|
159 | 159 | {"shape":"ThrottlingException"}, |
160 | 160 | {"shape":"ValidationException"} |
161 | 161 | ], |
162 | | - "documentation":"<p>Creates an Route 53 Resolver on an Outpost.</p>" |
| 162 | + "documentation":"<p>Creates a Route 53 Resolver on an Outpost.</p>" |
163 | 163 | }, |
164 | 164 | "CreateResolverEndpoint":{ |
165 | 165 | "name":"CreateResolverEndpoint", |
|
174 | 174 | {"shape":"ResourceNotFoundException"}, |
175 | 175 | {"shape":"InvalidRequestException"}, |
176 | 176 | {"shape":"ResourceExistsException"}, |
| 177 | + {"shape":"AccessDeniedException"}, |
177 | 178 | {"shape":"LimitExceededException"}, |
178 | 179 | {"shape":"InternalServiceErrorException"}, |
179 | 180 | {"shape":"ThrottlingException"} |
|
216 | 217 | {"shape":"ResourceExistsException"}, |
217 | 218 | {"shape":"ResourceUnavailableException"}, |
218 | 219 | {"shape":"InternalServiceErrorException"}, |
| 220 | + {"shape":"AccessDeniedException"}, |
219 | 221 | {"shape":"ThrottlingException"} |
220 | 222 | ], |
221 | 223 | "documentation":"<p>For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, one domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.</p>" |
|
1186 | 1188 | {"shape":"ResourceNotFoundException"}, |
1187 | 1189 | {"shape":"InvalidParameterException"}, |
1188 | 1190 | {"shape":"InvalidRequestException"}, |
| 1191 | + {"shape":"AccessDeniedException"}, |
1189 | 1192 | {"shape":"InternalServiceErrorException"}, |
1190 | 1193 | {"shape":"ThrottlingException"} |
1191 | 1194 | ], |
1192 | | - "documentation":"<p>Updates the name, or enpoint type for an inbound or an outbound Resolver endpoint. You can only update between IPV4 and DUALSTACK, IPV6 endpoint type can't be updated to other type. </p>" |
| 1195 | + "documentation":"<p>Updates the name, or endpoint type for an inbound or an outbound Resolver endpoint. You can only update between IPV4 and DUALSTACK, IPV6 endpoint type can't be updated to other type. </p>" |
1193 | 1196 | }, |
1194 | 1197 | "UpdateResolverRule":{ |
1195 | 1198 | "name":"UpdateResolverRule", |
|
1206 | 1209 | {"shape":"ResourceUnavailableException"}, |
1207 | 1210 | {"shape":"LimitExceededException"}, |
1208 | 1211 | {"shape":"InternalServiceErrorException"}, |
1209 | | - {"shape":"ThrottlingException"} |
| 1212 | + {"shape":"ThrottlingException"}, |
| 1213 | + {"shape":"AccessDeniedException"} |
1210 | 1214 | ], |
1211 | 1215 | "documentation":"<p>Updates settings for a specified Resolver rule. <code>ResolverRuleId</code> is required, and all other parameters are optional. If you don't specify a parameter, it retains its current value.</p>" |
1212 | 1216 | } |
|
1617 | 1621 | }, |
1618 | 1622 | "IpAddresses":{ |
1619 | 1623 | "shape":"IpAddressesRequest", |
1620 | | - "documentation":"<p>The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. </p>" |
| 1624 | + "documentation":"<p>The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC. </p> <note> <p>Even though the minimum is 1, Route 53 requires that you create at least two.</p> </note>" |
| 1625 | + }, |
| 1626 | + "OutpostArn":{ |
| 1627 | + "shape":"OutpostArn", |
| 1628 | + "documentation":"<p>The Amazon Resource Name (ARN) of the Outpost. If you specify this, you must also specify a value for the <code>PreferredInstanceType</code>. </p>", |
| 1629 | + "box":true |
| 1630 | + }, |
| 1631 | + "PreferredInstanceType":{ |
| 1632 | + "shape":"OutpostInstanceType", |
| 1633 | + "documentation":"<p>The instance type. If you specify this, you must also specify a value for the <code>OutpostArn</code>.</p>", |
| 1634 | + "box":true |
1621 | 1635 | }, |
1622 | 1636 | "Tags":{ |
1623 | 1637 | "shape":"TagList", |
|
1629 | 1643 | "documentation":"<p> For the endpoint type you can choose either IPv4, IPv6, or dual-stack. A dual-stack endpoint means that it will resolve via both IPv4 and IPv6. This endpoint type is applied to all IP addresses. </p>", |
1630 | 1644 | "box":true |
1631 | 1645 | }, |
1632 | | - "OutpostArn":{ |
1633 | | - "shape":"OutpostArn", |
1634 | | - "documentation":"<p>The Amazon Resource Name (ARN) of the Outpost. If you specify this, you must also specify a value for the <code>PreferredInstanceType</code>. </p>", |
1635 | | - "box":true |
1636 | | - }, |
1637 | | - "PreferredInstanceType":{ |
1638 | | - "shape":"OutpostInstanceType", |
1639 | | - "documentation":"<p>The instance type. If you specify this, you must also specify a value for the <code>OutpostArn</code>.</p>", |
| 1646 | + "Protocols":{ |
| 1647 | + "shape":"ProtocolList", |
| 1648 | + "documentation":"<p> The protocols you want to use for the endpoint. DoH-FIPS is applicable for inbound endpoints only. </p> <p>For an inbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 and DoH-FIPS in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>DoH-FIPS alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul> <p>For an outbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul>", |
1640 | 1649 | "box":true |
1641 | 1650 | } |
1642 | 1651 | } |
|
1691 | 1700 | "type":"structure", |
1692 | 1701 | "required":[ |
1693 | 1702 | "CreatorRequestId", |
1694 | | - "RuleType", |
1695 | | - "DomainName" |
| 1703 | + "RuleType" |
1696 | 1704 | ], |
1697 | 1705 | "members":{ |
1698 | 1706 | "CreatorRequestId":{ |
|
1709 | 1717 | }, |
1710 | 1718 | "DomainName":{ |
1711 | 1719 | "shape":"DomainName", |
1712 | | - "documentation":"<p>DNS queries for this domain name are forwarded to the IP addresses that you specify in <code>TargetIps</code>. If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).</p>" |
| 1720 | + "documentation":"<p>DNS queries for this domain name are forwarded to the IP addresses that you specify in <code>TargetIps</code>. If a query matches multiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains the most specific domain name (www.example.com).</p>", |
| 1721 | + "box":true |
1713 | 1722 | }, |
1714 | 1723 | "TargetIps":{ |
1715 | 1724 | "shape":"TargetList", |
|
2886 | 2895 | "type":"list", |
2887 | 2896 | "member":{"shape":"IpAddressRequest"}, |
2888 | 2897 | "max":20, |
2889 | | - "min":1 |
| 2898 | + "min":2 |
2890 | 2899 | }, |
2891 | 2900 | "IpAddressesResponse":{ |
2892 | 2901 | "type":"list", |
|
3222 | 3231 | }, |
3223 | 3232 | "ResolverDnssecConfigs":{ |
3224 | 3233 | "shape":"ResolverDnssecConfigList", |
3225 | | - "documentation":"<p>An array that contains one <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_ResolverDnssecConfig.html\">ResolverDnssecConfig</a> element for each configuration for DNSSEC validation that is associated with the current Amazon Web Services account.</p>" |
| 3234 | + "documentation":"<p>An array that contains one <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_ResolverDnssecConfig.html\">ResolverDnssecConfig</a> element for each configuration for DNSSEC validation that is associated with the current Amazon Web Services account. It doesn't contain disabled DNSSEC configurations for the resource.</p>" |
3226 | 3235 | } |
3227 | 3236 | } |
3228 | 3237 | }, |
|
3612 | 3621 | "min":0 |
3613 | 3622 | }, |
3614 | 3623 | "Priority":{"type":"integer"}, |
| 3624 | + "Protocol":{ |
| 3625 | + "type":"string", |
| 3626 | + "enum":[ |
| 3627 | + "DoH", |
| 3628 | + "Do53", |
| 3629 | + "DoH-FIPS" |
| 3630 | + ] |
| 3631 | + }, |
| 3632 | + "ProtocolList":{ |
| 3633 | + "type":"list", |
| 3634 | + "member":{"shape":"Protocol"}, |
| 3635 | + "max":2, |
| 3636 | + "min":1 |
| 3637 | + }, |
3615 | 3638 | "PutFirewallRuleGroupPolicyRequest":{ |
3616 | 3639 | "type":"structure", |
3617 | 3640 | "required":[ |
|
3817 | 3840 | "shape":"Rfc3339TimeString", |
3818 | 3841 | "documentation":"<p>The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).</p>" |
3819 | 3842 | }, |
3820 | | - "ResolverEndpointType":{ |
3821 | | - "shape":"ResolverEndpointType", |
3822 | | - "documentation":"<p> The Resolver endpoint IP address type. </p>" |
3823 | | - }, |
3824 | 3843 | "OutpostArn":{ |
3825 | 3844 | "shape":"OutpostArn", |
3826 | 3845 | "documentation":"<p>The ARN (Amazon Resource Name) for the Outpost.</p>" |
3827 | 3846 | }, |
3828 | 3847 | "PreferredInstanceType":{ |
3829 | 3848 | "shape":"OutpostInstanceType", |
3830 | 3849 | "documentation":"<p> The Amazon EC2 instance type. </p>" |
| 3850 | + }, |
| 3851 | + "ResolverEndpointType":{ |
| 3852 | + "shape":"ResolverEndpointType", |
| 3853 | + "documentation":"<p> The Resolver endpoint IP address type. </p>" |
| 3854 | + }, |
| 3855 | + "Protocols":{ |
| 3856 | + "shape":"ProtocolList", |
| 3857 | + "documentation":"<p> Protocols used for the endpoint. DoH-FIPS is applicable for inbound endpoints only. </p> <p>For an inbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 and DoH-FIPS in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>DoH-FIPS alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul> <p>For an outbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul>" |
3831 | 3858 | } |
3832 | 3859 | }, |
3833 | 3860 | "documentation":"<p>In the response to a <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverEndpoint.html\">CreateResolverEndpoint</a>, <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_DeleteResolverEndpoint.html\">DeleteResolverEndpoint</a>, <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_GetResolverEndpoint.html\">GetResolverEndpoint</a>, Updates the name, or ResolverEndpointType for an endpoint, or <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_UpdateResolverEndpoint.html\">UpdateResolverEndpoint</a> request, a complex type that contains settings for an existing inbound or outbound Resolver endpoint.</p>" |
|
4320 | 4347 | "shape":"Ipv6", |
4321 | 4348 | "documentation":"<p> One IPv6 address that you want to forward DNS queries to. </p>", |
4322 | 4349 | "box":true |
| 4350 | + }, |
| 4351 | + "Protocol":{ |
| 4352 | + "shape":"Protocol", |
| 4353 | + "documentation":"<p> The protocols for the Resolver endpoints. DoH-FIPS is applicable for inbound endpoints only. </p> <p>For an inbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 and DoH-FIPS in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>DoH-FIPS alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul> <p>For an outbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul>", |
| 4354 | + "box":true |
4323 | 4355 | } |
4324 | 4356 | }, |
4325 | 4357 | "documentation":"<p>In a <a href=\"https://docs.aws.amazon.com/Route53/latest/APIReference/API_route53resolver_CreateResolverRule.html\">CreateResolverRule</a> request, an array of the IPs that you want to forward DNS queries to.</p>" |
|
4664 | 4696 | "shape":"UpdateIpAddresses", |
4665 | 4697 | "documentation":"<p> Specifies the IPv6 address when you update the Resolver endpoint from IPv4 to dual-stack. If you don't specify an IPv6 address, one will be automatically chosen from your subnet. </p>", |
4666 | 4698 | "box":true |
| 4699 | + }, |
| 4700 | + "Protocols":{ |
| 4701 | + "shape":"ProtocolList", |
| 4702 | + "documentation":"<p> The protocols you want to use for the endpoint. DoH-FIPS is applicable for inbound endpoints only. </p> <p>For an inbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 and DoH-FIPS in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>DoH-FIPS alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul> <p>For an outbound endpoint you can apply the protocols as follows:</p> <ul> <li> <p> Do53 and DoH in combination.</p> </li> <li> <p>Do53 alone.</p> </li> <li> <p>DoH alone.</p> </li> <li> <p>None, which is treated as Do53.</p> </li> </ul> <important> <p> You can't change the protocol of an inbound endpoint directly from only Do53 to only DoH, or DoH-FIPS. This is to prevent a sudden disruption to incoming traffic that relies on Do53. To change the protocol from Do53 to DoH, or DoH-FIPS, you must first enable both Do53 and DoH, or Do53 and DoH-FIPS, to make sure that all incoming traffic has transferred to using the DoH protocol, or DoH-FIPS, and then remove the Do53.</p> </important>", |
| 4703 | + "box":true |
4667 | 4704 | } |
4668 | 4705 | } |
4669 | 4706 | }, |
|
4715 | 4752 | "members":{ |
4716 | 4753 | "Message":{"shape":"ExceptionMessage"} |
4717 | 4754 | }, |
4718 | | - "documentation":"<p>You have provided an invalid command. Supported values are <code>ADD</code>, <code>REMOVE</code>, or <code>REPLACE</code> a domain.</p>", |
| 4755 | + "documentation":"<p>You have provided an invalid command. If you ran the <code>UpdateFirewallDomains</code> request. supported values are <code>ADD</code>, <code>REMOVE</code>, or <code>REPLACE</code> a domain.</p>", |
4719 | 4756 | "exception":true |
4720 | 4757 | } |
4721 | 4758 | }, |
|
0 commit comments