feat(client-iotsecuretunneling): This release introduces a new API RotateTunnelAccessToken that allow revoking the existing tokens and generate new tokens

Author: awstools

clients/client-iotsecuretunneling/README.md

@@ -7,12 +7,12 @@
 
 AWS SDK for JavaScript IoTSecureTunneling Client for Node.js, Browser and React Native.
 
-<fullname>AWS IoT Secure Tunneling</fullname>
+<fullname>IoT Secure Tunneling</fullname>
 
-<p>AWS IoT Secure Tunnling enables you to create remote connections to devices
-deployed in the field.</p>
-
-<p>For more information about how AWS IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">AWS IoT Secure Tunneling</a>.</p>
+<p>IoT Secure Tunneling creates remote connections to devices deployed in the
+field.</p>
+<p>For more information about how IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">IoT
+Secure Tunneling</a>.</p>
 
 ## Installing
 

clients/client-iotsecuretunneling/src/IoTSecureTunneling.ts

@@ -13,6 +13,11 @@ import {
 } from "./commands/ListTagsForResourceCommand";
 import { ListTunnelsCommand, ListTunnelsCommandInput, ListTunnelsCommandOutput } from "./commands/ListTunnelsCommand";
 import { OpenTunnelCommand, OpenTunnelCommandInput, OpenTunnelCommandOutput } from "./commands/OpenTunnelCommand";
+import {
+  RotateTunnelAccessTokenCommand,
+  RotateTunnelAccessTokenCommandInput,
+  RotateTunnelAccessTokenCommandOutput,
+} from "./commands/RotateTunnelAccessTokenCommand";
 import { TagResourceCommand, TagResourceCommandInput, TagResourceCommandOutput } from "./commands/TagResourceCommand";
 import {
   UntagResourceCommand,
@@ -22,17 +27,18 @@ import {
 import { IoTSecureTunnelingClient } from "./IoTSecureTunnelingClient";
 
 /**
- * <fullname>AWS IoT Secure Tunneling</fullname>
- * 		       <p>AWS IoT Secure Tunnling enables you to create remote connections to devices
- * 			deployed in the field.</p>
- *
- * 		       <p>For more information about how AWS IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">AWS IoT Secure Tunneling</a>.</p>
+ * <fullname>IoT Secure Tunneling</fullname>
+ * 		       <p>IoT Secure Tunneling creates remote connections to devices deployed in the
+ * 			field.</p>
+ * 		       <p>For more information about how IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">IoT
+ * 				Secure Tunneling</a>.</p>
  */
 export class IoTSecureTunneling extends IoTSecureTunnelingClient {
   /**
    * <p>Closes a tunnel identified by the unique tunnel id. When a <code>CloseTunnel</code>
    * 			request is received, we close the WebSocket connections between the client and proxy
    * 			server so no data can be transmitted.</p>
+   * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">CloseTunnel</a> action.</p>
    */
   public closeTunnel(args: CloseTunnelCommandInput, options?: __HttpHandlerOptions): Promise<CloseTunnelCommandOutput>;
   public closeTunnel(args: CloseTunnelCommandInput, cb: (err: any, data?: CloseTunnelCommandOutput) => void): void;
@@ -59,6 +65,7 @@ export class IoTSecureTunneling extends IoTSecureTunnelingClient {
 
   /**
    * <p>Gets information about a tunnel identified by the unique tunnel id.</p>
+   * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">DescribeTunnel</a> action.</p>
    */
   public describeTunnel(
     args: DescribeTunnelCommandInput,
@@ -122,8 +129,9 @@ export class IoTSecureTunneling extends IoTSecureTunnelingClient {
   }
 
   /**
-   * <p>List all tunnels for an AWS account. Tunnels are listed by creation time in
+   * <p>List all tunnels for an Amazon Web Services account. Tunnels are listed by creation time in
    * 			descending order, newer tunnels will be listed before older tunnels.</p>
+   * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">ListTunnels</a> action.</p>
    */
   public listTunnels(args: ListTunnelsCommandInput, options?: __HttpHandlerOptions): Promise<ListTunnelsCommandOutput>;
   public listTunnels(args: ListTunnelsCommandInput, cb: (err: any, data?: ListTunnelsCommandOutput) => void): void;
@@ -150,7 +158,8 @@ export class IoTSecureTunneling extends IoTSecureTunnelingClient {
 
   /**
    * <p>Creates a new tunnel, and returns two client access tokens for clients to use to
-   * 			connect to the AWS IoT Secure Tunneling proxy server.</p>
+   * 			connect to the IoT Secure Tunneling proxy server.</p>
+   * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">OpenTunnel</a> action.</p>
    */
   public openTunnel(args: OpenTunnelCommandInput, options?: __HttpHandlerOptions): Promise<OpenTunnelCommandOutput>;
   public openTunnel(args: OpenTunnelCommandInput, cb: (err: any, data?: OpenTunnelCommandOutput) => void): void;
@@ -175,6 +184,46 @@ export class IoTSecureTunneling extends IoTSecureTunnelingClient {
     }
   }
 
+  /**
+   * <p>Revokes the current client access token (CAT) and returns new CAT for clients to
+   * 			use when reconnecting to secure tunneling to access the same tunnel.</p>
+   * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">RotateTunnelAccessToken</a> action.</p>
+   * 		       <note>
+   * 			         <p>Rotating the CAT doesn't extend the tunnel duration. For example, say the tunnel
+   * 				duration is 12 hours and the tunnel has already been open for 4 hours. When you
+   * 				rotate the access tokens, the new tokens that are generated can only be used for the
+   * 				remaining 8 hours.</p>
+   * 		       </note>
+   */
+  public rotateTunnelAccessToken(
+    args: RotateTunnelAccessTokenCommandInput,
+    options?: __HttpHandlerOptions
+  ): Promise<RotateTunnelAccessTokenCommandOutput>;
+  public rotateTunnelAccessToken(
+    args: RotateTunnelAccessTokenCommandInput,
+    cb: (err: any, data?: RotateTunnelAccessTokenCommandOutput) => void
+  ): void;
+  public rotateTunnelAccessToken(
+    args: RotateTunnelAccessTokenCommandInput,
+    options: __HttpHandlerOptions,
+    cb: (err: any, data?: RotateTunnelAccessTokenCommandOutput) => void
+  ): void;
+  public rotateTunnelAccessToken(
+    args: RotateTunnelAccessTokenCommandInput,
+    optionsOrCb?: __HttpHandlerOptions | ((err: any, data?: RotateTunnelAccessTokenCommandOutput) => void),
+    cb?: (err: any, data?: RotateTunnelAccessTokenCommandOutput) => void
+  ): Promise<RotateTunnelAccessTokenCommandOutput> | void {
+    const command = new RotateTunnelAccessTokenCommand(args);
+    if (typeof optionsOrCb === "function") {
+      this.send(command, optionsOrCb);
+    } else if (typeof cb === "function") {
+      if (typeof optionsOrCb !== "object") throw new Error(`Expect http options but get ${typeof optionsOrCb}`);
+      this.send(command, optionsOrCb || {}, cb);
+    } else {
+      return this.send(command, optionsOrCb);
+    }
+  }
+
   /**
    * <p>A resource tag.</p>
    */

clients/client-iotsecuretunneling/src/IoTSecureTunnelingClient.ts

@@ -59,6 +59,10 @@ import {
 } from "./commands/ListTagsForResourceCommand";
 import { ListTunnelsCommandInput, ListTunnelsCommandOutput } from "./commands/ListTunnelsCommand";
 import { OpenTunnelCommandInput, OpenTunnelCommandOutput } from "./commands/OpenTunnelCommand";
+import {
+  RotateTunnelAccessTokenCommandInput,
+  RotateTunnelAccessTokenCommandOutput,
+} from "./commands/RotateTunnelAccessTokenCommand";
 import { TagResourceCommandInput, TagResourceCommandOutput } from "./commands/TagResourceCommand";
 import { UntagResourceCommandInput, UntagResourceCommandOutput } from "./commands/UntagResourceCommand";
 import { getRuntimeConfig as __getRuntimeConfig } from "./runtimeConfig";
@@ -69,6 +73,7 @@ export type ServiceInputTypes =
   | ListTagsForResourceCommandInput
   | ListTunnelsCommandInput
   | OpenTunnelCommandInput
+  | RotateTunnelAccessTokenCommandInput
   | TagResourceCommandInput
   | UntagResourceCommandInput;
 
@@ -78,6 +83,7 @@ export type ServiceOutputTypes =
   | ListTagsForResourceCommandOutput
   | ListTunnelsCommandOutput
   | OpenTunnelCommandOutput
+  | RotateTunnelAccessTokenCommandOutput
   | TagResourceCommandOutput
   | UntagResourceCommandOutput;
 
@@ -235,11 +241,11 @@ type IoTSecureTunnelingClientResolvedConfigType = __SmithyResolvedConfiguration<
 export interface IoTSecureTunnelingClientResolvedConfig extends IoTSecureTunnelingClientResolvedConfigType {}
 
 /**
- * <fullname>AWS IoT Secure Tunneling</fullname>
- * 		       <p>AWS IoT Secure Tunnling enables you to create remote connections to devices
- * 			deployed in the field.</p>
- *
- * 		       <p>For more information about how AWS IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">AWS IoT Secure Tunneling</a>.</p>
+ * <fullname>IoT Secure Tunneling</fullname>
+ * 		       <p>IoT Secure Tunneling creates remote connections to devices deployed in the
+ * 			field.</p>
+ * 		       <p>For more information about how IoT Secure Tunneling works, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html">IoT
+ * 				Secure Tunneling</a>.</p>
  */
 export class IoTSecureTunnelingClient extends __Client<
   __HttpHandlerOptions,

clients/client-iotsecuretunneling/src/commands/CloseTunnelCommand.ts

@@ -29,6 +29,7 @@ export interface CloseTunnelCommandOutput extends CloseTunnelResponse, __Metadat
  * <p>Closes a tunnel identified by the unique tunnel id. When a <code>CloseTunnel</code>
  * 			request is received, we close the WebSocket connections between the client and proxy
  * 			server so no data can be transmitted.</p>
+ * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">CloseTunnel</a> action.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-iotsecuretunneling/src/commands/DescribeTunnelCommand.ts

@@ -27,6 +27,7 @@ export interface DescribeTunnelCommandOutput extends DescribeTunnelResponse, __M
 
 /**
  * <p>Gets information about a tunnel identified by the unique tunnel id.</p>
+ * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">DescribeTunnel</a> action.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-iotsecuretunneling/src/commands/ListTunnelsCommand.ts

@@ -26,8 +26,9 @@ export interface ListTunnelsCommandInput extends ListTunnelsRequest {}
 export interface ListTunnelsCommandOutput extends ListTunnelsResponse, __MetadataBearer {}
 
 /**
- * <p>List all tunnels for an AWS account. Tunnels are listed by creation time in
+ * <p>List all tunnels for an Amazon Web Services account. Tunnels are listed by creation time in
  * 			descending order, newer tunnels will be listed before older tunnels.</p>
+ * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">ListTunnels</a> action.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-iotsecuretunneling/src/commands/OpenTunnelCommand.ts

@@ -27,7 +27,8 @@ export interface OpenTunnelCommandOutput extends OpenTunnelResponse, __MetadataB
 
 /**
  * <p>Creates a new tunnel, and returns two client access tokens for clients to use to
- * 			connect to the AWS IoT Secure Tunneling proxy server.</p>
+ * 			connect to the IoT Secure Tunneling proxy server.</p>
+ * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">OpenTunnel</a> action.</p>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

clients/client-iotsecuretunneling/src/commands/RotateTunnelAccessTokenCommand.ts

@@ -0,0 +1,107 @@
+import { getSerdePlugin } from "@aws-sdk/middleware-serde";
+import { HttpRequest as __HttpRequest, HttpResponse as __HttpResponse } from "@aws-sdk/protocol-http";
+import { Command as $Command } from "@aws-sdk/smithy-client";
+import {
+  FinalizeHandlerArguments,
+  Handler,
+  HandlerExecutionContext,
+  HttpHandlerOptions as __HttpHandlerOptions,
+  MetadataBearer as __MetadataBearer,
+  MiddlewareStack,
+  SerdeContext as __SerdeContext,
+} from "@aws-sdk/types";
+
+import {
+  IoTSecureTunnelingClientResolvedConfig,
+  ServiceInputTypes,
+  ServiceOutputTypes,
+} from "../IoTSecureTunnelingClient";
+import { RotateTunnelAccessTokenRequest, RotateTunnelAccessTokenResponse } from "../models/models_0";
+import {
+  deserializeAws_json1_1RotateTunnelAccessTokenCommand,
+  serializeAws_json1_1RotateTunnelAccessTokenCommand,
+} from "../protocols/Aws_json1_1";
+
+export interface RotateTunnelAccessTokenCommandInput extends RotateTunnelAccessTokenRequest {}
+export interface RotateTunnelAccessTokenCommandOutput extends RotateTunnelAccessTokenResponse, __MetadataBearer {}
+
+/**
+ * <p>Revokes the current client access token (CAT) and returns new CAT for clients to
+ * 			use when reconnecting to secure tunneling to access the same tunnel.</p>
+ * 		       <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">RotateTunnelAccessToken</a> action.</p>
+ * 		       <note>
+ * 			         <p>Rotating the CAT doesn't extend the tunnel duration. For example, say the tunnel
+ * 				duration is 12 hours and the tunnel has already been open for 4 hours. When you
+ * 				rotate the access tokens, the new tokens that are generated can only be used for the
+ * 				remaining 8 hours.</p>
+ * 		       </note>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { IoTSecureTunnelingClient, RotateTunnelAccessTokenCommand } from "@aws-sdk/client-iotsecuretunneling"; // ES Modules import
+ * // const { IoTSecureTunnelingClient, RotateTunnelAccessTokenCommand } = require("@aws-sdk/client-iotsecuretunneling"); // CommonJS import
+ * const client = new IoTSecureTunnelingClient(config);
+ * const command = new RotateTunnelAccessTokenCommand(input);
+ * const response = await client.send(command);
+ * ```
+ *
+ * @see {@link RotateTunnelAccessTokenCommandInput} for command's `input` shape.
+ * @see {@link RotateTunnelAccessTokenCommandOutput} for command's `response` shape.
+ * @see {@link IoTSecureTunnelingClientResolvedConfig | config} for IoTSecureTunnelingClient's `config` shape.
+ *
+ */
+export class RotateTunnelAccessTokenCommand extends $Command<
+  RotateTunnelAccessTokenCommandInput,
+  RotateTunnelAccessTokenCommandOutput,
+  IoTSecureTunnelingClientResolvedConfig
+> {
+  // Start section: command_properties
+  // End section: command_properties
+
+  constructor(readonly input: RotateTunnelAccessTokenCommandInput) {
+    // Start section: command_constructor
+    super();
+    // End section: command_constructor
+  }
+
+  /**
+   * @internal
+   */
+  resolveMiddleware(
+    clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>,
+    configuration: IoTSecureTunnelingClientResolvedConfig,
+    options?: __HttpHandlerOptions
+  ): Handler<RotateTunnelAccessTokenCommandInput, RotateTunnelAccessTokenCommandOutput> {
+    this.middlewareStack.use(getSerdePlugin(configuration, this.serialize, this.deserialize));
+
+    const stack = clientStack.concat(this.middlewareStack);
+
+    const { logger } = configuration;
+    const clientName = "IoTSecureTunnelingClient";
+    const commandName = "RotateTunnelAccessTokenCommand";
+    const handlerExecutionContext: HandlerExecutionContext = {
+      logger,
+      clientName,
+      commandName,
+      inputFilterSensitiveLog: RotateTunnelAccessTokenRequest.filterSensitiveLog,
+      outputFilterSensitiveLog: RotateTunnelAccessTokenResponse.filterSensitiveLog,
+    };
+    const { requestHandler } = configuration;
+    return stack.resolve(
+      (request: FinalizeHandlerArguments<any>) =>
+        requestHandler.handle(request.request as __HttpRequest, options || {}),
+      handlerExecutionContext
+    );
+  }
+
+  private serialize(input: RotateTunnelAccessTokenCommandInput, context: __SerdeContext): Promise<__HttpRequest> {
+    return serializeAws_json1_1RotateTunnelAccessTokenCommand(input, context);
+  }
+
+  private deserialize(output: __HttpResponse, context: __SerdeContext): Promise<RotateTunnelAccessTokenCommandOutput> {
+    return deserializeAws_json1_1RotateTunnelAccessTokenCommand(output, context);
+  }
+
+  // Start section: command_body_extra
+  // End section: command_body_extra
+}

clients/client-iotsecuretunneling/src/commands/index.ts

@@ -3,5 +3,6 @@ export * from "./DescribeTunnelCommand";
 export * from "./ListTagsForResourceCommand";
 export * from "./ListTunnelsCommand";
 export * from "./OpenTunnelCommand";
+export * from "./RotateTunnelAccessTokenCommand";
 export * from "./TagResourceCommand";
 export * from "./UntagResourceCommand";