic Mirror rule.
* @public */ DestinationCidrBlock?: string | undefined; /** *The source CIDR block to assign to the Traffic Mirror rule.
* @public */ SourceCidrBlock?: string | undefined; /** *The description to assign to the Traffic Mirror rule.
* @public */ Description?: string | undefined; /** *The properties that you want to remove from the Traffic Mirror filter rule.
*When you remove a property from a Traffic Mirror filter rule, the property is set to the default.
* @public */ RemoveFields?: TrafficMirrorFilterRuleField[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Tags are not returned for ModifyTrafficMirrorFilterRule.
*A Traffic Mirror rule.
* @public */ TrafficMirrorFilterRule?: TrafficMirrorFilterRule | undefined; } /** * @public */ export interface ModifyTrafficMirrorSessionRequest { /** *The ID of the Traffic Mirror session.
* @public */ TrafficMirrorSessionId: string | undefined; /** *The Traffic Mirror target. The target must be in the same VPC as the source, or have a VPC peering connection with the source.
* @public */ TrafficMirrorTargetId?: string | undefined; /** *The ID of the Traffic Mirror filter.
* @public */ TrafficMirrorFilterId?: string | undefined; /** *The number of bytes in each packet to mirror. These are bytes after the VXLAN header. To mirror a subset, set this to the length (in bytes) to mirror. For example, if you set this value to 100, then the first 100 bytes that meet the filter criteria are copied to the target. Do not specify this parameter when you want to mirror the entire packet.
*For sessions with Network Load Balancer (NLB) traffic mirror targets, the default PacketLength will be set to 8500. Valid values are 1-8500. Setting a PacketLength greater than 8500 will result in an error response.
The session number determines the order in which sessions are evaluated when an interface is used by multiple sessions. The first session with a matching filter is the one that mirrors the packets.
*Valid values are 1-32766.
* @public */ SessionNumber?: number | undefined; /** *The virtual network ID of the Traffic Mirror session.
* @public */ VirtualNetworkId?: number | undefined; /** *The description to assign to the Traffic Mirror session.
* @public */ Description?: string | undefined; /** *The properties that you want to remove from the Traffic Mirror session.
*When you remove a property from a Traffic Mirror session, the property is set to the default.
* @public */ RemoveFields?: TrafficMirrorSessionField[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the Traffic Mirror session.
* @public */ TrafficMirrorSession?: TrafficMirrorSession | undefined; } /** *The transit gateway options.
* @public */ export interface ModifyTransitGatewayOptions { /** *Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.
* @public */ AddTransitGatewayCidrBlocks?: string[] | undefined; /** *Removes CIDR blocks for the transit gateway.
* @public */ RemoveTransitGatewayCidrBlocks?: string[] | undefined; /** *Enable or disable Equal Cost Multipath Protocol support.
* @public */ VpnEcmpSupport?: VpnEcmpSupportValue | undefined; /** *Enable or disable DNS support.
* @public */ DnsSupport?: DnsSupportValue | undefined; /** *Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management. * *
*This option is disabled by default.
*For more information about security group referencing, see Security group referencing in the Amazon Web Services Transit Gateways Guide.
* @public */ SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined; /** *Enable or disable automatic acceptance of attachment requests.
* @public */ AutoAcceptSharedAttachments?: AutoAcceptSharedAttachmentsValue | undefined; /** *Enable or disable automatic association with the default association route table.
* @public */ DefaultRouteTableAssociation?: DefaultRouteTableAssociationValue | undefined; /** *The ID of the default association route table.
* @public */ AssociationDefaultRouteTableId?: string | undefined; /** *Indicates whether resource attachments automatically propagate routes to the default
* propagation route table. Enabled by default. If defaultRouteTablePropagation
* is set to enable,
* Amazon Web Services Transit Gateway will create the default transit gateway route
* table.
The ID of the default propagation route table.
* @public */ PropagationDefaultRouteTableId?: string | undefined; /** *A private Autonomous System Number (ASN) for the Amazon side of a BGP session. * The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.
*The modify ASN operation is not allowed on a transit gateway if it has the following attachments:
*Dynamic VPN
*Static VPN
*Direct Connect Gateway
*Connect
*You must first delete all transit gateway attachments configured prior to modifying the ASN on * the transit gateway.
* @public */ AmazonSideAsn?: number | undefined; /** *Enable or disable encryption support for VPC Encryption Control.
* @public */ EncryptionSupport?: EncryptionSupportOptionValue | undefined; } /** * @public */ export interface ModifyTransitGatewayRequest { /** *The ID of the transit gateway.
* @public */ TransitGatewayId: string | undefined; /** *The description for the transit gateway.
* @public */ Description?: string | undefined; /** *The options to modify.
* @public */ Options?: ModifyTransitGatewayOptions | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the transit gateway.
* @public */ TransitGateway?: TransitGateway | undefined; } /** * @public */ export interface ModifyTransitGatewayMeteringPolicyRequest { /** *The ID of the transit gateway metering policy to modify.
* @public */ TransitGatewayMeteringPolicyId: string | undefined; /** *The IDs of middlebox attachments to add to the metering policy.
* @public */ AddMiddleboxAttachmentIds?: string[] | undefined; /** *The IDs of middlebox attachments to remove from the metering policy.
* @public */ RemoveMiddleboxAttachmentIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the modified transit gateway metering policy.
* @public */ TransitGatewayMeteringPolicy?: TransitGatewayMeteringPolicy | undefined; } /** * @public */ export interface ModifyTransitGatewayPrefixListReferenceRequest { /** *The ID of the transit gateway route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *The ID of the prefix list.
* @public */ PrefixListId: string | undefined; /** *The ID of the attachment to which traffic is routed.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *Indicates whether to drop traffic that matches this route.
* @public */ Blackhole?: boolean | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the prefix list reference.
* @public */ TransitGatewayPrefixListReference?: TransitGatewayPrefixListReference | undefined; } /** *Describes the options for a VPC attachment.
* @public */ export interface ModifyTransitGatewayVpcAttachmentRequestOptions { /** *Enable or disable DNS support. The default is enable.
Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management. * *
*This option is disabled by default.
*For more information about security group referencing, see Security group referencing in the Amazon Web Services Transit Gateways Guide.
* @public */ SecurityGroupReferencingSupport?: SecurityGroupReferencingSupportValue | undefined; /** *Enable or disable IPv6 support. The default is enable.
Enable or disable support for appliance mode. If enabled, a traffic flow between a source and destination uses the same Availability Zone for the VPC attachment for the lifetime of that flow. The default is disable.
The ID of the attachment.
* @public */ TransitGatewayAttachmentId: string | undefined; /** *The IDs of one or more subnets to add. You can specify at most one subnet per Availability Zone.
* @public */ AddSubnetIds?: string[] | undefined; /** *The IDs of one or more subnets to remove.
* @public */ RemoveSubnetIds?: string[] | undefined; /** *The new VPC attachment options.
* @public */ Options?: ModifyTransitGatewayVpcAttachmentRequestOptions | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the modified attachment.
* @public */ TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment | undefined; } /** *Describes the port range for a Verified Access endpoint.
* @public */ export interface ModifyVerifiedAccessEndpointPortRange { /** *The start of the port range.
* @public */ FromPort?: number | undefined; /** *The end of the port range.
* @public */ ToPort?: number | undefined; } /** *The CIDR options for a Verified Access endpoint.
* @public */ export interface ModifyVerifiedAccessEndpointCidrOptions { /** *The port ranges.
* @public */ PortRanges?: ModifyVerifiedAccessEndpointPortRange[] | undefined; } /** *Describes a load balancer when creating an Amazon Web Services Verified Access endpoint using the
* load-balancer type.
The IDs of the subnets.
* @public */ SubnetIds?: string[] | undefined; /** *The IP protocol.
* @public */ Protocol?: VerifiedAccessEndpointProtocol | undefined; /** *The IP port number.
* @public */ Port?: number | undefined; /** *The port ranges.
* @public */ PortRanges?: ModifyVerifiedAccessEndpointPortRange[] | undefined; } /** *Describes the options when modifying a Verified Access endpoint with the
* network-interface type.
The IP protocol.
* @public */ Protocol?: VerifiedAccessEndpointProtocol | undefined; /** *The IP port number.
* @public */ Port?: number | undefined; /** *The port ranges.
* @public */ PortRanges?: ModifyVerifiedAccessEndpointPortRange[] | undefined; } /** *The RDS options for a Verified Access endpoint.
* @public */ export interface ModifyVerifiedAccessEndpointRdsOptions { /** *The IDs of the subnets.
* @public */ SubnetIds?: string[] | undefined; /** *The port.
* @public */ Port?: number | undefined; /** *The RDS endpoint.
* @public */ RdsEndpoint?: string | undefined; } /** * @public */ export interface ModifyVerifiedAccessEndpointRequest { /** *The ID of the Verified Access endpoint.
* @public */ VerifiedAccessEndpointId: string | undefined; /** *The ID of the Verified Access group.
* @public */ VerifiedAccessGroupId?: string | undefined; /** *The load balancer details if creating the Verified Access endpoint as
* load-balancertype.
The network interface options.
* @public */ NetworkInterfaceOptions?: ModifyVerifiedAccessEndpointEniOptions | undefined; /** *A description for the Verified Access endpoint.
* @public */ Description?: string | undefined; /** *A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The RDS options.
* @public */ RdsOptions?: ModifyVerifiedAccessEndpointRdsOptions | undefined; /** *The CIDR options.
* @public */ CidrOptions?: ModifyVerifiedAccessEndpointCidrOptions | undefined; } /** * @public */ export interface ModifyVerifiedAccessEndpointResult { /** *Details about the Verified Access endpoint.
* @public */ VerifiedAccessEndpoint?: VerifiedAccessEndpoint | undefined; } /** * @public */ export interface ModifyVerifiedAccessEndpointPolicyRequest { /** *The ID of the Verified Access endpoint.
* @public */ VerifiedAccessEndpointId: string | undefined; /** *The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; /** *A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The options for server side encryption.
* @public */ SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined; } /** * @public */ export interface ModifyVerifiedAccessEndpointPolicyResult { /** *The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; /** *The options in use for server side encryption.
* @public */ SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined; } /** * @public */ export interface ModifyVerifiedAccessGroupRequest { /** *The ID of the Verified Access group.
* @public */ VerifiedAccessGroupId: string | undefined; /** *The ID of the Verified Access instance.
* @public */ VerifiedAccessInstanceId?: string | undefined; /** *A description for the Verified Access group.
* @public */ Description?: string | undefined; /** *A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Details about the Verified Access group.
* @public */ VerifiedAccessGroup?: VerifiedAccessGroup | undefined; } /** * @public */ export interface ModifyVerifiedAccessGroupPolicyRequest { /** *The ID of the Verified Access group.
* @public */ VerifiedAccessGroupId: string | undefined; /** *The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; /** *A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The options for server side encryption.
* @public */ SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined; } /** * @public */ export interface ModifyVerifiedAccessGroupPolicyResult { /** *The status of the Verified Access policy.
* @public */ PolicyEnabled?: boolean | undefined; /** *The Verified Access policy document.
* @public */ PolicyDocument?: string | undefined; /** *The options in use for server side encryption.
* @public */ SseSpecification?: VerifiedAccessSseSpecificationResponse | undefined; } /** * @public */ export interface ModifyVerifiedAccessInstanceRequest { /** *The ID of the Verified Access instance.
* @public */ VerifiedAccessInstanceId: string | undefined; /** *A description for the Verified Access instance.
* @public */ Description?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *The custom subdomain.
* @public */ CidrEndpointsCustomSubDomain?: string | undefined; } /** * @public */ export interface ModifyVerifiedAccessInstanceResult { /** *Details about the Verified Access instance.
* @public */ VerifiedAccessInstance?: VerifiedAccessInstance | undefined; } /** *Options for CloudWatch Logs as a logging destination.
* @public */ export interface VerifiedAccessLogCloudWatchLogsDestinationOptions { /** *Indicates whether logging is enabled.
* @public */ Enabled: boolean | undefined; /** *The ID of the CloudWatch Logs log group.
* @public */ LogGroup?: string | undefined; } /** *Describes Amazon Kinesis Data Firehose logging options.
* @public */ export interface VerifiedAccessLogKinesisDataFirehoseDestinationOptions { /** *Indicates whether logging is enabled.
* @public */ Enabled: boolean | undefined; /** *The ID of the delivery stream.
* @public */ DeliveryStream?: string | undefined; } /** *Options for Amazon S3 as a logging destination.
* @public */ export interface VerifiedAccessLogS3DestinationOptions { /** *Indicates whether logging is enabled.
* @public */ Enabled: boolean | undefined; /** *The bucket name.
* @public */ BucketName?: string | undefined; /** *The bucket prefix.
* @public */ Prefix?: string | undefined; /** *The ID of the Amazon Web Services account that owns the Amazon S3 bucket.
* @public */ BucketOwner?: string | undefined; } /** *Options for Verified Access logs.
* @public */ export interface VerifiedAccessLogOptions { /** *Sends Verified Access logs to Amazon S3.
* @public */ S3?: VerifiedAccessLogS3DestinationOptions | undefined; /** *Sends Verified Access logs to CloudWatch Logs.
* @public */ CloudWatchLogs?: VerifiedAccessLogCloudWatchLogsDestinationOptions | undefined; /** *Sends Verified Access logs to Kinesis.
* @public */ KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestinationOptions | undefined; /** *The logging version.
*Valid values: ocsf-0.1 | ocsf-1.0.0-rc.2
*
Indicates whether to include trust data sent by trust providers in the logs.
* @public */ IncludeTrustContext?: boolean | undefined; } /** * @public */ export interface ModifyVerifiedAccessInstanceLoggingConfigurationRequest { /** *The ID of the Verified Access instance.
* @public */ VerifiedAccessInstanceId: string | undefined; /** *The configuration options for Verified Access instances.
* @public */ AccessLogs: VerifiedAccessLogOptions | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface ModifyVerifiedAccessInstanceLoggingConfigurationResult { /** *The logging configuration for the Verified Access instance.
* @public */ LoggingConfiguration?: VerifiedAccessInstanceLoggingConfiguration | undefined; } /** *Modifies the configuration of the specified device-based Amazon Web Services Verified Access trust provider.
* @public */ export interface ModifyVerifiedAccessTrustProviderDeviceOptions { /** *The URL Amazon Web Services Verified Access will use to verify the authenticity of the device tokens.
* @public */ PublicSigningKeyUrl?: string | undefined; } /** *Describes the OpenID Connect (OIDC) options.
* @public */ export interface ModifyVerifiedAccessNativeApplicationOidcOptions { /** *The public signing key endpoint.
* @public */ PublicSigningKeyEndpoint?: string | undefined; /** *The OIDC issuer identifier of the IdP.
* @public */ Issuer?: string | undefined; /** *The authorization endpoint of the IdP.
* @public */ AuthorizationEndpoint?: string | undefined; /** *The token endpoint of the IdP.
* @public */ TokenEndpoint?: string | undefined; /** *The user info endpoint of the IdP.
* @public */ UserInfoEndpoint?: string | undefined; /** *The OAuth 2.0 client identifier.
* @public */ ClientId?: string | undefined; /** *The OAuth 2.0 client secret.
* @public */ ClientSecret?: string | undefined; /** *The set of user claims to be requested from the IdP.
* @public */ Scope?: string | undefined; } /** *Options for an OpenID Connect-compatible user-identity trust provider.
* @public */ export interface ModifyVerifiedAccessTrustProviderOidcOptions { /** *The OIDC issuer.
* @public */ Issuer?: string | undefined; /** *The OIDC authorization endpoint.
* @public */ AuthorizationEndpoint?: string | undefined; /** *The OIDC token endpoint.
* @public */ TokenEndpoint?: string | undefined; /** *The OIDC user info endpoint.
* @public */ UserInfoEndpoint?: string | undefined; /** *The client identifier.
* @public */ ClientId?: string | undefined; /** *The client secret.
* @public */ ClientSecret?: string | undefined; /** *OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to a user's details. Each scope returns a specific set of user attributes.
* @public */ Scope?: string | undefined; } /** * @public */ export interface ModifyVerifiedAccessTrustProviderRequest { /** *The ID of the Verified Access trust provider.
* @public */ VerifiedAccessTrustProviderId: string | undefined; /** *The options for an OpenID Connect-compatible user-identity trust provider.
* @public */ OidcOptions?: ModifyVerifiedAccessTrustProviderOidcOptions | undefined; /** *The options for a device-based trust provider. This parameter is required when the
* provider type is device.
A description for the Verified Access trust provider.
* @public */ Description?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
A unique, case-sensitive token that you provide to ensure idempotency of your * modification request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *The options for server side encryption.
* @public */ SseSpecification?: VerifiedAccessSseSpecificationRequest | undefined; /** *The OpenID Connect (OIDC) options.
* @public */ NativeApplicationOidcOptions?: ModifyVerifiedAccessNativeApplicationOidcOptions | undefined; } /** * @public */ export interface ModifyVerifiedAccessTrustProviderResult { /** *Details about the Verified Access trust provider.
* @public */ VerifiedAccessTrustProvider?: VerifiedAccessTrustProvider | undefined; } /** * @public */ export interface ModifyVolumeRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the volume.
* @public */ VolumeId: string | undefined; /** *The target size of the volume, in GiB. The target volume size must be greater than or * equal to the existing size of the volume.
*The following are the supported volumes sizes for each volume type:
*
* gp2: 1 - 16,384 GiB
* gp3: 1 - 65,536 GiB
* io1: 4 - 16,384 GiB
* io2: 4 - 65,536 GiB
* st1 and sc1: 125 - 16,384 GiB
* standard: 1 - 1024 GiB
Default: The existing size is retained.
* @public */ Size?: number | undefined; /** *The target EBS volume type of the volume. For more information, see Amazon EBS volume types in the Amazon EBS User Guide.
*Default: The existing type is retained.
* @public */ VolumeType?: VolumeType | undefined; /** *The target IOPS rate of the volume. This parameter is valid only for gp3, io1, and io2 volumes.
The following are the supported values for each volume type:
*
* gp3: 3,000 - 80,000 IOPS
* io1: 100 - 64,000 IOPS
* io2: 100 - 256,000 IOPS
* * Instances built on the Nitro System can support up to 256,000 IOPS. Other instances can support up to 32,000 * IOPS.
*Default: The existing value is retained if you keep the same volume type. If you change
* the volume type to io1, io2, or gp3, the default is 3,000.
The target throughput of the volume, in MiB/s. This parameter is valid only for gp3 volumes.
* The maximum value is 2,000.
Default: The existing value is retained if the source and target volume type is gp3.
* Otherwise, the default value is 125.
Valid Range: Minimum value of 125. Maximum value of 2,000.
* @public */ Throughput?: number | undefined; /** *Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the
* volume to up to 16
* Nitro-based instances in the same Availability Zone. This parameter is
* supported with io1 and io2 volumes only. For more information, see
*
* Amazon EBS Multi-Attach in the Amazon EBS User Guide.
Information about the volume modification.
* @public */ VolumeModification?: VolumeModification | undefined; } /** * @public */ export interface ModifyVolumeAttributeRequest { /** *Indicates whether the volume should be auto-enabled for I/O operations.
* @public */ AutoEnableIO?: AttributeBooleanValue | undefined; /** *The ID of the volume.
* @public */ VolumeId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Indicates whether the instances launched in the VPC get DNS hostnames. If enabled, instances in the VPC get DNS hostnames; otherwise, they do not.
*You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute. You can only enable DNS hostnames if you've enabled DNS support.
* @public */ EnableDnsHostnames?: AttributeBooleanValue | undefined; /** *Indicates whether the DNS resolution is supported for the VPC. If enabled, queries to * the Amazon provided DNS server at the 169.254.169.253 IP address, or the reserved IP * address at the base of the VPC network range "plus two" succeed. If disabled, the Amazon * provided DNS service in the VPC that resolves public DNS hostnames to IP addresses is * not enabled.
*You cannot modify the DNS resolution and DNS hostnames attributes in the same request. Use separate requests for each attribute.
* @public */ EnableDnsSupport?: AttributeBooleanValue | undefined; /** *The ID of the VPC.
* @public */ VpcId: string | undefined; /** *Indicates whether Network Address Usage metrics are enabled for your VPC.
* @public */ EnableNetworkAddressUsageMetrics?: AttributeBooleanValue | undefined; } /** * @public */ export interface ModifyVpcBlockPublicAccessExclusionRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of an exclusion.
* @public */ ExclusionId: string | undefined; /** *The exclusion mode for internet gateway traffic.
*
* allow-bidirectional: Allow all internet traffic to and from the excluded VPCs and subnets.
* allow-egress: Allow outbound internet traffic from the excluded VPCs and subnets. Block inbound internet traffic to the excluded VPCs and subnets. Only applies when VPC Block Public Access is set to Bidirectional.
Details related to the exclusion.
* @public */ VpcBlockPublicAccessExclusion?: VpcBlockPublicAccessExclusion | undefined; } /** * @public */ export interface ModifyVpcBlockPublicAccessOptionsRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The mode of VPC BPA.
*
* off: VPC BPA is not enabled and traffic is allowed to and from internet gateways and egress-only internet gateways in this Region.
* block-bidirectional: Block all traffic to and from internet gateways and egress-only internet gateways in this Region (except for excluded VPCs and subnets).
* block-ingress: Block all internet traffic to the VPCs in this Region (except for VPCs or subnets which are excluded). Only traffic to and from NAT gateways and egress-only internet gateways is allowed because these gateways only allow outbound connections to be established.
Details related to the VPC Block Public Access (BPA) options.
* @public */ VpcBlockPublicAccessOptions?: VpcBlockPublicAccessOptions | undefined; } /** * @public */ export interface ModifyVpcEncryptionControlRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the VPC Encryption Control resource to modify.
* @public */ VpcEncryptionControlId: string | undefined; /** *The encryption mode for the VPC Encryption Control configuration.
* @public */ Mode?: VpcEncryptionControlMode | undefined; /** *Specifies whether to exclude internet gateway traffic from encryption enforcement.
* @public */ InternetGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
* @public */ EgressOnlyInternetGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude NAT gateway traffic from encryption enforcement.
* @public */ NatGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
* @public */ VirtualPrivateGatewayExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude VPC peering connection traffic from encryption enforcement.
* @public */ VpcPeeringExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude Lambda function traffic from encryption enforcement.
* @public */ LambdaExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
* @public */ VpcLatticeExclusion?: VpcEncryptionControlExclusionStateInput | undefined; /** *Specifies whether to exclude Elastic File System traffic from encryption enforcement.
* @public */ ElasticFileSystemExclusion?: VpcEncryptionControlExclusionStateInput | undefined; } /** * @public */ export interface ModifyVpcEncryptionControlResult { /** *Information about the VPC Encryption Control configuration.
* @public */ VpcEncryptionControl?: VpcEncryptionControl | undefined; } /** * @public */ export interface ModifyVpcEndpointRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the endpoint.
* @public */ VpcEndpointId: string | undefined; /** *(Gateway endpoint) Specify true to reset the policy document to the
* default policy. The default policy allows full access to the service.
(Interface and gateway endpoints) A policy to attach to the endpoint that controls access to the service. The policy must * be in valid JSON format.
* @public */ PolicyDocument?: string | undefined; /** *(Gateway endpoint) The IDs of the route tables to associate with the endpoint.
* @public */ AddRouteTableIds?: string[] | undefined; /** *(Gateway endpoint) The IDs of the route tables to disassociate from the endpoint.
* @public */ RemoveRouteTableIds?: string[] | undefined; /** *(Interface and Gateway Load Balancer endpoints) The IDs of the subnets in which to serve the endpoint. * For a Gateway Load Balancer endpoint, you can specify only one subnet.
* @public */ AddSubnetIds?: string[] | undefined; /** *(Interface endpoint) The IDs of the subnets from which to remove the endpoint.
* @public */ RemoveSubnetIds?: string[] | undefined; /** *(Interface endpoint) The IDs of the security groups to associate with the endpoint network interfaces.
* @public */ AddSecurityGroupIds?: string[] | undefined; /** *(Interface endpoint) The IDs of the security groups to disassociate from the endpoint network interfaces.
* @public */ RemoveSecurityGroupIds?: string[] | undefined; /** *The IP address type for the endpoint.
* @public */ IpAddressType?: IpAddressType | undefined; /** *The DNS options for the endpoint.
* @public */ DnsOptions?: DnsOptionsSpecification | undefined; /** *(Interface endpoint) Indicates whether a private hosted zone is associated with the VPC.
* @public */ PrivateDnsEnabled?: boolean | undefined; /** *The subnet configurations for the endpoint.
* @public */ SubnetConfigurations?: SubnetConfiguration[] | undefined; } /** * @public */ export interface ModifyVpcEndpointResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the notification.
* @public */ ConnectionNotificationId: string | undefined; /** *The ARN for the SNS topic for the notification.
* @public */ ConnectionNotificationArn?: string | undefined; /** *The events for the endpoint. Valid values are Accept,
* Connect, Delete, and Reject.
Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the service.
* @public */ ServiceId: string | undefined; /** *(Interface endpoint configuration) The private DNS name to assign to the endpoint service.
* @public */ PrivateDnsName?: string | undefined; /** *(Interface endpoint configuration) Removes the private DNS name of the endpoint service.
* @public */ RemovePrivateDnsName?: boolean | undefined; /** *Indicates whether requests to create an endpoint to the service must be accepted.
* @public */ AcceptanceRequired?: boolean | undefined; /** *The Amazon Resource Names (ARNs) of Network Load Balancers to add to the service * configuration.
* @public */ AddNetworkLoadBalancerArns?: string[] | undefined; /** *The Amazon Resource Names (ARNs) of Network Load Balancers to remove from the service * configuration.
* @public */ RemoveNetworkLoadBalancerArns?: string[] | undefined; /** *The Amazon Resource Names (ARNs) of Gateway Load Balancers to add to the service configuration.
* @public */ AddGatewayLoadBalancerArns?: string[] | undefined; /** *The Amazon Resource Names (ARNs) of Gateway Load Balancers to remove from the service configuration.
* @public */ RemoveGatewayLoadBalancerArns?: string[] | undefined; /** *The IP address types to add to the service configuration.
* @public */ AddSupportedIpAddressTypes?: string[] | undefined; /** *The IP address types to remove from the service configuration.
* @public */ RemoveSupportedIpAddressTypes?: string[] | undefined; /** *The supported Regions to add to the service configuration.
* @public */ AddSupportedRegions?: string[] | undefined; /** *The supported Regions to remove from the service configuration.
* @public */ RemoveSupportedRegions?: string[] | undefined; } /** * @public */ export interface ModifyVpcEndpointServiceConfigurationResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the service.
* @public */ ServiceId: string | undefined; /** *The entity that is responsible for the endpoint costs. The default is the endpoint owner. * If you set the payer responsibility to the service owner, you cannot set it back to the * endpoint owner.
* @public */ PayerResponsibility: PayerResponsibility | undefined; } /** * @public */ export interface ModifyVpcEndpointServicePayerResponsibilityResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the service.
* @public */ ServiceId: string | undefined; /** *The Amazon Resource Names (ARN) of the principals. * Permissions are granted to the principals in this list. * To grant permissions to all principals, specify an asterisk (*).
* @public */ AddAllowedPrincipals?: string[] | undefined; /** *The Amazon Resource Names (ARN) of the principals. * Permissions are revoked for principals in this list.
* @public */ RemoveAllowedPrincipals?: string[] | undefined; } /** * @public */ export interface ModifyVpcEndpointServicePermissionsResult { /** *Information about the added principals.
* @public */ AddedPrincipals?: AddedPrincipal[] | undefined; /** *Returns true if the request succeeds; otherwise, it returns an error.
The VPC peering connection options.
* @public */ export interface PeeringConnectionOptionsRequest { /** *If true, enables a local VPC to resolve public DNS hostnames to private IP addresses * when queried from instances in the peer VPC.
* @public */ AllowDnsResolutionFromRemoteVpc?: boolean | undefined; /** *Deprecated.
* @public */ AllowEgressFromLocalClassicLinkToRemoteVpc?: boolean | undefined; /** *Deprecated.
* @public */ AllowEgressFromLocalVpcToRemoteClassicLink?: boolean | undefined; } /** * @public */ export interface ModifyVpcPeeringConnectionOptionsRequest { /** *The VPC peering connection options for the accepter VPC.
* @public */ AccepterPeeringConnectionOptions?: PeeringConnectionOptionsRequest | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The VPC peering connection options for the requester VPC.
* @public */ RequesterPeeringConnectionOptions?: PeeringConnectionOptionsRequest | undefined; /** *The ID of the VPC peering connection.
* @public */ VpcPeeringConnectionId: string | undefined; } /** *Describes the VPC peering connection options.
* @public */ export interface PeeringConnectionOptions { /** *If true, the public DNS hostnames of instances in the specified VPC resolve to private * IP addresses when queried from instances in the peer VPC.
* @public */ AllowDnsResolutionFromRemoteVpc?: boolean | undefined; /** *Deprecated.
* @public */ AllowEgressFromLocalClassicLinkToRemoteVpc?: boolean | undefined; /** *Deprecated.
* @public */ AllowEgressFromLocalVpcToRemoteClassicLink?: boolean | undefined; } /** * @public */ export interface ModifyVpcPeeringConnectionOptionsResult { /** *Information about the VPC peering connection options for the accepter VPC.
* @public */ AccepterPeeringConnectionOptions?: PeeringConnectionOptions | undefined; /** *Information about the VPC peering connection options for the requester VPC.
* @public */ RequesterPeeringConnectionOptions?: PeeringConnectionOptions | undefined; } /** * @public */ export interface ModifyVpcTenancyRequest { /** *The ID of the VPC.
* @public */ VpcId: string | undefined; /** *The instance tenancy attribute for the VPC.
* @public */ InstanceTenancy: VpcTenancy | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an
* error.
The ID of the VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The ID of the transit gateway.
* @public */ TransitGatewayId?: string | undefined; /** *The ID of the customer gateway at your end of the VPN connection.
* @public */ CustomerGatewayId?: string | undefined; /** *The ID of the virtual private gateway at the Amazon Web Services side of the VPN * connection.
* @public */ VpnGatewayId?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Information about the VPN connection.
* @public */ VpnConnection?: VpnConnection | undefined; } /** * @public */ export interface ModifyVpnConnectionOptionsRequest { /** *The ID of the Site-to-Site VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The IPv4 CIDR on the customer gateway (on-premises) side of the VPN connection.
*Default: 0.0.0.0/0
*
The IPv4 CIDR on the Amazon Web Services side of the VPN connection.
*Default: 0.0.0.0/0
*
The IPv6 CIDR on the customer gateway (on-premises) side of the VPN connection.
*Default: ::/0
*
The IPv6 CIDR on the Amazon Web Services side of the VPN connection.
*Default: ::/0
*
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about the VPN connection.
* @public */ VpnConnection?: VpnConnection | undefined; } /** * @public */ export interface ModifyVpnTunnelCertificateRequest { /** *The ID of the Amazon Web Services Site-to-Site VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The external IP address of the VPN tunnel.
* @public */ VpnTunnelOutsideIpAddress: string | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Information about the VPN connection.
* @public */ VpnConnection?: VpnConnection | undefined; } /** *The Amazon Web Services Site-to-Site VPN tunnel options to modify.
* @public */ export interface ModifyVpnTunnelOptionsSpecification { /** *The range of inside IPv4 addresses for the tunnel. Any specified CIDR blocks must be * unique across all VPN connections that use the same virtual private gateway.
*Constraints: A size /30 CIDR block from the 169.254.0.0/16 range. The
* following CIDR blocks are reserved and cannot be used:
* 169.254.0.0/30
*
* 169.254.1.0/30
*
* 169.254.2.0/30
*
* 169.254.3.0/30
*
* 169.254.4.0/30
*
* 169.254.5.0/30
*
* 169.254.169.252/30
*
The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be * unique across all VPN connections that use the same transit gateway.
*Constraints: A size /126 CIDR block from the local fd00::/8 range.
The pre-shared key (PSK) to establish initial authentication between the virtual * private gateway and the customer gateway.
*Constraints: Allowed characters are alphanumeric characters, periods (.), and * underscores (_). Must be between 8 and 64 characters in length and cannot start with * zero (0).
* @public */ PreSharedKey?: string | undefined; /** *The lifetime for phase 1 of the IKE negotiation, in seconds.
*Constraints: A value between 900 and 28,800.
*Default: 28800
*
The lifetime for phase 2 of the IKE negotiation, in seconds.
*Constraints: A value between 900 and 3,600. The value must be less than the value for
* Phase1LifetimeSeconds.
Default: 3600
*
The margin time, in seconds, before the phase 2 lifetime expires, during which the
* Amazon Web Services side of the VPN connection performs an IKE rekey. The exact time
* of the rekey is randomly selected based on the value for
* RekeyFuzzPercentage.
Constraints: A value between 60 and half of Phase2LifetimeSeconds.
Default: 270
*
The percentage of the rekey window (determined by RekeyMarginTimeSeconds)
* during which the rekey time is randomly selected.
Constraints: A value between 0 and 100.
*Default: 100
*
The number of packets in an IKE replay window.
*Constraints: A value between 64 and 2048.
*Default: 1024
*
The number of seconds after which a DPD timeout occurs. A DPD timeout of 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds after the first failed keep-alive.
*Constraints: A value greater than or equal to 30.
*Default: 40
*
The action to take after DPD timeout occurs. Specify restart to restart
* the IKE initiation. Specify clear to end the IKE session.
Valid Values: clear | none | restart
*
Default: clear
*
One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 * IKE negotiations.
*Valid values: AES128 | AES256 | AES128-GCM-16 |
* AES256-GCM-16
*
One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 * IKE negotiations.
*Valid values: AES128 | AES256 | AES128-GCM-16 |
* AES256-GCM-16
*
One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE * negotiations.
*Valid values: SHA1 | SHA2-256 | SHA2-384 |
* SHA2-512
*
One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE * negotiations.
*Valid values: SHA1 | SHA2-256 | SHA2-384 |
* SHA2-512
*
One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for * phase 1 IKE negotiations.
*Valid values: 2 | 14 | 15 | 16 |
* 17 | 18 | 19 | 20 |
* 21 | 22 | 23 | 24
*
One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for * phase 2 IKE negotiations.
*Valid values: 2 | 5 | 14 | 15 |
* 16 | 17 | 18 | 19 |
* 20 | 21 | 22 | 23 |
* 24
*
The IKE versions that are permitted for the VPN tunnel.
*Valid values: ikev1 | ikev2
*
The action to take when the establishing the tunnel for the VPN connection. By
* default, your customer gateway device must initiate the IKE negotiation and bring up the
* tunnel. Specify start for Amazon Web Services to initiate the IKE
* negotiation.
Valid Values: add | start
*
Default: add
*
Options for logging VPN tunnel activity.
* @public */ LogOptions?: VpnTunnelLogOptionsSpecification | undefined; /** *Turn on or off tunnel endpoint lifecycle control feature.
* @public */ EnableTunnelLifecycleControl?: boolean | undefined; } /** * @public */ export interface ModifyVpnTunnelOptionsRequest { /** *The ID of the Amazon Web Services Site-to-Site VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The external IP address of the VPN tunnel.
* @public */ VpnTunnelOutsideIpAddress: string | undefined; /** *The tunnel options to modify.
* @public */ TunnelOptions: ModifyVpnTunnelOptionsSpecification | undefined; /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Choose whether or not to trigger immediate tunnel replacement. This is only applicable when turning on or off EnableTunnelLifecycleControl.
Valid values: True | False
*
Specifies the storage mode for the pre-shared key (PSK). Valid values are Standard (stored in Site-to-Site VPN service) or SecretsManager (stored in Amazon Web Services Secrets Manager).
Information about the VPN connection.
* @public */ VpnConnection?: VpnConnection | undefined; } /** * @public */ export interface MonitorInstancesRequest { /** *The IDs of the instances.
* @public */ InstanceIds: string[] | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Describes the monitoring of an instance.
* @public */ export interface InstanceMonitoring { /** *The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The monitoring for the instance.
* @public */ Monitoring?: Monitoring | undefined; } /** * @public */ export interface MonitorInstancesResult { /** *The monitoring information.
* @public */ InstanceMonitorings?: InstanceMonitoring[] | undefined; } /** * @public */ export interface MoveAddressToVpcRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Elastic IP address.
* @public */ PublicIp: string | undefined; } /** * @public */ export interface MoveAddressToVpcResult { /** *The allocation ID for the Elastic IP address.
* @public */ AllocationId?: string | undefined; /** *The status of the move of the IP address.
* @public */ Status?: Status | undefined; } /** * @public */ export interface MoveByoipCidrToIpamRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The BYOIP CIDR.
* @public */ Cidr: string | undefined; /** *The IPAM pool ID.
* @public */ IpamPoolId: string | undefined; /** *The Amazon Web Services account ID of the owner of the IPAM pool.
* @public */ IpamPoolOwner: string | undefined; } /** * @public */ export interface MoveByoipCidrToIpamResult { /** *The BYOIP CIDR.
* @public */ ByoipCidr?: ByoipCidr | undefined; } /** * @public */ export interface MoveCapacityReservationInstancesRequest { /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensure Idempotency.
* @public */ ClientToken?: string | undefined; /** *The ID of the Capacity Reservation from which you want to move capacity.
* @public */ SourceCapacityReservationId: string | undefined; /** *The ID of the Capacity Reservation that you want to move capacity into.
* @public */ DestinationCapacityReservationId: string | undefined; /** *The number of instances that you want to move from the source Capacity Reservation. *
* @public */ InstanceCount: number | undefined; } /** * @public */ export interface MoveCapacityReservationInstancesResult { /** *Information about the source Capacity Reservation.
* @public */ SourceCapacityReservation?: CapacityReservation | undefined; /** *Information about the destination Capacity Reservation.
* @public */ DestinationCapacityReservation?: CapacityReservation | undefined; /** *The number of instances that were moved from the source Capacity Reservation to the * destination Capacity Reservation.
* @public */ InstanceCount?: number | undefined; } /** *Provides authorization for Amazon to bring a specific IP address range to a specific * Amazon Web Services account using bring your own IP addresses (BYOIP). For more information, see Configuring your BYOIP address range in the Amazon EC2 User Guide.
* @public */ export interface CidrAuthorizationContext { /** *The plain-text authorization message for the prefix and account.
* @public */ Message: string | undefined; /** *The signed authorization message for the prefix and account.
* @public */ Signature: string | undefined; } /** * @public */ export interface ProvisionByoipCidrRequest { /** *The public IPv4 or IPv6 address range, in CIDR notation. The most specific IPv4 prefix that you can * specify is /24. The most specific IPv6 address range that you can bring is /48 for CIDRs that are publicly advertisable and /56 for CIDRs that are not publicly advertisable. The address range cannot overlap with another address range that you've * brought to this or another Region.
* @public */ Cidr: string | undefined; /** *A signed document that proves that you are authorized to bring the specified IP address * range to Amazon using BYOIP.
* @public */ CidrAuthorizationContext?: CidrAuthorizationContext | undefined; /** *(IPv6 only) Indicate whether the address range will be publicly advertised to the * internet.
*Default: true
* @public */ PubliclyAdvertisable?: boolean | undefined; /** *A description for the address range and the address pool.
* @public */ Description?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The tags to apply to the address pool.
* @public */ PoolTagSpecifications?: TagSpecification[] | undefined; /** *Reserved.
* @public */ MultiRegion?: boolean | undefined; /** *If you have Local Zones enabled, you can choose a network border group for Local Zones when you provision and advertise a BYOIPv4 CIDR. Choose the network border group carefully as the EIP and the Amazon Web Services resource it is associated with must reside in the same network border group.
*You can provision BYOIP address ranges to and advertise them in the following Local Zone network border groups:
*us-east-1-dfw-2
*us-west-2-lax-1
*us-west-2-phx-2
*You cannot provision or advertise BYOIPv6 address ranges in Local Zones at this time.
*Information about the address range.
* @public */ ByoipCidr?: ByoipCidr | undefined; } /** *Provides authorization for Amazon to bring an Autonomous System Number (ASN) to a specific Amazon Web Services account using bring your own ASN (BYOASN). * For details on the format of the message and signature, see Tutorial: Bring your ASN to IPAM in the Amazon VPC IPAM guide.
* @public */ export interface AsnAuthorizationContext { /** *The authorization context's message.
* @public */ Message: string | undefined; /** *The authorization context's signature.
* @public */ Signature: string | undefined; } /** * @public */ export interface ProvisionIpamByoasnRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
An IPAM ID.
* @public */ IpamId: string | undefined; /** *A public 2-byte or 4-byte ASN.
* @public */ Asn: string | undefined; /** *An ASN authorization context.
* @public */ AsnAuthorizationContext: AsnAuthorizationContext | undefined; } /** * @public */ export interface ProvisionIpamByoasnResult { /** *An ASN and BYOIP CIDR association.
* @public */ Byoasn?: Byoasn | undefined; } /** *A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP.
* @public */ export interface IpamCidrAuthorizationContext { /** *The plain-text authorization message for the prefix and account.
* @public */ Message?: string | undefined; /** *The signed authorization message for the prefix and account.
* @public */ Signature?: string | undefined; } /** * @public */ export interface ProvisionIpamPoolCidrRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool to which you want to assign a CIDR.
* @public */ IpamPoolId: string | undefined; /** *The CIDR you want to assign to the IPAM pool. Either "NetmaskLength" or "Cidr" is required. This value will be null if you specify "NetmaskLength" and will be filled in during the provisioning process.
* @public */ Cidr?: string | undefined; /** *A signed document that proves that you are authorized to bring a specified IP address range to Amazon using BYOIP. This option only applies to IPv4 and IPv6 pools in the public scope.
* @public */ CidrAuthorizationContext?: IpamCidrAuthorizationContext | undefined; /** *The netmask length of the CIDR you'd like to provision to a pool. Can be used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for provisioning CIDRs to pools with source pools. Cannot be used to provision BYOIP CIDRs to top-level pools. Either "NetmaskLength" or "Cidr" is required.
* @public */ NetmaskLength?: number | undefined; /** *A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring idempotency.
* @public */ ClientToken?: string | undefined; /** *The method for verifying control of a public IP address range. Defaults to remarks-x509 if not specified. This option only applies to IPv4 and IPv6 pools in the public scope.
Verification token ID. This option only applies to IPv4 and IPv6 pools in the public scope.
* @public */ IpamExternalResourceVerificationTokenId?: string | undefined; } /** * @public */ export interface ProvisionIpamPoolCidrResult { /** *Information about the provisioned CIDR.
* @public */ IpamPoolCidr?: IpamPoolCidr | undefined; } /** * @public */ export interface ProvisionPublicIpv4PoolCidrRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool you would like to use to allocate this CIDR.
* @public */ IpamPoolId: string | undefined; /** *The ID of the public IPv4 pool you would like to use for this CIDR.
* @public */ PoolId: string | undefined; /** *The netmask length of the CIDR you would like to allocate to the public IPv4 pool. The least specific netmask length you can define is 24.
* @public */ NetmaskLength: number | undefined; /** *The Availability Zone (AZ) or Local Zone (LZ) network border group that the resource that the IP address is assigned to is in. Defaults to an AZ network border group. For more information on available Local Zones, see Local Zone availability in the Amazon EC2 User Guide.
* @public */ NetworkBorderGroup?: string | undefined; } /** * @public */ export interface ProvisionPublicIpv4PoolCidrResult { /** *The ID of the pool that you want to provision the CIDR to.
* @public */ PoolId?: string | undefined; /** *Information about the address range of the public IPv4 pool.
* @public */ PoolAddressRange?: PublicIpv4PoolRange | undefined; } /** * @public */ export interface PurchaseCapacityBlockRequest { /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The tags to apply to the Capacity Block during launch.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *The ID of the Capacity Block offering.
* @public */ CapacityBlockOfferingId: string | undefined; /** *The type of operating system for which to reserve capacity.
* @public */ InstancePlatform: CapacityReservationInstancePlatform | undefined; } /** * @public */ export interface PurchaseCapacityBlockResult { /** *The Capacity Reservation.
* @public */ CapacityReservation?: CapacityReservation | undefined; /** *The Capacity Block.
* @public */ CapacityBlocks?: CapacityBlock[] | undefined; } /** * @public */ export interface PurchaseCapacityBlockExtensionRequest { /** *The ID of the Capacity Block extension offering to purchase.
* @public */ CapacityBlockExtensionOfferingId: string | undefined; /** *The ID of the Capacity reservation to be extended.
* @public */ CapacityReservationId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The purchased Capacity Block extensions.
* @public */ CapacityBlockExtensions?: CapacityBlockExtension[] | undefined; } /** * @public */ export interface PurchaseHostReservationRequest { /** *Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
* @public */ ClientToken?: string | undefined; /** *The currency in which the totalUpfrontPrice, LimitPrice, and
* totalHourlyPrice amounts are specified. At this time, the only
* supported currency is USD.
The IDs of the Dedicated Hosts with which the reservation will be associated.
* @public */ HostIdSet: string[] | undefined; /** *The specified limit is checked against the total upfront cost of the reservation
* (calculated as the offering's upfront cost multiplied by the host count). If the total
* upfront cost is greater than the specified price limit, the request fails. This is used
* to ensure that the purchase does not exceed the expected upfront cost of the purchase.
* At this time, the only supported currency is USD. For example, to indicate
* a limit price of USD 100, specify 100.00.
The ID of the offering.
* @public */ OfferingId: string | undefined; /** *The tags to apply to the Dedicated Host Reservation during purchase.
* @public */ TagSpecifications?: TagSpecification[] | undefined; } /** * @public */ export interface PurchaseHostReservationResult { /** *Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
* @public */ ClientToken?: string | undefined; /** *The currency in which the totalUpfrontPrice and
* totalHourlyPrice amounts are specified. At this time, the only
* supported currency is USD.
Describes the details of the purchase.
* @public */ Purchase?: Purchase[] | undefined; /** *The total hourly price of the reservation calculated per hour.
* @public */ TotalHourlyPrice?: string | undefined; /** *The total amount charged to your account when you purchase the reservation.
* @public */ TotalUpfrontPrice?: string | undefined; } /** *Describes the limit price of a Reserved Instance offering.
* @public */ export interface ReservedInstanceLimitPrice { /** *Used for Reserved Instance Marketplace offerings. Specifies the limit price on the total * order (instanceCount * price).
* @public */ Amount?: number | undefined; /** *The currency in which the limitPrice amount is specified. At this time, the
* only supported currency is USD.
Contains the parameters for PurchaseReservedInstancesOffering.
* @public */ export interface PurchaseReservedInstancesOfferingRequest { /** *The number of Reserved Instances to purchase.
* @public */ InstanceCount: number | undefined; /** *The ID of the Reserved Instance offering to purchase.
* @public */ ReservedInstancesOfferingId: string | undefined; /** *The time at which to purchase the Reserved Instance, in UTC format (for example, * YYYY-MM-DDTHH:MM:SSZ).
* @public */ PurchaseTime?: Date | undefined; /** *Checks whether you have the required permissions for the action, without actually making
* the request, and provides an error response. If you have the required permissions, the error
* response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
Specified for Reserved Instance Marketplace offerings to limit the total order and ensure * that the Reserved Instances are not purchased at unexpected prices.
* @public */ LimitPrice?: ReservedInstanceLimitPrice | undefined; } /** *Contains the output of PurchaseReservedInstancesOffering.
* @public */ export interface PurchaseReservedInstancesOfferingResult { /** *The IDs of the purchased Reserved Instances. If your purchase crosses into a discounted * pricing tier, the final Reserved Instances IDs might change. For more information, see Crossing pricing tiers in the Amazon EC2 User Guide.
* @public */ ReservedInstancesId?: string | undefined; } /** *Describes a request to purchase Scheduled Instances.
* @public */ export interface PurchaseRequest { /** *The number of instances.
* @public */ InstanceCount: number | undefined; /** *The purchase token.
* @public */ PurchaseToken: string | undefined; } /** *Contains the parameters for PurchaseScheduledInstances.
* @public */ export interface PurchaseScheduledInstancesRequest { /** *Unique, case-sensitive identifier that ensures the idempotency of the request. * For more information, see Ensuring Idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The purchase requests.
* @public */ PurchaseRequests: PurchaseRequest[] | undefined; } /** *Contains the output of PurchaseScheduledInstances.
* @public */ export interface PurchaseScheduledInstancesResult { /** *Information about the Scheduled Instances.
* @public */ ScheduledInstanceSet?: ScheduledInstance[] | undefined; } /** * @public */ export interface RebootInstancesRequest { /** *The instance IDs.
* @public */ InstanceIds: string[] | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Contains the parameters for RegisterImage.
* @public */ export interface RegisterImageRequest { /** *The full path to your AMI manifest in Amazon S3 storage. The specified bucket must have the
* aws-exec-read canned access control list (ACL) to ensure that it can be
* accessed by Amazon EC2. For more information, see Canned ACL in the
* Amazon S3 Service Developer Guide.
The billing product codes. Your account must be authorized to specify billing product * codes.
*If your account is not authorized to specify billing product codes, you can publish AMIs * that include billable software and list them on the Amazon Web Services Marketplace. You must first register as a seller * on the Amazon Web Services Marketplace. For more information, see Getting started as an Amazon Web Services Marketplace seller and AMI-based products in Amazon Web Services Marketplace in the Amazon Web Services Marketplace Seller Guide.
* @public */ BillingProducts?: string[] | undefined; /** *The boot mode of the AMI. A value of uefi-preferred indicates that the AMI
* supports both UEFI and Legacy BIOS.
The operating system contained in the AMI must be configured to support the specified * boot mode.
*For more information, see Instance launch behavior with Amazon EC2 * boot modes in the Amazon EC2 User Guide.
* @public */ BootMode?: BootModeValues | undefined; /** *Set to v2.0 to enable Trusted Platform Module (TPM) support. For more
* information, see NitroTPM in the Amazon EC2 User Guide.
Base64 representation of the non-volatile UEFI variable store. To retrieve the UEFI data, * use the GetInstanceUefiData command. You can inspect and modify the UEFI data by using the * python-uefivars tool on * GitHub. For more information, see UEFI Secure Boot for Amazon EC2 * instances in the Amazon EC2 User Guide.
* @public */ UefiData?: string | undefined; /** *Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances
* launched from this AMI will have HttpTokens automatically set to
* required so that, by default, the instance requires that IMDSv2 is used when
* requesting instance metadata. In addition, HttpPutResponseHopLimit is set to
* 2. For more information, see Configure the AMI in the Amazon EC2 User Guide.
If you set the value to v2.0, make sure that your AMI software can support
* IMDSv2.
The tags to apply to the AMI.
*To tag the AMI, the value for ResourceType must be image. If you
* specify another value for ResourceType, the request fails.
To tag an AMI after it has been registered, see CreateTags.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
A name for your AMI.
*Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces * ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or * underscores(_)
* @public */ Name: string | undefined; /** *A description for your AMI.
* @public */ Description?: string | undefined; /** *The architecture of the AMI.
*Default: For Amazon EBS-backed AMIs, i386. For instance store-backed AMIs, the
* architecture specified in the manifest file.
The ID of the kernel.
* @public */ KernelId?: string | undefined; /** *The ID of the RAM disk.
* @public */ RamdiskId?: string | undefined; /** *The device name of the root device volume (for example, /dev/sda1).
The block device mapping entries.
*If you specify an Amazon EBS volume using the ID of an Amazon EBS snapshot, you can't specify the * encryption state of the volume.
*If you create an AMI on an Outpost, then all backing snapshots must be on the same Outpost * or in the Region of that Outpost. AMIs on an Outpost that include local snapshots can be used * to launch instances on the same Outpost only. For more information, Create AMIs from * local snapshots in the Amazon EBS User Guide.
* @public */ BlockDeviceMappings?: BlockDeviceMapping[] | undefined; /** *The type of virtualization (hvm | paravirtual).
Default: paravirtual
*
Set to simple to enable enhanced networking with the Intel 82599 Virtual
* Function interface for the AMI and any instances that you launch from the AMI.
There is no way to disable sriovNetSupport at this time.
This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make * instances launched from the AMI unreachable.
* @public */ SriovNetSupport?: string | undefined; /** *Set to true to enable enhanced networking with ENA for the AMI and any
* instances that you launch from the AMI.
This option is supported only for HVM AMIs. Specifying this option with a PV AMI can make * instances launched from the AMI unreachable.
* @public */ EnaSupport?: boolean | undefined; } /** *Contains the output of RegisterImage.
* @public */ export interface RegisterImageResult { /** *The ID of the newly registered AMI.
* @public */ ImageId?: string | undefined; } /** *Information about the tag keys to register for the current Region. You can either
* specify individual tag keys or register all tag keys in the current Region. You must
* specify either IncludeAllTagsOfInstance or InstanceTagKeys in the
* request
Indicates whether to register all tag keys in the current Region. Specify
* true to register all tag keys.
The tag keys to register.
* @public */ InstanceTagKeys?: string[] | undefined; } /** * @public */ export interface RegisterInstanceEventNotificationAttributesRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the tag keys to register.
* @public */ InstanceTagAttribute: RegisterInstanceTagAttributeRequest | undefined; } /** * @public */ export interface RegisterInstanceEventNotificationAttributesResult { /** *The resulting set of tag keys.
* @public */ InstanceTagAttribute?: InstanceTagNotificationAttribute | undefined; } /** * @public */ export interface RegisterTransitGatewayMulticastGroupMembersRequest { /** *The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId: string | undefined; /** *The IP address assigned to the transit gateway multicast group.
* @public */ GroupIpAddress?: string | undefined; /** *The group members' network interface IDs to register with the transit gateway multicast group.
* @public */ NetworkInterfaceIds: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the registered transit gateway multicast group members.
* @public */ export interface TransitGatewayMulticastRegisteredGroupMembers { /** *The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId?: string | undefined; /** *The ID of the registered network interfaces.
* @public */ RegisteredNetworkInterfaceIds?: string[] | undefined; /** *The IP address assigned to the transit gateway multicast group.
* @public */ GroupIpAddress?: string | undefined; } /** * @public */ export interface RegisterTransitGatewayMulticastGroupMembersResult { /** *Information about the registered transit gateway multicast group members.
* @public */ RegisteredMulticastGroupMembers?: TransitGatewayMulticastRegisteredGroupMembers | undefined; } /** * @public */ export interface RegisterTransitGatewayMulticastGroupSourcesRequest { /** *The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId: string | undefined; /** *The IP address assigned to the transit gateway multicast group.
* @public */ GroupIpAddress?: string | undefined; /** *The group sources' network interface IDs to register with the transit gateway multicast group.
* @public */ NetworkInterfaceIds: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the members registered with the transit gateway multicast group.
* @public */ export interface TransitGatewayMulticastRegisteredGroupSources { /** *The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId?: string | undefined; /** *The IDs of the network interfaces members registered with the transit gateway multicast group.
* @public */ RegisteredNetworkInterfaceIds?: string[] | undefined; /** *The IP address assigned to the transit gateway multicast group.
* @public */ GroupIpAddress?: string | undefined; } /** * @public */ export interface RegisterTransitGatewayMulticastGroupSourcesResult { /** *Information about the transit gateway multicast group sources.
* @public */ RegisteredMulticastGroupSources?: TransitGatewayMulticastRegisteredGroupSources | undefined; } /** * @public */ export interface RejectCapacityReservationBillingOwnershipRequest { /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the Capacity Reservation for which to reject the request.
* @public */ CapacityReservationId: string | undefined; } /** * @public */ export interface RejectCapacityReservationBillingOwnershipResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
The ID of the Transit Gateway attachment.
* @public */ TransitGatewayAttachmentId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about the Transit Gateway Client VPN attachment.
* @public */ TransitGatewayClientVpnAttachment?: TransitGatewayClientVpnAttachment | undefined; } /** * @public */ export interface RejectTransitGatewayMulticastDomainAssociationsRequest { /** *The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId?: string | undefined; /** *The ID of the transit gateway attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *The IDs of the subnets to associate with the transit gateway multicast domain.
* @public */ SubnetIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the multicast domain associations.
* @public */ Associations?: TransitGatewayMulticastDomainAssociations | undefined; } /** * @public */ export interface RejectTransitGatewayPeeringAttachmentRequest { /** *The ID of the transit gateway peering attachment.
* @public */ TransitGatewayAttachmentId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The transit gateway peering attachment.
* @public */ TransitGatewayPeeringAttachment?: TransitGatewayPeeringAttachment | undefined; } /** * @public */ export interface RejectTransitGatewayVpcAttachmentRequest { /** *The ID of the attachment.
* @public */ TransitGatewayAttachmentId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the attachment.
* @public */ TransitGatewayVpcAttachment?: TransitGatewayVpcAttachment | undefined; } /** * @public */ export interface RejectVpcEndpointConnectionsRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the service.
* @public */ ServiceId: string | undefined; /** *The IDs of the VPC endpoints.
* @public */ VpcEndpointIds: string[] | undefined; } /** * @public */ export interface RejectVpcEndpointConnectionsResult { /** *Information about the endpoints that were not rejected, if applicable.
* @public */ Unsuccessful?: UnsuccessfulItem[] | undefined; } /** * @public */ export interface RejectVpcPeeringConnectionRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the VPC peering connection.
* @public */ VpcPeeringConnectionId: string | undefined; } /** * @public */ export interface RejectVpcPeeringConnectionResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
The allocation ID. This parameter is required.
* @public */ AllocationId?: string | undefined; /** *Deprecated.
* @public */ PublicIp?: string | undefined; /** *The set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises * IP addresses.
*If you provide an incorrect network border group, you receive an InvalidAddress.NotFound error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The IDs of the Dedicated Hosts to release.
* @public */ HostIds: string[] | undefined; } /** * @public */ export interface ReleaseHostsResult { /** *The IDs of the Dedicated Hosts that were successfully released.
* @public */ Successful?: string[] | undefined; /** *The IDs of the Dedicated Hosts that could not be released, including an error * message.
* @public */ Unsuccessful?: UnsuccessfulItem[] | undefined; } /** * @public */ export interface ReleaseIpamPoolAllocationRequest { /** *A check for whether you have the required permissions for the action without actually making the request
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the IPAM pool which contains the allocation you want to release.
* @public */ IpamPoolId: string | undefined; /** *The CIDR of the allocation you want to release.
* @public */ Cidr: string | undefined; /** *The ID of the allocation.
* @public */ IpamPoolAllocationId: string | undefined; } /** * @public */ export interface ReleaseIpamPoolAllocationResult { /** *Indicates if the release was successful.
* @public */ Success?: boolean | undefined; } /** * @public */ export interface ReplaceIamInstanceProfileAssociationRequest { /** *The IAM instance profile.
* @public */ IamInstanceProfile: IamInstanceProfileSpecification | undefined; /** *The ID of the existing IAM instance profile association.
* @public */ AssociationId: string | undefined; } /** * @public */ export interface ReplaceIamInstanceProfileAssociationResult { /** *Information about the IAM instance profile association.
* @public */ IamInstanceProfileAssociation?: IamInstanceProfileAssociation | undefined; } /** *The maximum age for allowed images.
* @public */ export interface CreationDateConditionRequest { /** *The maximum number of days that have elapsed since the image was created. For example, a
* value of 300 allows images that were created within the last 300 days.
The maximum period since deprecation for allowed images.
* @public */ export interface DeprecationTimeConditionRequest { /** *The maximum number of days that have elapsed since the image was deprecated. Set to
* 0 to exclude all deprecated images.
The criteria that are evaluated to determine which AMIs are discoverable and usable in * your account for the specified Amazon Web Services Region.
*The ImageCriteria can include up to:
10 ImageCriterion
*
Each ImageCriterion can include up to:
200 values for ImageProviders
*
50 values for ImageNames
*
50 values for MarketplaceProductCodes
*
For more information, see How Allowed AMIs * works in the Amazon EC2 User Guide.
* @public */ export interface ImageCriterionRequest { /** *The image providers whose images are allowed.
*Possible values:
*
* amazon: Allow AMIs created by Amazon or verified providers.
* aws-marketplace: Allow AMIs created by verified providers in the Amazon Web Services
* Marketplace.
* aws-backup-vault: Allow AMIs created by Amazon Web Services Backup.
12-digit account ID: Allow AMIs created by the specified accounts. One or more account IDs can be * specified.
*
* none: Allow AMIs created by your own account only. When none is
* specified, no other values can be specified.
Maximum: 200 values
* @public */ ImageProviders?: string[] | undefined; /** *The Amazon Web Services Marketplace product codes for allowed images.
*Length: 1-25 characters
*Valid characters: Letters (A–Z, a–z) and numbers (0–9)
Maximum: 50 values
* @public */ MarketplaceProductCodes?: string[] | undefined; /** *The names of allowed images. Names can include wildcards (? and
* *).
Length: 1–128 characters. With ?, the minimum is 3 characters.
Valid characters:
*Letters: A–Z, a–z
*
Numbers: 0–9
*
Special characters: ( ) [ ] . / - ' @ _ * ?
*
Spaces
*Maximum: 50 values
* @public */ ImageNames?: string[] | undefined; /** *The maximum period since deprecation for allowed images.
* @public */ DeprecationTimeCondition?: DeprecationTimeConditionRequest | undefined; /** *The maximum age for allowed images.
* @public */ CreationDateCondition?: CreationDateConditionRequest | undefined; } /** * @public */ export interface ReplaceImageCriteriaInAllowedImagesSettingsRequest { /** *The list of criteria that are evaluated to determine whether AMIs are discoverable and * usable in the account in the specified Amazon Web Services Region.
* @public */ ImageCriteria?: ImageCriterionRequest[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the current association between the original network ACL and the subnet.
* @public */ AssociationId: string | undefined; /** *The ID of the new network ACL to associate with the subnet.
* @public */ NetworkAclId: string | undefined; } /** * @public */ export interface ReplaceNetworkAclAssociationResult { /** *The ID of the new association.
* @public */ NewAssociationId?: string | undefined; } /** * @public */ export interface ReplaceNetworkAclEntryRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the ACL.
* @public */ NetworkAclId: string | undefined; /** *The rule number of the entry to replace.
* @public */ RuleNumber: number | undefined; /** *The protocol number. A value of "-1" means all protocols. If you specify "-1" or a * protocol number other than "6" (TCP), "17" (UDP), or "1" (ICMP), traffic on all ports is * allowed, regardless of any ports or ICMP types or codes that you specify. If you specify * protocol "58" (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and * codes allowed, regardless of any that you specify. If you specify protocol "58" (ICMPv6) * and specify an IPv6 CIDR block, you must specify an ICMP type and code.
* @public */ Protocol: string | undefined; /** *Indicates whether to allow or deny the traffic that matches the rule.
* @public */ RuleAction: RuleAction | undefined; /** *Indicates whether to replace the egress rule.
*Default: If no value is specified, we replace the ingress rule.
* @public */ Egress: boolean | undefined; /** *The IPv4 network range to allow or deny, in CIDR notation (for example
* 172.16.0.0/24).
The IPv6 network range to allow or deny, in CIDR notation (for example
* 2001:bd8:1234:1a00::/64).
ICMP protocol: The ICMP or ICMPv6 type and code. Required if specifying protocol * 1 (ICMP) or protocol 58 (ICMPv6) with an IPv6 CIDR block.
* @public */ IcmpTypeCode?: IcmpTypeCode | undefined; /** *TCP or UDP protocols: The range of ports the rule applies to. * Required if specifying protocol 6 (TCP) or 17 (UDP).
* @public */ PortRange?: PortRange | undefined; } /** * @public */ export interface ReplaceRouteRequest { /** *The ID of the prefix list for the route.
* @public */ DestinationPrefixListId?: string | undefined; /** *The ID of a VPC endpoint. Supported for Gateway Load Balancer endpoints only.
* @public */ VpcEndpointId?: string | undefined; /** *Specifies whether to reset the local route to its default target (local).
The ID of a transit gateway.
* @public */ TransitGatewayId?: string | undefined; /** *The ID of the local gateway.
* @public */ LocalGatewayId?: string | undefined; /** *[IPv4 traffic only] The ID of a carrier gateway.
* @public */ CarrierGatewayId?: string | undefined; /** *The Amazon Resource Name (ARN) of the core network.
* @public */ CoreNetworkArn?: string | undefined; /** *The Amazon Resource Name (ARN) of the ODB network.
* @public */ OdbNetworkArn?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the route table.
* @public */ RouteTableId: string | undefined; /** *The IPv4 CIDR address block used for the destination match. The value that you * provide must match the CIDR of an existing route in the table.
* @public */ DestinationCidrBlock?: string | undefined; /** *The ID of an internet gateway or virtual private gateway.
* @public */ GatewayId?: string | undefined; /** *The IPv6 CIDR address block used for the destination match. The value that you * provide must match the CIDR of an existing route in the table.
* @public */ DestinationIpv6CidrBlock?: string | undefined; /** *[IPv6 traffic only] The ID of an egress-only internet gateway.
* @public */ EgressOnlyInternetGatewayId?: string | undefined; /** *The ID of a NAT instance in your VPC.
* @public */ InstanceId?: string | undefined; /** *The ID of a network interface.
* @public */ NetworkInterfaceId?: string | undefined; /** *The ID of a VPC peering connection.
* @public */ VpcPeeringConnectionId?: string | undefined; /** *[IPv4 traffic only] The ID of a NAT gateway.
* @public */ NatGatewayId?: string | undefined; } /** * @public */ export interface ReplaceRouteTableAssociationRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The association ID.
* @public */ AssociationId: string | undefined; /** *The ID of the new route table to associate with the subnet.
* @public */ RouteTableId: string | undefined; } /** * @public */ export interface ReplaceRouteTableAssociationResult { /** *The ID of the new association.
* @public */ NewAssociationId?: string | undefined; /** *The state of the association.
* @public */ AssociationState?: RouteTableAssociationState | undefined; } /** * @public */ export interface ReplaceTransitGatewayRouteRequest { /** *The CIDR range used for the destination match. Routing decisions are based on the most specific match.
* @public */ DestinationCidrBlock: string | undefined; /** *The ID of the route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *The ID of the attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *Indicates whether traffic matching this route is to be dropped.
* @public */ Blackhole?: boolean | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the modified route.
* @public */ Route?: TransitGatewayRoute | undefined; } /** * @public */ export interface ReplaceVpnTunnelRequest { /** *The ID of the Site-to-Site VPN connection.
* @public */ VpnConnectionId: string | undefined; /** *The external IP address of the VPN tunnel.
* @public */ VpnTunnelOutsideIpAddress: string | undefined; /** *Trigger pending tunnel endpoint maintenance.
* @public */ ApplyPendingMaintenance?: boolean | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Confirmation of replace tunnel operation.
* @public */ Return?: boolean | undefined; } /** * @public */ export interface ReportInstanceStatusRequest { /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The instances.
* @public */ Instances: string[] | undefined; /** *The status of all instances listed.
* @public */ Status: ReportStatusType | undefined; /** *The time at which the reported instance health state began.
* @public */ StartTime?: Date | undefined; /** *The time at which the reported instance health state ended.
* @public */ EndTime?: Date | undefined; /** *The reason codes that describe the health state of your instance.
*
* instance-stuck-in-state: My instance is stuck in a state.
* unresponsive: My instance is unresponsive.
* not-accepting-credentials: My instance is not accepting my
* credentials.
* password-not-available: A password is not available for my
* instance.
* performance-network: My instance is experiencing performance
* problems that I believe are network related.
* performance-instance-store: My instance is experiencing performance
* problems that I believe are related to the instance stores.
* performance-ebs-volume: My instance is experiencing performance
* problems that I believe are related to an EBS volume.
* performance-other: My instance is experiencing performance
* problems.
* other: [explain using the description parameter]
Descriptive text about the health state of your instance.
* * @deprecated This member has been deprecated. * @public */ Description?: string | undefined; } /** *Contains the parameters for RequestSpotFleet.
* @public */ export interface RequestSpotFleetRequest { /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The configuration for the Spot Fleet request.
* @public */ SpotFleetRequestConfig: SpotFleetRequestConfigData | undefined; } /** *Contains the output of RequestSpotFleet.
* @public */ export interface RequestSpotFleetResponse { /** *The ID of the Spot Fleet request.
* @public */ SpotFleetRequestId?: string | undefined; } /** *Describes the launch specification for an instance.
* @public */ export interface RequestSpotLaunchSpecification { /** *The IDs of the security groups.
* @public */ SecurityGroupIds?: string[] | undefined; /** *Not supported.
* @public */ SecurityGroups?: string[] | undefined; /** *Deprecated.
* @public */ AddressingType?: string | undefined; /** *The block device mapping entries. You can't specify both a snapshot ID and an encryption value. * This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, * it is not blank and its encryption status is used for the volume encryption status.
* @public */ BlockDeviceMappings?: BlockDeviceMapping[] | undefined; /** *Indicates whether the instance is optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.
*Default: false
*
The IAM instance profile.
* @public */ IamInstanceProfile?: IamInstanceProfileSpecification | undefined; /** *The ID of the AMI.
* @public */ ImageId?: string | undefined; /** *The instance type. Only one instance type can be specified.
* @public */ InstanceType?: _InstanceType | undefined; /** *The ID of the kernel.
* @public */ KernelId?: string | undefined; /** *The name of the key pair.
* @public */ KeyName?: string | undefined; /** *Indicates whether basic or detailed monitoring is enabled for the instance.
*Default: Disabled
* @public */ Monitoring?: RunInstancesMonitoringEnabled | undefined; /** *The network interfaces. If you specify a network interface, you must specify * subnet IDs and security group IDs using the network interface.
* @public */ NetworkInterfaces?: InstanceNetworkInterfaceSpecification[] | undefined; /** *The placement information for the instance.
* @public */ Placement?: SpotPlacement | undefined; /** *The ID of the RAM disk.
* @public */ RamdiskId?: string | undefined; /** *The ID of the subnet in which to launch the instance.
* @public */ SubnetId?: string | undefined; /** *The base64-encoded user data that instances use when starting up. User data is limited to 16 KB.
* @public */ UserData?: string | undefined; } /** *Contains the parameters for RequestSpotInstances.
* @public */ export interface RequestSpotInstancesRequest { /** *The launch specification.
* @public */ LaunchSpecification?: RequestSpotLaunchSpecification | undefined; /** *The key-value pair for tagging the Spot Instance request on creation. The value for
* ResourceType must be spot-instances-request, otherwise the
* Spot Instance request fails. To tag the Spot Instance request after it has been created,
* see CreateTags.
The behavior when a Spot Instance is interrupted. The default is terminate.
Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend * using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price.
*If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter.
*Unique, case-sensitive identifier that you provide to ensure the idempotency of the * request. For more information, see Ensuring idempotency in * Amazon EC2 API requests in the Amazon EC2 User Guide.
* @public */ ClientToken?: string | undefined; /** *The maximum number of Spot Instances to launch.
*Default: 1
* @public */ InstanceCount?: number | undefined; /** *The Spot Instance request type.
*Default: one-time
*
The start date of the request. If this is a one-time request, the request becomes * active at this date and time and remains active until all instances launch, the request * expires, or the request is canceled. If the request is persistent, the request becomes * active at this date and time and remains active until it expires or is canceled.
*The specified start date and time cannot be equal to the current date and time. You * must specify a start date and time that occurs after the current date and time.
* @public */ ValidFrom?: Date | undefined; /** *The end date of the request, in UTC format * (YYYY-MM-DDTHH:MM:SSZ).
*For a persistent request, the request remains active until the
* ValidUntil date and time is reached. Otherwise, the request
* remains active until you cancel it.
For a one-time request, the request remains active until all instances launch,
* the request is canceled, or the ValidUntil date and time is
* reached. By default, the request is valid for 7 days from the date the request
* was created.
The instance launch group. Launch groups are Spot Instances that launch together and * terminate together.
*Default: Instances are launched and terminated individually
* @public */ LaunchGroup?: string | undefined; /** *The user-specified name for a logical grouping of requests.
*When you specify an Availability Zone group in a Spot Instance request, all Spot * Instances in the request are launched in the same Availability Zone. Instance proximity * is maintained with this parameter, but the choice of Availability Zone is not. The group * applies only to requests for Spot Instances of the same instance type. Any additional * Spot Instance requests that are specified with the same Availability Zone group name are * launched in that same Availability Zone, as long as at least one instance from the group * is still active.
*If there is no active instance running in the Availability Zone group that you specify * for a new Spot Instance request (all instances are terminated, the request is expired, * or the maximum price you specified falls below current Spot price), then Amazon EC2 launches * the instance in any Availability Zone where the constraint can be met. Consequently, the * subsequent set of Spot Instances could be placed in a different zone from the original * request, even if you specified the same Availability Zone group.
*Default: Instances are launched in any available Availability Zone.
* @public */ AvailabilityZoneGroup?: string | undefined; /** *Deprecated.
* @public */ BlockDurationMinutes?: number | undefined; } /** *Contains the output of RequestSpotInstances.
* @public */ export interface RequestSpotInstancesResult { /** *The Spot Instance requests.
* @public */ SpotInstanceRequests?: SpotInstanceRequest[] | undefined; } /** * @public */ export interface ResetAddressAttributeRequest { /** *[EC2-VPC] The allocation ID.
* @public */ AllocationId: string | undefined; /** *The attribute of the IP address.
* @public */ Attribute: AddressAttributeName | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the IP address.
* @public */ Address?: AddressAttribute | undefined; } /** * @public */ export interface ResetEbsDefaultKmsKeyIdRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Amazon Resource Name (ARN) of the default KMS key for EBS encryption by default.
* @public */ KmsKeyId?: string | undefined; } /** * @public */ export interface ResetFpgaImageAttributeRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the AFI.
* @public */ FpgaImageId: string | undefined; /** *The attribute.
* @public */ Attribute?: ResetFpgaImageAttributeName | undefined; } /** * @public */ export interface ResetFpgaImageAttributeResult { /** *Is true if the request succeeds, and an error otherwise.
Contains the parameters for ResetImageAttribute.
* @public */ export interface ResetImageAttributeRequest { /** *The attribute to reset (currently you can only reset the launch permission * attribute).
* @public */ Attribute: ResetImageAttributeName | undefined; /** *The ID of the AMI.
* @public */ ImageId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *The attribute to reset.
*You can only reset the following attributes: kernel |
* ramdisk | sourceDestCheck.
Contains the parameters for ResetNetworkInterfaceAttribute.
* @public */ export interface ResetNetworkInterfaceAttributeRequest { /** *Checks whether you have the required permissions for the action, without actually
* making the request, and provides an error response. If you have the required
* permissions, the error response is DryRunOperation. Otherwise, it is
* UnauthorizedOperation.
The ID of the network interface.
* @public */ NetworkInterfaceId: string | undefined; /** *The source/destination checking attribute. Resets the value to
* true.
The attribute to reset. Currently, only the attribute for permission to create volumes can * be reset.
* @public */ Attribute: SnapshotAttributeName | undefined; /** *The ID of the snapshot.
* @public */ SnapshotId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The Elastic IP address.
* @public */ PublicIp: string | undefined; } /** * @public */ export interface RestoreAddressToClassicResult { /** *The Elastic IP address.
* @public */ PublicIp?: string | undefined; /** *The move status for the IP address.
* @public */ Status?: Status | undefined; } /** * @public */ export interface RestoreImageFromRecycleBinRequest { /** *The ID of the AMI to restore.
* @public */ ImageId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the prefix list.
* @public */ PrefixListId: string | undefined; /** *The version to restore.
* @public */ PreviousVersion: number | undefined; /** *The current version number for the prefix list.
* @public */ CurrentVersion: number | undefined; } /** * @public */ export interface RestoreManagedPrefixListVersionResult { /** *Information about the prefix list.
* @public */ PrefixList?: ManagedPrefixList | undefined; } /** * @public */ export interface RestoreSnapshotFromRecycleBinRequest { /** *The ID of the snapshot to restore.
* @public */ SnapshotId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The ARN of the Outpost on which the snapshot is stored. For more information, see Amazon EBS local snapshots on Outposts in the * Amazon EBS User Guide.
* @public */ OutpostArn?: string | undefined; /** *The description for the snapshot.
* @public */ Description?: string | undefined; /** *Indicates whether the snapshot is encrypted.
* @public */ Encrypted?: boolean | undefined; /** *The ID of the Amazon Web Services account that owns the EBS snapshot.
* @public */ OwnerId?: string | undefined; /** *The progress of the snapshot, as a percentage.
* @public */ Progress?: string | undefined; /** *The time stamp when the snapshot was initiated.
* @public */ StartTime?: Date | undefined; /** *The state of the snapshot.
* @public */ State?: SnapshotState | undefined; /** *The ID of the volume that was used to create the snapshot.
* @public */ VolumeId?: string | undefined; /** *The size of the volume, in GiB.
* @public */ VolumeSize?: number | undefined; /** *Reserved for future use.
* @public */ SseType?: SSEType | undefined; } /** * @public */ export interface RestoreSnapshotTierRequest { /** *The ID of the snapshot to restore.
* @public */ SnapshotId: string | undefined; /** *Specifies the number of days for which to temporarily restore an archived snapshot. * Required for temporary restores only. The snapshot will be automatically re-archived * after this period.
*To temporarily restore an archived snapshot, specify the number of days and omit
* the PermanentRestore parameter or set it to
* false.
Indicates whether to permanently restore an archived snapshot. To permanently restore
* an archived snapshot, specify true and omit the
* RestoreSnapshotTierRequest$TemporaryRestoreDays parameter.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The date and time when the snapshot restore process started.
* @public */ RestoreStartTime?: Date | undefined; /** *For temporary restores only. The number of days for which the archived snapshot * is temporarily restored.
* @public */ RestoreDuration?: number | undefined; /** *Indicates whether the snapshot is permanently restored. true indicates a permanent
* restore. false indicates a temporary restore.
The ID of the volume to restore.
* @public */ VolumeId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, it returns an error.
The ID of the Client VPN endpoint with which the authorization rule is associated.
* @public */ ClientVpnEndpointId: string | undefined; /** *The IPv4 address range, in CIDR notation, of the network for which access is being removed.
* @public */ TargetNetworkCidr: string | undefined; /** *The ID of the Active Directory group for which to revoke access.
* @public */ AccessGroupId?: string | undefined; /** *Indicates whether access should be revoked for all groups for a single TargetNetworkCidr that earlier authorized ingress for all groups using AuthorizeAllGroups.
* This does not impact other authorization rules that allowed ingress to the same TargetNetworkCidr with a specific AccessGroupId.
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
The current state of the authorization rule.
* @public */ Status?: ClientVpnAuthorizationRuleStatus | undefined; } /** * @public */ export interface RevokeSecurityGroupEgressRequest { /** *The IDs of the security group rules.
* @public */ SecurityGroupRuleIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the security group.
* @public */ GroupId: string | undefined; /** *Not supported. Use a set of IP permissions to specify a * destination security group.
* @public */ SourceSecurityGroupName?: string | undefined; /** *Not supported. Use a set of IP permissions to specify a destination security * group.
* @public */ SourceSecurityGroupOwnerId?: string | undefined; /** *Not supported. Use a set of IP permissions to specify the protocol name or * number.
* @public */ IpProtocol?: string | undefined; /** *Not supported. Use a set of IP permissions to specify the port.
* @public */ FromPort?: number | undefined; /** *Not supported. Use a set of IP permissions to specify the port.
* @public */ ToPort?: number | undefined; /** *Not supported. Use a set of IP permissions to specify the CIDR.
* @public */ CidrIp?: string | undefined; /** *The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.
* @public */ IpPermissions?: IpPermission[] | undefined; } /** *A security group rule removed with RevokeSecurityGroupEgress or RevokeSecurityGroupIngress.
* @public */ export interface RevokedSecurityGroupRule { /** *A security group rule ID.
* @public */ SecurityGroupRuleId?: string | undefined; /** *A security group ID.
* @public */ GroupId?: string | undefined; /** *Defines if a security group rule is an outbound rule.
* @public */ IsEgress?: boolean | undefined; /** *The security group rule's protocol.
* @public */ IpProtocol?: string | undefined; /** *The 'from' port number of the security group rule.
* @public */ FromPort?: number | undefined; /** *The 'to' port number of the security group rule.
* @public */ ToPort?: number | undefined; /** *The IPv4 CIDR of the traffic source.
* @public */ CidrIpv4?: string | undefined; /** *The IPv6 CIDR of the traffic source.
* @public */ CidrIpv6?: string | undefined; /** *The ID of a prefix list that's the traffic source.
* @public */ PrefixListId?: string | undefined; /** *The ID of a referenced security group.
* @public */ ReferencedGroupId?: string | undefined; /** *A description of the revoked security group rule.
* @public */ Description?: string | undefined; } /** * @public */ export interface RevokeSecurityGroupEgressResult { /** *Returns true if the request succeeds; otherwise, returns an error.
The outbound rules that were unknown to the service. In some cases,
* unknownIpPermissionSet might be in a different format from the request
* parameter.
Details about the revoked security group rules.
* @public */ RevokedSecurityGroupRules?: RevokedSecurityGroupRule[] | undefined; } /** * @public */ export interface RevokeSecurityGroupIngressRequest { /** *The CIDR IP address range. You can't specify this parameter when specifying a source security group.
* @public */ CidrIp?: string | undefined; /** *If the protocol is TCP or UDP, this is the start of the port range. * If the protocol is ICMP, this is the ICMP type or -1 (all ICMP types).
* @public */ FromPort?: number | undefined; /** *The ID of the security group.
* @public */ GroupId?: string | undefined; /** *[Default VPC] The name of the security group. You must specify either the * security group ID or the security group name in the request. For security groups in a * nondefault VPC, you must specify the security group ID.
* @public */ GroupName?: string | undefined; /** *The sets of IP permissions. You can't specify a source security group and a CIDR IP address range in the same set of permissions.
* @public */ IpPermissions?: IpPermission[] | undefined; /** *The IP protocol name (tcp, udp, icmp) or number
* (see Protocol Numbers).
* Use -1 to specify all.
[Default VPC] The name of the source security group. You can't specify this parameter * in combination with the following parameters: the CIDR IP address range, the start of the port range, * the IP protocol, and the end of the port range. The source security group must be in the same VPC. * To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.
* @public */ SourceSecurityGroupName?: string | undefined; /** *Not supported.
* @public */ SourceSecurityGroupOwnerId?: string | undefined; /** *If the protocol is TCP or UDP, this is the end of the port range. * If the protocol is ICMP, this is the ICMP code or -1 (all ICMP codes).
* @public */ ToPort?: number | undefined; /** *The IDs of the security group rules.
* @public */ SecurityGroupRuleIds?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Returns true if the request succeeds; otherwise, returns an error.
The inbound rules that were unknown to the service. In some cases,
* unknownIpPermissionSet might be in a different format from the request
* parameter.
Details about the revoked security group rules.
* @public */ RevokedSecurityGroupRules?: RevokedSecurityGroupRule[] | undefined; } /** *The CPU options for the instance. Both the core count and threads per core must be * specified in the request.
* @public */ export interface CpuOptionsRequest { /** *The number of CPU cores for the instance.
* @public */ CoreCount?: number | undefined; /** *The number of threads per CPU core. To disable multithreading for the instance,
* specify a value of 1. Otherwise, specify the default value of
* 2.
Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported * with M6a, R6a, and C6a instance types only. For more information, see * AMD SEV-SNP.
* @public */ AmdSevSnp?: AmdSevSnpSpecification | undefined; /** *Indicates whether to enable the instance for nested virtualization. * Nested virtualization is supported only on 8th generation Intel-based instance types (c8i, m8i, r8i, and their flex variants). * When nested virtualization is enabled, Virtual Secure Mode (VSM) is automatically disabled for the instance.
* @public */ NestedVirtualization?: NestedVirtualizationSpecification | undefined; } /** *Amazon Elastic Inference is no longer available.
** Describes an elastic inference accelerator. *
* @public */ export interface ElasticInferenceAccelerator { /** *
* The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, eia1.xlarge, eia2.medium, eia2.large, and eia2.xlarge.
*
* The number of elastic inference accelerators to attach to the instance. *
*Default: 1
* @public */ Count?: number | undefined; } /** *Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For * more information, see What is Amazon Web Services Nitro * Enclaves? in the Amazon Web Services Nitro Enclaves User * Guide.
* @public */ export interface EnclaveOptionsRequest { /** *To enable the instance for Amazon Web Services Nitro Enclaves, set this parameter to
* true.
Indicates whether your instance is configured for hibernation. This parameter is valid * only if the instance meets the hibernation * prerequisites. For more information, see Hibernate your Amazon EC2 * instance in the Amazon EC2 User Guide.
* @public */ export interface HibernationOptionsRequest { /** *Set to true to enable your instance for hibernation.
For Spot Instances, if you set Configured to true, either
* omit the InstanceInterruptionBehavior parameter (for
* SpotMarketOptions
* ), or set it to
* hibernate. When Configured is true:
If you omit InstanceInterruptionBehavior, it defaults to
* hibernate.
If you set InstanceInterruptionBehavior to a value other than
* hibernate, you'll get an error.
Default: false
*
The options for Spot Instances.
* @public */ export interface SpotMarketOptions { /** *The maximum hourly price that you're willing to pay for a Spot Instance. We do not * recommend using this parameter because it can lead to increased interruptions. If you do * not specify this parameter, you will pay the current Spot price.
*If you specify a maximum price, your Spot Instances will be interrupted more * frequently than if you do not specify this parameter.
*If you specify a maximum price, it must be more than USD $0.001. Specifying a value
* below USD $0.001 will result in an InvalidParameterValue error
* message.
The Spot Instance request type. For RunInstances, persistent
* Spot Instance requests are only supported when the instance interruption behavior is
* either hibernate or stop.
Deprecated.
* @public */ BlockDurationMinutes?: number | undefined; /** *The end date of the request, in UTC format * (YYYY-MM-DDTHH:MM:SSZ). * Supported only for persistent requests.
*For a persistent request, the request remains active until the
* ValidUntil date and time is reached. Otherwise, the request
* remains active until you cancel it.
For a one-time request, ValidUntil is not supported. The request
* remains active until all instances launch or you cancel the request.
The behavior when a Spot Instance is interrupted.
*If Configured (for
* HibernationOptions
* ) is set to true, the
* InstanceInterruptionBehavior parameter is automatically set to
* hibernate. If you set it to stop or
* terminate, you'll get an error.
If Configured (for
* HibernationOptions
* ) is set to false or
* null, the InstanceInterruptionBehavior parameter is
* automatically set to terminate. You can also set it to stop or
* hibernate.
For more information, see Interruption * behavior in the Amazon EC2 User Guide.
* @public */ InstanceInterruptionBehavior?: InstanceInterruptionBehavior | undefined; } /** *Describes the market (purchasing) option for the instances.
* @public */ export interface InstanceMarketOptionsRequest { /** *The market type.
* @public */ MarketType?: MarketType | undefined; /** *The options for Spot Instances.
* @public */ SpotOptions?: SpotMarketOptions | undefined; } /** *Describes the launch template to use.
* @public */ export interface LaunchTemplateSpecification { /** *The ID of the launch template.
*You must specify either the launch template ID or the * launch template name, but not both.
* @public */ LaunchTemplateId?: string | undefined; /** *The name of the launch template.
*You must specify either the launch template ID or the * launch template name, but not both.
* @public */ LaunchTemplateName?: string | undefined; /** *The launch template version number, $Latest, or
* $Default.
A value of $Latest uses the latest version of the launch template.
A value of $Default uses the default version of the launch template.
Default: The default version of the launch template.
* @public */ Version?: string | undefined; } /** *Describes a license configuration.
* @public */ export interface LicenseConfigurationRequest { /** *The Amazon Resource Name (ARN) of the license configuration.
* @public */ LicenseConfigurationArn?: string | undefined; } /** *The maintenance options for the instance.
* @public */ export interface InstanceMaintenanceOptionsRequest { /** *Disables the automatic recovery behavior of your instance or sets it to default. For * more information, see Simplified automatic recovery.
* @public */ AutoRecovery?: InstanceAutoRecoveryState | undefined; } /** *The metadata options for the instance.
* @public */ export interface InstanceMetadataOptionsRequest { /** *Indicates whether IMDSv2 is required.
*
* optional - IMDSv2 is optional, which means that you can use
* either IMDSv2 or IMDSv1.
* required - IMDSv2 is required, which means that IMDSv1 is
* disabled, and you must use IMDSv2.
Default:
*If the value of ImdsSupport for the Amazon Machine Image (AMI)
* for your instance is v2.0 and the account level default is set to
* no-preference, the default is required.
If the value of ImdsSupport for the Amazon Machine Image (AMI)
* for your instance is v2.0, but the account level default is set to
* V1 or V2, the default is optional.
The default value can also be affected by other combinations of parameters. For more * information, see Order of precedence for instance metadata options in the * Amazon EC2 User Guide.
* @public */ HttpTokens?: HttpTokensState | undefined; /** *The maximum number of hops that the metadata token can travel.
*Possible values: Integers from 1 to 64
* @public */ HttpPutResponseHopLimit?: number | undefined; /** *Enables or disables the HTTP metadata endpoint on your instances.
*If you specify a value of disabled, you cannot access your instance
* metadata.
Default: enabled
*
Enables or disables the IPv6 endpoint for the instance metadata service.
*Default: disabled
*
Set to enabled to allow access to instance tags from the instance
* metadata. Set to disabled to turn off access to instance tags from the
* instance metadata. For more information, see View tags for your EC2
* instances using instance metadata.
Default: disabled
*
Configure network performance options for your instance that are geared towards performance * improvements based on the workload that it runs.
* @public */ export interface InstanceNetworkPerformanceOptionsRequest { /** *Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, * as follows:
*This option uses the standard bandwidth configuration for your instance type.
*This option boosts your networking baseline bandwidth and reduces your EBS baseline * bandwidth.
*This option boosts your EBS baseline bandwidth and reduces your networking baseline * bandwidth.
*Describes the options for instance hostnames.
* @public */ export interface PrivateDnsNameOptionsRequest { /** *The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name * must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name * must be based on the instance ID. For dual-stack subnets, you can specify whether DNS * names use the instance IPv4 address or the instance ID.
* @public */ HostnameType?: HostnameType | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS A * records.
* @public */ EnableResourceNameDnsARecord?: boolean | undefined; /** *Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA * records.
* @public */ EnableResourceNameDnsAAAARecord?: boolean | undefined; } /** *Describes a private IPv4 address for a secondary interface request.
* @public */ export interface InstanceSecondaryInterfacePrivateIpAddressRequest { /** *The private IPv4 address.
* @public */ PrivateIpAddress: string | undefined; } /** *Describes a secondary interface specification for launching an instance.
* @public */ export interface InstanceSecondaryInterfaceSpecificationRequest { /** *Indicates whether the secondary interface is deleted when the instance is terminated.
*The only supported value for this field is true.
The device index for the secondary interface attachment.
* @public */ DeviceIndex?: number | undefined; /** *The private IPv4 addresses to assign to the secondary interface.
* @public */ PrivateIpAddresses?: InstanceSecondaryInterfacePrivateIpAddressRequest[] | undefined; /** *The number of private IPv4 addresses to assign to the secondary interface.
* @public */ PrivateIpAddressCount?: number | undefined; /** *The ID of the secondary subnet.
* @public */ SecondarySubnetId?: string | undefined; /** *The type of secondary interface.
* @public */ InterfaceType?: SecondaryInterfaceType | undefined; /** *The index of the network card. The network card must support secondary interfaces.
* @public */ NetworkCardIndex?: number | undefined; } /** * @public */ export interface RunInstancesRequest { /** *The block device mapping, which defines the EBS volumes and instance store volumes to * attach to the instance at launch. For more information, see Block device * mappings in the Amazon EC2 User Guide.
* @public */ BlockDeviceMappings?: BlockDeviceMapping[] | undefined; /** *The ID of the AMI. An AMI ID is required to launch an instance and must be specified * here or in a launch template.
* @public */ ImageId?: string | undefined; /** *The instance type. For more information, see Amazon EC2 Instance * Types Guide.
* @public */ InstanceType?: _InstanceType | undefined; /** *The number of IPv6 addresses to associate with the primary network * interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You * cannot specify this option and the option to assign specific IPv6 addresses in the same * request. You can specify this option if you've specified a minimum number of instances * to launch.
*You cannot specify this option and the network interfaces option in the same * request.
* @public */ Ipv6AddressCount?: number | undefined; /** *The IPv6 addresses from the range of the subnet to associate with the * primary network interface. You cannot specify this option and the option to assign a * number of IPv6 addresses in the same request. You cannot specify this option if you've * specified a minimum number of instances to launch.
*You cannot specify this option and the network interfaces option in the same * request.
* @public */ Ipv6Addresses?: InstanceIpv6Address[] | undefined; /** *The ID of the kernel.
*We recommend that you use PV-GRUB instead of kernels and RAM disks. For more * information, see PV-GRUB in the * Amazon EC2 User Guide.
*The name of the key pair. For more information, see Create a key pair for your EC2 instance.
*If you do not specify a key pair, you can't connect to the instance unless you * choose an AMI that is configured to allow users another way to log in.
*The maximum number of instances to launch. If you specify a value that is more * capacity than Amazon EC2 can launch in the target Availability Zone, Amazon EC2 * launches the largest possible number of instances above the specified minimum * count.
*Constraints: Between 1 and the quota for the specified instance type for your account for this Region. * For more information, see Amazon EC2 instance type quotas.
* @public */ MaxCount: number | undefined; /** *The minimum number of instances to launch. If you specify a value that is more * capacity than Amazon EC2 can provide in the target Availability Zone, Amazon EC2 does * not launch any instances.
*Constraints: Between 1 and the quota for the specified instance type for your account for this Region. * For more information, see Amazon EC2 instance type quotas.
* @public */ MinCount: number | undefined; /** *Specifies whether detailed monitoring is enabled for the instance.
* @public */ Monitoring?: RunInstancesMonitoringEnabled | undefined; /** *The placement for the instance.
* @public */ Placement?: Placement | undefined; /** *The ID of the RAM disk to select. Some kernels require additional drivers at launch. * Check the kernel requirements for information about whether you need to specify a RAM * disk. To find kernel requirements, go to the Amazon Web Services Resource Center and * search for the kernel ID.
*We recommend that you use PV-GRUB instead of kernels and RAM disks. For more * information, see PV-GRUB in the * Amazon EC2 User Guide.
*The IDs of the security groups.
*If you specify a network interface, you must specify any security groups as part of * the network interface instead of using this parameter.
* @public */ SecurityGroupIds?: string[] | undefined; /** *[Default VPC] The names of the security groups.
*If you specify a network interface, you must specify any security groups as part of * the network interface instead of using this parameter.
*Default: Amazon EC2 uses the default security group.
* @public */ SecurityGroups?: string[] | undefined; /** *The ID of the subnet to launch the instance into.
*If you specify a network interface, you must specify any subnets as part of the * network interface instead of using this parameter.
* @public */ SubnetId?: string | undefined; /** *The user data to make available to the instance. User data must be base64-encoded. * Depending on the tool or SDK that you're using, the base64-encoding might be performed for you. * For more information, see Run commands at launch using instance user data.
* @public */ UserData?: string | undefined; /** *An elastic GPU to associate with the instance.
*Amazon Elastic Graphics reached end of life on January 8, 2024.
*An elastic inference accelerator to associate with the instance.
*Amazon Elastic Inference is no longer available.
*The tags to apply to the resources that are created during instance launch.
*You can specify tags for the following resources only:
*Instances
*Volumes
*Spot Instance requests
*Network interfaces
*To tag a resource after it has been created, see CreateTags.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *The launch template. Any additional parameters that you specify for the new instance * overwrite the corresponding parameters included in the launch template.
* @public */ LaunchTemplate?: LaunchTemplateSpecification | undefined; /** *The market (purchasing) option for the instances.
*For RunInstances, persistent Spot Instance requests are
* only supported when InstanceInterruptionBehavior is set
* to either hibernate or stop.
The credit option for CPU usage of the burstable performance instance. Valid values
* are standard and unlimited. To change this attribute after
* launch, use
* ModifyInstanceCreditSpecification. For more information, see Burstable
* performance instances in the Amazon EC2 User Guide.
Default: standard (T2 instances) or unlimited (T3/T3a/T4g
* instances)
For T3 instances with host tenancy, only standard is
* supported.
The CPU options for the instance. For more information, see Optimize CPU options in the Amazon EC2 User Guide.
* @public */ CpuOptions?: CpuOptionsRequest | undefined; /** *Information about the Capacity Reservation targeting option. If you do not specify this parameter, the
* instance's Capacity Reservation preference defaults to open, which enables
* it to run in any open Capacity Reservation that has matching attributes (instance type,
* platform, Availability Zone, and tenancy).
Indicates whether an instance is enabled for hibernation. This parameter is valid only * if the instance meets the hibernation * prerequisites. For more information, see Hibernate your Amazon EC2 * instance in the Amazon EC2 User Guide.
*You can't enable hibernation and Amazon Web Services Nitro Enclaves on the same * instance.
* @public */ HibernationOptions?: HibernationOptionsRequest | undefined; /** *The license configurations.
* @public */ LicenseSpecifications?: LicenseConfigurationRequest[] | undefined; /** *The metadata options for the instance. For more information, see Configure the Instance Metadata Service options.
* @public */ MetadataOptions?: InstanceMetadataOptionsRequest | undefined; /** *Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. For * more information, see Amazon Web Services Nitro * Enclaves User Guide.
*You can't enable Amazon Web Services Nitro Enclaves and hibernation on the same * instance.
* @public */ EnclaveOptions?: EnclaveOptionsRequest | undefined; /** *The options for the instance hostname. * The default values are inherited from the subnet. * Applies only if creating a network interface, not attaching an existing one.
* @public */ PrivateDnsNameOptions?: PrivateDnsNameOptionsRequest | undefined; /** *The maintenance and recovery options for the instance.
* @public */ MaintenanceOptions?: InstanceMaintenanceOptionsRequest | undefined; /** *Indicates whether an instance is enabled for stop protection. For more information, * see Enable stop protection for your EC2 instances.
* @public */ DisableApiStop?: boolean | undefined; /** *If you’re launching an instance into a dual-stack or IPv6-only subnet, you can enable * assigning a primary IPv6 address. A primary IPv6 address is an IPv6 GUA address * associated with an ENI that you have enabled to use a primary IPv6 address. Use this * option if an instance relies on its IPv6 address not changing. When you launch the * instance, Amazon Web Services will automatically assign an IPv6 address associated with * the ENI attached to your instance to be the primary IPv6 address. Once you enable an * IPv6 GUA address to be a primary IPv6, you cannot disable it. When you enable an IPv6 * GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 * address until the instance is terminated or the network interface is detached. If you * have multiple IPv6 addresses associated with an ENI attached to your instance and you * enable a primary IPv6 address, the first IPv6 GUA address associated with the ENI * becomes the primary IPv6 address.
* @public */ EnablePrimaryIpv6?: boolean | undefined; /** *Contains settings for the network performance options for the instance.
* @public */ NetworkPerformanceOptions?: InstanceNetworkPerformanceOptionsRequest | undefined; /** *Reserved for internal use.
* @public */ Operator?: OperatorRequest | undefined; /** *The secondary interfaces to associate with the instance.
* @public */ SecondaryInterfaces?: InstanceSecondaryInterfaceSpecificationRequest[] | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Indicates whether termination protection is enabled for the instance. The default
* is false, which means that you can terminate the instance using
* the Amazon EC2 console, command line tools, or API. You can enable termination protection
* when you launch an instance, while the instance is running, or while the instance
* is stopped.
Indicates whether an instance stops or terminates when you initiate shutdown from the * instance (using the operating system command for system shutdown).
*Default: stop
*
The primary IPv4 address. You must specify a value from the IPv4 address * range of the subnet.
*Only one private IP address can be designated as primary. You can't specify this * option if you've specified the option to designate a private IP address as the primary * IP address in a network interface specification. You cannot specify this option if * you're launching more than one instance in the request.
*You cannot specify this option and the network interfaces option in the same * request.
* @public */ PrivateIpAddress?: string | undefined; /** *Unique, case-sensitive identifier you provide to ensure the idempotency of the * request. If you do not specify a client token, a randomly generated token is used for * the request to ensure idempotency.
*For more information, see Ensuring idempotency in Amazon EC2 API requests.
*Constraints: Maximum 64 ASCII characters
* @public */ ClientToken?: string | undefined; /** *Reserved.
* @public */ AdditionalInfo?: string | undefined; /** *The network interfaces to associate with the instance.
* @public */ NetworkInterfaces?: InstanceNetworkInterfaceSpecification[] | undefined; /** *The name or Amazon Resource Name (ARN) of an IAM instance * profile.
* @public */ IamInstanceProfile?: IamInstanceProfileSpecification | undefined; /** *Indicates whether the instance is optimized for Amazon EBS I/O. This optimization * provides dedicated throughput to Amazon EBS and an optimized configuration stack to * provide optimal Amazon EBS I/O performance. This optimization isn't available with all * instance types. Additional usage charges apply when using an EBS-optimized * instance.
*Default: false
*
Describes an EBS volume for a Scheduled Instance.
* @public */ export interface ScheduledInstancesEbs { /** *Indicates whether the volume is deleted on instance termination.
* @public */ DeleteOnTermination?: boolean | undefined; /** *Indicates whether the volume is encrypted. You can attached encrypted volumes only to instances that * support them.
* @public */ Encrypted?: boolean | undefined; /** *The number of I/O operations per second (IOPS) to provision for a gp3, io1, or io2
* volume.
The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; /** *The size of the volume, in GiB.
*Default: If you're creating the volume from a snapshot and don't specify a volume size, the default * is the snapshot size.
* @public */ VolumeSize?: number | undefined; /** *The volume type.
*Default: gp2
*
Describes a block device mapping for a Scheduled Instance.
* @public */ export interface ScheduledInstancesBlockDeviceMapping { /** *The device name (for example, /dev/sdh or xvdh).
Parameters used to set up EBS volumes automatically when the instance is launched.
* @public */ Ebs?: ScheduledInstancesEbs | undefined; /** *To omit the device from the block device mapping, specify an empty string.
* @public */ NoDevice?: string | undefined; /** *The virtual device name (ephemeralN). Instance store volumes are numbered
* starting from 0. An instance type with two available instance store volumes can specify mappings
* for ephemeral0 and ephemeral1. The number of available instance store
* volumes depends on the instance type. After you connect to the instance, you must mount the
* volume.
Constraints: For M3 instances, you must specify instance store volumes in the block device * mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes * specified in the block device mapping for the AMI.
* @public */ VirtualName?: string | undefined; } /** *Describes an IAM instance profile for a Scheduled Instance.
* @public */ export interface ScheduledInstancesIamInstanceProfile { /** *The Amazon Resource Name (ARN).
* @public */ Arn?: string | undefined; /** *The name.
* @public */ Name?: string | undefined; } /** *Describes whether monitoring is enabled for a Scheduled Instance.
* @public */ export interface ScheduledInstancesMonitoring { /** *Indicates whether monitoring is enabled.
* @public */ Enabled?: boolean | undefined; } /** *Describes an IPv6 address.
* @public */ export interface ScheduledInstancesIpv6Address { /** *The IPv6 address.
* @public */ Ipv6Address?: string | undefined; } /** *Describes a private IPv4 address for a Scheduled Instance.
* @public */ export interface ScheduledInstancesPrivateIpAddressConfig { /** *Indicates whether this is a primary IPv4 address. Otherwise, this is a secondary IPv4 address.
* @public */ Primary?: boolean | undefined; /** *The IPv4 address.
* @public */ PrivateIpAddress?: string | undefined; } /** *Describes a network interface for a Scheduled Instance.
* @public */ export interface ScheduledInstancesNetworkInterface { /** *Indicates whether to assign a public IPv4 address to instances launched in a VPC. The
* public IPv4 address can only be assigned to a network interface for eth0, and can only be
* assigned to a new network interface, not an existing one. You cannot specify more than one
* network interface in the request. If launching into a default subnet, the default value is
* true.
Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses * associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
* @public */ AssociatePublicIpAddress?: boolean | undefined; /** *Indicates whether to delete the interface when the instance is terminated.
* @public */ DeleteOnTermination?: boolean | undefined; /** *The description.
* @public */ Description?: string | undefined; /** *The index of the device for the network interface attachment.
* @public */ DeviceIndex?: number | undefined; /** *The IDs of the security groups.
* @public */ Groups?: string[] | undefined; /** *The number of IPv6 addresses to assign to the network interface. The IPv6 addresses are automatically selected from the subnet range.
* @public */ Ipv6AddressCount?: number | undefined; /** *The specific IPv6 addresses from the subnet range.
* @public */ Ipv6Addresses?: ScheduledInstancesIpv6Address[] | undefined; /** *The ID of the network interface.
* @public */ NetworkInterfaceId?: string | undefined; /** *The IPv4 address of the network interface within the subnet.
* @public */ PrivateIpAddress?: string | undefined; /** *The private IPv4 addresses.
* @public */ PrivateIpAddressConfigs?: ScheduledInstancesPrivateIpAddressConfig[] | undefined; /** *The number of secondary private IPv4 addresses.
* @public */ SecondaryPrivateIpAddressCount?: number | undefined; /** *The ID of the subnet.
* @public */ SubnetId?: string | undefined; } /** *Describes the placement for a Scheduled Instance.
* @public */ export interface ScheduledInstancesPlacement { /** *The Availability Zone.
* @public */ AvailabilityZone?: string | undefined; /** *The name of the placement group.
* @public */ GroupName?: string | undefined; } /** *Describes the launch specification for a Scheduled Instance.
*If you are launching the Scheduled Instance in EC2-VPC, you must specify the ID of the subnet.
* You can specify the subnet using either SubnetId or NetworkInterface.
The block device mapping entries.
* @public */ BlockDeviceMappings?: ScheduledInstancesBlockDeviceMapping[] | undefined; /** *Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
*Default: false
*
The IAM instance profile.
* @public */ IamInstanceProfile?: ScheduledInstancesIamInstanceProfile | undefined; /** *The ID of the Amazon Machine Image (AMI).
* @public */ ImageId: string | undefined; /** *The instance type.
* @public */ InstanceType?: string | undefined; /** *The ID of the kernel.
* @public */ KernelId?: string | undefined; /** *The name of the key pair.
* @public */ KeyName?: string | undefined; /** *Enable or disable monitoring for the instances.
* @public */ Monitoring?: ScheduledInstancesMonitoring | undefined; /** *The network interfaces.
* @public */ NetworkInterfaces?: ScheduledInstancesNetworkInterface[] | undefined; /** *The placement information.
* @public */ Placement?: ScheduledInstancesPlacement | undefined; /** *The ID of the RAM disk.
* @public */ RamdiskId?: string | undefined; /** *The IDs of the security groups.
* @public */ SecurityGroupIds?: string[] | undefined; /** *The ID of the subnet in which to launch the instances.
* @public */ SubnetId?: string | undefined; /** *The base64-encoded MIME user data.
* @public */ UserData?: string | undefined; } /** *Contains the parameters for RunScheduledInstances.
* @public */ export interface RunScheduledInstancesRequest { /** *Unique, case-sensitive identifier that ensures the idempotency of the request. * For more information, see Ensuring Idempotency.
* @public */ ClientToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The number of instances.
*Default: 1
* @public */ InstanceCount?: number | undefined; /** *The launch specification. You must match the instance type, Availability Zone, * network, and platform of the schedule that you purchased.
* @public */ LaunchSpecification: ScheduledInstancesLaunchSpecification | undefined; /** *The Scheduled Instance ID.
* @public */ ScheduledInstanceId: string | undefined; } /** *Contains the output of RunScheduledInstances.
* @public */ export interface RunScheduledInstancesResult { /** *The IDs of the newly launched instances.
* @public */ InstanceIdSet?: string[] | undefined; } /** * @public */ export interface SearchLocalGatewayRoutesRequest { /** *The ID of the local gateway route table.
* @public */ LocalGatewayRouteTableId: string | undefined; /** *One or more filters.
*
* prefix-list-id - The ID of the prefix list.
* route-search.exact-match - The exact match of the specified filter.
* route-search.longest-prefix-match - The longest prefix that matches the route.
* route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.
* route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter.
* For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match
* as 10.0.1.0/30, then the result returns 10.0.1.0/29.
* state - The state of the route.
* type - The route type.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the routes.
* @public */ Routes?: LocalGatewayRoute[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway multicast domain.
* @public */ TransitGatewayMulticastDomainId: string | undefined; /** *One or more filters. The possible values are:
*
* group-ip-address - The IP address of the transit gateway multicast group.
* is-group-member - The resource is a group member. Valid values are true | false.
* is-group-source - The resource is a group source. Valid values are true | false.
* member-type - The member type. Valid values are igmp | static.
* resource-id - The ID of the resource.
* resource-type - The type of resource. Valid values are vpc | vpn | direct-connect-gateway | tgw-peering.
* source-type - The source type. Valid values are igmp | static.
* subnet-id - The ID of the subnet.
* transit-gateway-attachment-id - The id of the transit gateway attachment.
The maximum number of results to return with a single call.
* To retrieve the remaining results, make another call with the returned nextToken value.
The token for the next page of results.
* @public */ NextToken?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Describes the transit gateway multicast group resources.
* @public */ export interface TransitGatewayMulticastGroup { /** *The IP address assigned to the transit gateway multicast group.
* @public */ GroupIpAddress?: string | undefined; /** *The ID of the transit gateway attachment.
* @public */ TransitGatewayAttachmentId?: string | undefined; /** *The ID of the subnet.
* @public */ SubnetId?: string | undefined; /** *The ID of the resource.
* @public */ ResourceId?: string | undefined; /** *The type of resource, for example a VPC attachment.
* @public */ ResourceType?: TransitGatewayAttachmentResourceType | undefined; /** *The ID of the Amazon Web Services account that owns the transit gateway multicast domain group resource.
* @public */ ResourceOwnerId?: string | undefined; /** *The ID of the transit gateway attachment.
* @public */ NetworkInterfaceId?: string | undefined; /** *Indicates that the resource is a transit gateway multicast group member.
* @public */ GroupMember?: boolean | undefined; /** *Indicates that the resource is a transit gateway multicast group member.
* @public */ GroupSource?: boolean | undefined; /** *The member type (for example, static).
The source type.
* @public */ SourceType?: MembershipType | undefined; } /** * @public */ export interface SearchTransitGatewayMulticastGroupsResult { /** *Information about the transit gateway multicast group.
* @public */ MulticastGroups?: TransitGatewayMulticastGroup[] | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the transit gateway route table.
* @public */ TransitGatewayRouteTableId: string | undefined; /** *One or more filters. The possible values are:
*
* attachment.transit-gateway-attachment-id- The id of the transit gateway attachment.
* attachment.resource-id - The resource id of the transit gateway attachment.
* attachment.resource-type - The attachment resource type. Valid values
* are vpc | vpn | direct-connect-gateway |
* peering | connect.
* prefix-list-id - The ID of the prefix list.
* route-search.exact-match - The exact match of the specified filter.
* route-search.longest-prefix-match - The longest prefix that matches the route.
* route-search.subnet-of-match - The routes with a subnet that match the specified CIDR filter.
* route-search.supernet-of-match - The routes with a CIDR that encompass the CIDR filter. For example, if you have 10.0.1.0/29 and 10.0.1.0/31 routes in your route table and you specify supernet-of-match as 10.0.1.0/30, then the result returns 10.0.1.0/29.
* state - The state of the route (active | blackhole).
* type - The type of route (propagated |
* static).
The maximum number of routes to return. If a value is not provided, the default is * 1000.
* @public */ MaxResults?: number | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The token for the next page of results.
* @public */ NextToken?: string | undefined; } /** * @public */ export interface SearchTransitGatewayRoutesResult { /** *Information about the routes.
* @public */ Routes?: TransitGatewayRoute[] | undefined; /** *Indicates whether there are additional routes available.
* @public */ AdditionalRoutesAvailable?: boolean | undefined; /** *The token to use to retrieve the next page of results. This value is null when there are no more results to return.
The ID of the instance.
* @public */ InstanceId: string | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The name of the S3 bucket where the report will be saved. The bucket must be in the * same Region where the report generation request is made.
* @public */ S3Bucket: string | undefined; /** *The prefix for your S3 object.
* @public */ S3Prefix?: string | undefined; /** *The root ID, organizational unit ID, or account ID.
*Format:
*For root: r-ab12
*
For OU: ou-ab12-cdef1234
*
For account: 123456789012
*
The tags to apply.
* @public */ TagSpecifications?: TagSpecification[] | undefined; } /** * @public */ export interface StartDeclarativePoliciesReportResult { /** *The ID of the report.
* @public */ ReportId?: string | undefined; } /** * @public */ export interface StartInstancesRequest { /** *The IDs of the instances.
* @public */ InstanceIds: string[] | undefined; /** *Reserved.
* @public */ AdditionalInfo?: string | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Describes an instance state change.
* @public */ export interface InstanceStateChange { /** *The ID of the instance.
* @public */ InstanceId?: string | undefined; /** *The current state of the instance.
* @public */ CurrentState?: InstanceState | undefined; /** *The previous state of the instance.
* @public */ PreviousState?: InstanceState | undefined; } /** * @public */ export interface StartInstancesResult { /** *Information about the started instances.
* @public */ StartingInstances?: InstanceStateChange[] | undefined; } /** * @public */ export interface StartNetworkInsightsAccessScopeAnalysisRequest { /** *The ID of the Network Access Scope.
* @public */ NetworkInsightsAccessScopeId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The tags to apply.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, * see How to ensure idempotency.
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface StartNetworkInsightsAccessScopeAnalysisResult { /** *The Network Access Scope analysis.
* @public */ NetworkInsightsAccessScopeAnalysis?: NetworkInsightsAccessScopeAnalysis | undefined; } /** * @public */ export interface StartNetworkInsightsAnalysisRequest { /** *The ID of the path.
* @public */ NetworkInsightsPathId: string | undefined; /** *The member accounts that contain resources that the path can traverse.
* @public */ AdditionalAccounts?: string[] | undefined; /** *The Amazon Resource Names (ARN) of the resources that the path must traverse.
* @public */ FilterInArns?: string[] | undefined; /** *The Amazon Resource Names (ARN) of the resources that the path will ignore.
* @public */ FilterOutArns?: string[] | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The tags to apply.
* @public */ TagSpecifications?: TagSpecification[] | undefined; /** *Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, * see How to ensure idempotency.
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface StartNetworkInsightsAnalysisResult { /** *Information about the network insights analysis.
* @public */ NetworkInsightsAnalysis?: NetworkInsightsAnalysis | undefined; } /** * @public */ export interface StartVpcEndpointServicePrivateDnsVerificationRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the endpoint service.
* @public */ ServiceId: string | undefined; } /** * @public */ export interface StartVpcEndpointServicePrivateDnsVerificationResult { /** *Returns true if the request succeeds; otherwise, it returns an error.
The IDs of the instances.
* @public */ InstanceIds: string[] | undefined; /** *Hibernates the instance if the instance was enabled for hibernation at launch. If the * instance cannot hibernate successfully, a normal shutdown occurs. For more information, * see Hibernate * your Amazon EC2 instance in the * Amazon EC2 User Guide.
* Default: false
*
Specifies whether to bypass the graceful OS shutdown process when the instance is * stopped.
*Bypassing the graceful OS shutdown might result in data loss or corruption (for * example, memory contents not flushed to disk or loss of in-flight IOs) or skipped * shutdown scripts.
*Default: false
*
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Forces the instance to stop. The instance will first attempt a graceful shutdown, * which includes flushing file system caches and metadata. If the graceful shutdown fails * to complete within the timeout period, the instance shuts down forcibly without flushing * the file system caches and metadata.
*After using this option, you must perform file system check and repair procedures. * This option is not recommended for Windows instances. For more information, see Troubleshoot * Amazon EC2 instance stop issues in the * Amazon EC2 User Guide.
*Default: false
*
Information about the stopped instances.
* @public */ StoppingInstances?: InstanceStateChange[] | undefined; } /** * @public */ export interface TerminateClientVpnConnectionsRequest { /** *The ID of the Client VPN endpoint to which the client is connected.
* @public */ ClientVpnEndpointId: string | undefined; /** *The ID of the client connection to be terminated.
* @public */ ConnectionId?: string | undefined; /** *The name of the user who initiated the connection. Use this option to terminate all active connections for * the specified user. This option can only be used if the user has established up to five connections.
* @public */ Username?: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about a terminated Client VPN endpoint client connection.
* @public */ export interface TerminateConnectionStatus { /** *The ID of the client connection.
* @public */ ConnectionId?: string | undefined; /** *The state of the client connection.
* @public */ PreviousStatus?: ClientVpnConnectionStatus | undefined; /** *A message about the status of the client connection, if applicable.
* @public */ CurrentStatus?: ClientVpnConnectionStatus | undefined; } /** * @public */ export interface TerminateClientVpnConnectionsResult { /** *The ID of the Client VPN endpoint.
* @public */ ClientVpnEndpointId?: string | undefined; /** *The user who established the terminated client connections.
* @public */ Username?: string | undefined; /** *The current state of the client connections.
* @public */ ConnectionStatuses?: TerminateConnectionStatus[] | undefined; } /** * @public */ export interface TerminateInstancesRequest { /** *The IDs of the instances.
*Constraints: Up to 1000 instance IDs. We recommend breaking up this request into * smaller batches.
* @public */ InstanceIds: string[] | undefined; /** *Forces the instances to terminate. The instance will first attempt a graceful * shutdown, which includes flushing file system caches and metadata. If the graceful * shutdown fails to complete within the timeout period, the instance shuts down forcibly * without flushing the file system caches and metadata.
* @public */ Force?: boolean | undefined; /** *Specifies whether to bypass the graceful OS shutdown process when the instance is * terminated.
*Default: false
*
Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
Information about the terminated instances.
* @public */ TerminatingInstances?: InstanceStateChange[] | undefined; } /** * @public */ export interface UnassignIpv6AddressesRequest { /** *The IPv6 prefixes to unassign from the network interface.
* @public */ Ipv6Prefixes?: string[] | undefined; /** *The ID of the network interface.
* @public */ NetworkInterfaceId: string | undefined; /** *The IPv6 addresses to unassign from the network interface.
* @public */ Ipv6Addresses?: string[] | undefined; } /** * @public */ export interface UnassignIpv6AddressesResult { /** *The ID of the network interface.
* @public */ NetworkInterfaceId?: string | undefined; /** *The IPv6 addresses that have been unassigned from the network interface.
* @public */ UnassignedIpv6Addresses?: string[] | undefined; /** *The IPv6 prefixes that have been unassigned from the network interface.
* @public */ UnassignedIpv6Prefixes?: string[] | undefined; } /** *Contains the parameters for UnassignPrivateIpAddresses.
* @public */ export interface UnassignPrivateIpAddressesRequest { /** *The IPv4 prefixes to unassign from the network interface.
* @public */ Ipv4Prefixes?: string[] | undefined; /** *The ID of the network interface.
* @public */ NetworkInterfaceId: string | undefined; /** *The secondary private IP addresses to unassign from the network interface. You can * specify this option multiple times to unassign more than one IP address.
* @public */ PrivateIpAddresses?: string[] | undefined; } /** * @public */ export interface UnassignPrivateNatGatewayAddressRequest { /** *The ID of the NAT gateway.
* @public */ NatGatewayId: string | undefined; /** *The private IPv4 addresses you want to unassign.
* @public */ PrivateIpAddresses: string[] | undefined; /** *The maximum amount of time to wait (in seconds) before forcibly releasing the IP addresses if connections are still in progress. Default value is 350 seconds.
* @public */ MaxDrainDurationSeconds?: number | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the NAT gateway.
* @public */ NatGatewayId?: string | undefined; /** *Information about the NAT gateway IP addresses.
* @public */ NatGatewayAddresses?: NatGatewayAddress[] | undefined; } /** * @public */ export interface UnlockSnapshotRequest { /** *The ID of the snapshot to unlock.
* @public */ SnapshotId: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the snapshot.
* @public */ SnapshotId?: string | undefined; } /** * @public */ export interface UnmonitorInstancesRequest { /** *The IDs of the instances.
* @public */ InstanceIds: string[] | undefined; /** *Checks whether you have the required permissions for the operation, without actually making the
* request, and provides an error response. If you have the required permissions, the error response is
* DryRunOperation. Otherwise, it is UnauthorizedOperation.
The monitoring information.
* @public */ InstanceMonitorings?: InstanceMonitoring[] | undefined; } /** * @public */ export interface UpdateCapacityManagerMonitoredTagKeysRequest { /** ** The tag keys to activate for monitoring. Once activated, these tag keys will be included as dimensions in capacity metric data. *
* @public */ ActivateTagKeys?: string[] | undefined; /** ** The tag keys to deactivate. Deactivated tag keys will no longer be included as dimensions in capacity metric data. *
* @public */ DeactivateTagKeys?: string[] | undefined; /** *
* Checks whether you have the required permissions for the action, without actually making the request, and provides an error response.
* If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
*
* Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. *
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface UpdateCapacityManagerMonitoredTagKeysResult { /** ** The list of tag keys affected by the update, including their current status and metadata. *
* @public */ CapacityManagerTagKeys?: CapacityManagerMonitoredTagKey[] | undefined; } /** * @public */ export interface UpdateCapacityManagerOrganizationsAccessRequest { /** ** Specifies whether to enable or disable cross-account access for Amazon Web Services Organizations. When enabled, Capacity Manager aggregates data from all accounts in your organization. *
* @public */ OrganizationsAccess: boolean | undefined; /** *
* Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If
* you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.
*
* Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. *
* @public */ ClientToken?: string | undefined; } /** * @public */ export interface UpdateCapacityManagerOrganizationsAccessResult { /** ** The current status of Capacity Manager after the update operation. *
* @public */ CapacityManagerStatus?: CapacityManagerStatus | undefined; /** ** The updated Organizations access setting indicating whether cross-account data aggregation is enabled. *
* @public */ OrganizationsAccess?: boolean | undefined; } /** * @public */ export interface UpdateInterruptibleCapacityReservationAllocationRequest { /** ** The ID of the source Capacity Reservation containing the interruptible allocation to modify. *
* @public */ CapacityReservationId: string | undefined; /** ** The new number of instances to allocate. Enter a higher number to add more capacity to share, or a lower number to reclaim capacity to your source Capacity Reservation. *
* @public */ TargetInstanceCount: number | undefined; /** ** Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. *
* @public */ DryRun?: boolean | undefined; } /** * @public */ export interface UpdateInterruptibleCapacityReservationAllocationResult { /** ** The ID of the interruptible Capacity Reservation that was modified. *
* @public */ InterruptibleCapacityReservationId?: string | undefined; /** ** The ID of the source Capacity Reservation to which capacity was reclaimed or from which capacity was allocated. *
* @public */ SourceCapacityReservationId?: string | undefined; /** ** The current number of instances allocated to the interruptible reservation. *
* @public */ InstanceCount?: number | undefined; /** ** The requested number of instances for the interruptible Capacity Reservation. *
* @public */ TargetInstanceCount?: number | undefined; /** ** The current status of the allocation (updating during reclamation, active when complete). *
* @public */ Status?: InterruptibleCapacityReservationAllocationStatus | undefined; /** ** The interruption type for the interruptible reservation. *
* @public */ InterruptionType?: InterruptionType | undefined; } /** *Describes the description of a security group rule.
*You can use this when you want to update the security group rule description for either an inbound or outbound rule.
* @public */ export interface SecurityGroupRuleDescription { /** *The ID of the security group rule.
* @public */ SecurityGroupRuleId?: string | undefined; /** *The description of the security group rule.
* @public */ Description?: string | undefined; } /** * @public */ export interface UpdateSecurityGroupRuleDescriptionsEgressRequest { /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the security group. You must specify either the security group ID or the * security group name in the request. For security groups in a nondefault VPC, you must * specify the security group ID.
* @public */ GroupId?: string | undefined; /** *[Default VPC] The name of the security group. You must specify either the security group * ID or the security group name.
* @public */ GroupName?: string | undefined; /** *The IP permissions for the security group rule. You must specify either the IP permissions * or the description.
* @public */ IpPermissions?: IpPermission[] | undefined; /** *The description for the egress security group rules. You must specify either the * description or the IP permissions.
* @public */ SecurityGroupRuleDescriptions?: SecurityGroupRuleDescription[] | undefined; } /** * @public */ export interface UpdateSecurityGroupRuleDescriptionsEgressResult { /** *Returns true if the request succeeds; otherwise, returns an error.
Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
The ID of the security group. You must specify either the security group ID or the * security group name in the request. For security groups in a nondefault VPC, you must * specify the security group ID.
* @public */ GroupId?: string | undefined; /** *[Default VPC] The name of the security group. You must specify either the * security group ID or the security group name. For security groups in a * nondefault VPC, you must specify the security group ID.
* @public */ GroupName?: string | undefined; /** *The IP permissions for the security group rule. You must specify either IP permissions * or a description.
* @public */ IpPermissions?: IpPermission[] | undefined; /** *The description for the ingress security group rules. You must specify either * a description or IP permissions.
* @public */ SecurityGroupRuleDescriptions?: SecurityGroupRuleDescription[] | undefined; } /** * @public */ export interface UpdateSecurityGroupRuleDescriptionsIngressResult { /** *Returns true if the request succeeds; otherwise, returns an error.
The address range, in CIDR notation.
* @public */ Cidr: string | undefined; /** *Checks whether you have the required permissions for the action, without actually making the request,
* and provides an error response. If you have the required permissions, the error response is DryRunOperation.
* Otherwise, it is UnauthorizedOperation.
Information about the address pool.
* @public */ ByoipCidr?: ByoipCidr | undefined; }