String requestId
String errorCode
AmazonServiceException.ErrorType errorType
AmazonServiceException.ErrorTypeString errorMessage
int statusCode
String serviceName
Map<K,V> httpHeaders
byte[] rawResponse
String proxyHost
String extraInfo
boolean autoConstruct
boolean autoConstruct
List<E> actions
A list of actions for the access permissions. Any strings that can be used as an action in an IAM policy can be used in the list of actions to check.
List<E> resources
A list of resources for the access permissions. Any strings that can be used as a resource in an IAM policy can be used in the list of resources to check.
String id
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
Map<K,V> configurations
A map of resource ARNs for the proposed resource configuration.
Date createdAt
The time at which the access preview was created.
String status
The status of the access preview.
Creating - The access preview creation is in progress.
Completed - The access preview is complete. You can preview findings for external access to the
resource.
Failed - The access preview creation has failed.
AccessPreviewStatusReason statusReason
Provides more details about the current status of the access preview.
For example, if the creation of the access preview fails, a Failed status is returned. This failure
can be due to an internal issue with the analysis or due to an invalid resource configuration.
String id
The ID of the access preview finding. This ID uniquely identifies the element in the list of access preview findings and is not related to the finding ID in Access Analyzer.
String existingFindingId
The existing ID of the finding in IAM Access Analyzer, provided only for existing findings.
String existingFindingStatus
The existing status of the finding, provided only for existing findings.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to perform.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
String resource
The resource that an external principal has access to. This is the resource associated with the access preview.
Boolean isPublic
Indicates whether the policy that generated the finding allows public access to the resource.
String resourceType
The type of the resource that can be accessed in the finding.
Date createdAt
The time at which the access preview finding was created.
String changeType
Provides context on how the access preview finding compares to existing access identified in IAM Access Analyzer.
New - The finding is for newly-introduced access.
Unchanged - The preview finding is an existing finding that would remain unchanged.
Changed - The preview finding is an existing finding with a change in status.
For example, a Changed finding with preview status Resolved and existing status
Active indicates the existing Active finding would become Resolved as a
result of the proposed permissions change.
String status
The preview status of the finding. This is what the status of the finding would be after permissions deployment.
For example, a Changed finding with preview status Resolved and existing status
Active indicates the existing Active finding would become Resolved as a
result of the proposed permissions change.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning account is the account in which the resource was created.
String error
An error.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
String code
The reason code for the current status of the access preview.
String id
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
Date createdAt
The time at which the access preview was created.
String status
The status of the access preview.
Creating - The access preview creation is in progress.
Completed - The access preview is complete and previews the findings for external access to the
resource.
Failed - The access preview creation has failed.
AccessPreviewStatusReason statusReason
String resourceArn
The ARN of the resource that was analyzed.
String resourceType
The type of the resource that was analyzed.
Date createdAt
The time at which the finding was created.
Date analyzedAt
The time at which the resource was analyzed.
Date updatedAt
The time at which the finding was updated.
Boolean isPublic
Indicates whether the policy that generated the finding grants public access to the resource.
List<E> actions
The actions that an external principal is granted permission to use by the policy that generated the finding.
List<E> sharedVia
Indicates how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.
String status
The current status of the finding generated from the analyzed resource.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
An error message.
UnusedAccessConfiguration unusedAccess
Specifies the configuration of an unused access analyzer for an Amazon Web Services organization or account. External access analyzers do not support any configuration.
String arn
The ARN of the analyzer.
String name
The name of the analyzer.
String type
The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.
Date createdAt
A timestamp for the time at which the analyzer was created.
String lastResourceAnalyzed
The resource that was most recently analyzed by the analyzer.
Date lastResourceAnalyzedAt
The time at which the most recently analyzed resource was analyzed.
Map<K,V> tags
The tags added to the analyzer.
String status
The status of the analyzer. An Active analyzer successfully monitors supported resources and
generates new findings. The analyzer is Disabled when a user action, such as removing trusted access
for Identity and Access Management Access Analyzer from Organizations, causes the analyzer to stop generating new
findings. The status is Creating when the analyzer creation is in progress and Failed
when the analyzer creation has failed.
StatusReason statusReason
The statusReason provides more details about the current status of the analyzer. For example, if the
creation for the analyzer fails, a Failed status is returned. For an analyzer with organization as
the type, this failure can be due to an issue with creating the service-linked roles required in the member
accounts of the Amazon Web Services organization.
AnalyzerConfiguration configuration
Specifies whether the analyzer is an external access or unused access analyzer.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String policyDocument
The JSON policy document to use as the content for the policy.
List<E> access
An access object containing the permissions that shouldn't be granted by the specified policy. If only actions are specified, IAM Access Analyzer checks for access of the actions on all resources in the policy. If only resources are specified, then IAM Access Analyzer checks which actions have access to the specified resources. If both actions and resources are specified, then IAM Access Analyzer checks which of the specified actions have access to the specified resources.
String policyType
The type of policy. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups.
Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.
String result
The result of the check for whether the access is allowed. If the result is PASS, the specified
policy doesn't allow any of the specified permissions in the access object. If the result is FAIL,
the specified policy might allow some or all of the permissions in the access object.
String message
The message indicating whether the specified access is allowed.
List<E> reasons
A description of the reasoning of the result.
String newPolicyDocument
The JSON policy document to use as the content for the updated policy.
String existingPolicyDocument
The JSON policy document to use as the content for the existing policy.
String policyType
The type of policy to compare. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups.
Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.
String result
The result of the check for new access. If the result is PASS, no new access is allowed by the
updated policy. If the result is FAIL, the updated policy might allow new access.
String message
The message indicating whether the updated policy allows new access.
List<E> reasons
A description of the reasoning of the result.
String policyDocument
The JSON policy document to evaluate for public access.
String resourceType
The type of resource to evaluate for public access. For example, to check for public access to Amazon S3 buckets,
you can choose AWS::S3::Bucket for the resource type.
For resource types not supported as valid values, IAM Access Analyzer will return an error.
String result
The result of the check for public access to the specified resource type. If the result is PASS, the
policy doesn't allow public access to the specified resource type. If the result is FAIL, the policy
might allow public access to the specified resource type.
String message
The message indicating whether the specified policy allows public access to resources.
List<E> reasons
A list of reasons why the specified resource policy grants public access for the resource type.
List<E> trails
A Trail object that contains settings for a trail.
String accessRole
The ARN of the service role that IAM Access Analyzer uses to access your CloudTrail trail and service last accessed information.
Date startTime
The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp before this time are not considered to generate a policy.
Date endTime
The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp after this time are not considered to generate a policy. If this is not included in the request, the default value is the current time.
List<E> trailProperties
A TrailProperties object that contains settings for trail properties.
Date startTime
The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp before this time are not considered to generate a policy.
Date endTime
The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp after this time are not considered to generate a policy. If this is not included in the request, the default value is the current time.
EbsSnapshotConfiguration ebsSnapshot
The access control configuration is for an Amazon EBS volume snapshot.
EcrRepositoryConfiguration ecrRepository
The access control configuration is for an Amazon ECR repository.
IamRoleConfiguration iamRole
The access control configuration is for an IAM role.
EfsFileSystemConfiguration efsFileSystem
The access control configuration is for an Amazon EFS file system.
KmsKeyConfiguration kmsKey
The access control configuration is for a KMS key.
RdsDbClusterSnapshotConfiguration rdsDbClusterSnapshot
The access control configuration is for an Amazon RDS DB cluster snapshot.
RdsDbSnapshotConfiguration rdsDbSnapshot
The access control configuration is for an Amazon RDS DB snapshot.
SecretsManagerSecretConfiguration secretsManagerSecret
The access control configuration is for a Secrets Manager secret.
S3BucketConfiguration s3Bucket
The access control configuration is for an Amazon S3 bucket.
SnsTopicConfiguration snsTopic
The access control configuration is for an Amazon SNS topic
SqsQueueConfiguration sqsQueue
The access control configuration is for an Amazon SQS queue.
S3ExpressDirectoryBucketConfiguration s3ExpressDirectoryBucket
The access control configuration is for an Amazon S3 directory bucket.
DynamodbStreamConfiguration dynamodbStream
The access control configuration is for a DynamoDB stream.
DynamodbTableConfiguration dynamodbTable
The access control configuration is for a DynamoDB table or index.
String analyzerArn
The ARN
of the account analyzer used to generate the access preview. You can only create an access preview for
analyzers with an Account type and Active status.
Map<K,V> configurations
Access control configuration for your resource that is used to generate the access preview. The access preview includes findings for external access allowed to the resource with the proposed access control configuration. The configuration must contain exactly one element.
String clientToken
A client token.
String id
The unique ID for the access preview.
String analyzerName
The name of the analyzer to create.
String type
The type of analyzer to create. Only ACCOUNT, ORGANIZATION,
ACCOUNT_UNUSED_ACCESS, and ORGANIZATION_UNUSED_ACCESS analyzers are supported. You can
create only one analyzer per account per Region. You can create up to 5 analyzers per organization per Region.
List<E> archiveRules
Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
Map<K,V> tags
An array of key-value pairs to apply to the analyzer.
String clientToken
A client token.
AnalyzerConfiguration configuration
Specifies the configuration of the analyzer. If the analyzer is an unused access analyzer, the specified scope of unused access is used for the configuration. If the analyzer is an external access analyzer, this field is not used.
String arn
The ARN of the analyzer that was created by the request.
List<E> eq
An "equals" operator to match for the filter used to create the rule.
List<E> neq
A "not equals" operator to match for the filter used to create the rule.
List<E> contains
A "contains" operator to match for the filter used to create the rule.
Boolean exists
An "exists" operator to match for the filter used to create the rule.
String streamPolicy
The proposed resource policy defining who can access or manage the DynamoDB stream.
String tablePolicy
The proposed resource policy defining who can access or manage the DynamoDB table.
List<E> userIds
The IDs of the Amazon Web Services accounts that have access to the Amazon EBS volume snapshot.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the
userIds, then the access preview uses the existing shared userIds for the snapshot.
If the access preview is for a new resource and you do not specify the userIds, then the access
preview considers the snapshot without any userIds.
To propose deletion of existing shared accountIds, you can specify an empty list for
userIds.
List<E> groups
The groups that have access to the Amazon EBS volume snapshot. If the value all is specified, then
the Amazon EBS volume snapshot is public.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the groups
, then the access preview uses the existing shared groups for the snapshot.
If the access preview is for a new resource and you do not specify the groups, then the access
preview considers the snapshot without any groups.
To propose deletion of existing shared groups, you can specify an empty list for groups
.
String kmsKeyId
The KMS key identifier for an encrypted Amazon EBS volume snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the
kmsKeyId, or you specify an empty string, then the access preview uses the existing
kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the kmsKeyId, the access preview
considers the snapshot as unencrypted.
String repositoryPolicy
The JSON repository policy text to apply to the Amazon ECR repository. For more information, see Private repository policy examples in the Amazon ECR User Guide.
String fileSystemPolicy
The JSON policy definition to apply to the Amazon EFS file system. For more information on the elements that make up a file system policy, see Amazon EFS Resource-based policies.
List<E> action
The action in the analyzed policy statement that an external principal has permission to use.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in an external access finding.
Boolean isPublic
Specifies whether the external access finding is public.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> sources
The sources of the external access finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
String id
The ID of the finding.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to use.
String resource
The resource that an external principal has access to.
Boolean isPublic
Indicates whether the policy that generated the finding allows public access to the resource.
String resourceType
The type of the resource identified in the finding.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
Date createdAt
The time at which the finding was generated.
Date analyzedAt
The time at which the resource was analyzed.
Date updatedAt
The time at which the finding was updated.
String status
The current status of the finding.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
An error.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
ExternalAccessDetails externalAccessDetails
The details for an external access analyzer finding.
UnusedPermissionDetails unusedPermissionDetails
The details for an unused access analyzer finding with an unused permission finding type.
UnusedIamUserAccessKeyDetails unusedIamUserAccessKeyDetails
The details for an unused access analyzer finding with an unused IAM user access key finding type.
UnusedIamRoleDetails unusedIamRoleDetails
The details for an unused access analyzer finding with an unused IAM role finding type.
UnusedIamUserPasswordDetails unusedIamUserPasswordDetails
The details for an unused access analyzer finding with an unused IAM user password finding type.
String type
Indicates the type of access that generated the finding.
FindingSourceDetail detail
Includes details about how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.
String accessPointArn
The ARN of the access point that generated the finding. The ARN format depends on whether the ARN represents an access point or a multi-region access point.
String accessPointAccount
The account of the cross-account access point that generated the finding.
String id
The ID of the finding.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to use.
String resource
The resource that the external principal has access to.
Boolean isPublic
Indicates whether the finding reports a resource that has a policy that allows public access.
String resourceType
The type of the resource that the external principal has access to.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
Date createdAt
The time at which the finding was created.
Date analyzedAt
The time at which the resource-based policy that generated the finding was analyzed.
Date updatedAt
The time at which the finding was most recently updated.
String status
The status of the finding.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
The error that resulted in an Error finding.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
Date analyzedAt
The time at which the resource-based policy or IAM entity that generated the finding was analyzed.
Date createdAt
The time at which the finding was created.
String error
The error that resulted in an Error finding.
String id
The ID of the finding.
String resource
The resource that the external principal has access to.
String resourceType
The type of the resource that the external principal has access to.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String status
The status of the finding.
Date updatedAt
The time at which the finding was most recently updated.
String findingType
The type of the external access or unused access finding.
String policy
The text to use as the content for the new policy. The policy is created using the CreatePolicy action.
Boolean isComplete
This value is set to true if the generated policy contains all possible actions for a service that
IAM Access Analyzer identified from the CloudTrail trail that you specified, and false otherwise.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
CloudTrailProperties cloudTrailProperties
Lists details about the Trail used to generated policy.
GeneratedPolicyProperties properties
A GeneratedPolicyProperties object that contains properties of the generated policy.
List<E> generatedPolicies
The text to use as the content for the new policy. The policy is created using the CreatePolicy action.
String analyzerArn
The ARN of the analyzer used to generate the finding recommendation.
String id
The unique ID for the finding recommendation.
String accessPreviewId
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
AccessPreview accessPreview
An object that contains information about the access preview.
String analyzerArn
The ARN of the analyzer to retrieve information from.
String resourceArn
The ARN of the resource to retrieve information about.
AnalyzedResource resource
An AnalyzedResource object that contains information that IAM Access Analyzer found when it analyzed
the resource.
String analyzerName
The name of the analyzer retrieved.
AnalyzerSummary analyzer
An AnalyzerSummary object that contains information about the analyzer.
ArchiveRuleSummary archiveRule
String analyzerArn
The ARN of the analyzer used to generate the finding recommendation.
String id
The unique ID for the finding recommendation.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
Date startedAt
The time at which the retrieval of the finding recommendation was started.
Date completedAt
The time at which the retrieval of the finding recommendation was completed.
String nextToken
A token used for pagination of results returned.
RecommendationError error
Detailed information about the reason that the retrieval of a recommendation for the finding failed.
String resourceArn
The ARN of the resource of the finding.
List<E> recommendedSteps
A group of recommended steps for the finding.
String recommendationType
The type of recommendation for the finding.
String status
The status of the retrieval of the finding recommendation.
String analyzerArn
The ARN of the analyzer that generated the finding.
String id
The ID of the finding to retrieve.
Finding finding
A finding object that contains finding details.
String analyzerArn
The ARN of the analyzer that generated the finding.
String id
The ID of the finding to retrieve.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
Date analyzedAt
The time at which the resource-based policy or IAM entity that generated the finding was analyzed.
Date createdAt
The time at which the finding was created.
String error
An error.
String id
The ID of the finding to retrieve.
String nextToken
A token used for pagination of results returned.
String resource
The resource that generated the finding.
String resourceType
The type of the resource identified in the finding.
String resourceOwnerAccount
Tye Amazon Web Services account ID that owns the resource.
String status
The status of the finding.
Date updatedAt
The time at which the finding was updated.
List<E> findingDetails
A localized message that explains the finding and provides guidance on how to address it.
String findingType
The type of the finding. For external access analyzers, the type is ExternalAccess. For unused
access analyzers, the type can be UnusedIAMRole, UnusedIAMUserAccessKey,
UnusedIAMUserPassword, or UnusedPermission.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
Boolean includeResourcePlaceholders
The level of detail that you want to generate. You can specify whether to generate policies with placeholders for resource ARNs for actions that support resource level granularity in policies.
For example, in the resource section of a policy, you can receive a placeholder such as
"Resource":"arn:aws:s3:::${BucketName}" instead of "*".
Boolean includeServiceLevelTemplate
The level of detail that you want to generate. You can specify whether to generate service-level policies.
IAM Access Analyzer uses iam:servicelastaccessed to identify services that have been used recently
to create this service-level template.
JobDetails jobDetails
A GeneratedPolicyDetails object that contains details about the generated policy.
GeneratedPolicyResult generatedPolicyResult
A GeneratedPolicyResult object that contains the generated policies and associated details.
String trustPolicy
The proposed trust policy for the IAM role.
Integer retryAfterSeconds
The seconds to wait to retry.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String status
The status of the job request.
Date startedOn
A timestamp of when the job was started.
Date completedOn
A timestamp of when the job was completed.
JobError jobError
The job error for the policy generation request.
List<E> operations
A list of operations that the grant permits.
String granteePrincipal
The principal that is given permission to perform the operations that the grant permits.
String retiringPrincipal
The principal that is given permission to retire the grant by using RetireGrant operation.
KmsGrantConstraints constraints
Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context.
String issuingAccount
The Amazon Web Services account under which the grant was issued. The account is used to propose KMS grants issued by accounts other than the owner of the key.
Map<K,V> encryptionContextEquals
A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.
Map<K,V> encryptionContextSubset
A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.
Map<K,V> keyPolicies
Resource policy configuration for the KMS key. The only valid value for the name of the key policy is
default. For more information, see Default key
policy.
List<E> grants
A list of proposed grant configurations for the KMS key. If the proposed grant configuration is for an existing key, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the key.
String accessPreviewId
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access.
Map<K,V> filter
Criteria to filter the returned findings.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer to retrieve a list of analyzed resources from.
String resourceType
The type of resource.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer to retrieve findings from.
Map<K,V> filter
A filter to match for the findings to return.
SortCriteria sort
The sort order for the findings returned.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer to retrieve findings from.
Map<K,V> filter
A filter to match for the findings to return.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
SortCriteria sort
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy. Use this with
ListGeneratedPolicies to filter the results to only include results for a specific principal.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
String resourceArn
The ARN of the resource to retrieve tags from.
VpcConfiguration vpcConfiguration
InternetConfiguration internetConfiguration
The configuration for the Amazon S3 access point or multi-region access point with an Internet
origin.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
String status
The status of the policy generation request.
Date startedOn
A timestamp of when the policy generation started.
Date completedOn
A timestamp of when the policy generation was completed.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
List<E> accountIds
The Amazon Web Services account IDs that have access to the manual Amazon RDS DB cluster snapshot. If the value
all is specified, then the Amazon RDS DB cluster snapshot is public and can be copied or restored by
all Amazon Web Services accounts.
If the configuration is for an existing Amazon RDS DB cluster snapshot and you do not specify the
accountIds in RdsDbClusterSnapshotAttributeValue, then the access preview uses the
existing shared accountIds for the snapshot.
If the access preview is for a new resource and you do not specify the specify the accountIds in
RdsDbClusterSnapshotAttributeValue, then the access preview considers the snapshot without any
attributes.
To propose deletion of existing shared accountIds, you can specify an empty list for
accountIds in the RdsDbClusterSnapshotAttributeValue.
Map<K,V> attributes
The names and values of manual DB cluster snapshot attributes. Manual DB cluster snapshot attributes are used to
authorize other Amazon Web Services accounts to restore a manual DB cluster snapshot. The only valid value for
AttributeName for the attribute map is restore
String kmsKeyId
The KMS key identifier for an encrypted Amazon RDS DB cluster snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon RDS DB cluster snapshot and you do not specify the
kmsKeyId, or you specify an empty string, then the access preview uses the existing
kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the specify the kmsKeyId, then
the access preview considers the snapshot as unencrypted.
List<E> accountIds
The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot. If the value
all is specified, then the Amazon RDS DB snapshot is public and can be copied or restored by all
Amazon Web Services accounts.
If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the accountIds
in RdsDbSnapshotAttributeValue, then the access preview uses the existing shared
accountIds for the snapshot.
If the access preview is for a new resource and you do not specify the specify the accountIds in
RdsDbSnapshotAttributeValue, then the access preview considers the snapshot without any attributes.
To propose deletion of an existing shared accountIds, you can specify an empty list for
accountIds in the RdsDbSnapshotAttributeValue.
Map<K,V> attributes
The names and values of manual DB snapshot attributes. Manual DB snapshot attributes are used to authorize other
Amazon Web Services accounts to restore a manual DB snapshot. The only valid value for attributeName
for the attribute map is restore.
String kmsKeyId
The KMS key identifier for an encrypted Amazon RDS DB snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the kmsKeyId,
or you specify an empty string, then the access preview uses the existing kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the specify the kmsKeyId, then
the access preview considers the snapshot as unencrypted.
UnusedPermissionsRecommendedStep unusedPermissionsRecommendedStep
A recommended step for an unused permissions finding.
String accessPointPolicy
The access point or multi-region access point policy.
S3PublicAccessBlockConfiguration publicAccessBlock
The proposed S3PublicAccessBlock configuration to apply to this Amazon S3 access point or
multi-region access point.
NetworkOriginConfiguration networkOrigin
The proposed Internet and VpcConfiguration to apply to this Amazon S3 access point.
VpcConfiguration does not apply to multi-region access points. If the access preview is for a new
resource and neither is specified, the access preview uses Internet for the network origin. If the
access preview is for an existing resource and neither is specified, the access preview uses the exiting network
origin.
String permission
The permissions being granted.
AclGrantee grantee
The grantee to whom you’re assigning access rights.
String bucketPolicy
The proposed bucket policy for the Amazon S3 bucket.
List<E> bucketAclGrants
The proposed list of ACL grants for the Amazon S3 bucket. You can propose up to 100 ACL grants per bucket. If the proposed grant configuration is for an existing bucket, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the bucket.
S3PublicAccessBlockConfiguration bucketPublicAccessBlock
The proposed block public access configuration for the Amazon S3 bucket.
Map<K,V> accessPoints
The configuration of Amazon S3 access points or multi-region access points for the bucket. You can propose up to 10 new access points per bucket.
String bucketPolicy
The proposed bucket policy for the Amazon S3 directory bucket.
String topicPolicy
The JSON policy text that defines who can access an Amazon SNS topic. For more information, see Example cases for Amazon SNS access control in the Amazon SNS Developer Guide.
String queuePolicy
The proposed resource policy for the Amazon SQS queue.
PolicyGenerationDetails policyGenerationDetails
Contains the ARN of the IAM entity (user or role) for which you are generating a policy.
CloudTrailDetails cloudTrailDetails
A CloudTrailDetails object that contains details about a Trail that you want to analyze
to generate policies.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, the subsequent retries with the same client token return the result from the original successful request and they have no additional effect.
If you do not specify a client token, one is automatically generated by the Amazon Web Services SDK.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String analyzerArn
The ARN of the analyzer to use to scan the policies applied to the specified resource.
String resourceArn
The ARN of the resource to scan.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning account is the account in which the resource was created.
String code
The reason code for the current status of the analyzer.
Integer retryAfterSeconds
The seconds to wait to retry.
String cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
List<E> regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Boolean allRegions
Possible values are true or false. If set to true, IAM Access Analyzer
retrieves CloudTrail data from all regions to analyze and generate a policy.
String cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
List<E> regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Boolean allRegions
Possible values are true or false. If set to true, IAM Access Analyzer
retrieves CloudTrail data from all regions to analyze and generate a policy.
Integer unusedAccessAge
The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 180 days.
Date lastAccessed
The time at which the role was last accessed.
Date lastAccessed
The time at which the password was last accessed.
List<E> actions
A list of unused actions for which the unused access finding was generated.
String serviceNamespace
The namespace of the Amazon Web Services service that contains the unused actions.
Date lastAccessed
The time at which the permission was last accessed.
Date policyUpdatedAt
The time at which the existing policy for the unused permissions finding was last updated.
String recommendedAction
A recommendation of whether to create or detach a policy for an unused permissions finding.
String recommendedPolicy
If the recommended action for the unused permissions finding is to replace the existing policy, the contents of
the recommended policy to replace the policy specified in the existingPolicyId field.
String existingPolicyId
If the recommended action for the unused permissions finding is to detach a policy, the ID of an existing policy to be detached.
String analyzerName
The name of the analyzer to update the archive rules for.
String ruleName
The name of the rule to update.
Map<K,V> filter
A filter to match for the rules to update. Only rules that match the filter are updated.
String clientToken
A client token.
String analyzerArn
The ARN of the analyzer that generated the findings to update.
String status
The state represents the action to take to update the finding Status. Use ARCHIVE to change an
Active finding to an Archived finding. Use ACTIVE to change an Archived finding to an Active
finding.
List<E> ids
The IDs of the findings to update.
String resourceArn
The ARN of the resource identified in the finding.
String clientToken
A client token.
String findingDetails
A localized message that explains the finding and provides guidance on how to address it.
String findingType
The impact of the finding.
Security warnings report when the policy allows access that we consider overly permissive.
Errors report when a part of the policy is not functional.
Warnings report non-security issues when a policy does not conform to policy writing best practices.
Suggestions recommend stylistic improvements in the policy that do not impact access.
String issueCode
The issue code provides an identifier of the issue associated with this finding.
String learnMoreLink
A link to additional documentation about the type of finding.
List<E> locations
The list of locations in the policy document that are related to the finding. The issue code provides a summary of an issue identified by the finding.
String locale
The locale to use for localizing the findings.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
String policyDocument
The JSON policy document to use as the content for the policy.
String policyType
The type of policy to validate. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups.
Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.
Service control policies (SCPs) are a type of organization policy attached to an Amazon Web Services organization, organizational unit (OU), or an account.
String validatePolicyResourceType
The type of resource to attach to your resource policy. Specify a value for the policy validation resource type
only if the policy type is RESOURCE_POLICY. For example, to validate a resource policy to attach to
an Amazon S3 bucket, you can choose AWS::S3::Bucket for the policy validation resource type.
For resource types not supported as valid values, IAM Access Analyzer runs policy checks that apply to all resource policies. For example, to validate a resource policy to attach to a KMS key, do not specify a value for the policy validation resource type and IAM Access Analyzer will run policy checks that apply to all resource policies.
String vpcId
If this field is specified, this access point will only allow connections from the specified VPC ID.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
This operation can only be called from the management account or the delegated administrator account of an organization for a member account.
The management account can't specify its own AccountId.
String otp
The OTP code sent to the PrimaryEmail specified on the StartPrimaryEmailUpdate API
call.
String primaryEmail
The new primary email address for use with the specified account. This must match the PrimaryEmail
from the StartPrimaryEmailUpdate API call.
String status
Retrieves the status of the accepted primary email update request.
String alternateContactType
The type of alternate contact.
String emailAddress
The email address associated with this alternate contact.
String name
The name associated with this alternate contact.
String phoneNumber
The phone number associated with this alternate contact.
String title
The title associated with this alternate contact.
String addressLine1
The first line of the primary contact address.
String addressLine2
The second line of the primary contact address, if any.
String addressLine3
The third line of the primary contact address, if any.
String city
The city of the primary contact address.
String companyName
The name of the company associated with the primary contact information, if any.
String countryCode
The ISO-3166 two-letter country code for the primary contact address.
String districtOrCounty
The district or county of the primary contact address, if any.
String fullName
The full name of the primary contact address.
String phoneNumber
The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation.
String postalCode
The postal code of the primary contact address.
String stateOrRegion
The state or region of the primary contact address. If the mailing address is within the United States (US), the
value in this field can be either a two character state code (for example, NJ) or the full state
name (for example, New Jersey). This field is required in the following countries: US,
CA, GB, DE, JP, IN, and BR.
String websiteUrl
The URL of the website associated with the primary contact information, if any.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which of the alternate contacts to delete.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). When you disable a
Region, Amazon Web Services performs actions to deactivate that Region in your account, such as destroying IAM
resources in the Region. This process takes a few minutes for most accounts, but this can take several hours. You
cannot enable the Region until the disabling process is fully completed.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). When you enable a
Region, Amazon Web Services performs actions to prepare your account in that Region, such as distributing your
IAM resources to the Region. This process takes a few minutes for most accounts, but it can take several hours.
You cannot use the Region until this process is complete. Furthermore, you cannot disable the Region until the
enabling process is fully completed.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which alternate contact you want to retrieve.
AlternateContact alternateContact
A structure that contains the details for the specified alternate contact.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
ContactInformation contactInformation
Contains the details of the primary contact information associated with an Amazon Web Services account.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
This operation can only be called from the management account or the delegated administrator account of an organization for a member account.
The management account can't specify its own AccountId.
String primaryEmail
Retrieves the primary email address associated with the specified account.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). This function will
return the status of whatever Region you pass into this parameter.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
Integer maxResults
The total number of items to return in the command’s output. If the total number of items available is more than
the value specified, a NextToken is provided in the command’s output. To resume pagination, provide
the NextToken value in the starting-token argument of a subsequent command. Do not use
the NextToken response element directly outside of the Amazon Web Services CLI. For usage examples,
see Pagination in the Amazon Web
Services Command Line Interface User Guide.
String nextToken
A token used to specify where to start paginating. This is the NextToken from a previously truncated
response. For usage examples, see Pagination in the Amazon Web
Services Command Line Interface User Guide.
List<E> regionOptStatusContains
A list of Region statuses (Enabling, Enabled, Disabling, Disabled, Enabled_by_default) to use to filter the list of Regions for a given account. For example, passing in a value of ENABLING will only return a list of Regions with a Region status of ENABLING.
String nextToken
If there is more data to be returned, this will be populated. It should be passed into the
next-token request parameter of list-regions.
List<E> regions
This is a list of Regions for a given account, or if the filtered parameter was used, a list of Regions that
match the filter criteria set in the filter parameter.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which alternate contact you want to create or update.
String emailAddress
Specifies an email address for the alternate contact.
String name
Specifies a name for the alternate contact.
String phoneNumber
Specifies a phone number for the alternate contact.
String title
Specifies a title for the alternate contact.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
ContactInformation contactInformation
Contains the details of the primary contact information associated with an Amazon Web Services account.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
This operation can only be called from the management account or the delegated administrator account of an organization for a member account.
The management account can't specify its own AccountId.
String primaryEmail
The new primary email address (also known as the root user email address) to use in the specified account.
String status
The status of the primary email update request.
AccessMethod accessMethod
The type and format of AccessDescription information.
GeneralName accessLocation
The location of AccessDescription information.
String customObjectIdentifier
An object identifier (OID) specifying the AccessMethod. The OID must satisfy the regular expression
shown below. For more information, see NIST's definition of Object Identifier (OID).
String accessMethodType
Specifies the AccessMethod.
Extensions extensions
Specifies X.509 extension information for a certificate.
ASN1Subject subject
String country
Two-digit code that specifies the country in which the certificate subject located.
String organization
Legal name of the organization with which the certificate subject is affiliated.
String organizationalUnit
A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.
String distinguishedNameQualifier
Disambiguating information for the certificate subject.
String state
State in which the subject of the certificate is located.
String commonName
For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit.
Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.
String serialNumber
The certificate serial number.
String locality
The locality (such as a city or town) in which the certificate subject is located.
String title
A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.
String surname
Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.
String givenName
First name.
String initials
Concatenation that typically contains the first letter of the GivenName, the first letter of the middle name if one exists, and the first letter of the Surname.
String pseudonym
Typically a shortened version of a longer GivenName. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.
String generationQualifier
Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.
List<E> customAttributes
Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of Object Identifier (OID).
Custom attributes cannot be used in combination with standard attributes.
String arn
Amazon Resource Name (ARN) for your private certificate authority (CA). The format is
12345678-1234-1234-1234-123456789012 .
String ownerAccount
The Amazon Web Services account ID that owns the certificate authority.
Date createdAt
Date and time at which your private CA was created.
Date lastStateChangeAt
Date and time at which your private CA was last updated.
String type
Type of your private CA.
String serial
Serial number of your private CA.
String status
Status of your private CA.
Date notBefore
Date and time before which your private CA certificate is not valid.
Date notAfter
Date and time after which your private CA certificate is not valid.
String failureReason
Reason the request to create your private CA failed.
CertificateAuthorityConfiguration certificateAuthorityConfiguration
Your private CA configuration.
RevocationConfiguration revocationConfiguration
Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.
Date restorableUntil
The period during which a deleted CA can be restored. For more information, see the
PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthorityRequest action.
String keyStorageSecurityStandard
Defines a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly
specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value)
results in an InvalidArgsException with the message
"A certificate authority cannot be created in this region with the specified security standard."
String usageMode
Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.
String keyAlgorithm
Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.
String signingAlgorithm
Name of the algorithm your private CA uses to sign certificate requests.
This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates
when they are issued.
ASN1Subject subject
Structure that contains X.500 distinguished name information for your private CA.
CsrExtensions csrExtensions
Specifies information to be added to the extension section of the certificate signing request (CSR).
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the CA to be audited. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String s3BucketName
The name of the S3 bucket that will contain the audit report.
String auditReportResponseFormat
The format in which to create the report. This can be either JSON or CSV.
CertificateAuthorityConfiguration certificateAuthorityConfiguration
Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
RevocationConfiguration revocationConfiguration
Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. The default is for both certificate validation mechanisms to be disabled.
The following requirements apply to revocation configurations.
A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail
if other parameters such as CustomCname or ExpirationInDays are included.
In a CRL configuration, the S3BucketName parameter must conform to Amazon S3 bucket naming
rules.
A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
For more information, see the OcspConfiguration and CrlConfiguration types.
String certificateAuthorityType
The type of the certificate authority.
String idempotencyToken
Custom string that can be used to distinguish between calls to the CreateCertificateAuthority action. Idempotency tokens for CreateCertificateAuthority time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within five minutes, Amazon Web Services Private CA recognizes that you are requesting only certificate authority and will issue only one. If you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificate authorities.
String keyStorageSecurityStandard
Specifies a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Some Amazon Web Services Regions do not support the default. When creating a CA in these Regions, you must
provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument for KeyStorageSecurityStandard.
Failure to do this results in an InvalidArgsException with the message,
"A certificate authority cannot be created in this region with the specified security standard."
For information about security standard support in various Regions, see Storage and security compliance of Amazon Web Services Private CA private keys.
List<E> tags
Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags.
String usageMode
Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.
String certificateAuthorityArn
If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the CA that grants the permissions. You can find the ARN by calling the ListCertificateAuthorities action. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String principal
The Amazon Web Services service or identity that receives the permission. At this time, the only valid principal
is acm.amazonaws.com.
String sourceAccount
The ID of the calling account.
List<E> actions
The actions that the specified Amazon Web Services service principal can use. These include
IssueCertificate, GetCertificate, and ListPermissions.
Boolean enabled
Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.
Integer expirationInDays
Validity period of the CRL in days.
String customCname
Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
String s3BucketName
Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority operation. You must specify a bucket policy that allows Amazon Web Services Private CA to write the CRL to your bucket.
The S3BucketName parameter must conform to the S3 bucket naming rules.
String s3ObjectAcl
Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access.
If no value is specified, the default is PUBLIC_READ.
Note: This default can cause CA creation to fail in some circumstances. If you have have enabled the Block
Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as
BUCKET_OWNER_FULL_CONTROL, and not doing so results in an error. If you have disabled BPA in S3,
then you can specify either BUCKET_OWNER_FULL_CONTROL or PUBLIC_READ as the value.
For more information, see Blocking public access to the S3 bucket.
CrlDistributionPointExtensionConfiguration crlDistributionPointExtensionConfiguration
Configures the behavior of the CRL Distribution Point extension for certificates issued by your certificate authority. If this field is not provided, then the CRl Distribution Point Extension will be present and contain the default CRL URL.
Boolean omitExtension
Configures whether the CRL Distribution Point extension should be populated with the default URL to the CRL. If
set to true, then the CDP extension will not be present in any certificates issued by that CA unless
otherwise specified through CSR or API passthrough.
Only set this if you have another way to distribute the CRL Distribution Points ffor certificates issued by your CA, such as the Matter Distributed Compliance Ledger
This configuration cannot be enabled with a custom CNAME set.
KeyUsage keyUsage
Indicates the purpose of the certificate and of the key contained in the certificate.
List<E> subjectInformationAccess
For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see Subject Information Access in RFC 5280.
String objectIdentifier
Specifies the object identifier (OID) of the X.509 extension. For more information, see the Global OID reference database.
String value
Specifies the base64-encoded value of the X.509 extension.
Boolean critical
Specifies the critical flag of the X.509 extension.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
Integer permanentDeletionTimeInDays
The number of days to make a CA restorable after it has been deleted. This can be anywhere from 7 to 30 days, with 30 being the default.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA that issued the permissions. You can find the CA's ARN by calling the ListCertificateAuthorities action. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String principal
The Amazon Web Services service or identity that will have its CA permissions revoked. At this time, the only
valid service principal is acm.amazonaws.com
String sourceAccount
The Amazon Web Services account that calls this action.
String resourceArn
The Amazon Resource Number (ARN) of the private CA that will have its policy deleted. You can find the CA's ARN
by calling the ListCertificateAuthorities action. The ARN value must have the form
arn:aws:acm-pca:region:account:certificate-authority/01234567-89ab-cdef-0123-0123456789ab.
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the private CA. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String auditReportId
The report ID returned by calling the CreateCertificateAuthorityAuditReport action.
String auditReportStatus
Specifies whether report creation is in progress, has succeeded, or has failed.
String s3BucketName
Name of the S3 bucket that contains the report.
String s3Key
S3 key that uniquely identifies the report file in your S3 bucket.
Date createdAt
The date and time at which the report was created.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
CertificateAuthority certificateAuthority
A CertificateAuthority structure that contains information about your private CA.
List<E> certificatePolicies
Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of Object Identifier (OID).
In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.
List<E> extendedKeyUsage
Specifies additional purposes for which the certified public key may be used other than basic purposes indicated
in the KeyUsage extension.
KeyUsage keyUsage
List<E> subjectAlternativeNames
The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.
List<E> customExtensions
Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the Global OID reference database.
OtherName otherName
Represents GeneralName using an OtherName object.
String rfc822Name
Represents GeneralName as an RFC 822
email address.
String dnsName
Represents GeneralName as a DNS name.
ASN1Subject directoryName
EdiPartyName ediPartyName
Represents GeneralName as an EdiPartyName object.
String uniformResourceIdentifier
Represents GeneralName as a URI.
String ipAddress
Represents GeneralName as an IPv4 or IPv6 address.
String registeredId
Represents GeneralName as an object identifier (OID).
String certificateAuthorityArn
The Amazon Resource Name (ARN) of your private CA. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificate
Base64-encoded certificate authority (CA) certificate.
String certificateChain
Base64-encoded certificate chain that includes any intermediate certificates and chains up to root certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. If this is a root CA, the value will be null.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
String csr
The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificateArn
The ARN of the issued certificate. The ARN contains the certificate serial number and must be in the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245
String resourceArn
The Amazon Resource Number (ARN) of the private CA that will have its policy retrieved. You can find the CA's ARN by calling the ListCertificateAuthorities action.
</p>
String policy
The policy attached to the private CA as a JSON document.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
ByteBuffer certificate
The PEM-encoded certificate for a private CA. This may be a self-signed certificate in the case of a root CA, or it may be signed by another CA that you control.
ByteBuffer certificateChain
A PEM-encoded file that contains all of your certificates, other than the certificate you're importing, chaining up to your root CA. Your Amazon Web Services Private CA-hosted or on-premises root certificate is the last in the chain, and each certificate in the chain signs the one preceding.
This parameter must be supplied when you import a subordinate CA. When you import a root CA, there is no chain.
ApiPassthrough apiPassthrough
Specifies X.509 certificate information to be included in the issued certificate. An APIPassthrough
or APICSRPassthrough template variant must be selected, or else this parameter is ignored. For more
information about using these templates, see Understanding Certificate
Templates.
If conflicting or duplicate certificate information is supplied during certificate issuance, Amazon Web Services Private CA applies order of operation rules to determine what information is used.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
ByteBuffer csr
The certificate signing request (CSR) for the certificate you want to issue. As an example, you can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.
openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr
If you have a configuration file, you can then use the following OpenSSL command. The usr_cert block
in the configuration file contains your X509 version 3 extensions.
openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr
Note: A CSR must provide either a subject name or a subject alternative name or the request will be rejected.
String signingAlgorithm
The name of the algorithm that will be used to sign the certificate to be issued.
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the
CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) must match the algorithm family of the CA's secret key.
String templateArn
Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided,
Amazon Web Services Private CA defaults to the EndEntityCertificate/V1 template. For CA
certificates, you should choose the shortest path length that meets your needs. The path length is indicated by
the PathLenN portion of the ARN, where N is the CA depth.
Note: The CA depth configured on a subordinate CA certificate must not exceed the limit set by its parents in the CA hierarchy.
For a list of TemplateArn values supported by Amazon Web Services Private CA, see Understanding Certificate
Templates.
Validity validity
Information describing the end of the validity period of the certificate. This parameter sets the “Not After” date for the certificate.
Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280.
This value is unaffected when ValidityNotBefore is also specified. For example, if
Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time
regardless of the ValidityNotBefore value.
The end of the validity period configured on a certificate must not exceed the limit set on its parents in the CA hierarchy.
Validity validityNotBefore
Information describing the start of the validity period of the certificate. This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, Amazon Web Services Private CA sets the "Not Before" date to the issuance
time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The
ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the
Validity type value ABSOLUTE. For more information, see Validity in this API
reference and Validity in RFC 5280.
String idempotencyToken
Alphanumeric string that can be used to distinguish between calls to the IssueCertificate action. Idempotency tokens for IssueCertificate time out after five minutes. Therefore, if you call IssueCertificate multiple times with the same idempotency token within five minutes, Amazon Web Services Private CA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificates.
String certificateArn
The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245
Boolean digitalSignature
Key can be used for digital signing.
Boolean nonRepudiation
Key can be used for non-repudiation.
Boolean keyEncipherment
Key can be used to encipher data.
Boolean dataEncipherment
Key can be used to decipher data.
Boolean keyAgreement
Key can be used in a key-agreement protocol.
Boolean keyCertSign
Key can be used to sign certificates.
Boolean cRLSign
Key can be used to sign CRLs.
Boolean encipherOnly
Key can be used only to encipher data.
Boolean decipherOnly
Key can be used only to decipher data.
Integer maxResults
Use this parameter when paginating results to specify the maximum number of items to return in the response on
each page. If additional items exist beyond the number you specify, the NextToken element is sent in
the response. Use this NextToken value in a subsequent request to retrieve additional items.
Although the maximum value is 1000, the action only returns a maximum of 100 items.
String nextToken
Use this parameter when paginating results in a subsequent request after you receive a response with truncated
results. Set it to the value of the NextToken parameter from the response you just received.
String resourceOwner
Use this parameter to filter the returned set of certificate authorities based on their owner. The default is SELF.
Integer maxResults
When paginating results, use this parameter to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.
String nextToken
When paginating results, use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA to inspect. You can find the ARN by calling the ListCertificateAuthorities action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 You can
get a private CA's ARN by running the ListCertificateAuthorities action.
String nextToken
When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.
List<E> permissions
Summary information about each permission assigned by the specified private CA, including the action enabled, the policy provided, and the time of creation.
Integer maxResults
Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.
String nextToken
Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
Boolean enabled
Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
String ocspCustomCname
By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
For more information, see Customizing Online Certificate Status Protocol (OCSP) in the Amazon Web Services Private Certificate Authority User Guide.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA from which the permission was issued.
Date createdAt
The time at which the permission was created.
String principal
The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is
acm.amazonaws.com.
String sourceAccount
The ID of the account that assigned the permission.
List<E> actions
The private CA actions that can be performed by the designated Amazon Web Services service.
String policy
The name of the policy that is associated with the permission.
String certPolicyId
Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of Object Identifier (OID).
List<E> policyQualifiers
Modifies the given CertPolicyId with a qualifier. Amazon Web Services Private CA supports the
certification practice statement (CPS) qualifier.
String resourceArn
The Amazon Resource Number (ARN) of the private CA to associate with the policy. The ARN of the CA can be found by calling the ListCertificateAuthorities action.
String policy
The path and file name of a JSON-formatted IAM policy to attach to the specified private CA resource. If this
policy does not contain all required statements or if it includes any statement that is not allowed, the
PutPolicy action returns an InvalidPolicyException. For information about IAM policy
and statement structure, see Overview of
JSON Policies.
String cpsUri
Contains a pointer to a certification practice statement (CPS) published by the CA.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
CrlConfiguration crlConfiguration
Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.
OcspConfiguration ocspConfiguration
Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.
String certificateAuthorityArn
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
String certificateSerial
Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling GetCertificate with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The GetCertificate action retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.
openssl x509 -in file_path -text -noout
You can also copy the serial number from the console or use the DescribeCertificate action in the Certificate Manager API Reference.
String revocationReason
Specifies why you revoked the certificate.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
List<E> tags
List of tags to be associated with the CA.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
List<E> tags
List of tags to be removed from the CA.
String certificateAuthorityArn
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
RevocationConfiguration revocationConfiguration
Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. If this parameter is not supplied, existing capibilites remain unchanged. For more information, see the OcspConfiguration and CrlConfiguration types.
The following requirements apply to revocation configurations.
A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail
if other parameters such as CustomCname or ExpirationInDays are included.
In a CRL configuration, the S3BucketName parameter must conform to Amazon S3 bucket naming
rules.
A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
String status
Status of your private CA.
Long value
A long integer interpreted according to the value of Type, below.
String type
Determines how Amazon Web Services Private CA interprets the Value parameter, an integer.
Supported validity types include those listed below. Type definitions with values include a sample input value
and the resulting output.
END_DATE: The specific date and time when the certificate will expire, expressed using UTCTime
(YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is
greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is
interpreted as 20YY.
Sample input value: 491231235959 (UTCTime format)
Output expiration date/time: 12/31/2049 23:59:59
ABSOLUTE: The specific date and time when the validity of a certificate will start or expire,
expressed in seconds since the Unix Epoch.
Sample input value: 2524608000
Output expiration date/time: 01/01/2050 00:00:00
DAYS, MONTHS, YEARS: The relative time from the moment of issuance until
the certificate will expire, expressed in days, months, or years.
Example if DAYS, issued on 10/12/2020 at 12:34:54 UTC:
Sample input value: 90
Output expiration date: 01/10/2020 12:34:54 UTC
The minimum validity duration for a certificate using relative time (DAYS) is one day. The minimum
validity for a certificate using absolute time (ABSOLUTE or END_DATE) is one second.
String appId
The unique ID of the Amplify app.
String appArn
The Amazon Resource Name (ARN) of the Amplify app.
String name
The name for the Amplify app.
Map<K,V> tags
The tag for the Amplify app.
String description
The description for the Amplify app.
String repository
The Git repository for the Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
Date createTime
Creates a date and time for the Amplify app.
Date updateTime
Updates the date and time for the Amplify app.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) of the Amplify app.
Map<K,V> environmentVariables
The environment variables for the Amplify app.
For a list of the environment variables that are accessible to Amplify by default, see Amplify Environment variables in the Amplify Hosting User Guide.
String defaultDomain
The default domain for the Amplify app.
Boolean enableBranchAutoBuild
Enables the auto-building of branches for the Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnect a branch in the Amplify console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for the Amplify app's branches.
String basicAuthCredentials
The basic authorization credentials for branches for the Amplify app. You must base64-encode the authorization
credentials and provide them in the format user:password.
List<E> customRules
Describes the custom redirect and rewrite rules for the Amplify app.
ProductionBranch productionBranch
Describes the information about a production branch of the Amplify app.
String buildSpec
Describes the content of the build specification (build spec) for the Amplify app.
String customHeaders
Describes the custom HTTP headers for the Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for the Amplify app.
List<E> autoBranchCreationPatterns
Describes the automated branch creation glob patterns for the Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
Describes the automated branch creation configuration for the Amplify app.
String repositoryCloneMethod
This is for internal use.
The Amplify service uses this parameter to specify the authentication protocol to use to access the Git
repository for an Amplify app. Amplify specifies TOKEN for a GitHub repository, SIGV4
for an Amazon Web Services CodeCommit repository, and SSH for GitLab and Bitbucket repositories.
String stage
Describes the current stage for the autocreated branch.
String framework
The framework for the autocreated branch.
Boolean enableAutoBuild
Enables auto building for the autocreated branch.
Map<K,V> environmentVariables
The environment variables for the autocreated branch.
String basicAuthCredentials
The basic authorization credentials for the autocreated branch. You must base64-encode the authorization
credentials and provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the autocreated branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String buildSpec
The build specification (build spec) for the autocreated branch.
Boolean enablePullRequestPreview
Enables pull request previews for the autocreated branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String stackArn
The Amazon Resource Name (ARN) for the CloudFormation stack.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
String environmentName
The name for a backend environment that is part of an Amplify app.
String stackName
The AWS CloudFormation stack name of a backend environment.
String deploymentArtifacts
The name of deployment artifacts.
Date createTime
The creation date and time for a backend environment that is part of an Amplify app.
Date updateTime
The last updated date and time for a backend environment that is part of an Amplify app.
String branchArn
The Amazon Resource Name (ARN) for a branch that is part of an Amplify app.
String branchName
The name for the branch that is part of an Amplify app.
String description
The description for the branch that is part of an Amplify app.
Map<K,V> tags
The tag for the branch of an Amplify app.
String stage
The current stage for the branch that is part of an Amplify app.
String displayName
The display name for the branch. This is used as the default domain prefix.
Boolean enableNotification
Enables notifications for a branch that is part of an Amplify app.
Date createTime
The creation date and time for a branch that is part of an Amplify app.
Date updateTime
The last updated date and time for a branch that is part of an Amplify app.
Map<K,V> environmentVariables
The environment variables specific to a branch of an Amplify app.
Boolean enableAutoBuild
Enables auto-building on push for a branch of an Amplify app.
List<E> customDomains
The custom domains for a branch of an Amplify app.
String framework
The framework for a branch of an Amplify app.
String activeJobId
The ID of the active job for a branch of an Amplify app.
String totalNumberOfJobs
The total number of jobs that are part of an Amplify app.
Boolean enableBasicAuth
Enables basic authorization for a branch of an Amplify app.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String thumbnailUrl
The thumbnail URL for the branch of an Amplify app.
String basicAuthCredentials
The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization
credentials and provide them in the format user:password.
String buildSpec
The build specification (build spec) content for the branch of an Amplify app.
String ttl
The content Time to Live (TTL) for the website in seconds.
List<E> associatedResources
A list of custom resources that are linked to this branch.
Boolean enablePullRequestPreview
Enables pull request previews for the branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String destinationBranch
The destination branch if the branch is a pull request branch.
String sourceBranch
The source branch if the branch is a pull request branch.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
This property is available to Amplify Gen 1 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code.
Backend backend
String type
The type of SSL/TLS certificate that you want to use.
Specify AMPLIFY_MANAGED to use the default certificate that Amplify provisions for you.
Specify CUSTOM to use your own certificate that you have already added to Certificate Manager in
your Amazon Web Services account. Make sure you request (or import) the certificate in the US East (N. Virginia)
Region (us-east-1). For more information about using ACM, see Importing certificates into
Certificate Manager in the ACM User guide .
String customCertificateArn
The Amazon resource name (ARN) for a custom certificate that you have already added to Certificate Manager in your Amazon Web Services account.
This field is required only when the certificate type is CUSTOM.
String certificateVerificationDNSRecord
The DNS record for certificate verification.
String type
The certificate type.
Specify AMPLIFY_MANAGED to use the default certificate that Amplify provisions for you.
Specify CUSTOM to use your own certificate that you have already added to Certificate Manager in
your Amazon Web Services account. Make sure you request (or import) the certificate in the US East (N. Virginia)
Region (us-east-1). For more information about using ACM, see Importing certificates into
Certificate Manager in the ACM User guide.
String customCertificateArn
The Amazon resource name (ARN) for the custom certificate that you have already added to Certificate Manager in your Amazon Web Services account.
This field is required only when the certificate type is CUSTOM.
String name
The name of the Amplify app.
String description
The description of the Amplify app.
String repository
The Git repository for the Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for an Amplify app.
String oauthToken
The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.
Use oauthToken for repository providers other than GitHub, such as Bitbucket or CodeCommit. To
authorize access to GitHub as your repository provider, use accessToken.
You must specify either oauthToken or accessToken when you create a new app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
String accessToken
The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.
Use accessToken for GitHub repositories only. To authorize access to a repository provider such as
Bitbucket or CodeCommit, use oauthToken.
You must specify either accessToken or oauthToken when you create a new app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
Map<K,V> environmentVariables
The environment variables map for an Amplify app.
For a list of the environment variables that are accessible to Amplify by default, see Amplify Environment variables in the Amplify Hosting User Guide.
Boolean enableBranchAutoBuild
Enables the auto building of branches for an Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnects a branch in the Amplify console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.
String basicAuthCredentials
The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials
and provide them in the format user:password.
List<E> customRules
The custom rewrite and redirect rules for an Amplify app.
Map<K,V> tags
The tag for an Amplify app.
String buildSpec
The build specification (build spec) for an Amplify app.
String customHeaders
The custom HTTP headers for an Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for an Amplify app.
List<E> autoBranchCreationPatterns
The automated branch creation glob patterns for an Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
The automated branch creation configuration for an Amplify app.
App app
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
String appId
The unique ID for an Amplify app.
String branchName
The name for the branch.
String description
The description for the branch.
String stage
Describes the current stage for the branch.
String framework
The framework for the branch.
Boolean enableNotification
Enables notifications for the branch.
Boolean enableAutoBuild
Enables auto building for the branch.
Map<K,V> environmentVariables
The environment variables for the branch.
String basicAuthCredentials
The basic authorization credentials for the branch. You must base64-encode the authorization credentials and
provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
Map<K,V> tags
The tag for the branch.
String buildSpec
The build specification (build spec) for the branch.
String ttl
The content Time To Live (TTL) for the website in seconds.
String displayName
The display name for a branch. This is used as the default domain prefix.
Boolean enablePullRequestPreview
Enables pull request previews for this branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of a Gen 1 Amplify app.
This field is available to Amplify Gen 1 apps only where the backend is created using Amplify Studio or the Amplify command line interface (CLI).
Backend backend
The backend for a Branch of an Amplify app. Use for a backend created from an CloudFormation stack.
This field is available to Amplify Gen 2 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code.
Branch branch
Describes the branch for an Amplify app, which maps to a third-party repository branch.
String appId
The unique ID for an Amplify app.
String branchName
The name of the branch to use for the job.
Map<K,V> fileMap
An optional file map that contains the file name as the key and the file content md5 hash as the value. If this argument is provided, the service will generate a unique upload URL per file. Otherwise, the service will only generate a single upload URL for the zipped files.
String jobId
The job ID for this deployment. will supply to start deployment api.
Map<K,V> fileUploadUrls
When the fileMap argument is provided in the request, fileUploadUrls will contain a map
of file names to upload URLs.
String zipUploadUrl
When the fileMap argument is not provided in the request, this zipUploadUrl is
returned.
String appId
The unique ID for an Amplify app.
String domainName
The domain name for the domain association.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> subDomainSettings
The setting for the subdomain.
List<E> autoSubDomainCreationPatterns
Sets the branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
CertificateSettings certificateSettings
The type of SSL/TLS certificate to use for your custom domain. If you don't specify a certificate type, Amplify uses the default certificate that it provisions and manages for you.
DomainAssociation domainAssociation
Describes the structure of a domain association, which associates a custom domain with an Amplify app.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String source
The source pattern for a URL rewrite or redirect rule.
String target
The target pattern for a URL rewrite or redirect rule.
String status
The status code for a URL rewrite or redirect rule.
Represents a 200 rewrite rule.
Represents a 301 (moved permanently) redirect rule. This and all future requests should be directed to the target URL.
Represents a 302 temporary redirect rule.
Represents a 404 redirect rule.
Represents a 404 rewrite rule.
String condition
The condition for a URL rewrite or redirect rule, such as a country code.
String appId
The unique ID for an Amplify app.
App app
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
Branch branch
The branch for an Amplify app, which maps to a third-party repository branch.
DomainAssociation domainAssociation
JobSummary jobSummary
String webhookId
The unique ID for a webhook.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String domainAssociationArn
The Amazon Resource Name (ARN) for the domain association.
String domainName
The name of the domain.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> autoSubDomainCreationPatterns
Sets branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
String domainStatus
The current status of the domain association.
String updateStatus
The status of the domain update operation that is currently in progress. The following list describes the valid update states.
The certificate is in the process of being updated.
Indicates that an Amplify managed certificate is in the process of being verified. This occurs during the creation of a custom domain or when a custom domain is updated to use a managed certificate.
Indicates that an Amplify custom certificate is in the process of being imported. This occurs during the creation of a custom domain or when a custom domain is updated to use a custom certificate.
Indicates that the subdomain or certificate changes are being propagated.
Amplify is waiting for CNAME records corresponding to subdomains to be propagated. If your custom domain is on Route 53, Amplify handles this for you automatically. For more information about custom domains, see Setting up custom domains in the Amplify Hosting User Guide.
The certificate has been associated with a domain.
The certificate has failed to be provisioned or associated, and there is no existing active certificate to roll back to.
String statusReason
Additional information that describes why the domain association is in the current state.
String certificateVerificationDNSRecord
The DNS record for certificate verification.
List<E> subDomains
The subdomains for the domain association.
Certificate certificate
Describes the SSL/TLS certificate for the domain association. This can be your own custom certificate or the default certificate that Amplify provisions for you.
If you are updating your domain to use a different certificate, certificate points to the new
certificate that is being created instead of the current active certificate. Otherwise, certificate
points to the current active certificate.
Date startTime
The time at which the logs should start. The time range specified is inclusive of the start time.
Date endTime
The time at which the logs should end. The time range specified is inclusive of the end time.
String domainName
The name of the domain.
String appId
The unique ID for an Amplify app.
String logUrl
The pre-signed URL for the requested access logs.
String appId
The unique ID for an Amplify app.
App app
String artifactId
The unique ID for an artifact.
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
Branch branch
DomainAssociation domainAssociation
Describes the structure of a domain association, which associates a custom domain with an Amplify app.
Job job
String webhookId
The unique ID for a webhook.
Webhook webhook
Describes the structure of a webhook.
JobSummary summary
Describes the summary for an execution job for an Amplify app.
List<E> steps
The execution steps for an execution job, for an Amplify app.
String jobArn
The Amazon Resource Name (ARN) for the job.
String jobId
The unique ID for the job.
String commitId
The commit ID from a third-party repository provider for the job.
String commitMessage
The commit message from a third-party repository provider for the job.
Date commitTime
The commit date and time for the job.
Date startTime
The start date and time for the job.
String status
The current status for the job.
Date endTime
The end date and time for the job.
String jobType
The type for the job. If the value is RELEASE, the job was manually released from its source by
using the StartJob API. If the value is RETRY, the job was manually retried using the
StartJob API. If the value is WEB_HOOK, the job was automatically triggered by
webhooks.
String appId
The unique ID for an Amplify app.
String branchName
The name of a branch that is part of an Amplify app.
String jobId
The unique ID for a job.
String nextToken
A pagination token. Set to null to start listing artifacts from start. If a non-null pagination token is returned in a result, pass its value in here to list more artifacts.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String environmentName
The name of the backend environment
String nextToken
A pagination token. Set to null to start listing backend environments from the start. If a non-null pagination token is returned in a result, pass its value in here to list more backend environments.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing branches from the start. If a non-null pagination token is returned in a result, pass its value in here to list more branches.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing apps from the start. If non-null, a pagination token is returned in a result. Pass its value in here to list more projects.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String branchName
The name of the branch to use for the request.
String nextToken
A pagination token. Set to null to start listing steps from the start. If a non-null pagination token is returned in a result, pass its value in here to list more steps.
Integer maxResults
The maximum number of records to list in a single response.
String resourceArn
The Amazon Resource Name (ARN) to use to list tags.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing webhooks from the start. If non-null,the pagination token is returned in a result. Pass its value in here to list more webhooks.
Integer maxResults
The maximum number of records to list in a single response.
String code
String appId
The unique ID for an Amplify app.
String branchName
The name of the branch to use for the job.
String jobId
The job ID for this deployment, generated by the create deployment request.
String sourceUrl
The source URL for this deployment, used when calling start deployment without create deployment. The source URL can be any HTTP GET URL that is publicly accessible and downloads a single .zip file.
JobSummary jobSummary
The summary for the job.
String appId
The unique ID for an Amplify app.
String branchName
The name of the branch to use for the job.
String jobId
The unique ID for an existing job. This is required if the value of jobType is RETRY.
String jobType
Describes the type for the job. The job type RELEASE starts a new job with the latest change from
the specified branch. This value is available only for apps that are connected to a repository.
The job type RETRY retries an existing job. If the job type value is RETRY, the
jobId is also required.
String jobReason
A descriptive reason for starting the job.
String commitId
The commit ID from a third-party repository provider for the job.
String commitMessage
The commit message from a third-party repository provider for the job.
Date commitTime
The commit date and time for the job.
JobSummary jobSummary
The summary for the job.
String stepName
The name of the execution step.
Date startTime
The start date and time of the execution step.
String status
The status of the execution step.
Date endTime
The end date and time of the execution step.
String logUrl
The URL to the logs for the execution step.
String artifactsUrl
The URL to the artifact for the execution step.
String testArtifactsUrl
The URL to the test artifact for the execution step.
String testConfigUrl
The URL to the test configuration for the execution step.
Map<K,V> screenshots
The list of screenshot URLs for the execution step, if relevant.
String statusReason
The reason for the current step status.
String context
The context for the current step. Includes a build image if the step is build.
JobSummary jobSummary
The summary for the job.
SubDomainSetting subDomainSetting
Describes the settings for the subdomain.
Boolean verified
The verified status of the subdomain
String dnsRecord
The DNS record for the subdomain.
String appId
The unique ID for an Amplify app.
String name
The name for an Amplify app.
String description
The description for an Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for an Amplify app.
Map<K,V> environmentVariables
The environment variables for an Amplify app.
Boolean enableBranchAutoBuild
Enables branch auto-building for an Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnects a branch in the Amplify console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for an Amplify app.
String basicAuthCredentials
The basic authorization credentials for an Amplify app. You must base64-encode the authorization credentials and
provide them in the format user:password.
List<E> customRules
The custom redirect and rewrite rules for an Amplify app.
String buildSpec
The build specification (build spec) for an Amplify app.
String customHeaders
The custom HTTP headers for an Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for an Amplify app.
List<E> autoBranchCreationPatterns
Describes the automated branch creation glob patterns for an Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
The automated branch creation configuration for an Amplify app.
String repository
The name of the Git repository for an Amplify app.
String oauthToken
The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.
Use oauthToken for repository providers other than GitHub, such as Bitbucket or CodeCommit.
To authorize access to GitHub as your repository provider, use accessToken.
You must specify either oauthToken or accessToken when you update an app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
String accessToken
The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.
Use accessToken for GitHub repositories only. To authorize access to a repository provider such as
Bitbucket or CodeCommit, use oauthToken.
You must specify either accessToken or oauthToken when you update an app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
App app
Represents the updated Amplify app.
String appId
The unique ID for an Amplify app.
String branchName
The name of the branch.
String description
The description for the branch.
String framework
The framework for the branch.
String stage
Describes the current stage for the branch.
Boolean enableNotification
Enables notifications for the branch.
Boolean enableAutoBuild
Enables auto building for the branch.
Map<K,V> environmentVariables
The environment variables for the branch.
String basicAuthCredentials
The basic authorization credentials for the branch. You must base64-encode the authorization credentials and
provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String buildSpec
The build specification (build spec) for the branch.
String ttl
The content Time to Live (TTL) for the website in seconds.
String displayName
The display name for a branch. This is used as the default domain prefix.
Boolean enablePullRequestPreview
Enables pull request previews for this branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of a Gen 1 Amplify app.
This field is available to Amplify Gen 1 apps only where the backend is created using Amplify Studio or the Amplify command line interface (CLI).
Backend backend
The backend for a Branch of an Amplify app. Use for a backend created from an CloudFormation stack.
This field is available to Amplify Gen 2 apps only. When you deploy an application with Amplify Gen 2, you provision the app's backend infrastructure using Typescript code.
Branch branch
The branch for an Amplify app, which maps to a third-party repository branch.
String appId
The unique ID for an Amplify app.
String domainName
The name of the domain.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> subDomainSettings
Describes the settings for the subdomain.
List<E> autoSubDomainCreationPatterns
Sets the branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
CertificateSettings certificateSettings
The type of SSL/TLS certificate to use for your custom domain.
DomainAssociation domainAssociation
Describes a domain association, which associates a custom domain with an Amplify app.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String webhookArn
The Amazon Resource Name (ARN) for the webhook.
String webhookId
The ID of the webhook.
String webhookUrl
The URL of the webhook.
String branchName
The name for a branch that is part of an Amplify app.
String description
The description for a webhook.
Date createTime
The create date and time for a webhook.
Date updateTime
Updates the date and time for a webhook.
String cognitoUserPoolId
The Amazon Cognito user pool ID, if Amazon Cognito was used as an authentication setting to access your data models.
String description
The API key description for API_KEY, if it was used as an authentication mechanism to access your data models.
Double expirationTime
The API key expiration time for API_KEY, if it was used as an authentication mechanism to access your data models.
String openIDAuthTTL
The expiry time for the OpenID authentication mechanism.
String openIDClientId
The clientID for openID, if openID was used as an authentication setting to access your data models.
String openIDIatTTL
The expiry time for the OpenID authentication mechanism.
String openIDIssueURL
The openID issuer URL, if openID was used as an authentication setting to access your data models.
String openIDProviderName
The OpenID provider name, if OpenID was used as an authentication mechanism to access your data models.
String mode
Describes the authentication mode.
BackendAPIAppSyncAuthSettings settings
Describes settings for the authentication mode.
String resolutionStrategy
The strategy for conflict resolution.
List<E> additionalAuthTypes
Additional authentication methods used to interact with your data models.
String apiName
The API name used to interact with the data model, configured as a part of your Amplify project.
BackendAPIConflictResolution conflictResolution
The conflict resolution strategy for your data stored in the data models.
BackendAPIAuthType defaultAuthType
The default authentication type for interacting with the configured data models in your Amplify project.
String service
The service used to provision and interact with the data model.
String transformSchema
The definition of the data model in the annotated transform of the GraphQL schema.
String clientId
Describes the client_id (also called Services ID) that comes from Apple.
String keyId
Describes the key_id that comes from Apple.
String privateKey
Describes the private_key that comes from Apple.
String teamId
Describes the team_id that comes from Apple.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String createTime
The time when the job was created.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String updateTime
The time when the job was last updated.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
The resource configuration for this request.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String deliveryMethod
(DEPRECATED) Describes which mode to use (either SMS or email) to deliver messages to app users who want to recover their password.
EmailSettings emailSettings
(DEPRECATED) The configuration for the email sent when an app user forgets their password.
SmsSettings smsSettings
(DEPRECATED) The configuration for the SMS message sent when an app user forgets their password.
String domainPrefix
The domain prefix for your Amplify app.
String oAuthGrantType
The OAuth grant type that you use to allow app users to authenticate from your Amplify app.
List<E> oAuthScopes
List of OAuth-related flows used to allow your app users to authenticate from your Amplify app.
List<E> redirectSignInURIs
The redirected URI for signing in to your Amplify app.
List<E> redirectSignOutURIs
Redirect URLs that OAuth uses when a user signs out of an Amplify app.
SocialProviderSettings socialProviderSettings
The settings for using social providers to access your Amplify app.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
CreateBackendAuthResourceConfig resourceConfig
The resource configuration for this request object.
String resourceName
The name of this resource.
String authResources
Defines whether you want to configure only authentication or both authentication and authorization settings.
CreateBackendAuthIdentityPoolConfig identityPoolConfigs
Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.
String service
Defines the service name to use when configuring an authentication resource in your Amplify project.
CreateBackendAuthUserPoolConfig userPoolConfigs
Describes authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
CreateBackendAuthForgotPasswordConfig forgotPassword
(DEPRECATED) Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
CreateBackendAuthMFAConfig mfa
Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.
CreateBackendAuthOAuthConfig oAuth
Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.
CreateBackendAuthPasswordPolicyConfig passwordPolicy
Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
List<E> requiredSignUpAttributes
The required attributes to sign up new users in the user pool.
String signInMethod
Describes the sign-in methods that your Amplify app users use to log in using the Amazon Cognito user pool, configured as a part of your Amplify project.
String userPoolName
The Amazon Cognito user pool name.
CreateBackendAuthVerificationMessageConfig verificationMessage
Describes the email or SMS verification message for your Amazon Cognito user pool, configured as a part of your Amplify project.
String deliveryMethod
The type of verification message to send.
EmailSettings emailSettings
The settings for the email message.
SmsSettings smsSettings
The settings for the SMS message.
String appId
The app ID.
String appName
The name of the app.
String backendEnvironmentName
The name of the backend environment.
ResourceConfig resourceConfig
The resource configuration for creating a backend.
String resourceName
The name of the resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
CreateBackendStorageResourceConfig resourceConfig
The resource configuration for creating backend storage.
String resourceName
The name of the storage resource.
String bucketName
The name of the S3 bucket.
BackendStoragePermissions permissions
The authorization configuration for the storage S3 bucket.
String serviceName
The name of the storage service.
String appId
The app ID.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
Defines the resource configuration for the data model in your Amplify project.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
Boolean isSuccess
Indicates whether the request succeeded or failed.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
Defines the resource configuration for the data model in your Amplify project.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
BackendAPIResourceConfig resourceConfig
The resource configuration for this response object.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
CreateBackendAuthResourceConfig resourceConfig
The resource configuration for authorization requests to the backend of your Amplify project.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String createTime
The time when the job was created.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String updateTime
The time when the job was last updated.
String amplifyFeatureFlags
A stringified version of the cli.json file for your Amplify project.
String amplifyMetaConfig
A stringified version of the current configs for your Amplify project.
String appId
The app ID.
String appName
The name of the app.
List<E> backendEnvironmentList
A list of backend environments in an array.
String backendEnvironmentName
The name of the backend environment.
String error
If the request failed, this is the returned error.
String bucketName
The name of the S3 bucket.
Boolean imported
Returns True if the storage resource has been imported.
BackendStoragePermissions permissions
The authorization configuration for the storage S3 bucket.
String serviceName
The name of the storage service.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
GetBackendStorageResourceConfig resourceConfig
The resource configuration for the backend storage resource.
String resourceName
The name of the storage resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String identityPoolId
The ID of the Amazon Cognito identity pool.
String nativeClientId
The ID of the Amazon Cognito native client.
String userPoolId
The ID of the Amazon Cognito user pool.
String webClientId
The ID of the Amazon Cognito web client.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String jobId
The ID for the job.
Integer maxResults
The maximum number of results that you want in the response.
String nextToken
The token for the next set of results.
String operation
Filters the list of response objects to include only those with the specified operation name.
String status
Filters the list of response objects to include only those with the specified status.
String nextToken
Reserved for future use.
String awsCognitoIdentityPoolId
The Amazon Cognito identity pool ID used for the Amplify Admin UI login authorization.
String awsCognitoRegion
The AWS Region for the Amplify Admin UI login.
String awsUserPoolsId
The Amazon Cognito user pool ID used for Amplify Admin UI login authentication.
String awsUserPoolsWebClientId
The web client ID for the Amazon Cognito user pools.
String resourceType
The type of resource that is not found.
String appId
The app ID.
String error
If the request fails, this error is returned.
String smsMessage
The contents of the SMS message.
BackendAuthSocialProviderConfig facebook
BackendAuthSocialProviderConfig google
BackendAuthSocialProviderConfig loginWithAmazon
BackendAuthAppleProviderConfig signInWithApple
String limitType
The type of limit that was exceeded.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
Defines the resource configuration for the data model in your Amplify project.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String deliveryMethod
(DEPRECATED) Describes which mode to use (either SMS or email) to deliver messages to app users that want to recover their password.
EmailSettings emailSettings
(DEPRECATED) The configuration for the email sent when an app user forgets their password.
SmsSettings smsSettings
(DEPRECATED) The configuration for the SMS message sent when an Amplify app user forgets their password.
Boolean unauthenticatedLogin
A boolean value that can be set to allow or disallow guest-level authorization into your Amplify app.
String domainPrefix
The Amazon Cognito domain prefix used to create a hosted UI for authentication.
String oAuthGrantType
The OAuth grant type to allow app users to authenticate from your Amplify app.
List<E> oAuthScopes
The list of OAuth-related flows that can allow users to authenticate from your Amplify app.
List<E> redirectSignInURIs
Redirect URLs that OAuth uses when a user signs in to an Amplify app.
List<E> redirectSignOutURIs
Redirect URLs that OAuth uses when a user signs out of an Amplify app.
SocialProviderSettings socialProviderSettings
Describes third-party social federation configurations for allowing your users to sign in with OAuth.
List<E> additionalConstraints
Describes additional constraints on password requirements to sign in to the auth resource, configured as a part of your Amplify project.
Double minimumLength
Describes the minimum length of the password required to sign in to the auth resource, configured as a part of your Amplify project.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
UpdateBackendAuthResourceConfig resourceConfig
The resource configuration for this request object.
String resourceName
The name of this resource.
String authResources
Defines the service name to use when configuring an authentication resource in your Amplify project.
UpdateBackendAuthIdentityPoolConfig identityPoolConfigs
Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.
String service
Defines the service name to use when configuring an authentication resource in your Amplify project.
UpdateBackendAuthUserPoolConfig userPoolConfigs
Describes the authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
UpdateBackendAuthForgotPasswordConfig forgotPassword
(DEPRECATED) Describes the forgot password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
UpdateBackendAuthMFAConfig mfa
Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.
UpdateBackendAuthOAuthConfig oAuth
Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.
UpdateBackendAuthPasswordPolicyConfig passwordPolicy
Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
UpdateBackendAuthVerificationMessageConfig verificationMessage
Describes the email or SMS verification message for your Amazon Cognito user pool, configured as a part of your Amplify project.
String deliveryMethod
The type of verification message to send.
EmailSettings emailSettings
The settings for the email message.
SmsSettings smsSettings
The settings for the SMS message.
String appId
The app ID.
LoginAuthConfigReqObj loginAuthConfig
Describes the Amazon Cognito configuration for Admin UI access.
String appId
The app ID.
String backendManagerAppId
The app ID for the backend manager.
String error
If the request fails, this error is returned.
LoginAuthConfigReqObj loginAuthConfig
Describes the Amazon Cognito configurations for the Admin UI auth resource to log in with.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String jobId
The ID for the job.
String operation
Filters the list of response objects to include only those with the specified operation name.
String status
Filters the list of response objects to include only those with the specified status.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String createTime
The time when the job was created.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String updateTime
The time when the job was last updated.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
UpdateBackendStorageResourceConfig resourceConfig
The resource configuration for updating backend storage.
String resourceName
The name of the storage resource.
BackendStoragePermissions permissions
The authorization configuration for the storage S3 bucket.
String serviceName
The name of the storage service.
ComponentProperty type
The type of navigation action. Valid values are url and anchor. This value is required
for a navigation action.
ComponentProperty url
The URL to the location to open. Specify this value for a navigation action.
ComponentProperty anchor
The HTML anchor link to the location to open. Specify this value for a navigation action.
ComponentProperty target
The element within the same component to modify when the action occurs.
ComponentProperty global
Specifies whether the user should be signed out globally. Specify this value for an auth sign out action.
String model
The name of the data model. Use when the action performs an operation on an Amplify DataStore model.
ComponentProperty id
The unique ID of the component that the ActionParameters apply to.
Map<K,V> fields
A dictionary of key-value pairs mapping Amplify Studio properties to fields in a data model. Use when the action performs an operation on an Amplify DataStore model.
MutationActionSetStateParameter state
A key-value pair that specifies the state property name and its initial value.
GraphQLRenderConfig graphQLConfig
The configuration for an application using GraphQL APIs.
DataStoreRenderConfig dataStoreConfig
The configuration for an application using DataStore APIs.
NoApiRenderConfig noApiConfig
The configuration for an application with no API being used.
String name
Name of the dependency package.
String supportedVersion
Indicates the version of the supported dependency package.
Boolean isSemVer
Determines if the dependency package is using Semantic versioning. If set to true, it indicates that the dependency package uses Semantic versioning.
String reason
Indicates the reason to include the dependency package in your project code.
String dataType
The data type for the generic data field.
String dataTypeValue
The value of the data type for the generic data field.
Boolean required
Specifies whether the generic data field is required.
Boolean readOnly
Specifies whether the generic data field is read-only.
Boolean isArray
Specifies whether the generic data field is an array.
CodegenGenericDataRelationshipType relationship
The relationship of the generic data schema.
String type
The data relationship type.
String relatedModelName
The name of the related model in the data relationship.
List<E> relatedModelFields
The related model fields in the data relationship.
Boolean canUnlinkAssociatedModel
Specifies whether the relationship can unlink the associated model.
String relatedJoinFieldName
The name of the related join field in the data relationship.
String relatedJoinTableName
The name of the related join table in the data relationship.
String belongsToFieldOnRelatedModel
The value of the belongsTo field on the related data model.
List<E> associatedFields
The associated fields of the data relationship.
Boolean isHasManyIndex
Specifies whether the @index directive is supported for a hasMany data relationship.
String id
The unique ID for the code generation job.
String appId
The ID of the Amplify app associated with the code generation job.
String environmentName
The name of the backend environment associated with the code generation job.
CodegenJobRenderConfig renderConfig
CodegenJobGenericDataSchema genericDataSchema
Boolean autoGenerateForms
Specifies whether to autogenerate forms in the code generation job.
CodegenFeatureFlags features
String status
The status of the code generation job.
String statusMessage
The customized status message for the code generation job.
CodegenJobAsset asset
The CodegenJobAsset to use for the code generation job.
Map<K,V> tags
One or more key-value pairs to use when tagging the code generation job.
Date createdAt
The time that the code generation job was created.
Date modifiedAt
The time that the code generation job was modified.
List<E> dependencies
Lists the dependency packages that may be required for the project code to run.
String downloadUrl
The URL to use to access the asset.
String dataSourceType
The type of the data source for the schema. Currently, the only valid value is an Amplify DataStore.
Map<K,V> models
The name of a CodegenGenericDataModel.
Map<K,V> enums
The name of a CodegenGenericDataEnum.
Map<K,V> nonModels
The name of a CodegenGenericDataNonModel.
ReactStartCodegenJobData react
The name of the ReactStartCodegenJobData object.
String appId
The unique ID of the Amplify app associated with the code generation job.
String environmentName
The name of the backend environment associated with the code generation job.
String id
The unique ID for the code generation job summary.
Date createdAt
The time that the code generation job summary was created.
Date modifiedAt
The time that the code generation job summary was modified.
String appId
The unique ID of the Amplify app associated with the component.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String sourceId
The unique ID of the component in its original source system, such as Figma.
String id
The unique ID of the component.
String name
The name of the component.
String componentType
The type of the component. This can be an Amplify custom UI component or another custom component.
Map<K,V> properties
Describes the component's properties. You can't specify tags as a valid property for
properties.
List<E> children
A list of the component's ComponentChild instances.
List<E> variants
A list of the component's variants. A variant is a unique style configuration of a main component.
Map<K,V> overrides
Describes the component's properties that can be overriden in a customized instance of the component. You can't
specify tags as a valid property for overrides.
Map<K,V> bindingProperties
The information to connect a component's properties to data at runtime. You can't specify tags as a
valid property for bindingProperties.
Map<K,V> collectionProperties
The data binding configuration for the component's properties. Use this for a collection component. You can't
specify tags as a valid property for collectionProperties.
Date createdAt
The time that the component was created.
Date modifiedAt
The time that the component was modified.
Map<K,V> tags
One or more key-value pairs to use when tagging the component.
Map<K,V> events
Describes the events that can be raised on the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.
String schemaVersion
The schema version of the component when it was imported.
String type
The property type.
ComponentBindingPropertiesValueProperties bindingProperties
Describes the properties to customize with data at runtime.
String defaultValue
The default value of the property.
String model
An Amplify DataStore model.
String field
The field to bind the data to.
List<E> predicates
A list of predicates for binding a component's properties to data.
String userAttribute
An authenticated user attribute.
String bucket
An Amazon S3 bucket.
String key
The storage key for an Amazon S3 bucket.
String defaultValue
The default value to assign to the property.
String slotName
The name of a component slot.
String componentType
The type of the child component.
String name
The name of the child component.
Map<K,V> properties
Describes the properties of the child component. You can't specify tags as a valid property for
properties.
List<E> children
The list of ComponentChild instances for this component.
Map<K,V> events
Describes the events that can be raised on the child component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.
String sourceId
The unique ID of the child component in its original source system, such as Figma.
String property
The name of the conditional property.
String field
The name of a field. Specify this when the property is a data model.
String operator
The operator to use to perform the evaluation, such as eq to represent equals.
String operand
The value of the property to evaluate.
ComponentProperty then
The value to assign to the property if the condition is met.
ComponentProperty elseValue
The value to assign to the property if the condition is not met.
String operandType
The type of the property to evaluate.
String model
The name of the data model to use to bind data to a component.
List<E> sort
Describes how to sort the component's properties.
Predicate predicate
Represents the conditional logic to use when binding data to a component. Use this property to retrieve only a subset of the data in a collection.
List<E> identifiers
A list of IDs to use to bind data to a component. Use this property to bind specifically chosen data, rather than data retrieved from a query.
String action
The action to perform when a specific event is raised.
ActionParameters parameters
Describes information about the action.
String bindingEvent
Binds an event to an action on a component. When you specify a bindingEvent, the event is called
when the action is performed.
String value
The value to assign to the component property.
ComponentPropertyBindingProperties bindingProperties
The information to bind the component property to data at runtime.
ComponentPropertyBindingProperties collectionBindingProperties
The information to bind the component property to data at runtime. Use this for collection components.
String defaultValue
The default value to assign to the component property.
String model
The data model to use to assign a value to the component property.
Map<K,V> bindings
The information to bind the component property to form data.
String event
An event that occurs in your app. Use this for workflow data binding.
String userAttribute
An authenticated user attribute to use to assign a value to the component property.
List<E> concat
A list of component properties to concatenate to create the value to assign to this component property.
ComponentConditionProperty condition
The conditional expression to use to assign a value to the component property.
Boolean configured
Specifies whether the user configured the property in Amplify Studio after importing it.
String type
The component type.
String importedValue
The default value assigned to the property when the component is imported into an app.
String componentName
The name of the component that is affected by an event.
String property
The name of the component's property that is affected by an event.
String appId
The unique ID of the Amplify app associated with the component.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String id
The unique ID of the component.
String name
The name of the component.
String componentType
The component type.
Map<K,V> variantValues
The combination of variants that comprise this variant. You can't specify tags as a valid property
for variantValues.
Map<K,V> overrides
The properties of the component variant that can be overriden when customizing an instance of the component. You
can't specify tags as a valid property for overrides.
String name
The name of the component
String sourceId
The unique ID of the component in its original source system, such as Figma.
String componentType
The component type. This can be an Amplify custom UI component or another custom component.
Map<K,V> properties
Describes the component's properties.
List<E> children
A list of child components that are instances of the main component.
List<E> variants
A list of the unique variants of this component.
Map<K,V> overrides
Describes the component properties that can be overriden to customize an instance of the component.
Map<K,V> bindingProperties
The data binding information for the component's properties.
Map<K,V> collectionProperties
The data binding configuration for customizing a component's properties. Use this for a collection component.
Map<K,V> tags
One or more key-value pairs to use when tagging the component data.
Map<K,V> events
The event configuration for the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.
String schemaVersion
The schema version of the component when it was imported.
String appId
The unique ID of the Amplify app to associate with the component.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String clientToken
The unique client token.
CreateComponentData componentToCreate
Represents the configuration of the component to create.
Component entity
Describes the configuration of the new component.
String name
The name of the form.
FormDataTypeConfig dataType
The type of data source to use to create the form.
String formActionType
Specifies whether to perform a create or update action on the form.
Map<K,V> fields
The configuration information for the form's fields.
FormStyle style
The configuration for the form's style.
Map<K,V> sectionalElements
The configuration information for the visual helper elements for the form. These elements are not associated with any data.
String schemaVersion
The schema version of the form.
FormCTA cta
The FormCTA object that stores the call to action configuration for the form.
Map<K,V> tags
One or more key-value pairs to use when tagging the form data.
String labelDecorator
Specifies an icon or decoration to display on the form.
String appId
The unique ID of the Amplify app to associate with the form.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String clientToken
The unique client token.
CreateFormData formToCreate
Represents the configuration of the form to create.
Form entity
Describes the configuration of the new form.
String name
The name of the theme.
List<E> values
A list of key-value pairs that defines the properties of the theme.
List<E> overrides
Describes the properties that can be overriden to customize an instance of the theme.
Map<K,V> tags
One or more key-value pairs to use when tagging the theme data.
String appId
The unique ID of the Amplify app associated with the theme.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String clientToken
The unique client token.
CreateThemeData themeToCreate
Represents the configuration of the theme to create.
Theme entity
Describes the configuration of the new theme.
String provider
The third-party provider for the token. The only valid value is figma.
ExchangeCodeForTokenRequestBody request
Describes the configuration of the request.
String label
The label for the field.
FieldPosition position
Specifies the field position.
Boolean excluded
Specifies whether to hide a field.
FieldInputConfig inputType
Describes the configuration for the default input value to display for a field.
List<E> validations
The validations to perform on the value in the field.
String type
The input type for the field.
Boolean required
Specifies a field that requires input.
Boolean readOnly
Specifies a read only field.
String placeholder
The text to display as a placeholder for the field.
String defaultValue
The default value for the field.
String descriptiveText
The text to display to describe the field.
Boolean defaultChecked
Specifies whether a field has a default value.
String defaultCountryCode
The default country code for a phone number.
ValueMappings valueMappings
The information to use to customize the input fields with data at runtime.
String name
The name of the field.
Float minValue
The minimum value to display for the field.
Float maxValue
The maximum value to display for the field.
Float step
The stepping increment for a numeric value in a field.
String value
The value for the field.
Boolean isArray
Specifies whether to render the field as an array. This property is ignored if the dataSourceType
for the form is a Data Store.
FileUploaderFieldConfig fileUploaderConfig
The configuration for the file uploader field.
String accessLevel
The access level to assign to the uploaded files in the Amazon S3 bucket where they are stored. The valid values
for this property are private, protected, or public. For detailed
information about the permissions associated with each access level, see File access levels in the
Amplify documentation.
List<E> acceptedFileTypes
The file types that are allowed to be uploaded by the file uploader. Provide this information in an array of strings specifying the valid file extensions.
Boolean showThumbnails
Specifies whether to display or hide the image preview after selecting a file for upload. The default value is
true to display the image preview.
Boolean isResumable
Allows the file upload operation to be paused and resumed. The default value is false.
When isResumable is set to true, the file uploader uses a multipart upload to break the
files into chunks before upload. The progress of the upload isn't continuous, because the file uploader uploads a
chunk at a time.
Integer maxFileCount
Specifies the maximum number of files that can be selected to upload. The default value is an unlimited number of files.
Integer maxSize
The maximum file size in bytes that the file uploader will accept. The default value is an unlimited file size.
String appId
The unique ID of the Amplify app associated with the form.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String id
The unique ID of the form.
String name
The name of the form.
String formActionType
The operation to perform on the specified form.
FormStyle style
Stores the configuration for the form's style.
FormDataTypeConfig dataType
The type of data source to use to create the form.
Map<K,V> fields
Stores the information about the form's fields.
Map<K,V> sectionalElements
Stores the visual helper elements for the form that are not associated with any data.
String schemaVersion
The schema version of the form when it was imported.
Map<K,V> tags
One or more key-value pairs to use when tagging the form.
FormCTA cta
Stores the call to action configuration for the form.
String labelDecorator
Specifies an icon or decoration to display on the form.
Boolean excluded
Specifies whether the button is visible on the form.
String children
Describes the button's properties.
FieldPosition position
The position of the button.
String position
The position of the button.
FormButton clear
Displays a clear button.
FormButton cancel
Displays a cancel button.
FormButton submit
Displays a submit button.
String type
The property type.
FormInputBindingPropertiesValueProperties bindingProperties
Describes the properties to customize with data at runtime.
String model
An Amplify DataStore model.
String value
The value to assign to the input field.
FormInputValuePropertyBindingProperties bindingProperties
The information to bind fields to data at runtime.
List<E> concat
A list of form properties to concatenate to create the value to assign to this field property.
FormStyleConfig horizontalGap
The spacing for the horizontal gap.
FormStyleConfig verticalGap
The spacing for the vertical gap.
FormStyleConfig outerPadding
The size of the outer padding for the form.
String appId
The unique ID for the app associated with the form summary.
FormDataTypeConfig dataType
The form's data source type.
String environmentName
The name of the backend environment that is part of the Amplify app.
String formActionType
The type of operation to perform on the form.
String id
The ID of the form.
String name
The name of the form.
CodegenJob job
The configuration settings for the code generation job.
Component component
Represents the configuration settings for the component.
Form form
Represents the configuration settings for the form.
Theme theme
Represents the configuration settings for the theme.
String typesFilePath
The path to the GraphQL types file, relative to the component output directory.
String queriesFilePath
The path to the GraphQL queries file, relative to the component output directory.
String mutationsFilePath
The path to the GraphQL mutations file, relative to the component output directory.
String subscriptionsFilePath
The path to the GraphQL subscriptions file, relative to the component output directory.
String fragmentsFilePath
The path to the GraphQL fragments file, relative to the component output directory.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String nextToken
The token to request the next page of results.
Integer maxResults
The maximum number of jobs to retrieve.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String nextToken
The token to request the next page of results.
Integer maxResults
The maximum number of components to retrieve.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String nextToken
The token to request the next page of results.
Integer maxResults
The maximum number of forms to retrieve.
String resourceArn
The Amazon Resource Name (ARN) to use to list tags.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String nextToken
The token to request the next page of results.
Integer maxResults
The maximum number of theme results to return in the response.
String componentName
The name of the component that is being modified.
String property
The name of the component property to apply the state configuration to.
ComponentProperty set
The state configuration to assign to the property.
List<E> or
A list of predicates to combine logically.
List<E> and
A list of predicates to combine logically.
String field
The field to query.
String operator
The operator to use to perform the evaluation.
String operand
The value to use when performing the evaluation.
String operandType
The type of value to use when performing the evaluation.
String newValue
The new information to store.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is part of the Amplify app.
String featureName
The name of the feature associated with the metadata.
PutMetadataFlagBody body
The metadata information to store.
String module
The JavaScript module type.
String target
The ECMAScript specification to use.
String script
The file type to use for a JavaScript project.
Boolean renderTypeDeclarations
Specifies whether the code generation job should render type declaration files.
Boolean inlineSourceMap
Specifies whether the code generation job should render inline source maps.
ApiConfiguration apiConfiguration
The API configuration for the code generation job.
Map<K,V> dependencies
Lists the dependency packages that may be required for the project code to run.
String provider
The third-party provider for the token. The only valid value is figma.
RefreshTokenRequestBody refreshTokenBody
Information about the refresh token request.
String type
The type of sectional element. Valid values are Heading, Text, and Divider
.
FieldPosition position
Specifies the position of the text in a field for a Text sectional element.
String text
The text for a Text sectional element.
Integer level
Specifies the size of the font for a Heading sectional element. Valid values are
1 | 2 | 3 | 4 | 5 | 6.
String orientation
Specifies the orientation for a Divider sectional element. Valid values are horizontal
or vertical.
Boolean excluded
Excludes a sectional element that was generated by default for a specified data model.
CodegenJobRenderConfig renderConfig
The code generation configuration for the codegen job.
CodegenJobGenericDataSchema genericDataSchema
The data schema to use for a code generation job.
Boolean autoGenerateForms
Specifies whether to autogenerate forms in the code generation job.
CodegenFeatureFlags features
The feature flags for a code generation job.
Map<K,V> tags
One or more key-value pairs to use when tagging the code generation job data.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String clientToken
The idempotency token used to ensure that the code generation job request completes only once.
StartCodegenJobData codegenJobToCreate
The code generation job resource configuration.
CodegenJob entity
The code generation job for a UI component that is associated with an Amplify app.
String appId
The unique ID for the Amplify app associated with the theme.
String environmentName
The name of the backend environment that is a part of the Amplify app.
String id
The ID for the theme.
String name
The name of the theme.
Date createdAt
The time that the theme was created.
Date modifiedAt
The time that the theme was modified.
List<E> values
A list of key-value pairs that defines the properties of the theme.
List<E> overrides
Describes the properties that can be overriden to customize a theme.
Map<K,V> tags
One or more key-value pairs to use when tagging the theme.
String key
The name of the property.
ThemeValue value
The value of the property.
String id
The unique ID of the component to update.
String name
The name of the component to update.
String sourceId
The unique ID of the component in its original source system, such as Figma.
String componentType
The type of the component. This can be an Amplify custom UI component or another custom component.
Map<K,V> properties
Describes the component's properties.
List<E> children
The components that are instances of the main component.
List<E> variants
A list of the unique variants of the main component being updated.
Map<K,V> overrides
Describes the properties that can be overriden to customize the component.
Map<K,V> bindingProperties
The data binding information for the component's properties.
Map<K,V> collectionProperties
The configuration for binding a component's properties to a data model. Use this for a collection component.
Map<K,V> events
The event configuration for the component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components.
String schemaVersion
The schema version of the component when it was imported.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is part of the Amplify app.
String id
The unique ID for the component.
String clientToken
The unique client token.
UpdateComponentData updatedComponent
The configuration of the updated component.
Component entity
Describes the configuration of the updated component.
String name
The name of the form.
FormDataTypeConfig dataType
The type of data source to use to create the form.
String formActionType
Specifies whether to perform a create or update action on the form.
Map<K,V> fields
The configuration information for the form's fields.
FormStyle style
The configuration for the form's style.
Map<K,V> sectionalElements
The configuration information for the visual helper elements for the form. These elements are not associated with any data.
String schemaVersion
The schema version of the form.
FormCTA cta
The FormCTA object that stores the call to action configuration for the form.
String labelDecorator
Specifies an icon or decoration to display on the form.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is part of the Amplify app.
String id
The unique ID for the form.
String clientToken
The unique client token.
UpdateFormData updatedForm
The request accepts the following data in JSON format.
Form entity
Describes the configuration of the updated form.
String appId
The unique ID for the Amplify app.
String environmentName
The name of the backend environment that is part of the Amplify app.
String id
The unique ID for the theme.
String clientToken
The unique client token.
UpdateThemeData updatedTheme
The configuration of the updated theme.
Theme entity
Describes the configuration of the updated theme.
FormInputValueProperty displayValue
The value to display for the complex object.
FormInputValueProperty value
The complex object.
String format
A single line format of the access logs of data, as specified by selected $context variables. The format must
include at least $context.requestId.
String destinationArn
The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to
receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with
amazon-apigateway-.
String id
The identifier of the API Key.
String value
The value of the API Key.
String name
The name of the API Key.
String customerId
An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.
String description
The description of the API Key.
Boolean enabled
Specifies whether the API Key can be used by callers.
Date createdDate
The timestamp when the API Key was created.
Date lastUpdatedDate
The timestamp when the API Key was last updated.
List<E> stageKeys
A list of Stage resources that are associated with the ApiKey resource.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String id
The identifier for the authorizer resource.
String name
The name of the authorizer.
String type
The authorizer type. Valid values are TOKEN for a Lambda function using a single authorization token
submitted in a custom header, REQUEST for a Lambda function using incoming request parameters, and
COGNITO_USER_POOLS for using an Amazon Cognito user pool.
List<E> providerARNs
A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
TOKEN or REQUEST authorizer, this is not defined.
String authType
Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
String authorizerUri
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
authorizers, this must be a well-formed Lambda function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
. In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
{region} is the same as the region hosting the Lambda function, path indicates that the
remaining substring in the URI should be treated as the path to the resource, including the initial
/. For Lambda functions, this is usually of the form
/2015-03-31/functions/[FunctionARN]/invocations.
String authorizerCredentials
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
String identitySource
The identity source for which authorization is requested. For a TOKEN or
COGNITO_USER_POOLS authorizer, this is required and specifies the request header mapping expression
for the custom header holding the authorization token submitted by the client. For example, if the token header
name is Auth, the header mapping expression is method.request.header.Auth. For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is a
comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an
Auth header, a Name query string parameter are defined as identity sources, this value
is method.request.header.Auth, method.request.querystring.Name. These parameters will
be used to derive the authorization caching key and to perform runtime validation of the REQUEST
authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only
when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401
Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping
expressions of the specified request parameters. When the authorization caching is not enabled, this property is
optional.
String identityValidationExpression
A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
field of the incoming token from the client against the specified regular expression. It will invoke the
authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
Integer authorizerResultTtlInSeconds
The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
Double percentTraffic
The percent (0-100) of traffic diverted to a canary deployment.
String deploymentId
The ID of the canary deployment.
Map<K,V> stageVariableOverrides
Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values.
Boolean useStageCache
A Boolean flag to indicate whether the canary deployment uses the stage cache or not.
String clientCertificateId
The identifier of the client certificate.
String description
The description of the client certificate.
String pemEncodedCertificate
The PEM-encoded public key of the client certificate, which can be used to configure certificate authentication in the integration endpoint .
Date createdDate
The timestamp when the client certificate was created.
Date expirationDate
The timestamp when the client certificate will expire.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String name
The name of the ApiKey.
String description
The description of the ApiKey.
Boolean enabled
Specifies whether the ApiKey can be used by callers.
Boolean generateDistinctId
Specifies whether (true) or not (false) the key identifier is distinct from the created
API key value. This parameter is deprecated and should not be used.
String value
Specifies a value of the API key.
List<E> stageKeys
DEPRECATED FOR USAGE PLANS - Specifies stages associated with the API key.
String customerId
An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
String id
The identifier of the API Key.
String value
The value of the API Key.
String name
The name of the API Key.
String customerId
An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.
String description
The description of the API Key.
Boolean enabled
Specifies whether the API Key can be used by callers.
Date createdDate
The timestamp when the API Key was created.
Date lastUpdatedDate
The timestamp when the API Key was last updated.
List<E> stageKeys
A list of Stage resources that are associated with the ApiKey resource.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String restApiId
The string identifier of the associated RestApi.
String name
The name of the authorizer.
String type
The authorizer type. Valid values are TOKEN for a Lambda function using a single authorization token
submitted in a custom header, REQUEST for a Lambda function using incoming request parameters, and
COGNITO_USER_POOLS for using an Amazon Cognito user pool.
List<E> providerARNs
A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
TOKEN or REQUEST authorizer, this is not defined.
String authType
Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
String authorizerUri
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
authorizers, this must be a well-formed Lambda function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
. In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
{region} is the same as the region hosting the Lambda function, path indicates that the
remaining substring in the URI should be treated as the path to the resource, including the initial
/. For Lambda functions, this is usually of the form
/2015-03-31/functions/[FunctionARN]/invocations.
String authorizerCredentials
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
String identitySource
The identity source for which authorization is requested. For a TOKEN or
COGNITO_USER_POOLS authorizer, this is required and specifies the request header mapping expression
for the custom header holding the authorization token submitted by the client. For example, if the token header
name is Auth, the header mapping expression is method.request.header.Auth. For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is a
comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an
Auth header, a Name query string parameter are defined as identity sources, this value
is method.request.header.Auth, method.request.querystring.Name. These parameters will be used to
derive the authorization caching key and to perform runtime validation of the REQUEST authorizer by
verifying all of the identity-related request parameters are present, not null and non-empty. Only when this is
true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401 Unauthorized response
without calling the Lambda function. The valid value is a string of comma-separated mapping expressions of the
specified request parameters. When the authorization caching is not enabled, this property is optional.
String identityValidationExpression
A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
field of the incoming token from the client against the specified regular expression. It will invoke the
authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
Integer authorizerResultTtlInSeconds
The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
String id
The identifier for the authorizer resource.
String name
The name of the authorizer.
String type
The authorizer type. Valid values are TOKEN for a Lambda function using a single authorization token
submitted in a custom header, REQUEST for a Lambda function using incoming request parameters, and
COGNITO_USER_POOLS for using an Amazon Cognito user pool.
List<E> providerARNs
A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
TOKEN or REQUEST authorizer, this is not defined.
String authType
Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
String authorizerUri
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
authorizers, this must be a well-formed Lambda function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
. In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
{region} is the same as the region hosting the Lambda function, path indicates that the
remaining substring in the URI should be treated as the path to the resource, including the initial
/. For Lambda functions, this is usually of the form
/2015-03-31/functions/[FunctionARN]/invocations.
String authorizerCredentials
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
String identitySource
The identity source for which authorization is requested. For a TOKEN or
COGNITO_USER_POOLS authorizer, this is required and specifies the request header mapping expression
for the custom header holding the authorization token submitted by the client. For example, if the token header
name is Auth, the header mapping expression is method.request.header.Auth. For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is a
comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an
Auth header, a Name query string parameter are defined as identity sources, this value
is method.request.header.Auth, method.request.querystring.Name. These parameters will
be used to derive the authorization caching key and to perform runtime validation of the REQUEST
authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only
when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401
Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping
expressions of the specified request parameters. When the authorization caching is not enabled, this property is
optional.
String identityValidationExpression
A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
field of the incoming token from the client against the specified regular expression. It will invoke the
authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
Integer authorizerResultTtlInSeconds
The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
String domainName
The domain name of the BasePathMapping resource to create.
String basePath
The base path name that callers of the API must provide as part of the URL after the domain name. This value must be unique for all of the mappings across a single API. Specify '(none)' if you do not want callers to specify a base path name after the domain name.
String restApiId
The string identifier of the associated RestApi.
String stage
The name of the API's stage that you want to use for this mapping. Specify '(none)' if you want callers to explicitly specify the stage name after any base path name.
String restApiId
The string identifier of the associated RestApi.
String stageName
The name of the Stage resource for the Deployment resource to create.
String stageDescription
The description of the Stage resource for the Deployment resource to create.
String description
The description for the Deployment resource to create.
Boolean cacheClusterEnabled
Enables a cache cluster for the Stage resource specified in the input.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
Map<K,V> variables
A map that defines the stage variables for the Stage resource that is associated with the new deployment.
Variable names can have alphanumeric and underscore characters, and the values must match
[A-Za-z0-9-._~:/?#&=,]+.
DeploymentCanarySettings canarySettings
The input configuration for the canary deployment when the deployment is a canary release deployment.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
String id
The identifier for the deployment resource.
String description
The description for the deployment resource.
Date createdDate
The date and time that the deployment resource was created.
Map<K,V> apiSummary
A summary of the RestApi at the date and time that the deployment resource was created.
String restApiId
The string identifier of the associated RestApi.
DocumentationPartLocation location
The location of the targeted API entity of the to-be-created documentation part.
String properties
The new documentation content map of the targeted API entity. Enclosed key-value pairs are API-specific, but only OpenAPI-compliant key-value pairs can be exported and, hence, published.
String id
The DocumentationPart identifier, generated by API Gateway when the DocumentationPart is created.
DocumentationPartLocation location
The location of the API entity to which the documentation applies. Valid fields depend on the targeted API entity type. All the valid location fields are not required. If not explicitly specified, a valid location field is treated as a wildcard and associated documentation content may be inherited by matching entities, unless overridden.
String properties
A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a
JSON string, e.g., "{ \"description\": \"The API does ...\" }". Only OpenAPI-compliant
documentation-related fields from the properties map are exported and, hence, published as part of the API entity
definitions, while the original documentation parts are exported in a OpenAPI extension of
x-amazon-apigateway-documentation.
String restApiId
The string identifier of the associated RestApi.
String documentationVersion
The version identifier of the new snapshot.
String stageName
The stage name to be associated with the new documentation snapshot.
String description
A description about the new documentation snapshot.
String domainName
The name of the DomainName resource.
String certificateName
The user-friendly name of the certificate that will be used by edge-optimized endpoint for this domain name.
String certificateBody
[Deprecated] The body of the server certificate that will be used by edge-optimized endpoint for this domain name provided by your certificate authority.
String certificatePrivateKey
[Deprecated] Your edge-optimized endpoint's domain name certificate's private key.
String certificateChain
[Deprecated] The intermediate certificates and optionally the root certificate, one after the other without any blank lines, used by an edge-optimized endpoint for this domain name. If you include the root certificate, your certificate chain must start with intermediate certificates and end with the root certificate. Use the intermediate certificates that were provided by your certificate authority. Do not include any intermediaries that are not in the chain of trust path.
String certificateArn
The reference to an Amazon Web Services-managed certificate that will be used by edge-optimized endpoint for this domain name. Certificate Manager is the only supported source.
String regionalCertificateName
The user-friendly name of the certificate that will be used by regional endpoint for this domain name.
String regionalCertificateArn
The reference to an Amazon Web Services-managed certificate that will be used by regional endpoint for this domain name. Certificate Manager is the only supported source.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this DomainName showing the endpoint types of the domain name.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
String securityPolicy
The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are
TLS_1_0 and TLS_1_2.
MutualTlsAuthenticationInput mutualTlsAuthentication
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn.
String domainName
The custom domain name as an API host name, for example, my-api.example.com.
String certificateName
The name of the certificate that will be used by edge-optimized endpoint for this domain name.
String certificateArn
The reference to an Amazon Web Services-managed certificate that will be used by edge-optimized endpoint for this domain name. Certificate Manager is the only supported source.
Date certificateUploadDate
The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.
String regionalDomainName
The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name. The regional domain name is returned by API Gateway when you create a regional endpoint.
String regionalHostedZoneId
The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint. For more information, see Set up a Regional Custom Domain Name and AWS Regions and Endpoints for API Gateway.
String regionalCertificateName
The name of the certificate that will be used for validating the regional domain name.
String regionalCertificateArn
The reference to an Amazon Web Services-managed certificate that will be used for validating the regional domain name. Certificate Manager is the only supported source.
String distributionDomainName
The domain name of the Amazon CloudFront distribution associated with this custom domain name for an edge-optimized endpoint. You set up this association when adding a DNS record pointing the custom domain name to this distribution name. For more information about CloudFront distributions, see the Amazon CloudFront documentation.
String distributionHostedZoneId
The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized endpoint. The valid value is
Z2FDTNDATAQYW2 for all the regions. For more information, see Set up a Regional Custom Domain Name
and AWS Regions and Endpoints for API Gateway.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this DomainName showing the endpoint types of the domain name.
String domainNameStatus
The status of the DomainName migration. The valid values are AVAILABLE and UPDATING. If
the status is UPDATING, the domain cannot be modified further until the existing operation is
complete. If it is AVAILABLE, the domain can be updated.
String domainNameStatusMessage
An optional text message containing detailed information about status of the DomainName migration.
String securityPolicy
The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are
TLS_1_0 and TLS_1_2.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn.
String restApiId
The RestApi identifier under which the Model will be created.
String name
The name of the model. Must be alphanumeric.
String description
The description of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model. The
maximum size of the model is 400 KB.
String contentType
The content-type for the model.
String id
The identifier for the model resource.
String name
The name of the model. Must be an alphanumeric string.
String description
The description of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model. Do
not include "\*/" characters in the description of any properties because such "\*/" characters may be
interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the
installation of your API's SDK generated by API Gateway to fail.
String contentType
The content-type for the model.
String restApiId
The string identifier of the associated RestApi.
String name
The name of the to-be-created RequestValidator.
Boolean validateRequestBody
A Boolean flag to indicate whether to validate request body according to the configured model schema for the
method (true) or not (false).
Boolean validateRequestParameters
A Boolean flag to indicate whether to validate request parameters, true, or not false.
String id
The identifier of this RequestValidator.
String name
The name of this RequestValidator
Boolean validateRequestBody
A Boolean flag to indicate whether to validate a request body according to the configured Model schema.
Boolean validateRequestParameters
A Boolean flag to indicate whether to validate request parameters (true) or not (false
).
String id
The resource's identifier.
String parentId
The parent resource's identifier.
String pathPart
The last path segment for this resource.
String path
The full path for this resource.
Map<K,V> resourceMethods
Gets an API resource's method of a given HTTP verb.
String name
The name of the RestApi.
String description
The description of the RestApi.
String version
A version identifier for the API.
String cloneFrom
The ID of the RestApi that you want to clone from.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: HEADER
to read the API key from the X-API-Key header of a request. AUTHORIZER to read the API
key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
String restApiId
The string identifier of the associated RestApi.
String stageName
The name for the Stage resource. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.
String deploymentId
The identifier of the Deployment resource for the Stage resource.
String description
The description of the Stage resource.
Boolean cacheClusterEnabled
Whether cache clustering is enabled for the stage.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
Map<K,V> variables
A map that defines the stage variables for the new Stage resource. Variable names can have alphanumeric and
underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
String documentationVersion
The version of the associated API documentation.
CanarySettings canarySettings
The canary deployment settings of this stage.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
String deploymentId
The identifier of the Deployment that the stage points to.
String clientCertificateId
The identifier of a client certificate for an API stage.
String stageName
The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.
String description
The stage's description.
Boolean cacheClusterEnabled
Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set
CachingEnabled to true for a method.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
String cacheClusterStatus
The status of the cache cluster for the stage, if enabled.
Map<K,V> methodSettings
A map that defines the method settings for a Stage resource. Keys (designated as
/{method_setting_key below) are method paths defined as {resource_path}/{http_method}
for an individual method override, or /\*/\* for overriding all methods in the stage.
Map<K,V> variables
A map that defines the stage variables for a Stage resource. Variable names can have alphanumeric and underscore
characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
String documentationVersion
The version of the associated API documentation.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
CanarySettings canarySettings
Settings for the canary deployment in this stage.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
String webAclArn
The ARN of the WebAcl associated with the Stage.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the stage was created.
Date lastUpdatedDate
The timestamp when the stage last updated.
String usagePlanId
The Id of the UsagePlan resource representing the usage plan containing the to-be-created UsagePlanKey resource representing a plan customer.
String keyId
The identifier of a UsagePlanKey resource for a plan customer.
String keyType
The type of a UsagePlanKey resource for a plan customer.
String name
The name of the usage plan.
String description
The description of the usage plan.
List<E> apiStages
The associated API stages of the usage plan.
ThrottleSettings throttle
The throttling limits of the usage plan.
QuotaSettings quota
The quota of the usage plan.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
String id
The identifier of a UsagePlan resource.
String name
The name of a usage plan.
String description
The description of a usage plan.
List<E> apiStages
The associated API stages of a usage plan.
ThrottleSettings throttle
A map containing method level throttling information for API stage in a usage plan.
QuotaSettings quota
The target maximum number of permitted requests per a given unit time interval.
String productCode
The Amazon Web Services Marketplace product identifier to associate with the usage plan as a SaaS product on the Amazon Web Services Marketplace.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String name
The name used to label and identify the VPC link.
String description
The description of the VPC link.
List<E> targetArns
The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same Amazon Web Services account of the API owner.
Map<K,V> tags
The key-value map of strings. The valid character set is [a-zA-Z+-=._:/]. The tag key can be up to 128 characters
and must not start with aws:. The tag value can be up to 256 characters.
String id
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String name
The name used to label and identify the VPC link.
String description
The description of the VPC link.
List<E> targetArns
The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same Amazon Web Services account of the API owner.
String status
The status of the VPC link. The valid values are AVAILABLE, PENDING,
DELETING, or FAILED. Deploying an API will wait if the status is PENDING
and will fail if the status is DELETING.
String statusMessage
A description about the VPC link status.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String apiKey
The identifier of the ApiKey resource to be deleted.
String clientCertificateId
The identifier of the ClientCertificate resource to be deleted.
String domainName
The name of the DomainName resource to be deleted.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies a delete integration response request's resource identifier.
String httpMethod
Specifies a delete integration response request's HTTP method.
String statusCode
Specifies a delete integration response request's status code.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the MethodResponse resource.
String httpMethod
The HTTP verb of the Method resource.
String statusCode
The status code identifier for the MethodResponse resource.
String restApiId
The string identifier of the associated RestApi.
String usagePlanId
The Id of the to-be-deleted usage plan.
String vpcLinkId
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String id
The identifier for the deployment resource.
String description
The description for the deployment resource.
Date createdDate
The date and time that the deployment resource was created.
Map<K,V> apiSummary
A summary of the RestApi at the date and time that the deployment resource was created.
Double percentTraffic
The percentage (0.0-100.0) of traffic routed to the canary deployment.
Map<K,V> stageVariableOverrides
A stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values.
Boolean useStageCache
A Boolean flag to indicate whether the canary release deployment uses the stage cache or not.
String id
The DocumentationPart identifier, generated by API Gateway when the DocumentationPart is created.
DocumentationPartLocation location
The location of the API entity to which the documentation applies. Valid fields depend on the targeted API entity type. All the valid location fields are not required. If not explicitly specified, a valid location field is treated as a wildcard and associated documentation content may be inherited by matching entities, unless overridden.
String properties
A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a
JSON string, e.g., "{ \"description\": \"The API does ...\" }". Only OpenAPI-compliant
documentation-related fields from the properties map are exported and, hence, published as part of the API entity
definitions, while the original documentation parts are exported in a OpenAPI extension of
x-amazon-apigateway-documentation.
String type
The type of API entity to which the documentation content applies. Valid values are API,
AUTHORIZER, MODEL, RESOURCE, METHOD,
PATH_PARAMETER, QUERY_PARAMETER, REQUEST_HEADER, REQUEST_BODY, RESPONSE, RESPONSE_HEADER, and RESPONSE_BODY. Content inheritance does
not apply to any entity of the API, AUTHORIZER, METHOD, MODEL, REQUEST_BODY, or RESOURCE type.
String path
The URL path of the target. It is a valid field for the API entity types of RESOURCE,
METHOD, PATH_PARAMETER, QUERY_PARAMETER, REQUEST_HEADER,
REQUEST_BODY, RESPONSE, RESPONSE_HEADER, and RESPONSE_BODY.
The default value is / for the root resource. When an applicable child entity inherits the content
of another entity of the same type with more general specifications of the other location
attributes, the child entity's path attribute must match that of the parent entity as a prefix.
String method
The HTTP verb of a method. It is a valid field for the API entity types of METHOD,
PATH_PARAMETER, QUERY_PARAMETER, REQUEST_HEADER, REQUEST_BODY, RESPONSE, RESPONSE_HEADER, and RESPONSE_BODY. The default value is
* for any method. When an applicable child entity inherits the content of an entity of the same type
with more general specifications of the other location attributes, the child entity's
method attribute must match that of the parent entity exactly.
String statusCode
The HTTP status code of a response. It is a valid field for the API entity types of RESPONSE,
RESPONSE_HEADER, and RESPONSE_BODY. The default value is * for any status
code. When an applicable child entity inherits the content of an entity of the same type with more general
specifications of the other location attributes, the child entity's statusCode
attribute must match that of the parent entity exactly.
String name
The name of the targeted API entity. It is a valid and required field for the API entity types of
AUTHORIZER, MODEL, PATH_PARAMETER, QUERY_PARAMETER,
REQUEST_HEADER, REQUEST_BODY and RESPONSE_HEADER. It is an invalid field
for any other entity type.
String domainName
The custom domain name as an API host name, for example, my-api.example.com.
String certificateName
The name of the certificate that will be used by edge-optimized endpoint for this domain name.
String certificateArn
The reference to an Amazon Web Services-managed certificate that will be used by edge-optimized endpoint for this domain name. Certificate Manager is the only supported source.
Date certificateUploadDate
The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.
String regionalDomainName
The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name. The regional domain name is returned by API Gateway when you create a regional endpoint.
String regionalHostedZoneId
The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint. For more information, see Set up a Regional Custom Domain Name and AWS Regions and Endpoints for API Gateway.
String regionalCertificateName
The name of the certificate that will be used for validating the regional domain name.
String regionalCertificateArn
The reference to an Amazon Web Services-managed certificate that will be used for validating the regional domain name. Certificate Manager is the only supported source.
String distributionDomainName
The domain name of the Amazon CloudFront distribution associated with this custom domain name for an edge-optimized endpoint. You set up this association when adding a DNS record pointing the custom domain name to this distribution name. For more information about CloudFront distributions, see the Amazon CloudFront documentation.
String distributionHostedZoneId
The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized endpoint. The valid value is
Z2FDTNDATAQYW2 for all the regions. For more information, see Set up a Regional Custom Domain Name
and AWS Regions and Endpoints for API Gateway.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this DomainName showing the endpoint types of the domain name.
String domainNameStatus
The status of the DomainName migration. The valid values are AVAILABLE and UPDATING. If
the status is UPDATING, the domain cannot be modified further until the existing operation is
complete. If it is AVAILABLE, the domain can be updated.
String domainNameStatusMessage
An optional text message containing detailed information about status of the DomainName migration.
String securityPolicy
The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are
TLS_1_0 and TLS_1_2.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn.
List<E> types
A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API
and its custom domain name, the endpoint type is "EDGE". For a regional API and its custom domain
name, the endpoint type is REGIONAL. For a private API, the endpoint type is PRIVATE.
List<E> vpcEndpointIds
A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for
PRIVATE endpoint type.
String responseType
The response type of the associated GatewayResponse.
String statusCode
The HTTP status code for this GatewayResponse.
Map<K,V> responseParameters
Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.
Map<K,V> responseTemplates
Response templates of the GatewayResponse as a string-to-string map of key-value pairs.
Boolean defaultResponse
A Boolean flag to indicate whether this GatewayResponse is the default gateway response (true) or
not (false). A default gateway response is one generated by API Gateway without any customization by
an API developer.
String clientCertificateId
The identifier of the client certificate.
String description
The description of the client certificate.
String pemEncodedCertificate
The PEM-encoded public key of the client certificate, which can be used to configure certificate authentication in the integration endpoint .
Date createdDate
The timestamp when the client certificate was created.
Date expirationDate
The timestamp when the client certificate will expire.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String cloudwatchRoleArn
The ARN of an Amazon CloudWatch role for the current Account.
ThrottleSettings throttleSettings
Specifies the API request limits configured for the current Account.
List<E> features
A list of features supported for the account. When usage plans are enabled, the features list will include an
entry of "UsagePlans".
String apiKeyVersion
The version of the API keys used for the account.
String id
The identifier of the API Key.
String value
The value of the API Key.
String name
The name of the API Key.
String customerId
An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.
String description
The description of the API Key.
Boolean enabled
Specifies whether the API Key can be used by callers.
Date createdDate
The timestamp when the API Key was created.
Date lastUpdatedDate
The timestamp when the API Key was last updated.
List<E> stageKeys
A list of Stage resources that are associated with the ApiKey resource.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String position
The current pagination position in the paged result set.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
String nameQuery
The name of queried API keys.
String customerId
The identifier of a customer in Amazon Web Services Marketplace or an external system, such as a developer portal.
Boolean includeValues
A boolean flag to specify whether (true) or not (false) the result contains key values.
String id
The identifier for the authorizer resource.
String name
The name of the authorizer.
String type
The authorizer type. Valid values are TOKEN for a Lambda function using a single authorization token
submitted in a custom header, REQUEST for a Lambda function using incoming request parameters, and
COGNITO_USER_POOLS for using an Amazon Cognito user pool.
List<E> providerARNs
A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
TOKEN or REQUEST authorizer, this is not defined.
String authType
Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
String authorizerUri
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
authorizers, this must be a well-formed Lambda function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
. In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
{region} is the same as the region hosting the Lambda function, path indicates that the
remaining substring in the URI should be treated as the path to the resource, including the initial
/. For Lambda functions, this is usually of the form
/2015-03-31/functions/[FunctionARN]/invocations.
String authorizerCredentials
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
String identitySource
The identity source for which authorization is requested. For a TOKEN or
COGNITO_USER_POOLS authorizer, this is required and specifies the request header mapping expression
for the custom header holding the authorization token submitted by the client. For example, if the token header
name is Auth, the header mapping expression is method.request.header.Auth. For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is a
comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an
Auth header, a Name query string parameter are defined as identity sources, this value
is method.request.header.Auth, method.request.querystring.Name. These parameters will
be used to derive the authorization caching key and to perform runtime validation of the REQUEST
authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only
when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401
Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping
expressions of the specified request parameters. When the authorization caching is not enabled, this property is
optional.
String identityValidationExpression
A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
field of the incoming token from the client against the specified regular expression. It will invoke the
authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
Integer authorizerResultTtlInSeconds
The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
String domainName
The domain name of the BasePathMapping resource to be described.
String basePath
The base path name that callers of the API must provide as part of the URL after the domain name. This value must be unique for all of the mappings across a single API. Specify '(none)' if you do not want callers to specify any base path name after the domain name.
String clientCertificateId
The identifier of the ClientCertificate resource to be described.
String clientCertificateId
The identifier of the client certificate.
String description
The description of the client certificate.
String pemEncodedCertificate
The PEM-encoded public key of the client certificate, which can be used to configure certificate authentication in the integration endpoint .
Date createdDate
The timestamp when the client certificate was created.
Date expirationDate
The timestamp when the client certificate will expire.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String restApiId
The string identifier of the associated RestApi.
String deploymentId
The identifier of the Deployment resource to get information about.
List<E> embed
A query parameter to retrieve the specified embedded resources of the returned Deployment resource in the
response. In a REST API call, this embed parameter value is a list of comma-separated strings, as in
GET /restapis/{restapi_id}/deployments/{deployment_id}?embed=var1,var2. The SDK and other
platform-dependent libraries might use a different format for the list. Currently, this request supports only
retrieval of the embedded API summary this way. Hence, the parameter value must be a single-valued list
containing only the "apisummary" string. For example,
GET /restapis/{restapi_id}/deployments/{deployment_id}?embed=apisummary.
String id
The identifier for the deployment resource.
String description
The description for the deployment resource.
Date createdDate
The date and time that the deployment resource was created.
Map<K,V> apiSummary
A summary of the RestApi at the date and time that the deployment resource was created.
String id
The DocumentationPart identifier, generated by API Gateway when the DocumentationPart is created.
DocumentationPartLocation location
The location of the API entity to which the documentation applies. Valid fields depend on the targeted API entity type. All the valid location fields are not required. If not explicitly specified, a valid location field is treated as a wildcard and associated documentation content may be inherited by matching entities, unless overridden.
String properties
A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a
JSON string, e.g., "{ \"description\": \"The API does ...\" }". Only OpenAPI-compliant
documentation-related fields from the properties map are exported and, hence, published as part of the API entity
definitions, while the original documentation parts are exported in a OpenAPI extension of
x-amazon-apigateway-documentation.
String restApiId
The string identifier of the associated RestApi.
String type
The type of API entities of the to-be-retrieved documentation parts.
String nameQuery
The name of API entities of the to-be-retrieved documentation parts.
String path
The path of API entities of the to-be-retrieved documentation parts.
String position
The current pagination position in the paged result set.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
String locationStatus
The status of the API documentation parts to retrieve. Valid values are DOCUMENTED for retrieving
DocumentationPart resources with content and UNDOCUMENTED for DocumentationPart resources without
content.
String domainName
The name of the DomainName resource.
String domainName
The custom domain name as an API host name, for example, my-api.example.com.
String certificateName
The name of the certificate that will be used by edge-optimized endpoint for this domain name.
String certificateArn
The reference to an Amazon Web Services-managed certificate that will be used by edge-optimized endpoint for this domain name. Certificate Manager is the only supported source.
Date certificateUploadDate
The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.
String regionalDomainName
The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name. The regional domain name is returned by API Gateway when you create a regional endpoint.
String regionalHostedZoneId
The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint. For more information, see Set up a Regional Custom Domain Name and AWS Regions and Endpoints for API Gateway.
String regionalCertificateName
The name of the certificate that will be used for validating the regional domain name.
String regionalCertificateArn
The reference to an Amazon Web Services-managed certificate that will be used for validating the regional domain name. Certificate Manager is the only supported source.
String distributionDomainName
The domain name of the Amazon CloudFront distribution associated with this custom domain name for an edge-optimized endpoint. You set up this association when adding a DNS record pointing the custom domain name to this distribution name. For more information about CloudFront distributions, see the Amazon CloudFront documentation.
String distributionHostedZoneId
The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized endpoint. The valid value is
Z2FDTNDATAQYW2 for all the regions. For more information, see Set up a Regional Custom Domain Name
and AWS Regions and Endpoints for API Gateway.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this DomainName showing the endpoint types of the domain name.
String domainNameStatus
The status of the DomainName migration. The valid values are AVAILABLE and UPDATING. If
the status is UPDATING, the domain cannot be modified further until the existing operation is
complete. If it is AVAILABLE, the domain can be updated.
String domainNameStatusMessage
An optional text message containing detailed information about status of the DomainName migration.
String securityPolicy
The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are
TLS_1_0 and TLS_1_2.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn.
String restApiId
The string identifier of the associated RestApi.
String stageName
The name of the Stage that will be exported.
String exportType
The type of export. Acceptable values are 'oas30' for OpenAPI 3.0.x and 'swagger' for Swagger/OpenAPI 2.0.
Map<K,V> parameters
A key-value map of query string parameters that specify properties of the export, depending on the requested
exportType. For exportType oas30 and swagger, any combination
of the following parameters are supported: extensions='integrations' or
extensions='apigateway' will export the API with x-amazon-apigateway-integration extensions.
extensions='authorizers' will export the API with x-amazon-apigateway-authorizer extensions.
postman will export the API with Postman extensions, allowing for import to the Postman tool
String accepts
The content-type of the export, for example application/json. Currently
application/json and application/yaml are supported for exportType of
oas30 and swagger. This should be specified in the Accept header for
direct API requests.
String contentType
The content-type header value in the HTTP response. This will correspond to a valid 'accept' type in the request.
String contentDisposition
The content-disposition header value in the HTTP response.
ByteBuffer body
The binary blob response to GetExport, which contains the export.
String responseType
The response type of the associated GatewayResponse.
String statusCode
The HTTP status code for this GatewayResponse.
Map<K,V> responseParameters
Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.
Map<K,V> responseTemplates
Response templates of the GatewayResponse as a string-to-string map of key-value pairs.
Boolean defaultResponse
A Boolean flag to indicate whether this GatewayResponse is the default gateway response (true) or
not (false). A default gateway response is one generated by API Gateway without any customization by
an API developer.
String restApiId
The string identifier of the associated RestApi.
String position
The current pagination position in the paged result set. The GatewayResponse collection does not support pagination and the position does not apply here.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500. The GatewayResponses collection does not support pagination and the limit does not apply here.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies a get integration response request's resource identifier.
String httpMethod
Specifies a get integration response request's HTTP method.
String statusCode
Specifies a get integration response request's status code.
String statusCode
Specifies the status code that is used to map the integration response to an existing MethodResponse.
String selectionPattern
Specifies the regular expression (regex) pattern used to choose an integration response based on the response
from the back end. For example, if the success response returns nothing and the error response returns some
string, you could use the .+ regex to match error response. However, make sure that the error
response does not contain any newline (\n) character in such cases. If the back end is an Lambda
function, the Lambda function error header is matched. For all other HTTP and Amazon Web Services back ends, the
HTTP status code is matched.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the back end. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.{name}, where name is a
valid and unique header name. The mapped non-static value must match the pattern of
integration.response.header.{name} or integration.response.body.{JSON-expression},
where name is a valid and unique response header name and JSON-expression is a valid
JSON expression without the $ prefix.
Map<K,V> responseTemplates
Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String contentHandling
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
String type
Specifies an API method integration type. The valid value is one of the following:
For the HTTP and HTTP proxy integrations, each integration can specify a protocol (http/https), port
and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy
integration with a connectionType of VPC_LINK is referred to as a private integration
and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.
String httpMethod
Specifies the integration's HTTP method type. For the Type property, if you specify MOCK, this
property is optional. For Lambda integrations, you must set the integration method to POST. For all
other types, you must specify this property.
String uri
Specifies Uniform Resource Identifier (URI) of the integration endpoint.
For HTTP or HTTP_PROXY integrations, the URI must be a fully formed, encoded HTTP(S)
URL according to the RFC-3986 specification for standard integrations. If connectionType is
VPC_LINK specify the Network Load Balancer DNS name. For AWS or AWS_PROXY
integrations, the URI is of the form
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}. Here, {Region} is
the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service
(e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast
host-name lookup. action can be used for an Amazon Web Services service action-based API, using an
Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action
{name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service
path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including
the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3
API of GetObject, the uri can be either
arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key} or
arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
String connectionType
The type of the network connection to the integration endpoint. The valid value is INTERNET for
connections through the public routable internet or VPC_LINK for private connections between API
Gateway and a network load balancer in a VPC. The default value is INTERNET.
String connectionId
The ID of the VpcLink used for the integration when connectionType=VPC_LINK and undefined,
otherwise.
String credentials
Specifies the credentials required for the integration, if any. For AWS integrations, three options are
available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To
require that the caller's identity be passed through from the request, specify the string
arn:aws:iam::\*:user/\*. To use resource-based permissions on supported Amazon Web Services
services, specify null.
Map<K,V> requestParameters
A key-value map specifying request parameters that are passed from the method request to the back end. The key is
an integration request parameter name and the associated value is a method request parameter value or static
value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request
parameter value must match the pattern of method.request.{location}.{name}, where
location is querystring, path, or header and
name must be a valid and unique method request parameter name.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
String passthroughBehavior
Specifies how the method request body of an unmapped content type will be passed through the integration request
to the back end without transformation. A content type is unmapped if no mapping template is defined in the
integration or the content type does not match any of the mapped content types, as specified in
requestTemplates. The valid value is one of the following: WHEN_NO_MATCH: passes the
method request body through the integration request to the back end without transformation when the method
request content type does not match any content type associated with the mapping templates defined in the
integration request. WHEN_NO_TEMPLATES: passes the method request body through the integration
request to the back end without transformation when no mapping template is defined in the integration request. If
a template is defined when this option is selected, the method request of an unmapped content-type will be
rejected with an HTTP 415 Unsupported Media Type response. NEVER: rejects the method request with an
HTTP 415 Unsupported Media Type response when either the method request content type does not match any content
type associated with the mapping templates defined in the integration request or no mapping template is defined
in the integration request.
String contentHandling
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the request payload will be passed through from the method request to
integration request without modification, provided that the passthroughBehavior is configured to
support payload pass-through.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
String cacheNamespace
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace. You can specify the same cacheNamespace across resources to return the
same cached data for requests to different resources.
List<E> cacheKeyParameters
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters, these parameters must also be specified for Method
requestParameters.
Map<K,V> integrationResponses
Specifies the integration's responses.
TlsConfig tlsConfig
Specifies the TLS configuration for an integration.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the MethodResponse resource.
String httpMethod
The HTTP verb of the Method resource.
String statusCode
The status code for the MethodResponse resource.
String statusCode
The method response's status code.
Map<K,V> responseParameters
A key-value map specifying required or optional response parameters that API Gateway can send back to the caller.
A key defines a method response header and the value specifies whether the associated method response header is
required or not. The expression of the key must match the pattern method.response.header.{name},
where name is a valid and unique header name. API Gateway passes certain integration response data
to the method response headers specified here according to the mapping you prescribe in the API's
IntegrationResponse. The integration response data that can be mapped include an integration response header
expressed in integration.response.header.{name}, a static value enclosed within a pair of single
quotes (e.g., 'application/json'), or a JSON expression from the back-end response payload in the
form of integration.response.body.{JSON-expression}, where JSON-expression is a valid
JSON expression without the $ prefix.)
Map<K,V> responseModels
Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.
String httpMethod
The method's HTTP verb.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
String authorizerId
The identifier of an Authorizer to use on this method. The authorizationType must be
CUSTOM.
Boolean apiKeyRequired
A boolean flag specifying whether a valid ApiKey is required to invoke this method.
String requestValidatorId
The identifier of a RequestValidator for request validation.
String operationName
A human-friendly operation identifier for the method. For example, you can assign the operationName
of ListPets for the GET /pets method in the PetStore example.
Map<K,V> requestParameters
A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A
key is a method request parameter name matching the pattern of method.request.{location}.{name},
where location is querystring, path, or header and
name is a valid and unique parameter name. The value associated with the key is a Boolean flag
indicating whether the parameter is required (true) or optional (false). The method
request parameter names defined here are available in Integration to be mapped to integration request parameters
or templates.
Map<K,V> requestModels
A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).
Map<K,V> methodResponses
Gets a method response associated with a given HTTP status code.
Integration methodIntegration
Gets the method's integration responsible for passing the client-submitted request to the back end and performing necessary transformations to make the request compliant with the back end.
List<E> authorizationScopes
A list of authorization scopes configured on the method. The scopes are used with a
COGNITO_USER_POOLS authorizer to authorize the method invocation. The authorization works by
matching the method scopes against the scopes parsed from the access token in the incoming request. The method
invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the
invocation is not authorized. When the method scope is configured, the client must provide an access token
instead of an identity token for authorization purposes.
String restApiId
The RestApi identifier under which the Model exists.
String modelName
The name of the model as an identifier.
Boolean flatten
A query parameter of a Boolean value to resolve (true) all external model references and returns a
flattened model schema or not (false) The default is false.
String id
The identifier for the model resource.
String name
The name of the model. Must be an alphanumeric string.
String description
The description of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model. Do
not include "\*/" characters in the description of any properties because such "\*/" characters may be
interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the
installation of your API's SDK generated by API Gateway to fail.
String contentType
The content-type for the model.
String value
The Apache Velocity Template Language (VTL) template content used for the template resource.
String id
The identifier of this RequestValidator.
String name
The name of this RequestValidator
Boolean validateRequestBody
A Boolean flag to indicate whether to validate a request body according to the configured Model schema.
Boolean validateRequestParameters
A Boolean flag to indicate whether to validate request parameters (true) or not (false
).
String restApiId
The string identifier of the associated RestApi.
String resourceId
The identifier for the Resource resource.
List<E> embed
A query parameter to retrieve the specified resources embedded in the returned Resource representation in the
response. This embed parameter value is a list of comma-separated strings. Currently, the request
supports only retrieval of the embedded Method resources this way. The query parameter value must be a
single-valued list and contain the "methods" string. For example,
GET /restapis/{restapi_id}/resources/{resource_id}?embed=methods.
String id
The resource's identifier.
String parentId
The parent resource's identifier.
String pathPart
The last path segment for this resource.
String path
The full path for this resource.
Map<K,V> resourceMethods
Gets an API resource's method of a given HTTP verb.
String restApiId
The string identifier of the associated RestApi.
String position
The current pagination position in the paged result set.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
List<E> embed
A query parameter used to retrieve the specified resources embedded in the returned Resources resource in the
response. This embed parameter value is a list of comma-separated strings. Currently, the request
supports only retrieval of the embedded Method resources this way. The query parameter value must be a
single-valued list and contain the "methods" string. For example,
GET /restapis/{restapi_id}/resources?embed=methods.
String restApiId
The string identifier of the associated RestApi.
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
String restApiId
The string identifier of the associated RestApi.
String stageName
The name of the Stage that the SDK will use.
String sdkType
The language for the generated SDK. Currently java, javascript, android,
objectivec (for iOS), swift (for iOS), and ruby are supported.
Map<K,V> parameters
A string-to-string key-value map of query parameters sdkType-dependent properties of the SDK. For
sdkType of objectivec or swift, a parameter named classPrefix
is required. For sdkType of android, parameters named groupId,
artifactId, artifactVersion, and invokerPackage are required. For
sdkType of java, parameters named serviceName and
javaPackageName are required.
String contentType
The content-type header value in the HTTP response.
String contentDisposition
The content-disposition header value in the HTTP response.
ByteBuffer body
The binary blob response to GetSdk, which contains the generated SDK.
String id
The identifier of the queried SdkType instance.
String deploymentId
The identifier of the Deployment that the stage points to.
String clientCertificateId
The identifier of a client certificate for an API stage.
String stageName
The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.
String description
The stage's description.
Boolean cacheClusterEnabled
Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set
CachingEnabled to true for a method.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
String cacheClusterStatus
The status of the cache cluster for the stage, if enabled.
Map<K,V> methodSettings
A map that defines the method settings for a Stage resource. Keys (designated as
/{method_setting_key below) are method paths defined as {resource_path}/{http_method}
for an individual method override, or /\*/\* for overriding all methods in the stage.
Map<K,V> variables
A map that defines the stage variables for a Stage resource. Variable names can have alphanumeric and underscore
characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
String documentationVersion
The version of the associated API documentation.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
CanarySettings canarySettings
Settings for the canary deployment in this stage.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
String webAclArn
The ARN of the WebAcl associated with the Stage.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the stage was created.
Date lastUpdatedDate
The timestamp when the stage last updated.
String resourceArn
The ARN of a resource that can be tagged.
String position
(Not currently supported) The current pagination position in the paged result set.
Integer limit
(Not currently supported) The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
String usagePlanId
The Id of the UsagePlan resource representing the usage plan containing the to-be-retrieved UsagePlanKey resource representing a plan customer.
String position
The current pagination position in the paged result set.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
String nameQuery
A query parameter specifying the name of the to-be-returned usage plan keys.
String usagePlanId
The identifier of the UsagePlan resource to be retrieved.
String id
The identifier of a UsagePlan resource.
String name
The name of a usage plan.
String description
The description of a usage plan.
List<E> apiStages
The associated API stages of a usage plan.
ThrottleSettings throttle
A map containing method level throttling information for API stage in a usage plan.
QuotaSettings quota
The target maximum number of permitted requests per a given unit time interval.
String productCode
The Amazon Web Services Marketplace product identifier to associate with the usage plan as a SaaS product on the Amazon Web Services Marketplace.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String usagePlanId
The Id of the usage plan associated with the usage data.
String keyId
The Id of the API key associated with the resultant usage data.
String startDate
The starting date (e.g., 2016-01-01) of the usage data.
String endDate
The ending date (e.g., 2016-12-31) of the usage data.
String position
The current pagination position in the paged result set.
Integer limit
The maximum number of returned results per page. The default value is 25 and the maximum value is 500.
String usagePlanId
The plan Id associated with this usage data.
String startDate
The starting date of the usage data.
String endDate
The ending date of the usage data.
String position
Map<K,V> items
The usage data, as daily logs of used and remaining quotas, over the specified time interval indexed over the API
keys in a usage plan. For example,
{..., "values" : { "{api_key}" : [ [0, 100], [10, 90], [100, 10]]}, where {api_key}
stands for an API key value and the daily log entry is of the format [used quota, remaining quota].
String vpcLinkId
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String id
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String name
The name used to label and identify the VPC link.
String description
The description of the VPC link.
List<E> targetArns
The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same Amazon Web Services account of the API owner.
String status
The status of the VPC link. The valid values are AVAILABLE, PENDING,
DELETING, or FAILED. Deploying an API will wait if the status is PENDING
and will fail if the status is DELETING.
String statusMessage
A description about the VPC link status.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
ByteBuffer body
The payload of the POST request to import API keys. For the payload format, see API Key File Format.
String format
A query parameter to specify the input format to imported API keys. Currently, only the csv format
is supported.
Boolean failOnWarnings
A query parameter to indicate whether to rollback ApiKey importation (true) or not (
false) when error is encountered.
String restApiId
The string identifier of the associated RestApi.
String mode
A query parameter to indicate whether to overwrite (overwrite) any existing DocumentationParts
definition or to merge (merge) the new definition into the existing one. The default value is
merge.
Boolean failOnWarnings
A query parameter to specify whether to rollback the documentation importation (true) or not (
false) when a warning is encountered. The default value is false.
ByteBuffer body
Raw byte array representing the to-be-imported documentation parts. To import from an OpenAPI file, this is a JSON object.
Boolean failOnWarnings
A query parameter to indicate whether to rollback the API creation (true) or not (false
) when a warning is encountered. The default value is false.
Map<K,V> parameters
A key-value map of context-specific query string parameters specifying the behavior of different API importing operations. The following shows operation-specific parameters and their supported values.
To exclude DocumentationParts from the import, set parameters as ignore=documentation.
To configure the endpoint type, set parameters as endpointConfigurationTypes=EDGE,
endpointConfigurationTypes=REGIONAL, or endpointConfigurationTypes=PRIVATE. The default
endpoint type is EDGE.
To handle imported basepath, set parameters as basepath=ignore,
basepath=prepend or basepath=split.
ByteBuffer body
The POST request body containing external API definitions. Currently, only OpenAPI definition JSON/YAML files are supported. The maximum size of the API definition file is 6MB.
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
String type
Specifies an API method integration type. The valid value is one of the following:
For the HTTP and HTTP proxy integrations, each integration can specify a protocol (http/https), port
and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy
integration with a connectionType of VPC_LINK is referred to as a private integration
and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.
String httpMethod
Specifies the integration's HTTP method type. For the Type property, if you specify MOCK, this
property is optional. For Lambda integrations, you must set the integration method to POST. For all
other types, you must specify this property.
String uri
Specifies Uniform Resource Identifier (URI) of the integration endpoint.
For HTTP or HTTP_PROXY integrations, the URI must be a fully formed, encoded HTTP(S)
URL according to the RFC-3986 specification for standard integrations. If connectionType is
VPC_LINK specify the Network Load Balancer DNS name. For AWS or AWS_PROXY
integrations, the URI is of the form
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}. Here, {Region} is
the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service
(e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast
host-name lookup. action can be used for an Amazon Web Services service action-based API, using an
Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action
{name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service
path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including
the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3
API of GetObject, the uri can be either
arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key} or
arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
String connectionType
The type of the network connection to the integration endpoint. The valid value is INTERNET for
connections through the public routable internet or VPC_LINK for private connections between API
Gateway and a network load balancer in a VPC. The default value is INTERNET.
String connectionId
The ID of the VpcLink used for the integration when connectionType=VPC_LINK and undefined,
otherwise.
String credentials
Specifies the credentials required for the integration, if any. For AWS integrations, three options are
available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To
require that the caller's identity be passed through from the request, specify the string
arn:aws:iam::\*:user/\*. To use resource-based permissions on supported Amazon Web Services
services, specify null.
Map<K,V> requestParameters
A key-value map specifying request parameters that are passed from the method request to the back end. The key is
an integration request parameter name and the associated value is a method request parameter value or static
value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request
parameter value must match the pattern of method.request.{location}.{name}, where
location is querystring, path, or header and
name must be a valid and unique method request parameter name.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
String passthroughBehavior
Specifies how the method request body of an unmapped content type will be passed through the integration request
to the back end without transformation. A content type is unmapped if no mapping template is defined in the
integration or the content type does not match any of the mapped content types, as specified in
requestTemplates. The valid value is one of the following: WHEN_NO_MATCH: passes the
method request body through the integration request to the back end without transformation when the method
request content type does not match any content type associated with the mapping templates defined in the
integration request. WHEN_NO_TEMPLATES: passes the method request body through the integration
request to the back end without transformation when no mapping template is defined in the integration request. If
a template is defined when this option is selected, the method request of an unmapped content-type will be
rejected with an HTTP 415 Unsupported Media Type response. NEVER: rejects the method request with an
HTTP 415 Unsupported Media Type response when either the method request content type does not match any content
type associated with the mapping templates defined in the integration request or no mapping template is defined
in the integration request.
String contentHandling
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the request payload will be passed through from the method request to
integration request without modification, provided that the passthroughBehavior is configured to
support payload pass-through.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
String cacheNamespace
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace. You can specify the same cacheNamespace across resources to return the
same cached data for requests to different resources.
List<E> cacheKeyParameters
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters, these parameters must also be specified for Method
requestParameters.
Map<K,V> integrationResponses
Specifies the integration's responses.
TlsConfig tlsConfig
Specifies the TLS configuration for an integration.
String statusCode
Specifies the status code that is used to map the integration response to an existing MethodResponse.
String selectionPattern
Specifies the regular expression (regex) pattern used to choose an integration response based on the response
from the back end. For example, if the success response returns nothing and the error response returns some
string, you could use the .+ regex to match error response. However, make sure that the error
response does not contain any newline (\n) character in such cases. If the back end is an Lambda
function, the Lambda function error header is matched. For all other HTTP and Amazon Web Services back ends, the
HTTP status code is matched.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the back end. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.{name}, where name is a
valid and unique header name. The mapped non-static value must match the pattern of
integration.response.header.{name} or integration.response.body.{JSON-expression},
where name is a valid and unique response header name and JSON-expression is a valid
JSON expression without the $ prefix.
Map<K,V> responseTemplates
Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String contentHandling
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
String retryAfterSeconds
String httpMethod
The method's HTTP verb.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
String authorizerId
The identifier of an Authorizer to use on this method. The authorizationType must be
CUSTOM.
Boolean apiKeyRequired
A boolean flag specifying whether a valid ApiKey is required to invoke this method.
String requestValidatorId
The identifier of a RequestValidator for request validation.
String operationName
A human-friendly operation identifier for the method. For example, you can assign the operationName
of ListPets for the GET /pets method in the PetStore example.
Map<K,V> requestParameters
A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A
key is a method request parameter name matching the pattern of method.request.{location}.{name},
where location is querystring, path, or header and
name is a valid and unique parameter name. The value associated with the key is a Boolean flag
indicating whether the parameter is required (true) or optional (false). The method
request parameter names defined here are available in Integration to be mapped to integration request parameters
or templates.
Map<K,V> requestModels
A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).
Map<K,V> methodResponses
Gets a method response associated with a given HTTP status code.
Integration methodIntegration
Gets the method's integration responsible for passing the client-submitted request to the back end and performing necessary transformations to make the request compliant with the back end.
List<E> authorizationScopes
A list of authorization scopes configured on the method. The scopes are used with a
COGNITO_USER_POOLS authorizer to authorize the method invocation. The authorization works by
matching the method scopes against the scopes parsed from the access token in the incoming request. The method
invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the
invocation is not authorized. When the method scope is configured, the client must provide an access token
instead of an identity token for authorization purposes.
String statusCode
The method response's status code.
Map<K,V> responseParameters
A key-value map specifying required or optional response parameters that API Gateway can send back to the caller.
A key defines a method response header and the value specifies whether the associated method response header is
required or not. The expression of the key must match the pattern method.response.header.{name},
where name is a valid and unique header name. API Gateway passes certain integration response data
to the method response headers specified here according to the mapping you prescribe in the API's
IntegrationResponse. The integration response data that can be mapped include an integration response header
expressed in integration.response.header.{name}, a static value enclosed within a pair of single
quotes (e.g., 'application/json'), or a JSON expression from the back-end response payload in the
form of integration.response.body.{JSON-expression}, where JSON-expression is a valid
JSON expression without the $ prefix.)
Map<K,V> responseModels
Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.
Boolean metricsEnabled
Specifies whether Amazon CloudWatch metrics are enabled for this method.
String loggingLevel
Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs.
Valid values are OFF, ERROR, and INFO. Choose ERROR to write
only error-level entries to CloudWatch Logs, or choose INFO to include all ERROR events
as well as extra informational events.
Boolean dataTraceEnabled
Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs.
Integer throttlingBurstLimit
Specifies the throttling burst limit.
Double throttlingRateLimit
Specifies the throttling rate limit.
Boolean cachingEnabled
Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached.
Integer cacheTtlInSeconds
Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached.
Boolean cacheDataEncrypted
Specifies whether the cached responses are encrypted.
Boolean requireAuthorizationForCacheControl
Specifies whether authorization is required for a cache invalidation request.
String unauthorizedCacheControlHeaderStrategy
Specifies how to handle unauthorized requests for cache invalidation.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
Boolean apiKeyRequired
Specifies whether the method requires a valid ApiKey.
String id
The identifier for the model resource.
String name
The name of the model. Must be an alphanumeric string.
String description
The description of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model. Do
not include "\*/" characters in the description of any properties because such "\*/" characters may be
interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the
installation of your API's SDK generated by API Gateway to fail.
String contentType
The content-type for the model.
String truststoreUri
An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example
s3://bucket-name/key-name. The truststore can contain certificates from public or private
certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain
name to use the new version. To update the truststore, you must have permissions to access the S3 object.
String truststoreVersion
The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.
List<E> truststoreWarnings
A list of warnings that API Gateway returns while processing your truststore. Invalid certificates produce warnings. Mutual TLS is still enabled, but some clients might not be able to access your API. To resolve warnings, upload a new truststore to S3, and then update you domain name to use the new version.
String truststoreUri
An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example
s3://bucket-name/key-name. The truststore can contain certificates from public or private
certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain
name to use the new version. To update the truststore, you must have permissions to access the S3 object.
String truststoreVersion
The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket
String op
An update operation to be performed with this PATCH request. The valid value can be add, remove, replace or copy. Not all valid operations are supported for a given resource. Support of the operations depends on specific operational contexts. Attempts to apply an unsupported operation on a resource will return an error message..
String path
The op operation's target, as identified by a JSON Pointer value that references a location within the targeted resource. For example, if the target resource has an updateable property of {"name":"value"}, the path for this property is /name. If the name property value is a JSON object (e.g., {"name": {"child/name": "child-value"}}), the path for the child/name property will be /name/child~1name. Any slash ("/") character appearing in path names must be escaped with "~1", as shown in the example above. Each op operation can have only one path associated with it.
String value
The new target value of the update operation. It is applicable for the add or replace operation. When using AWS CLI to update a property of a JSON value, enclose the JSON object with a pair of single quotes in a Linux shell, e.g., '{"a": ...}'.
String from
The copy update operation's source as identified by a JSON-Pointer value referencing the location within the targeted resource to copy the value from. For example, to promote a canary deployment, you copy the canary deployment ID to the affiliated deployment ID by calling a PATCH request on a Stage resource with "op":"copy", "from":"/canarySettings/deploymentId" and "path":"/deploymentId".
String restApiId
The string identifier of the associated RestApi.
String responseType
The response type of the associated GatewayResponse
String statusCode
The HTTP status code of the GatewayResponse.
Map<K,V> responseParameters
Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.
Map<K,V> responseTemplates
Response templates of the GatewayResponse as a string-to-string map of key-value pairs.
String responseType
The response type of the associated GatewayResponse.
String statusCode
The HTTP status code for this GatewayResponse.
Map<K,V> responseParameters
Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.
Map<K,V> responseTemplates
Response templates of the GatewayResponse as a string-to-string map of key-value pairs.
Boolean defaultResponse
A Boolean flag to indicate whether this GatewayResponse is the default gateway response (true) or
not (false). A default gateway response is one generated by API Gateway without any customization by
an API developer.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies a put integration request's resource ID.
String httpMethod
Specifies the HTTP method for the integration.
String type
Specifies a put integration input's type.
String integrationHttpMethod
The HTTP method for the integration.
String uri
Specifies Uniform Resource Identifier (URI) of the integration endpoint. For HTTP or HTTP_PROXY
integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification, for
either standard integration, where connectionType is not VPC_LINK, or private
integration, where connectionType is VPC_LINK. For a private HTTP integration, the URI
is not used for routing. For AWS or AWS_PROXY integrations, the URI is of the form
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api . Here, {Region} is
the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service
(e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast
host-name lookup. action can be used for an Amazon Web Services service action-based API, using an
Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action
{name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service
path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including
the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3
API of GetObject, the uri can be either
arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key} or
arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}.
String connectionType
The type of the network connection to the integration endpoint. The valid value is INTERNET for
connections through the public routable internet or VPC_LINK for private connections between API
Gateway and a network load balancer in a VPC. The default value is INTERNET.
String connectionId
The ID of the VpcLink used for the integration. Specify this value only if you specify VPC_LINK as
the connection type.
String credentials
Specifies whether credentials are required for a put integration.
Map<K,V> requestParameters
A key-value map specifying request parameters that are passed from the method request to the back end. The key is
an integration request parameter name and the associated value is a method request parameter value or static
value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request
parameter value must match the pattern of method.request.{location}.{name}, where
location is querystring, path, or header and
name must be a valid and unique method request parameter name.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and
the available mapping templates specified as the requestTemplates property on the Integration
resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and
NEVER.
String cacheNamespace
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace. You can specify the same cacheNamespace across resources to return the
same cached data for requests to different resources.
List<E> cacheKeyParameters
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters, these parameters must also be specified for Method
requestParameters.
String contentHandling
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the request payload will be passed through from the method request to
integration request without modification, provided that the passthroughBehavior is configured to
support payload pass-through.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
TlsConfig tlsConfig
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies a put integration response request's resource identifier.
String httpMethod
Specifies a put integration response request's HTTP method.
String statusCode
Specifies the status code that is used to map the integration response to an existing MethodResponse.
String selectionPattern
Specifies the selection pattern of a put integration response.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the back end. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.{name}, where name is a
valid and unique header name. The mapped non-static value must match the pattern of
integration.response.header.{name} or integration.response.body.{JSON-expression},
where name must be a valid and unique response header name and JSON-expression a valid
JSON expression without the $ prefix.
Map<K,V> responseTemplates
Specifies a put integration response's templates.
String contentHandling
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
String statusCode
Specifies the status code that is used to map the integration response to an existing MethodResponse.
String selectionPattern
Specifies the regular expression (regex) pattern used to choose an integration response based on the response
from the back end. For example, if the success response returns nothing and the error response returns some
string, you could use the .+ regex to match error response. However, make sure that the error
response does not contain any newline (\n) character in such cases. If the back end is an Lambda
function, the Lambda function error header is matched. For all other HTTP and Amazon Web Services back ends, the
HTTP status code is matched.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the back end. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.{name}, where name is a
valid and unique header name. The mapped non-static value must match the pattern of
integration.response.header.{name} or integration.response.body.{JSON-expression},
where name is a valid and unique response header name and JSON-expression is a valid
JSON expression without the $ prefix.
Map<K,V> responseTemplates
Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String contentHandling
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
String type
Specifies an API method integration type. The valid value is one of the following:
For the HTTP and HTTP proxy integrations, each integration can specify a protocol (http/https), port
and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy
integration with a connectionType of VPC_LINK is referred to as a private integration
and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.
String httpMethod
Specifies the integration's HTTP method type. For the Type property, if you specify MOCK, this
property is optional. For Lambda integrations, you must set the integration method to POST. For all
other types, you must specify this property.
String uri
Specifies Uniform Resource Identifier (URI) of the integration endpoint.
For HTTP or HTTP_PROXY integrations, the URI must be a fully formed, encoded HTTP(S)
URL according to the RFC-3986 specification for standard integrations. If connectionType is
VPC_LINK specify the Network Load Balancer DNS name. For AWS or AWS_PROXY
integrations, the URI is of the form
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}. Here, {Region} is
the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service
(e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast
host-name lookup. action can be used for an Amazon Web Services service action-based API, using an
Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action
{name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service
path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including
the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3
API of GetObject, the uri can be either
arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key} or
arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
String connectionType
The type of the network connection to the integration endpoint. The valid value is INTERNET for
connections through the public routable internet or VPC_LINK for private connections between API
Gateway and a network load balancer in a VPC. The default value is INTERNET.
String connectionId
The ID of the VpcLink used for the integration when connectionType=VPC_LINK and undefined,
otherwise.
String credentials
Specifies the credentials required for the integration, if any. For AWS integrations, three options are
available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To
require that the caller's identity be passed through from the request, specify the string
arn:aws:iam::\*:user/\*. To use resource-based permissions on supported Amazon Web Services
services, specify null.
Map<K,V> requestParameters
A key-value map specifying request parameters that are passed from the method request to the back end. The key is
an integration request parameter name and the associated value is a method request parameter value or static
value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request
parameter value must match the pattern of method.request.{location}.{name}, where
location is querystring, path, or header and
name must be a valid and unique method request parameter name.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
String passthroughBehavior
Specifies how the method request body of an unmapped content type will be passed through the integration request
to the back end without transformation. A content type is unmapped if no mapping template is defined in the
integration or the content type does not match any of the mapped content types, as specified in
requestTemplates. The valid value is one of the following: WHEN_NO_MATCH: passes the
method request body through the integration request to the back end without transformation when the method
request content type does not match any content type associated with the mapping templates defined in the
integration request. WHEN_NO_TEMPLATES: passes the method request body through the integration
request to the back end without transformation when no mapping template is defined in the integration request. If
a template is defined when this option is selected, the method request of an unmapped content-type will be
rejected with an HTTP 415 Unsupported Media Type response. NEVER: rejects the method request with an
HTTP 415 Unsupported Media Type response when either the method request content type does not match any content
type associated with the mapping templates defined in the integration request or no mapping template is defined
in the integration request.
String contentHandling
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the request payload will be passed through from the method request to
integration request without modification, provided that the passthroughBehavior is configured to
support payload pass-through.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
String cacheNamespace
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace. You can specify the same cacheNamespace across resources to return the
same cached data for requests to different resources.
List<E> cacheKeyParameters
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters, these parameters must also be specified for Method
requestParameters.
Map<K,V> integrationResponses
Specifies the integration's responses.
TlsConfig tlsConfig
Specifies the TLS configuration for an integration.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the new Method resource.
String httpMethod
Specifies the method request's HTTP method type.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
String authorizerId
Specifies the identifier of an Authorizer to use on this Method, if the type is CUSTOM or COGNITO_USER_POOLS. The authorizer identifier is generated by API Gateway when you created the authorizer.
Boolean apiKeyRequired
Specifies whether the method required a valid ApiKey.
String operationName
A human-friendly operation identifier for the method. For example, you can assign the operationName
of ListPets for the GET /pets method in the PetStore example.
Map<K,V> requestParameters
A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A
key defines a method request parameter name matching the pattern of method.request.{location}.{name}
, where location is querystring, path, or header and
name is a valid and unique parameter name. The value associated with the key is a Boolean flag
indicating whether the parameter is required (true) or optional (false). The method
request parameter names defined here are available in Integration to be mapped to integration request parameters
or body-mapping templates.
Map<K,V> requestModels
Specifies the Model resources used for the request's content type. Request models are represented as a key/value map, with a content type as the key and a Model name as the value.
String requestValidatorId
The identifier of a RequestValidator for validating the method request.
List<E> authorizationScopes
A list of authorization scopes configured on the method. The scopes are used with a
COGNITO_USER_POOLS authorizer to authorize the method invocation. The authorization works by
matching the method scopes against the scopes parsed from the access token in the incoming request. The method
invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the
invocation is not authorized. When the method scope is configured, the client must provide an access token
instead of an identity token for authorization purposes.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the Method resource.
String httpMethod
The HTTP verb of the Method resource.
String statusCode
The method response's status code.
Map<K,V> responseParameters
A key-value map specifying required or optional response parameters that API Gateway can send back to the caller.
A key defines a method response header name and the associated value is a Boolean flag indicating whether the
method response parameter is required or not. The method response header names must match the pattern of
method.response.header.{name}, where name is a valid and unique header name. The
response parameter names defined here are available in the integration response to be mapped from an integration
response header expressed in integration.response.header.{name}, a static value enclosed within a
pair of single quotes (e.g., 'application/json'), or a JSON expression from the back-end response
payload in the form of integration.response.body.{JSON-expression}, where
JSON-expression is a valid JSON expression without the $ prefix.)
Map<K,V> responseModels
Specifies the Model resources used for the response's content type. Response models are represented as a key/value map, with a content type as the key and a Model name as the value.
String statusCode
The method response's status code.
Map<K,V> responseParameters
A key-value map specifying required or optional response parameters that API Gateway can send back to the caller.
A key defines a method response header and the value specifies whether the associated method response header is
required or not. The expression of the key must match the pattern method.response.header.{name},
where name is a valid and unique header name. API Gateway passes certain integration response data
to the method response headers specified here according to the mapping you prescribe in the API's
IntegrationResponse. The integration response data that can be mapped include an integration response header
expressed in integration.response.header.{name}, a static value enclosed within a pair of single
quotes (e.g., 'application/json'), or a JSON expression from the back-end response payload in the
form of integration.response.body.{JSON-expression}, where JSON-expression is a valid
JSON expression without the $ prefix.)
Map<K,V> responseModels
Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.
String httpMethod
The method's HTTP verb.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
String authorizerId
The identifier of an Authorizer to use on this method. The authorizationType must be
CUSTOM.
Boolean apiKeyRequired
A boolean flag specifying whether a valid ApiKey is required to invoke this method.
String requestValidatorId
The identifier of a RequestValidator for request validation.
String operationName
A human-friendly operation identifier for the method. For example, you can assign the operationName
of ListPets for the GET /pets method in the PetStore example.
Map<K,V> requestParameters
A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A
key is a method request parameter name matching the pattern of method.request.{location}.{name},
where location is querystring, path, or header and
name is a valid and unique parameter name. The value associated with the key is a Boolean flag
indicating whether the parameter is required (true) or optional (false). The method
request parameter names defined here are available in Integration to be mapped to integration request parameters
or templates.
Map<K,V> requestModels
A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).
Map<K,V> methodResponses
Gets a method response associated with a given HTTP status code.
Integration methodIntegration
Gets the method's integration responsible for passing the client-submitted request to the back end and performing necessary transformations to make the request compliant with the back end.
List<E> authorizationScopes
A list of authorization scopes configured on the method. The scopes are used with a
COGNITO_USER_POOLS authorizer to authorize the method invocation. The authorization works by
matching the method scopes against the scopes parsed from the access token in the incoming request. The method
invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the
invocation is not authorized. When the method scope is configured, the client must provide an access token
instead of an identity token for authorization purposes.
String restApiId
The string identifier of the associated RestApi.
String mode
The mode query parameter to specify the update mode. Valid values are "merge" and "overwrite". By
default, the update mode is "merge".
Boolean failOnWarnings
A query parameter to indicate whether to rollback the API update (true) or not (false)
when a warning is encountered. The default value is false.
Map<K,V> parameters
Custom header parameters as part of the request. For example, to exclude DocumentationParts from an imported API,
set ignore=documentation as a parameters value, as in the AWS CLI command of
aws apigateway import-rest-api --parameters ignore=documentation --body 'file:///path/to/imported-api-body.json'
.
ByteBuffer body
The PUT request body containing external API definitions. Currently, only OpenAPI definition JSON/YAML files are supported. The maximum size of the API definition file is 6MB.
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
Integer limit
The target maximum number of requests that can be made in a given time period.
Integer offset
The number of requests subtracted from the given limit in the initial time period.
String period
The time period in which the limit applies. Valid values are "DAY", "WEEK" or "MONTH".
String id
The identifier of this RequestValidator.
String name
The name of this RequestValidator
Boolean validateRequestBody
A Boolean flag to indicate whether to validate a request body according to the configured Model schema.
Boolean validateRequestParameters
A Boolean flag to indicate whether to validate request parameters (true) or not (false
).
String id
The resource's identifier.
String parentId
The parent resource's identifier.
String pathPart
The last path segment for this resource.
String path
The full path for this resource.
Map<K,V> resourceMethods
Gets an API resource's method of a given HTTP verb.
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
String name
The name of a an SdkType configuration property.
String friendlyName
The user-friendly name of an SdkType configuration property.
String description
The description of an SdkType configuration property.
Boolean required
A boolean flag of an SdkType configuration property to indicate if the associated SDK configuration property is
required (true) or not (false).
String defaultValue
The default value of an SdkType configuration property.
String retryAfterSeconds
String deploymentId
The identifier of the Deployment that the stage points to.
String clientCertificateId
The identifier of a client certificate for an API stage.
String stageName
The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.
String description
The stage's description.
Boolean cacheClusterEnabled
Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set
CachingEnabled to true for a method.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
String cacheClusterStatus
The status of the cache cluster for the stage, if enabled.
Map<K,V> methodSettings
A map that defines the method settings for a Stage resource. Keys (designated as
/{method_setting_key below) are method paths defined as {resource_path}/{http_method}
for an individual method override, or /\*/\* for overriding all methods in the stage.
Map<K,V> variables
A map that defines the stage variables for a Stage resource. Variable names can have alphanumeric and underscore
characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
String documentationVersion
The version of the associated API documentation.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
CanarySettings canarySettings
Settings for the canary deployment in this stage.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
String webAclArn
The ARN of the WebAcl associated with the Stage.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the stage was created.
Date lastUpdatedDate
The timestamp when the stage last updated.
String restApiId
The string identifier of the associated RestApi.
String authorizerId
Specifies a test invoke authorizer request's Authorizer ID.
Map<K,V> headers
A key-value map of headers to simulate an incoming invocation request. This is where the incoming authorization token, or identity source, should be specified.
Map<K,V> multiValueHeaders
The headers as a map from string to list of values to simulate an incoming invocation request. This is where the incoming authorization token, or identity source, may be specified.
String pathWithQueryString
The URI path, including query string, of the simulated invocation request. Use this to specify path parameters and query string parameters.
String body
The simulated request body of an incoming invocation request.
Map<K,V> stageVariables
A key-value map of stage variables to simulate an invocation on a deployed Stage.
Map<K,V> additionalContext
A key-value map of additional context variables.
Integer clientStatus
The HTTP status code that the client would have received. Value is 0 if the authorizer succeeded.
String log
The API Gateway execution log for the test authorizer request.
Long latency
The execution latency, in ms, of the test authorizer request.
String principalId
The principal identity returned by the Authorizer
String policy
The JSON policy document returned by the Authorizer
Map<K,V> authorization
The authorization response.
Map<K,V> claims
The open identity claims, with any supported custom attributes, returned from the Cognito Your User Pool configured for the API.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies a test invoke method request's resource ID.
String httpMethod
Specifies a test invoke method request's HTTP method.
String pathWithQueryString
The URI path, including query string, of the simulated invocation request. Use this to specify path parameters and query string parameters.
String body
The simulated request body of an incoming invocation request.
Map<K,V> headers
A key-value map of headers to simulate an incoming invocation request.
Map<K,V> multiValueHeaders
The headers as a map from string to list of values to simulate an incoming invocation request.
String clientCertificateId
A ClientCertificate identifier to use in the test invocation. API Gateway will use the certificate when making the HTTPS request to the defined back-end endpoint.
Map<K,V> stageVariables
A key-value map of stage variables to simulate an invocation on a deployed Stage.
Integer status
The HTTP status code.
String body
The body of the HTTP response.
Map<K,V> headers
The headers of the HTTP response.
Map<K,V> multiValueHeaders
The headers of the HTTP response as a map from string to list of values.
String log
The API Gateway execution log for the test invoke request.
Long latency
The execution latency, in ms, of the test invoke request.
Boolean insecureSkipVerification
Specifies whether or not API Gateway skips verification that the certificate for an integration endpoint is
issued by a supported certificate authority. This isn’t recommended, but it enables you to use certificates that
are signed by private certificate authorities, or certificates that are self-signed. If enabled, API Gateway
still performs basic certificate validation, which includes checking the certificate's expiration date, hostname,
and presence of a root certificate authority. Supported only for HTTP and HTTP_PROXY
integrations.
Enabling insecureSkipVerification isn't recommended, especially for integrations with public HTTPS
endpoints. If you enable insecureSkipVerification, you increase the risk of man-in-the-middle
attacks.
String retryAfterSeconds
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String cloudwatchRoleArn
The ARN of an Amazon CloudWatch role for the current Account.
ThrottleSettings throttleSettings
Specifies the API request limits configured for the current Account.
List<E> features
A list of features supported for the account. When usage plans are enabled, the features list will include an
entry of "UsagePlans".
String apiKeyVersion
The version of the API keys used for the account.
String apiKey
The identifier of the ApiKey resource to be updated.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier of the API Key.
String value
The value of the API Key.
String name
The name of the API Key.
String customerId
An Amazon Web Services Marketplace customer identifier, when integrating with the Amazon Web Services SaaS Marketplace.
String description
The description of the API Key.
Boolean enabled
Specifies whether the API Key can be used by callers.
Date createdDate
The timestamp when the API Key was created.
Date lastUpdatedDate
The timestamp when the API Key was last updated.
List<E> stageKeys
A list of Stage resources that are associated with the ApiKey resource.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String restApiId
The string identifier of the associated RestApi.
String authorizerId
The identifier of the Authorizer resource.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier for the authorizer resource.
String name
The name of the authorizer.
String type
The authorizer type. Valid values are TOKEN for a Lambda function using a single authorization token
submitted in a custom header, REQUEST for a Lambda function using incoming request parameters, and
COGNITO_USER_POOLS for using an Amazon Cognito user pool.
List<E> providerARNs
A list of the Amazon Cognito user pool ARNs for the COGNITO_USER_POOLS authorizer. Each element is
of this format: arn:aws:cognito-idp:{region}:{account_id}:userpool/{user_pool_id}. For a
TOKEN or REQUEST authorizer, this is not defined.
String authType
Optional customer-defined field, used in OpenAPI imports and exports without functional impact.
String authorizerUri
Specifies the authorizer's Uniform Resource Identifier (URI). For TOKEN or REQUEST
authorizers, this must be a well-formed Lambda function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:{account_id}:function:{lambda_function_name}/invocations
. In general, the URI has this form arn:aws:apigateway:{region}:lambda:path/{service_api}, where
{region} is the same as the region hosting the Lambda function, path indicates that the
remaining substring in the URI should be treated as the path to the resource, including the initial
/. For Lambda functions, this is usually of the form
/2015-03-31/functions/[FunctionARN]/invocations.
String authorizerCredentials
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, specify null.
String identitySource
The identity source for which authorization is requested. For a TOKEN or
COGNITO_USER_POOLS authorizer, this is required and specifies the request header mapping expression
for the custom header holding the authorization token submitted by the client. For example, if the token header
name is Auth, the header mapping expression is method.request.header.Auth. For the
REQUEST authorizer, this is required when authorization caching is enabled. The value is a
comma-separated string of one or more mapping expressions of the specified request parameters. For example, if an
Auth header, a Name query string parameter are defined as identity sources, this value
is method.request.header.Auth, method.request.querystring.Name. These parameters will
be used to derive the authorization caching key and to perform runtime validation of the REQUEST
authorizer by verifying all of the identity-related request parameters are present, not null and non-empty. Only
when this is true does the authorizer invoke the authorizer Lambda function, otherwise, it returns a 401
Unauthorized response without calling the Lambda function. The valid value is a string of comma-separated mapping
expressions of the specified request parameters. When the authorization caching is not enabled, this property is
optional.
String identityValidationExpression
A validation expression for the incoming identity token. For TOKEN authorizers, this value is a
regular expression. For COGNITO_USER_POOLS authorizers, API Gateway will match the aud
field of the incoming token from the client against the specified regular expression. It will invoke the
authorizer's Lambda function when there is a match. Otherwise, it will return a 401 Unauthorized response without
calling the Lambda function. The validation expression does not apply to the REQUEST authorizer.
Integer authorizerResultTtlInSeconds
The TTL in seconds of cached authorizer results. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway will cache authorizer responses. If this field is not set, the default value is 300. The maximum value is 3600, or 1 hour.
String domainName
The domain name of the BasePathMapping resource to change.
String basePath
The base path of the BasePathMapping resource to change.
To specify an empty base path, set this parameter to '(none)'.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String clientCertificateId
The identifier of the ClientCertificate resource to be updated.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String clientCertificateId
The identifier of the client certificate.
String description
The description of the client certificate.
String pemEncodedCertificate
The PEM-encoded public key of the client certificate, which can be used to configure certificate authentication in the integration endpoint .
Date createdDate
The timestamp when the client certificate was created.
Date expirationDate
The timestamp when the client certificate will expire.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String restApiId
The string identifier of the associated RestApi.
String deploymentId
The replacement identifier for the Deployment resource to change information about.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier for the deployment resource.
String description
The description for the deployment resource.
Date createdDate
The date and time that the deployment resource was created.
Map<K,V> apiSummary
A summary of the RestApi at the date and time that the deployment resource was created.
String restApiId
The string identifier of the associated RestApi.
String documentationPartId
The identifier of the to-be-updated documentation part.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The DocumentationPart identifier, generated by API Gateway when the DocumentationPart is created.
DocumentationPartLocation location
The location of the API entity to which the documentation applies. Valid fields depend on the targeted API entity type. All the valid location fields are not required. If not explicitly specified, a valid location field is treated as a wildcard and associated documentation content may be inherited by matching entities, unless overridden.
String properties
A content map of API-specific key-value pairs describing the targeted API entity. The map must be encoded as a
JSON string, e.g., "{ \"description\": \"The API does ...\" }". Only OpenAPI-compliant
documentation-related fields from the properties map are exported and, hence, published as part of the API entity
definitions, while the original documentation parts are exported in a OpenAPI extension of
x-amazon-apigateway-documentation.
String restApiId
The string identifier of the associated RestApi.
String documentationVersion
The version identifier of the to-be-updated documentation version.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String domainName
The name of the DomainName resource to be changed.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String domainName
The custom domain name as an API host name, for example, my-api.example.com.
String certificateName
The name of the certificate that will be used by edge-optimized endpoint for this domain name.
String certificateArn
The reference to an Amazon Web Services-managed certificate that will be used by edge-optimized endpoint for this domain name. Certificate Manager is the only supported source.
Date certificateUploadDate
The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.
String regionalDomainName
The domain name associated with the regional endpoint for this custom domain name. You set up this association by adding a DNS record that points the custom domain name to this regional domain name. The regional domain name is returned by API Gateway when you create a regional endpoint.
String regionalHostedZoneId
The region-specific Amazon Route 53 Hosted Zone ID of the regional endpoint. For more information, see Set up a Regional Custom Domain Name and AWS Regions and Endpoints for API Gateway.
String regionalCertificateName
The name of the certificate that will be used for validating the regional domain name.
String regionalCertificateArn
The reference to an Amazon Web Services-managed certificate that will be used for validating the regional domain name. Certificate Manager is the only supported source.
String distributionDomainName
The domain name of the Amazon CloudFront distribution associated with this custom domain name for an edge-optimized endpoint. You set up this association when adding a DNS record pointing the custom domain name to this distribution name. For more information about CloudFront distributions, see the Amazon CloudFront documentation.
String distributionHostedZoneId
The region-agnostic Amazon Route 53 Hosted Zone ID of the edge-optimized endpoint. The valid value is
Z2FDTNDATAQYW2 for all the regions. For more information, see Set up a Regional Custom Domain Name
and AWS Regions and Endpoints for API Gateway.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this DomainName showing the endpoint types of the domain name.
String domainNameStatus
The status of the DomainName migration. The valid values are AVAILABLE and UPDATING. If
the status is UPDATING, the domain cannot be modified further until the existing operation is
complete. If it is AVAILABLE, the domain can be updated.
String domainNameStatusMessage
An optional text message containing detailed information about status of the DomainName migration.
String securityPolicy
The Transport Layer Security (TLS) version + cipher suite for this DomainName. The valid values are
TLS_1_0 and TLS_1_2.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name. If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API.
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn.
String restApiId
The string identifier of the associated RestApi.
String responseType
The response type of the associated GatewayResponse.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String responseType
The response type of the associated GatewayResponse.
String statusCode
The HTTP status code for this GatewayResponse.
Map<K,V> responseParameters
Response parameters (paths, query strings and headers) of the GatewayResponse as a string-to-string map of key-value pairs.
Map<K,V> responseTemplates
Response templates of the GatewayResponse as a string-to-string map of key-value pairs.
Boolean defaultResponse
A Boolean flag to indicate whether this GatewayResponse is the default gateway response (true) or
not (false). A default gateway response is one generated by API Gateway without any customization by
an API developer.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Represents an update integration request's resource identifier.
String httpMethod
Represents an update integration request's HTTP method.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String restApiId
The string identifier of the associated RestApi.
String resourceId
Specifies an update integration response request's resource identifier.
String httpMethod
Specifies an update integration response request's HTTP method.
String statusCode
Specifies an update integration response request's status code.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String statusCode
Specifies the status code that is used to map the integration response to an existing MethodResponse.
String selectionPattern
Specifies the regular expression (regex) pattern used to choose an integration response based on the response
from the back end. For example, if the success response returns nothing and the error response returns some
string, you could use the .+ regex to match error response. However, make sure that the error
response does not contain any newline (\n) character in such cases. If the back end is an Lambda
function, the Lambda function error header is matched. For all other HTTP and Amazon Web Services back ends, the
HTTP status code is matched.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the back end. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.{name}, where name is a
valid and unique header name. The mapped non-static value must match the pattern of
integration.response.header.{name} or integration.response.body.{JSON-expression},
where name is a valid and unique response header name and JSON-expression is a valid
JSON expression without the $ prefix.
Map<K,V> responseTemplates
Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String contentHandling
Specifies how to handle response payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the response payload will be passed through from the integration response to the method response without modification.
String type
Specifies an API method integration type. The valid value is one of the following:
For the HTTP and HTTP proxy integrations, each integration can specify a protocol (http/https), port
and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy
integration with a connectionType of VPC_LINK is referred to as a private integration
and uses a VpcLink to connect API Gateway to a network load balancer of a VPC.
String httpMethod
Specifies the integration's HTTP method type. For the Type property, if you specify MOCK, this
property is optional. For Lambda integrations, you must set the integration method to POST. For all
other types, you must specify this property.
String uri
Specifies Uniform Resource Identifier (URI) of the integration endpoint.
For HTTP or HTTP_PROXY integrations, the URI must be a fully formed, encoded HTTP(S)
URL according to the RFC-3986 specification for standard integrations. If connectionType is
VPC_LINK specify the Network Load Balancer DNS name. For AWS or AWS_PROXY
integrations, the URI is of the form
arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}. Here, {Region} is
the API Gateway region (e.g., us-east-1); {service} is the name of the integrated Amazon Web Services service
(e.g., s3); and {subdomain} is a designated subdomain supported by certain Amazon Web Services service for fast
host-name lookup. action can be used for an Amazon Web Services service action-based API, using an
Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action
{name} plus any required input parameters. Alternatively, path can be used for an Amazon Web Services service
path-based API. The ensuing service_api refers to the path to an Amazon Web Services service resource, including
the region of the integrated Amazon Web Services service, if applicable. For example, for integration with the S3
API of GetObject, the uri can be either
arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key} or
arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}
String connectionType
The type of the network connection to the integration endpoint. The valid value is INTERNET for
connections through the public routable internet or VPC_LINK for private connections between API
Gateway and a network load balancer in a VPC. The default value is INTERNET.
String connectionId
The ID of the VpcLink used for the integration when connectionType=VPC_LINK and undefined,
otherwise.
String credentials
Specifies the credentials required for the integration, if any. For AWS integrations, three options are
available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To
require that the caller's identity be passed through from the request, specify the string
arn:aws:iam::\*:user/\*. To use resource-based permissions on supported Amazon Web Services
services, specify null.
Map<K,V> requestParameters
A key-value map specifying request parameters that are passed from the method request to the back end. The key is
an integration request parameter name and the associated value is a method request parameter value or static
value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request
parameter value must match the pattern of method.request.{location}.{name}, where
location is querystring, path, or header and
name must be a valid and unique method request parameter name.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value.
String passthroughBehavior
Specifies how the method request body of an unmapped content type will be passed through the integration request
to the back end without transformation. A content type is unmapped if no mapping template is defined in the
integration or the content type does not match any of the mapped content types, as specified in
requestTemplates. The valid value is one of the following: WHEN_NO_MATCH: passes the
method request body through the integration request to the back end without transformation when the method
request content type does not match any content type associated with the mapping templates defined in the
integration request. WHEN_NO_TEMPLATES: passes the method request body through the integration
request to the back end without transformation when no mapping template is defined in the integration request. If
a template is defined when this option is selected, the method request of an unmapped content-type will be
rejected with an HTTP 415 Unsupported Media Type response. NEVER: rejects the method request with an
HTTP 415 Unsupported Media Type response when either the method request content type does not match any content
type associated with the mapping templates defined in the integration request or no mapping template is defined
in the integration request.
String contentHandling
Specifies how to handle request payload content type conversions. Supported values are
CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
If this property is not defined, the request payload will be passed through from the method request to
integration request without modification, provided that the passthroughBehavior is configured to
support payload pass-through.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds.
String cacheNamespace
Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the
cacheNamespace. You can specify the same cacheNamespace across resources to return the
same cached data for requests to different resources.
List<E> cacheKeyParameters
A list of request parameters whose values API Gateway caches. To be valid values for
cacheKeyParameters, these parameters must also be specified for Method
requestParameters.
Map<K,V> integrationResponses
Specifies the integration's responses.
TlsConfig tlsConfig
Specifies the TLS configuration for an integration.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the Method resource.
String httpMethod
The HTTP verb of the Method resource.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String restApiId
The string identifier of the associated RestApi.
String resourceId
The Resource identifier for the MethodResponse resource.
String httpMethod
The HTTP verb of the Method resource.
String statusCode
The status code for the MethodResponse resource.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String statusCode
The method response's status code.
Map<K,V> responseParameters
A key-value map specifying required or optional response parameters that API Gateway can send back to the caller.
A key defines a method response header and the value specifies whether the associated method response header is
required or not. The expression of the key must match the pattern method.response.header.{name},
where name is a valid and unique header name. API Gateway passes certain integration response data
to the method response headers specified here according to the mapping you prescribe in the API's
IntegrationResponse. The integration response data that can be mapped include an integration response header
expressed in integration.response.header.{name}, a static value enclosed within a pair of single
quotes (e.g., 'application/json'), or a JSON expression from the back-end response payload in the
form of integration.response.body.{JSON-expression}, where JSON-expression is a valid
JSON expression without the $ prefix.)
Map<K,V> responseModels
Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value.
String httpMethod
The method's HTTP verb.
String authorizationType
The method's authorization type. Valid values are NONE for open access, AWS_IAM for
using AWS IAM permissions, CUSTOM for using a custom authorizer, or COGNITO_USER_POOLS
for using a Cognito user pool.
String authorizerId
The identifier of an Authorizer to use on this method. The authorizationType must be
CUSTOM.
Boolean apiKeyRequired
A boolean flag specifying whether a valid ApiKey is required to invoke this method.
String requestValidatorId
The identifier of a RequestValidator for request validation.
String operationName
A human-friendly operation identifier for the method. For example, you can assign the operationName
of ListPets for the GET /pets method in the PetStore example.
Map<K,V> requestParameters
A key-value map defining required or optional method request parameters that can be accepted by API Gateway. A
key is a method request parameter name matching the pattern of method.request.{location}.{name},
where location is querystring, path, or header and
name is a valid and unique parameter name. The value associated with the key is a Boolean flag
indicating whether the parameter is required (true) or optional (false). The method
request parameter names defined here are available in Integration to be mapped to integration request parameters
or templates.
Map<K,V> requestModels
A key-value map specifying data schemas, represented by Model resources, (as the mapped value) of the request payloads of given content types (as the mapping key).
Map<K,V> methodResponses
Gets a method response associated with a given HTTP status code.
Integration methodIntegration
Gets the method's integration responsible for passing the client-submitted request to the back end and performing necessary transformations to make the request compliant with the back end.
List<E> authorizationScopes
A list of authorization scopes configured on the method. The scopes are used with a
COGNITO_USER_POOLS authorizer to authorize the method invocation. The authorization works by
matching the method scopes against the scopes parsed from the access token in the incoming request. The method
invocation is authorized if any method scopes matches a claimed scope in the access token. Otherwise, the
invocation is not authorized. When the method scope is configured, the client must provide an access token
instead of an identity token for authorization purposes.
String restApiId
The string identifier of the associated RestApi.
String modelName
The name of the model to update.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier for the model resource.
String name
The name of the model. Must be an alphanumeric string.
String description
The description of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model. Do
not include "\*/" characters in the description of any properties because such "\*/" characters may be
interpreted as the closing marker for comments in some languages, such as Java or JavaScript, causing the
installation of your API's SDK generated by API Gateway to fail.
String contentType
The content-type for the model.
String restApiId
The string identifier of the associated RestApi.
String requestValidatorId
The identifier of RequestValidator to be updated.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier of this RequestValidator.
String name
The name of this RequestValidator
Boolean validateRequestBody
A Boolean flag to indicate whether to validate a request body according to the configured Model schema.
Boolean validateRequestParameters
A Boolean flag to indicate whether to validate request parameters (true) or not (false
).
String restApiId
The string identifier of the associated RestApi.
String resourceId
The identifier of the Resource resource.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The resource's identifier.
String parentId
The parent resource's identifier.
String pathPart
The last path segment for this resource.
String path
The full path for this resource.
Map<K,V> resourceMethods
Gets an API resource's method of a given HTTP verb.
String restApiId
The string identifier of the associated RestApi.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The API's identifier. This identifier is unique across all of your APIs in API Gateway.
String name
The API's name.
String description
The API's description.
Date createdDate
The timestamp when the API was created.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
List<E> binaryMediaTypes
The list of binary media types supported by the RestApi. By default, the RestApi supports only UTF-8-encoded text payloads.
Integer minimumCompressionSize
A nullable integer that is used to enable compression (with non-negative between 0 and 10485760 (10M) bytes, inclusive) or disable compression (with a null value) on an API. When compression is enabled, compression or decompression is not applied on the payload if the payload size is smaller than this value. Setting it to zero allows compression for any payload size.
String apiKeySource
The source of the API key for metering requests according to a usage plan. Valid values are: >
HEADER to read the API key from the X-API-Key header of a request.
AUTHORIZER to read the API key from the UsageIdentifierKey from a custom authorizer.
EndpointConfiguration endpointConfiguration
The endpoint configuration of this RestApi showing the endpoint types of the API.
String policy
A stringified JSON policy document that applies to this RestApi regardless of the caller and Method configuration.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default,
clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com
endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String rootResourceId
The API's root resource ID.
String restApiId
The string identifier of the associated RestApi.
String stageName
The name of the Stage resource to change information about.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String deploymentId
The identifier of the Deployment that the stage points to.
String clientCertificateId
The identifier of a client certificate for an API stage.
String stageName
The name of the stage is the first path segment in the Uniform Resource Identifier (URI) of a call to API Gateway. Stage names can only contain alphanumeric characters, hyphens, and underscores. Maximum length is 128 characters.
String description
The stage's description.
Boolean cacheClusterEnabled
Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set
CachingEnabled to true for a method.
String cacheClusterSize
The stage's cache capacity in GB. For more information about choosing a cache size, see Enabling API caching to enhance responsiveness.
String cacheClusterStatus
The status of the cache cluster for the stage, if enabled.
Map<K,V> methodSettings
A map that defines the method settings for a Stage resource. Keys (designated as
/{method_setting_key below) are method paths defined as {resource_path}/{http_method}
for an individual method override, or /\*/\* for overriding all methods in the stage.
Map<K,V> variables
A map that defines the stage variables for a Stage resource. Variable names can have alphanumeric and underscore
characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
String documentationVersion
The version of the associated API documentation.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
CanarySettings canarySettings
Settings for the canary deployment in this stage.
Boolean tracingEnabled
Specifies whether active tracing with X-ray is enabled for the Stage.
String webAclArn
The ARN of the WebAcl associated with the Stage.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the stage was created.
Date lastUpdatedDate
The timestamp when the stage last updated.
String usagePlanId
The Id of the to-be-updated usage plan.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier of a UsagePlan resource.
String name
The name of a usage plan.
String description
The description of a usage plan.
List<E> apiStages
The associated API stages of a usage plan.
ThrottleSettings throttle
A map containing method level throttling information for API stage in a usage plan.
QuotaSettings quota
The target maximum number of permitted requests per a given unit time interval.
String productCode
The Amazon Web Services Marketplace product identifier to associate with the usage plan as a SaaS product on the Amazon Web Services Marketplace.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String usagePlanId
The Id of the usage plan associated with the usage data.
String keyId
The identifier of the API key associated with the usage plan in which a temporary extension is granted to the remaining quota.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String usagePlanId
The plan Id associated with this usage data.
String startDate
The starting date of the usage data.
String endDate
The ending date of the usage data.
String position
Map<K,V> items
The usage data, as daily logs of used and remaining quotas, over the specified time interval indexed over the API
keys in a usage plan. For example,
{..., "values" : { "{api_key}" : [ [0, 100], [10, 90], [100, 10]]}, where {api_key}
stands for an API key value and the daily log entry is of the format [used quota, remaining quota].
String vpcLinkId
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
List<E> patchOperations
For more information about supported patch operations, see Patch Operations.
String id
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String name
The name used to label and identify the VPC link.
String description
The description of the VPC link.
List<E> targetArns
The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same Amazon Web Services account of the API owner.
String status
The status of the VPC link. The valid values are AVAILABLE, PENDING,
DELETING, or FAILED. Deploying an API will wait if the status is PENDING
and will fail if the status is DELETING.
String statusMessage
A description about the VPC link status.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String id
The identifier of a UsagePlan resource.
String name
The name of a usage plan.
String description
The description of a usage plan.
List<E> apiStages
The associated API stages of a usage plan.
ThrottleSettings throttle
A map containing method level throttling information for API stage in a usage plan.
QuotaSettings quota
The target maximum number of permitted requests per a given unit time interval.
String productCode
The Amazon Web Services Marketplace product identifier to associate with the usage plan as a SaaS product on the Amazon Web Services Marketplace.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String id
The identifier of the VpcLink. It is used in an Integration to reference this VpcLink.
String name
The name used to label and identify the VPC link.
String description
The description of the VPC link.
List<E> targetArns
The ARN of the network load balancer of the VPC targeted by the VPC link. The network load balancer must be owned by the same Amazon Web Services account of the API owner.
String status
The status of the VPC link. The valid values are AVAILABLE, PENDING,
DELETING, or FAILED. Deploying an API will wait if the status is PENDING
and will fail if the status is DELETING.
String statusMessage
A description about the VPC link status.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String connectionId
String connectionId
ByteBuffer data
The data to be sent to the client specified by its connection id.
String connectionId
The identifier of the connection that a specific client is using.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter. Supported only for REQUEST authorizers.
String authorizerId
The authorizer identifier.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
The validation expression does not apply to the REQUEST authorizer.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
Boolean allowCredentials
Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs.
List<E> allowHeaders
Represents a collection of allowed headers. Supported only for HTTP APIs.
List<E> allowMethods
Represents a collection of allowed HTTP methods. Supported only for HTTP APIs.
List<E> allowOrigins
Represents a collection of allowed origins. Supported only for HTTP APIs.
List<E> exposeHeaders
Represents a collection of exposed headers. Supported only for HTTP APIs.
Integer maxAge
The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs. See Configuring CORS for more information.
String credentialsArn
This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null. Currently, this property is not used for HTTP integrations. Supported only for HTTP APIs.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String name
The name of the API.
String protocolType
The API protocol.
String routeKey
This property is part of quick create. If you don't specify a routeKey, a default route of $default is created. The $default route acts as a catch-all for any request made to your API, for a particular stage. The $default route key can't be modified. You can add routes after creating the API, and you can update the route keys of additional routes. Supported only for HTTP APIs.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String target
This property is part of quick create. Quick create produces an API with an integration, a default catch-all route, and a default stage which is configured to automatically deploy changes. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. Supported only for HTTP APIs.
String version
A version identifier for the API.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
String apiId
The API identifier.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter. Supported only for REQUEST authorizers.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
This parameter is not used.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter. Supported only for REQUEST authorizers.
String authorizerId
The authorizer identifier.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
The validation expression does not apply to the REQUEST authorizer.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
Boolean autoDeployed
Specifies whether a deployment was automatically released.
Date createdDate
The date and time when the Deployment resource was created.
String deploymentId
The identifier for the deployment.
String deploymentStatus
The status of the deployment: PENDING, FAILED, or SUCCEEDED.
String deploymentStatusMessage
May contain additional feedback on the status of an API deployment.
String description
The description for the deployment.
String domainName
The domain name.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthenticationInput mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
Map<K,V> tags
The collection of tags associated with a domain name.
String apiMappingSelectionExpression
The API mapping selection expression.
String domainName
The name of the DomainName resource.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
Map<K,V> tags
The collection of tags associated with a domain name.
String apiId
The API identifier.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
The description of the integration.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfigInput tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String apiId
The API identifier.
String contentHandlingStrategy
Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationId
The integration ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where {name} is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where {name} is a valid and unique response header name and {JSON-expression} is a valid JSON expression without the $ prefix.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expression for the integration response. Supported only for WebSocket APIs.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationResponseId
The integration response ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where name is a valid and unique response header name and JSON-expression is a valid JSON expression without the $ prefix.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expressions for the integration response.
Boolean apiGatewayManaged
Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can't delete it.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
Represents the description of an integration.
String integrationId
Represents the identifier of an integration.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationResponseSelectionExpression
The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration. Supported only for WebSocket APIs.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfig tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String apiId
The API identifier.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String name
The name of the model. Must be alphanumeric.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String modelId
The model identifier.
String name
The name of the model. Must be alphanumeric.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String apiId
The API identifier.
Boolean apiKeyRequired
Specifies whether an API key is required for the route. Supported only for WebSocket APIs.
List<E> authorizationScopes
The authorization scopes supported by this route.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
String apiId
The API identifier.
String modelSelectionExpression
The model selection expression for the route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
The response models for the route response.
Map<K,V> responseParameters
The route response parameters.
String routeId
The route ID.
String routeResponseKey
The route response key.
String modelSelectionExpression
Represents the model selection expression of a route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
Represents the response models of a route response.
Map<K,V> responseParameters
Represents the response parameters of a route response.
String routeResponseId
Represents the identifier of a route response.
String routeResponseKey
Represents the route response key of a route response.
Boolean apiGatewayManaged
Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can't modify the $default route key.
Boolean apiKeyRequired
Specifies whether an API key is required for this route. Supported only for WebSocket APIs.
List<E> authorizationScopes
A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeId
The route ID.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
String apiId
The API identifier.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.
RouteSettings defaultRouteSettings
The default route settings for the stage.
String deploymentId
The deployment identifier of the API stage.
String description
The description for the API stage.
Map<K,V> routeSettings
Route settings for the stage, by routeKey.
String stageName
The name of the stage.
Map<K,V> stageVariables
A map that defines the stage variables for a Stage. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
Boolean apiGatewayManaged
Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can't modify the $default stage.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.
Date createdDate
The timestamp when the stage was created.
RouteSettings defaultRouteSettings
Default route settings for the stage.
String deploymentId
The identifier of the Deployment that the Stage is associated with. Can't be updated if autoDeploy is enabled.
String description
The description of the stage.
String lastDeploymentStatusMessage
Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.
Date lastUpdatedDate
The timestamp when the stage was last updated.
Map<K,V> routeSettings
Route settings for the stage, by routeKey.
String stageName
The name of the stage.
Map<K,V> stageVariables
A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the VPC link was created.
String name
The name of the VPC link.
List<E> securityGroupIds
A list of security group IDs for the VPC link.
List<E> subnetIds
A list of subnet IDs to include in the VPC link.
Map<K,V> tags
Tags for the VPC link.
String vpcLinkId
The ID of the VPC link.
String vpcLinkStatus
The status of the VPC link.
String vpcLinkStatusMessage
A message summarizing the cause of the status of the VPC link.
String vpcLinkVersion
The version of the VPC link.
String apiId
The API identifier.
String apiId
The API identifier.
String domainName
The domain name.
String vpcLinkId
The ID of the VPC link.
Boolean autoDeployed
Specifies whether a deployment was automatically released.
Date createdDate
The date and time when the Deployment resource was created.
String deploymentId
The identifier for the deployment.
String deploymentStatus
The status of the deployment: PENDING, FAILED, or SUCCEEDED.
String deploymentStatusMessage
May contain additional feedback on the status of an API deployment.
String description
The description for the deployment.
String apiMappingSelectionExpression
The API mapping selection expression.
String domainName
The name of the DomainName resource.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
Map<K,V> tags
The collection of tags associated with a domain name.
String apiGatewayDomainName
A domain name for the API.
String certificateArn
An AWS-managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source.
String certificateName
The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name.
Date certificateUploadDate
The timestamp when the certificate that was used by edge-optimized endpoint for this domain name was uploaded.
String domainNameStatus
The status of the domain name migration. The valid values are AVAILABLE, UPDATING, PENDING_CERTIFICATE_REIMPORT, and PENDING_OWNERSHIP_VERIFICATION. If the status is UPDATING, the domain cannot be modified further until the existing operation is complete. If it is AVAILABLE, the domain can be updated.
String domainNameStatusMessage
An optional text message containing detailed information about status of the domain name migration.
String endpointType
The endpoint type.
String hostedZoneId
The Amazon Route 53 Hosted Zone ID of the endpoint.
String securityPolicy
The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are TLS_1_0 and TLS_1_2.
String ownershipVerificationCertificateArn
The ARN of the public certificate issued by ACM to validate ownership of your custom domain. Only required when configuring mutual TLS and using an ACM imported or private CA certificate ARN as the regionalCertificateArn
String apiId
The API identifier.
String exportVersion
The version of the API Gateway export algorithm. API Gateway uses the latest version by default. Currently, the only supported version is 1.0.
Boolean includeExtensions
Specifies whether to include API Gateway extensions in the exported API definition. API Gateway extensions are included by default.
String outputType
The output type of the exported definition file. Valid values are JSON and YAML.
String specification
The version of the API specification to use. OAS30, for OpenAPI 3.0, is the only supported value.
String stageName
The name of the API stage to export. If you don't specify this property, a representation of the latest API configuration is exported.
ByteBuffer body
String apiId
The API identifier.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter. Supported only for REQUEST authorizers.
String authorizerId
The authorizer identifier.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
The validation expression does not apply to the REQUEST authorizer.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
Boolean autoDeployed
Specifies whether a deployment was automatically released.
Date createdDate
The date and time when the Deployment resource was created.
String deploymentId
The identifier for the deployment.
String deploymentStatus
The status of the deployment: PENDING, FAILED, or SUCCEEDED.
String deploymentStatusMessage
May contain additional feedback on the status of an API deployment.
String description
The description for the deployment.
String domainName
The domain name.
String apiMappingSelectionExpression
The API mapping selection expression.
String domainName
The name of the DomainName resource.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
Map<K,V> tags
The collection of tags associated with a domain name.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationResponseId
The integration response ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where name is a valid and unique response header name and JSON-expression is a valid JSON expression without the $ prefix.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expressions for the integration response.
String apiId
The API identifier.
String integrationId
The integration ID.
String maxResults
The maximum number of elements to be returned for this resource.
String nextToken
The next page of elements from this collection. Not valid for the last element of the collection.
Boolean apiGatewayManaged
Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can't delete it.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
Represents the description of an integration.
String integrationId
Represents the identifier of an integration.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationResponseSelectionExpression
The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration. Supported only for WebSocket APIs.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfig tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String modelId
The model identifier.
String name
The name of the model. Must be alphanumeric.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String value
The template value.
String modelSelectionExpression
Represents the model selection expression of a route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
Represents the response models of a route response.
Map<K,V> responseParameters
Represents the response parameters of a route response.
String routeResponseId
Represents the identifier of a route response.
String routeResponseKey
Represents the route response key of a route response.
Boolean apiGatewayManaged
Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can't modify the $default route key.
Boolean apiKeyRequired
Specifies whether an API key is required for this route. Supported only for WebSocket APIs.
List<E> authorizationScopes
A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeId
The route ID.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
Boolean apiGatewayManaged
Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can't modify the $default stage.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.
Date createdDate
The timestamp when the stage was created.
RouteSettings defaultRouteSettings
Default route settings for the stage.
String deploymentId
The identifier of the Deployment that the Stage is associated with. Can't be updated if autoDeploy is enabled.
String description
The description of the stage.
String lastDeploymentStatusMessage
Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.
Date lastUpdatedDate
The timestamp when the stage was last updated.
Map<K,V> routeSettings
Route settings for the stage, by routeKey.
String stageName
The name of the stage.
Map<K,V> stageVariables
A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String resourceArn
The resource ARN for the tag.
String vpcLinkId
The ID of the VPC link.
Date createdDate
The timestamp when the VPC link was created.
String name
The name of the VPC link.
List<E> securityGroupIds
A list of security group IDs for the VPC link.
List<E> subnetIds
A list of subnet IDs to include in the VPC link.
Map<K,V> tags
Tags for the VPC link.
String vpcLinkId
The ID of the VPC link.
String vpcLinkStatus
The status of the VPC link.
String vpcLinkStatusMessage
A message summarizing the cause of the status of the VPC link.
String vpcLinkVersion
The version of the VPC link.
String basepath
Specifies how to interpret the base path of the API during import. Valid values are ignore, prepend, and split. The default value is ignore. To learn more, see Set the OpenAPI basePath Property. Supported only for HTTP APIs.
String body
The OpenAPI definition. Supported only for HTTP APIs.
Boolean failOnWarnings
Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
Boolean apiGatewayManaged
Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can't delete it.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
Represents the description of an integration.
String integrationId
Represents the identifier of an integration.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationResponseSelectionExpression
The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration. Supported only for WebSocket APIs.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfig tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationResponseId
The integration response ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where name is a valid and unique response header name and JSON-expression is a valid JSON expression without the $ prefix.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expressions for the integration response.
List<E> audience
A list of the intended recipients of the JWT. A valid JWT must provide an aud that matches at least one entry in this list. See RFC 7519. Supported only for HTTP APIs.
String issuer
The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool
has the following format:
https://cognito-idp.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String modelId
The model identifier.
String name
The name of the model. Must be alphanumeric.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String truststoreUri
An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example,
s3://
String truststoreVersion
The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.
List<E> truststoreWarnings
A list of warnings that API Gateway returns while processing your truststore. Invalid certificates produce warnings. Mutual TLS is still enabled, but some clients might not be able to access your API. To resolve warnings, upload a new truststore to S3, and then update you domain name to use the new version.
String truststoreUri
An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example,
s3://
String truststoreVersion
The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket.
String resourceType
The resource type.
Boolean required
Whether or not the parameter is required.
String apiId
The API identifier.
String basepath
Specifies how to interpret the base path of the API during import. Valid values are ignore, prepend, and split. The default value is ignore. To learn more, see Set the OpenAPI basePath Property. Supported only for HTTP APIs.
String body
The OpenAPI definition. Supported only for HTTP APIs.
Boolean failOnWarnings
Specifies whether to rollback the API creation when a warning is encountered. By default, API creation continues if a warning is encountered.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
Boolean apiGatewayManaged
Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can't modify the $default route key.
Boolean apiKeyRequired
Specifies whether an API key is required for this route. Supported only for WebSocket APIs.
List<E> authorizationScopes
A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeId
The route ID.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
String modelSelectionExpression
Represents the model selection expression of a route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
Represents the response models of a route response.
Map<K,V> responseParameters
Represents the response parameters of a route response.
String routeResponseId
Represents the identifier of a route response.
String routeResponseKey
Represents the route response key of a route response.
Boolean dataTraceEnabled
Specifies whether (true) or not (false) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.
Boolean detailedMetricsEnabled
Specifies whether detailed metrics are enabled.
String loggingLevel
Specifies the logging level for this route: INFO, ERROR, or OFF. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs.
Integer throttlingBurstLimit
Specifies the throttling burst limit.
Double throttlingRateLimit
Specifies the throttling rate limit.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
Boolean apiGatewayManaged
Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can't modify the $default stage.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.
Date createdDate
The timestamp when the stage was created.
RouteSettings defaultRouteSettings
Default route settings for the stage.
String deploymentId
The identifier of the Deployment that the Stage is associated with. Can't be updated if autoDeploy is enabled.
String description
The description of the stage.
String lastDeploymentStatusMessage
Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.
Date lastUpdatedDate
The timestamp when the stage was last updated.
Map<K,V> routeSettings
Route settings for the stage, by routeKey.
String stageName
The name of the stage.
Map<K,V> stageVariables
A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
String serverNameToVerify
If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.
String serverNameToVerify
If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting.
String limitType
The limit type.
String apiId
The API identifier.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
String credentialsArn
This property is part of quick create. It specifies the credentials required for the integration, if any. For a Lambda integration, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, don't specify this parameter. Currently, this property is not used for HTTP integrations. If provided, this value replaces the credentials associated with the quick create integration. Supported only for HTTP APIs.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
String name
The name of the API.
String routeKey
This property is part of quick create. If not specified, the route created using quick create is kept. Otherwise, this value replaces the route key of the quick create route. Additional routes may still be added after the API is updated. Supported only for HTTP APIs.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
String target
This property is part of quick create. For HTTP integrations, specify a fully qualified URL. For Lambda integrations, specify a function ARN. The type of the integration will be HTTP_PROXY or AWS_PROXY, respectively. The value provided updates the integration URI and integration type. You can update a quick-created target, but you can't remove it from an API. Supported only for HTTP APIs.
String version
A version identifier for the API.
String apiEndpoint
The URI of the API, of the form {api-id}.execute-api.{region}.amazonaws.com. The stage name is typically appended to this URI to form a complete path to a deployed API stage.
Boolean apiGatewayManaged
Specifies whether an API is managed by API Gateway. You can't update or delete a managed API by using API Gateway. A managed API can be deleted only through the tooling or service that created it.
String apiId
The API ID.
String apiKeySelectionExpression
An API key selection expression. Supported only for WebSocket APIs. See API Key Selection Expressions.
Cors corsConfiguration
A CORS configuration. Supported only for HTTP APIs.
Date createdDate
The timestamp when the API was created.
String description
The description of the API.
Boolean disableSchemaValidation
Avoid validating models when creating a deployment. Supported only for WebSocket APIs.
Boolean disableExecuteApiEndpoint
Specifies whether clients can invoke your API by using the default execute-api endpoint. By default, clients can invoke your API with the default https://{api_id}.execute-api.{region}.amazonaws.com endpoint. To require that clients use a custom domain name to invoke your API, disable the default endpoint.
List<E> importInfo
The validation information during API import. This may include particular properties of your OpenAPI definition which are ignored during import. Supported only for HTTP APIs.
String name
The name of the API.
String protocolType
The API protocol.
String routeSelectionExpression
The route selection expression for the API. For HTTP APIs, the routeSelectionExpression must be ${request.method} ${request.path}. If not provided, this will be the default for HTTP APIs. This property is required for WebSocket APIs.
Map<K,V> tags
A collection of tags associated with the API.
String version
A version identifier for the API.
List<E> warnings
The warning messages reported when failonwarnings is turned on during API import.
String apiId
The API identifier.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter.
String authorizerId
The authorizer identifier.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. By default, a Lambda authorizer must return an IAM policy. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
This parameter is not used.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
String authorizerCredentialsArn
Specifies the required credentials as an IAM role for API Gateway to invoke the authorizer. To specify an IAM role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To use resource-based permissions on the Lambda function, don't specify this parameter. Supported only for REQUEST authorizers.
String authorizerId
The authorizer identifier.
String authorizerPayloadFormatVersion
Specifies the format of the payload sent to an HTTP API Lambda authorizer. Required for HTTP API Lambda authorizers. Supported values are 1.0 and 2.0. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
Integer authorizerResultTtlInSeconds
The time to live (TTL) for cached authorizer results, in seconds. If it equals 0, authorization caching is disabled. If it is greater than 0, API Gateway caches authorizer responses. The maximum value is 3600, or 1 hour. Supported only for HTTP API Lambda authorizers.
String authorizerType
The authorizer type. Specify REQUEST for a Lambda function using incoming request parameters. Specify JWT to use JSON Web Tokens (supported only for HTTP APIs).
String authorizerUri
The authorizer's Uniform Resource Identifier (URI). For REQUEST authorizers, this must be a well-formed Lambda
function URI, for example,
arn:aws:apigateway:us-west-2:lambda:path/2015-03-31/functions/arn:aws:lambda:us-west-2:
Boolean enableSimpleResponses
Specifies whether a Lambda authorizer returns a response in a simple format. If enabled, the Lambda authorizer can return a boolean value instead of an IAM policy. Supported only for HTTP APIs. To learn more, see Working with AWS Lambda authorizers for HTTP APIs
List<E> identitySource
The identity source for which authorization is requested.
For a REQUEST authorizer, this is optional. The value is a set of one or more mapping expressions of the specified request parameters. The identity source can be headers, query string parameters, stage variables, and context parameters. For example, if an Auth header and a Name query string parameter are defined as identity sources, this value is route.request.header.Auth, route.request.querystring.Name for WebSocket APIs. For HTTP APIs, use selection expressions prefixed with $, for example, $request.header.Auth, $request.querystring.Name. These parameters are used to perform runtime validation for Lambda-based authorizers by verifying all of the identity-related request parameters are present in the request, not null, and non-empty. Only when this is true does the authorizer invoke the authorizer Lambda function. Otherwise, it returns a 401 Unauthorized response without calling the Lambda function. For HTTP APIs, identity sources are also used as the cache key when caching is enabled. To learn more, see Working with AWS Lambda authorizers for HTTP APIs.
For JWT, a single entry that specifies where to extract the JSON Web Token (JWT) from inbound requests. Currently only header-based and query parameter-based selections are supported, for example $request.header.Authorization.
String identityValidationExpression
The validation expression does not apply to the REQUEST authorizer.
JWTConfiguration jwtConfiguration
Represents the configuration of a JWT authorizer. Required for the JWT authorizer type. Supported only for HTTP APIs.
String name
The name of the authorizer.
Boolean autoDeployed
Specifies whether a deployment was automatically released.
Date createdDate
The date and time when the Deployment resource was created.
String deploymentId
The identifier for the deployment.
String deploymentStatus
The status of the deployment: PENDING, FAILED, or SUCCEEDED.
String deploymentStatusMessage
May contain additional feedback on the status of an API deployment.
String description
The description for the deployment.
String domainName
The domain name.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthenticationInput mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
String apiMappingSelectionExpression
The API mapping selection expression.
String domainName
The name of the DomainName resource.
List<E> domainNameConfigurations
The domain name configurations.
MutualTlsAuthentication mutualTlsAuthentication
The mutual TLS authentication configuration for a custom domain name.
Map<K,V> tags
The collection of tags associated with a domain name.
String apiId
The API identifier.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
The description of the integration
String integrationId
The integration ID.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration. For HTTP API private integrations, use an HTTP_PROXY integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to the backend. The key should follow the pattern <action>:<header|querystring|path>.<location> where action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfigInput tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String apiId
The API identifier.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationId
The integration ID.
String integrationResponseId
The integration response ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key
is a method response header parameter name and the mapped value is an integration response header value, a static
value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The
mapping key must match the pattern of method.response.header.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expression for the integration response. Supported only for WebSocket APIs.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String integrationResponseId
The integration response ID.
String integrationResponseKey
The integration response key.
Map<K,V> responseParameters
A key-value map specifying response parameters that are passed to the method response from the backend. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of method.response.header.{name}, where name is a valid and unique header name. The mapped non-static value must match the pattern of integration.response.header.{name} or integration.response.body.{JSON-expression}, where name is a valid and unique response header name and JSON-expression is a valid JSON expression without the $ prefix.
Map<K,V> responseTemplates
The collection of response templates for the integration response as a string-to-string map of key-value pairs. Response templates are represented as a key/value map, with a content-type as the key and a template as the value.
String templateSelectionExpression
The template selection expressions for the integration response.
Boolean apiGatewayManaged
Specifies whether an integration is managed by API Gateway. If you created an API using using quick create, the resulting integration is managed by API Gateway. You can update a managed integration, but you can't delete it.
String connectionId
The ID of the VPC link for a private integration. Supported only for HTTP APIs.
String connectionType
The type of the network connection to the integration endpoint. Specify INTERNET for connections through the public routable internet or VPC_LINK for private connections between API Gateway and resources in a VPC. The default value is INTERNET.
String contentHandlingStrategy
Supported only for WebSocket APIs. Specifies how to handle response payload content type conversions. Supported values are CONVERT_TO_BINARY and CONVERT_TO_TEXT, with the following behaviors:
CONVERT_TO_BINARY: Converts a response payload from a Base64-encoded string to the corresponding binary blob.
CONVERT_TO_TEXT: Converts a response payload from a binary blob to a Base64-encoded string.
If this property is not defined, the response payload will be passed through from the integration response to the route response or method response without modification.
String credentialsArn
Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string arn:aws:iam::*:user/*. To use resource-based permissions on supported AWS services, specify null.
String description
Represents the description of an integration.
String integrationId
Represents the identifier of an integration.
String integrationMethod
Specifies the integration's HTTP method type.
String integrationResponseSelectionExpression
The integration response selection expression for the integration. Supported only for WebSocket APIs. See Integration Response Selection Expressions.
String integrationSubtype
Supported only for HTTP API AWS_PROXY integrations. Specifies the AWS service action to invoke. To learn more, see Integration subtype reference.
String integrationType
The integration type of an integration. One of the following:
AWS: for integrating the route or method request with an AWS service action, including the Lambda function-invoking action. With the Lambda function-invoking action, this is referred to as the Lambda custom integration. With any other AWS service action, this is known as AWS integration. Supported only for WebSocket APIs.
AWS_PROXY: for integrating the route or method request with a Lambda function or other AWS service action. This integration is also referred to as a Lambda proxy integration.
HTTP: for integrating the route or method request with an HTTP endpoint. This integration is also referred to as the HTTP custom integration. Supported only for WebSocket APIs.
HTTP_PROXY: for integrating the route or method request with an HTTP endpoint, with the client request passed through as-is. This is also referred to as HTTP proxy integration.
MOCK: for integrating the route or method request with API Gateway as a "loopback" endpoint without invoking any backend. Supported only for WebSocket APIs.
String integrationUri
For a Lambda integration, specify the URI of a Lambda function.
For an HTTP integration, specify a fully-qualified URL.
For an HTTP API private integration, specify the ARN of an Application Load Balancer listener, Network Load Balancer listener, or AWS Cloud Map service. If you specify the ARN of an AWS Cloud Map service, API Gateway uses DiscoverInstances to identify resources. You can use query parameters to target specific resources. To learn more, see DiscoverInstances. For private integrations, all resources must be owned by the same AWS account.
String passthroughBehavior
Specifies the pass-through behavior for incoming requests based on the Content-Type header in the request, and the available mapping templates specified as the requestTemplates property on the Integration resource. There are three valid values: WHEN_NO_MATCH, WHEN_NO_TEMPLATES, and NEVER. Supported only for WebSocket APIs.
WHEN_NO_MATCH passes the request body for unmapped content types through to the integration backend without transformation.
NEVER rejects unmapped content types with an HTTP 415 Unsupported Media Type response.
WHEN_NO_TEMPLATES allows pass-through when the integration has no content types mapped to templates. However, if there is at least one content type defined, unmapped content types will be rejected with the same HTTP 415 Unsupported Media Type response.
String payloadFormatVersion
Specifies the format of the payload sent to an integration. Required for HTTP APIs.
Map<K,V> requestParameters
For WebSocket APIs, a key-value map specifying request parameters that are passed from the method request to the
backend. The key is an integration request parameter name and the associated value is a method request parameter
value or static value that must be enclosed within single quotes and pre-encoded as required by the backend. The
method request parameter value must match the pattern of
method.request.
For HTTP API integrations with a specified integrationSubtype, request parameters are a key-value map specifying parameters that are passed to AWS_PROXY integrations. You can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Working with AWS service integrations for HTTP APIs.
For HTTP API integrations, without a specified integrationSubtype request parameters are a key-value map specifying how to transform HTTP requests before sending them to backend integrations. The key should follow the pattern <action>:<header|querystring|path>.<location>. The action can be append, overwrite or remove. For values, you can provide static values, or map request data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
Map<K,V> requestTemplates
Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. Supported only for WebSocket APIs.
Map<K,V> responseParameters
Supported only for HTTP APIs. You use response parameters to transform the HTTP response from a backend integration before returning the response to clients. Specify a key-value map from a selection key to response parameters. The selection key must be a valid HTTP status code within the range of 200-599. Response parameters are a key-value map. The key must match pattern <action>:<header>.<location> or overwrite.statuscode. The action can be append, overwrite or remove. The value can be a static value, or map to response data, stage variables, or context variables that are evaluated at runtime. To learn more, see Transforming API requests and responses.
String templateSelectionExpression
The template selection expression for the integration. Supported only for WebSocket APIs.
Integer timeoutInMillis
Custom timeout between 50 and 29,000 milliseconds for WebSocket APIs and between 50 and 30,000 milliseconds for HTTP APIs. The default timeout is 29 seconds for WebSocket APIs and 30 seconds for HTTP APIs.
TlsConfig tlsConfig
The TLS configuration for a private integration. If you specify a TLS configuration, private integration traffic uses the HTTPS protocol. Supported only for HTTP APIs.
String apiId
The API identifier.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String modelId
The model ID.
String name
The name of the model.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String contentType
The content-type for the model, for example, "application/json".
String description
The description of the model.
String modelId
The model identifier.
String name
The name of the model. Must be alphanumeric.
String schema
The schema for the model. For application/json models, this should be JSON schema draft 4 model.
String apiId
The API identifier.
Boolean apiKeyRequired
Specifies whether an API key is required for the route. Supported only for WebSocket APIs.
List<E> authorizationScopes
The authorization scopes supported by this route.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeId
The route ID.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
String apiId
The API identifier.
String modelSelectionExpression
The model selection expression for the route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
The response models for the route response.
Map<K,V> responseParameters
The route response parameters.
String routeId
The route ID.
String routeResponseId
The route response ID.
String routeResponseKey
The route response key.
String modelSelectionExpression
Represents the model selection expression of a route response. Supported only for WebSocket APIs.
Map<K,V> responseModels
Represents the response models of a route response.
Map<K,V> responseParameters
Represents the response parameters of a route response.
String routeResponseId
Represents the identifier of a route response.
String routeResponseKey
Represents the route response key of a route response.
Boolean apiGatewayManaged
Specifies whether a route is managed by API Gateway. If you created an API using quick create, the $default route is managed by API Gateway. You can't modify the $default route key.
Boolean apiKeyRequired
Specifies whether an API key is required for this route. Supported only for WebSocket APIs.
List<E> authorizationScopes
A list of authorization scopes configured on a route. The scopes are used with a JWT authorizer to authorize the method invocation. The authorization works by matching the route scopes against the scopes parsed from the access token in the incoming request. The method invocation is authorized if any route scope matches a claimed scope in the access token. Otherwise, the invocation is not authorized. When the route scope is configured, the client must provide an access token instead of an identity token for authorization purposes.
String authorizationType
The authorization type for the route. For WebSocket APIs, valid values are NONE for open access, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer For HTTP APIs, valid values are NONE for open access, JWT for using JSON Web Tokens, AWS_IAM for using AWS IAM permissions, and CUSTOM for using a Lambda authorizer.
String authorizerId
The identifier of the Authorizer resource to be associated with this route. The authorizer identifier is generated by API Gateway when you created the authorizer.
String modelSelectionExpression
The model selection expression for the route. Supported only for WebSocket APIs.
String operationName
The operation name for the route.
Map<K,V> requestModels
The request models for the route. Supported only for WebSocket APIs.
Map<K,V> requestParameters
The request parameters for the route. Supported only for WebSocket APIs.
String routeId
The route ID.
String routeKey
The route key for the route.
String routeResponseSelectionExpression
The route response selection expression for the route. Supported only for WebSocket APIs.
String target
The target for the route.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
String apiId
The API identifier.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage.
RouteSettings defaultRouteSettings
The default route settings for the stage.
String deploymentId
The deployment identifier for the API stage. Can't be updated if autoDeploy is enabled.
String description
The description for the API stage.
Map<K,V> routeSettings
Route settings for the stage.
String stageName
The stage name. Stage names can contain only alphanumeric characters, hyphens, and underscores, or be $default. Maximum length is 128 characters.
Map<K,V> stageVariables
A map that defines the stage variables for a Stage. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
AccessLogSettings accessLogSettings
Settings for logging access in this stage.
Boolean apiGatewayManaged
Specifies whether a stage is managed by API Gateway. If you created an API using quick create, the $default stage is managed by API Gateway. You can't modify the $default stage.
Boolean autoDeploy
Specifies whether updates to an API automatically trigger a new deployment. The default value is false.
String clientCertificateId
The identifier of a client certificate for a Stage. Supported only for WebSocket APIs.
Date createdDate
The timestamp when the stage was created.
RouteSettings defaultRouteSettings
Default route settings for the stage.
String deploymentId
The identifier of the Deployment that the Stage is associated with. Can't be updated if autoDeploy is enabled.
String description
The description of the stage.
String lastDeploymentStatusMessage
Describes the status of the last deployment of a stage. Supported only for stages with autoDeploy enabled.
Date lastUpdatedDate
The timestamp when the stage was last updated.
Map<K,V> routeSettings
Route settings for the stage, by routeKey.
String stageName
The name of the stage.
Map<K,V> stageVariables
A map that defines the stage variables for a stage resource. Variable names can have alphanumeric and underscore characters, and the values must match [A-Za-z0-9-._~:/?#&=,]+.
Map<K,V> tags
The collection of tags. Each tag element is associated with a given resource.
Date createdDate
The timestamp when the VPC link was created.
String name
The name of the VPC link.
List<E> securityGroupIds
A list of security group IDs for the VPC link.
List<E> subnetIds
A list of subnet IDs to include in the VPC link.
Map<K,V> tags
Tags for the VPC link.
String vpcLinkId
The ID of the VPC link.
String vpcLinkStatus
The status of the VPC link.
String vpcLinkStatusMessage
A message summarizing the cause of the status of the VPC link.
String vpcLinkVersion
The version of the VPC link.
Date createdDate
The timestamp when the VPC link was created.
String name
The name of the VPC link.
List<E> securityGroupIds
A list of security group IDs for the VPC link.
List<E> subnetIds
A list of subnet IDs to include in the VPC link.
Map<K,V> tags
Tags for the VPC link.
String vpcLinkId
The ID of the VPC link.
String vpcLinkStatus
The status of the VPC link.
String vpcLinkStatusMessage
A message summarizing the cause of the status of the VPC link.
String vpcLinkVersion
The version of the VPC link.
String name
The action name.
String description
Information about the action.
String uri
The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus.
String roleArn
An Amazon Resource Name (ARN) for an Identity and Access Management assume role.
String extensionIdentifier
The name, the ID, or the Amazon Resource Name (ARN) of the extension.
String actionName
The name of the action.
String uri
The extension URI associated to the action point in the extension definition. The URI can be an Amazon Resource Name (ARN) for one of the following: an Lambda function, an Amazon Simple Queue Service queue, an Amazon Simple Notification Service topic, or the Amazon EventBridge default event bus.
String roleArn
An Amazon Resource Name (ARN) for an Identity and Access Management assume role.
String errorMessage
The error message when an extension invocation fails.
String errorCode
The error code when an extension invocation fails.
String invocationId
A system-generated ID for this invocation.
String extensionId
The system-generated ID of the extension.
String extensionAssociationId
The system-generated ID for the association.
Integer versionNumber
The extension version number.
Map<K,V> parameters
One or more parameters for the actions called by the extension.
String reason
BadRequestDetails details
String applicationId
The application ID.
String id
The ID of the configuration profile.
String name
The name of the configuration profile.
String locationUri
The URI location of the configuration.
List<E> validatorTypes
The types of validators in the configuration profile.
String type
The type of configurations contained in the profile. AppConfig supports feature flags and
freeform configurations. We recommend you create feature flag configurations to enable or disable
new features and freeform configurations to distribute configurations to an application. When calling this API,
enter one of the following values for Type:
AWS.AppConfig.FeatureFlags
AWS.Freeform
String name
A name for the application.
String description
A description of the application.
Map<K,V> tags
Metadata to assign to the application. Tags help organize and categorize your AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
String applicationId
The application ID.
String name
A name for the configuration profile.
String description
A description of the configuration profile.
String locationUri
A URI to locate the configuration. You can specify the following:
For the AppConfig hosted configuration store and for feature flags, specify hosted.
For an Amazon Web Services Systems Manager Parameter Store parameter, specify either the parameter name in the
format ssm-parameter://<parameter name> or the ARN.
For an Amazon Web Services CodePipeline pipeline, specify the URI in the following format:
codepipeline://<pipeline name>.
For an Secrets Manager secret, specify the URI in the following format: secretsmanager://<secret
name>.
For an Amazon S3 object, specify the URI in the following format:
s3://<bucket>/<objectKey> . Here is an example:
s3://my-bucket/my-app/us-east-1/my-config.json
For an SSM document, specify either the document name in the format
ssm-document://<document name> or the Amazon Resource Name (ARN).
String retrievalRoleArn
The ARN of an IAM role with permission to access the configuration at the specified LocationUri.
A retrieval role ARN is not required for configurations stored in the AppConfig hosted configuration store. It is required for all other sources that store your configuration.
List<E> validators
A list of methods for validating the configuration.
Map<K,V> tags
Metadata to assign to the configuration profile. Tags help organize and categorize your AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
String type
The type of configurations contained in the profile. AppConfig supports feature flags and
freeform configurations. We recommend you create feature flag configurations to enable or disable
new features and freeform configurations to distribute configurations to an application. When calling this API,
enter one of the following values for Type:
AWS.AppConfig.FeatureFlags
AWS.Freeform
String kmsKeyIdentifier
The identifier for an Key Management Service key to encrypt new configuration data versions in the AppConfig
hosted configuration store. This attribute is only used for hosted configuration types. The
identifier can be an KMS key ID, alias, or the Amazon Resource Name (ARN) of the key ID or alias. To encrypt data
managed in other configuration stores, see the documentation for how to specify an KMS key for that particular
service.
String applicationId
The application ID.
String id
The configuration profile ID.
String name
The name of the configuration profile.
String description
The configuration profile description.
String locationUri
The URI location of the configuration.
String retrievalRoleArn
The ARN of an IAM role with permission to access the configuration at the specified LocationUri.
List<E> validators
A list of methods for validating the configuration.
String type
The type of configurations contained in the profile. AppConfig supports feature flags and
freeform configurations. We recommend you create feature flag configurations to enable or disable
new features and freeform configurations to distribute configurations to an application. When calling this API,
enter one of the following values for Type:
AWS.AppConfig.FeatureFlags
AWS.Freeform
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key to encrypt new configuration data versions in the
AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To
encrypt data managed in other configuration stores, see the documentation for how to specify an KMS key for that
particular service.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String name
A name for the deployment strategy.
String description
A description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time for a deployment to last.
Integer finalBakeTimeInMinutes
Specifies the amount of time AppConfig monitors for Amazon CloudWatch alarms after the configuration has been deployed to 100% of its targets, before considering the deployment to be complete. If an alarm is triggered during this time, AppConfig rolls back the deployment. You must configure permissions for AppConfig to roll back based on CloudWatch alarms. For more information, see Configuring permissions for rollback based on Amazon CloudWatch alarms in the AppConfig User Guide.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
String growthType
The algorithm used to define how percentage grows over time. AppConfig supports the following growth types:
Linear: For this type, AppConfig processes the deployment by dividing the total number of targets by the
value specified for Step percentage. For example, a linear deployment that uses a
Step percentage of 10 deploys the configuration to 10 percent of the hosts. After those deployments
are complete, the system deploys the configuration to the next 10 percent. This continues until 100% of the
targets have successfully received the configuration.
Exponential: For this type, AppConfig processes the deployment exponentially using the following formula:
G*(2^N). In this formula, G is the growth factor specified by the user and
N is the number of steps until the configuration is deployed to all targets. For example, if you
specify a growth factor of 2, then the system rolls out the configuration as follows:
2*(2^0)
2*(2^1)
2*(2^2)
Expressed numerically, the deployment rolls out as follows: 2% of the targets, 4% of the targets, 8% of the targets, and continues until the configuration has been deployed to all targets.
String replicateTo
Save the deployment strategy to a Systems Manager (SSM) document.
Map<K,V> tags
Metadata to assign to the deployment strategy. Tags help organize and categorize your AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
String id
The deployment strategy ID.
String name
The name of the deployment strategy.
String description
The description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets that received a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String replicateTo
Save the deployment strategy to a Systems Manager (SSM) document.
String applicationId
The application ID.
String name
A name for the environment.
String description
A description of the environment.
List<E> monitors
Amazon CloudWatch alarms to monitor during the deployment process.
Map<K,V> tags
Metadata to assign to the environment. Tags help organize and categorize your AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
String applicationId
The application ID.
String id
The environment ID.
String name
The name of the environment.
String description
The description of the environment.
String state
The state of the environment. An environment can be in one of the following states:
READY_FOR_DEPLOYMENT, DEPLOYING, ROLLING_BACK, or ROLLED_BACK
List<E> monitors
Amazon CloudWatch alarms monitored during the deployment.
String extensionIdentifier
The name, the ID, or the Amazon Resource Name (ARN) of the extension.
Integer extensionVersionNumber
The version number of the extension. If not specified, AppConfig uses the maximum version of the extension.
String resourceIdentifier
The ARN of an application, configuration profile, or environment.
Map<K,V> parameters
The parameter names and values defined in the extensions. Extension parameters marked Required must
be entered for this field.
Map<K,V> tags
Adds one or more tags for the specified extension association. Tags are metadata that help you categorize resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and an optional value, both of which you define.
String id
The system-generated ID for the association.
String extensionArn
The ARN of the extension defined in the association.
String resourceArn
The ARNs of applications, configuration profiles, or environments defined in the association.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
Map<K,V> parameters
The parameter names and values defined in the association.
Integer extensionVersionNumber
The version number for the extension defined in the association.
String name
A name for the extension. Each extension name in your account must be unique. Extension versions use the same name.
String description
Information about the extension.
Map<K,V> actions
The actions defined in the extension.
Map<K,V> parameters
The parameters accepted by the extension. You specify parameter values when you associate the extension to an
AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions,
these parameters are included in the Lambda request object.
Map<K,V> tags
Adds one or more tags for the specified extension. Tags are metadata that help you categorize resources in different ways, for example, by purpose, owner, or environment. Each tag consists of a key and an optional value, both of which you define.
Integer latestVersionNumber
You can omit this field when you create an extension. When you create a new version, specify the most recent current version number. For example, you create version 3, enter 2 for this field.
String id
The system-generated ID of the extension.
String name
The extension name.
Integer versionNumber
The extension version number.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
String description
Information about the extension.
Map<K,V> actions
The actions defined in the extension.
Map<K,V> parameters
The parameters accepted by the extension. You specify parameter values when you associate the extension to an
AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions,
these parameters are included in the Lambda request object.
String applicationId
The application ID.
String configurationProfileId
The configuration profile ID.
String description
A description of the configuration.
ByteBuffer content
The content of the configuration or the configuration data.
String contentType
A standard MIME type describing the format of the configuration content. For more information, see Content-Type.
Integer latestVersionNumber
An optional locking token used to prevent race conditions from overwriting configuration updates when creating a new version. To ensure your data is not overwritten when creating multiple hosted configuration versions in rapid succession, specify the version number of the latest hosted configuration version.
String versionLabel
An optional, user-defined label for the AppConfig hosted configuration version. This value must contain at least one non-numeric character. For example, "v2.2.0".
String applicationId
The application ID.
String configurationProfileId
The configuration profile ID.
Integer versionNumber
The configuration version.
String description
A description of the configuration.
ByteBuffer content
The content of the configuration or the configuration data.
String contentType
A standard MIME type describing the format of the configuration content. For more information, see Content-Type.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key that was used to encrypt this specific version of the configuration data in the AppConfig hosted configuration store.
String applicationId
The ID of the application to delete.
String deploymentStrategyId
The ID of the deployment strategy you want to delete.
String extensionAssociationId
The ID of the extension association to delete.
String eventType
The type of deployment event. Deployment event types include the start, stop, or completion of a deployment; a percentage update; the start or stop of a bake period; and the start or completion of a rollback.
String triggeredBy
The entity that triggered the deployment event. Events can be triggered by a user, AppConfig, an Amazon CloudWatch alarm, or an internal error.
String description
A description of the deployment event. Descriptions include, but are not limited to, the following:
The Amazon Web Services account or the Amazon CloudWatch alarm ARN that initiated a rollback.
The percentage of hosts that received the deployment.
A recommendation to attempt a new deployment (in the case of an internal error).
List<E> actionInvocations
The list of extensions that were invoked as part of the deployment.
Date occurredAt
The date and time the event occurred.
String id
The deployment strategy ID.
String name
The name of the deployment strategy.
String description
The description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets that received a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String replicateTo
Save the deployment strategy to a Systems Manager (SSM) document.
Integer deploymentNumber
The sequence number of the deployment.
String configurationName
The name of the configuration.
String configurationVersion
The version of the configuration.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grows over time.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String state
The state of the deployment.
Float percentageComplete
The percentage of targets for which the deployment is available.
Date startedAt
Time the deployment started.
Date completedAt
Time the deployment completed.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String applicationId
The application ID.
String id
The environment ID.
String name
The name of the environment.
String description
The description of the environment.
String state
The state of the environment. An environment can be in one of the following states:
READY_FOR_DEPLOYMENT, DEPLOYING, ROLLING_BACK, or ROLLED_BACK
List<E> monitors
Amazon CloudWatch alarms monitored during the deployment.
String id
The extension association ID. This ID is used to call other ExtensionAssociation API actions such as
GetExtensionAssociation or DeleteExtensionAssociation.
String extensionArn
The system-generated Amazon Resource Name (ARN) for the extension.
String resourceArn
The ARNs of applications, configuration profiles, or environments defined in the association.
String id
The system-generated ID of the extension.
String name
The extension name.
Integer versionNumber
The extension version number.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
String description
Information about the extension.
String applicationId
The ID of the application you want to get.
String applicationId
The application ID.
String id
The configuration profile ID.
String name
The name of the configuration profile.
String description
The configuration profile description.
String locationUri
The URI location of the configuration.
String retrievalRoleArn
The ARN of an IAM role with permission to access the configuration at the specified LocationUri.
List<E> validators
A list of methods for validating the configuration.
String type
The type of configurations contained in the profile. AppConfig supports feature flags and
freeform configurations. We recommend you create feature flag configurations to enable or disable
new features and freeform configurations to distribute configurations to an application. When calling this API,
enter one of the following values for Type:
AWS.AppConfig.FeatureFlags
AWS.Freeform
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key to encrypt new configuration data versions in the
AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To
encrypt data managed in other configuration stores, see the documentation for how to specify an KMS key for that
particular service.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String application
The application to get. Specify either the application name or the application ID.
String environment
The environment to get. Specify either the environment name or the environment ID.
String configuration
The configuration to get. Specify either the configuration name or the configuration ID.
String clientId
The clientId parameter in the following command is a unique, user-specified ID to identify the client for the configuration. This ID enables AppConfig to deploy the configuration in intervals, as defined in the deployment strategy.
String clientConfigurationVersion
The configuration version returned in the most recent GetConfiguration response.
AppConfig uses the value of the ClientConfigurationVersion parameter to identify the configuration
version on your clients. If you don’t send ClientConfigurationVersion with each call to
GetConfiguration, your clients receive the current configuration. You are charged each time your
clients receive a configuration.
To avoid excess charges, we recommend you use the StartConfigurationSession and GetLatestConfiguration APIs, which track the client configuration version on your behalf. If you choose to
continue using GetConfiguration, we recommend that you include the
ClientConfigurationVersion value with every call to GetConfiguration. The value to use
for ClientConfigurationVersion comes from the ConfigurationVersion attribute returned
by GetConfiguration when there is new or updated data, and should be saved for subsequent calls to
GetConfiguration.
For more information about working with configurations, see Retrieving the Configuration in the AppConfig User Guide.
ByteBuffer content
The content of the configuration or the configuration data.
The Content attribute only contains data if the system finds new or updated configuration data. If
there is no new or updated data and ClientConfigurationVersion matches the version of the current
configuration, AppConfig returns a 204 No Content HTTP response code and the Content
value will be empty.
String configurationVersion
The configuration version.
String contentType
A standard MIME type describing the format of the configuration content. For more information, see Content-Type.
String applicationId
The ID of the application that was deployed.
String environmentId
The ID of the environment that was deployed.
String deploymentStrategyId
The ID of the deployment strategy that was deployed.
String configurationProfileId
The ID of the configuration profile that was deployed.
Integer deploymentNumber
The sequence number of the deployment.
String configurationName
The name of the configuration.
String configurationLocationUri
Information about the source location of the configuration.
String configurationVersion
The configuration version that was deployed.
String description
The description of the deployment.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String state
The state of the deployment.
List<E> eventLog
A list containing all events related to a deployment. The most recent events are displayed first.
Float percentageComplete
The percentage of targets for which the deployment is available.
Date startedAt
The time the deployment started.
Date completedAt
The time the deployment completed.
List<E> appliedExtensions
A list of extensions that were processed as part of the deployment. The extensions that were previously
associated to the configuration profile, environment, or the application when StartDeployment was
called.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key used to encrypt configuration data. You can encrypt secrets stored in Secrets Manager, Amazon Simple Storage Service (Amazon S3) objects encrypted with SSE-KMS, or secure string parameters stored in Amazon Web Services Systems Manager Parameter Store.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String deploymentStrategyId
The ID of the deployment strategy to get.
String id
The deployment strategy ID.
String name
The name of the deployment strategy.
String description
The description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets that received a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String replicateTo
Save the deployment strategy to a Systems Manager (SSM) document.
String applicationId
The application ID.
String id
The environment ID.
String name
The name of the environment.
String description
The description of the environment.
String state
The state of the environment. An environment can be in one of the following states:
READY_FOR_DEPLOYMENT, DEPLOYING, ROLLING_BACK, or ROLLED_BACK
List<E> monitors
Amazon CloudWatch alarms monitored during the deployment.
String extensionAssociationId
The extension association ID to get.
String id
The system-generated ID for the association.
String extensionArn
The ARN of the extension defined in the association.
String resourceArn
The ARNs of applications, configuration profiles, or environments defined in the association.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
Map<K,V> parameters
The parameter names and values defined in the association.
Integer extensionVersionNumber
The version number for the extension defined in the association.
String id
The system-generated ID of the extension.
String name
The extension name.
Integer versionNumber
The extension version number.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
String description
Information about the extension.
Map<K,V> actions
The actions defined in the extension.
Map<K,V> parameters
The parameters accepted by the extension. You specify parameter values when you associate the extension to an
AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions,
these parameters are included in the Lambda request object.
String applicationId
The application ID.
String configurationProfileId
The configuration profile ID.
Integer versionNumber
The configuration version.
String description
A description of the configuration.
ByteBuffer content
The content of the configuration or the configuration data.
String contentType
A standard MIME type describing the format of the configuration content. For more information, see Content-Type.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key that was used to encrypt this specific version of the configuration data in the AppConfig hosted configuration store.
String applicationId
The application ID.
String configurationProfileId
The configuration profile ID.
Integer versionNumber
The configuration version.
String description
A description of the configuration.
String contentType
A standard MIME type describing the format of the configuration content. For more information, see Content-Type.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key that was used to encrypt this specific version of the configuration data in the AppConfig hosted configuration store.
String constraint
The invalid or out-of-range validation constraint in your JSON schema that failed validation.
String location
Location of the validation constraint in the configuration JSON schema that failed validation.
String reason
The reason for an invalid configuration error.
String type
The type of error for an invalid configuration.
String value
Details about an error with Lambda when a synchronous extension experiences an error during an invocation.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Next token is a pagination token generated by AppConfig to describe what page the previous List call ended on. For the first List request, the nextToken should not be set. On subsequent calls, the nextToken parameter should be set to the previous responses nextToken value. Use this token to get the next set of results.
String applicationId
The application ID.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Use this token to get the next set of results.
String type
A filter based on the type of configurations that the configuration profile contains. A configuration can be a feature flag or a freeform configuration.
String applicationId
The application ID.
String environmentId
The environment ID.
Integer maxResults
The maximum number of items that may be returned for this call. If there are items that have not yet been
returned, the response will include a non-null NextToken that you can provide in a subsequent call
to get the next set of results.
String nextToken
The token returned by a prior call to this operation indicating the next set of results to be returned. If not specified, the operation will return the first set of results.
String applicationId
The application ID.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Use this token to get the next set of results.
String resourceIdentifier
The ARN of an application, configuration profile, or environment.
String extensionIdentifier
The name, the ID, or the Amazon Resource Name (ARN) of the extension.
Integer extensionVersionNumber
The version number for the extension defined in the association.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Use this token to get the next set of results or pass null to get the first set of results.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Use this token to get the next set of results.
String name
The extension name.
String applicationId
The application ID.
String configurationProfileId
The configuration profile ID.
Integer maxResults
The maximum number of items to return for this call. The call also returns a token that you can specify in a subsequent call to get the next set of results.
String nextToken
A token to start the list. Use this token to get the next set of results.
String versionLabel
An optional filter that can be used to specify the version label of an AppConfig hosted configuration version. This parameter supports filtering by prefix using a wildcard, for example "v2*". If you don't specify an asterisk at the end of the value, only an exact match is returned.
String resourceArn
The resource ARN.
String description
Information about the parameter.
Boolean required
A parameter value must be specified in the extension association.
Boolean dynamic
Indicates whether this parameter's value can be supplied at the extension's action point instead of during
extension association. Dynamic parameters can't be marked Required.
String resourceName
String applicationId
The application ID.
String environmentId
The environment ID.
String deploymentStrategyId
The deployment strategy ID.
String configurationProfileId
The configuration profile ID.
String configurationVersion
The configuration version to deploy. If deploying an AppConfig hosted configuration version, you can specify either the version number or version label. For all other configurations, you must specify the version number.
String description
A description of the deployment.
Map<K,V> tags
Metadata to assign to the deployment. Tags help organize and categorize your AppConfig resources. Each tag consists of a key and an optional value, both of which you define.
String kmsKeyIdentifier
The KMS key identifier (key ID, key alias, or key ARN). AppConfig uses this ID to encrypt the configuration data using a customer managed key.
Map<K,V> dynamicExtensionParameters
A map of dynamic extension parameter names to values to pass to associated extensions with
PRE_START_DEPLOYMENT actions.
String applicationId
The ID of the application that was deployed.
String environmentId
The ID of the environment that was deployed.
String deploymentStrategyId
The ID of the deployment strategy that was deployed.
String configurationProfileId
The ID of the configuration profile that was deployed.
Integer deploymentNumber
The sequence number of the deployment.
String configurationName
The name of the configuration.
String configurationLocationUri
Information about the source location of the configuration.
String configurationVersion
The configuration version that was deployed.
String description
The description of the deployment.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String state
The state of the deployment.
List<E> eventLog
A list containing all events related to a deployment. The most recent events are displayed first.
Float percentageComplete
The percentage of targets for which the deployment is available.
Date startedAt
The time the deployment started.
Date completedAt
The time the deployment completed.
List<E> appliedExtensions
A list of extensions that were processed as part of the deployment. The extensions that were previously
associated to the configuration profile, environment, or the application when StartDeployment was
called.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key used to encrypt configuration data. You can encrypt secrets stored in Secrets Manager, Amazon Simple Storage Service (Amazon S3) objects encrypted with SSE-KMS, or secure string parameters stored in Amazon Web Services Systems Manager Parameter Store.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String applicationId
The ID of the application that was deployed.
String environmentId
The ID of the environment that was deployed.
String deploymentStrategyId
The ID of the deployment strategy that was deployed.
String configurationProfileId
The ID of the configuration profile that was deployed.
Integer deploymentNumber
The sequence number of the deployment.
String configurationName
The name of the configuration.
String configurationLocationUri
Information about the source location of the configuration.
String configurationVersion
The configuration version that was deployed.
String description
The description of the deployment.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String state
The state of the deployment.
List<E> eventLog
A list containing all events related to a deployment. The most recent events are displayed first.
Float percentageComplete
The percentage of targets for which the deployment is available.
Date startedAt
The time the deployment started.
Date completedAt
The time the deployment completed.
List<E> appliedExtensions
A list of extensions that were processed as part of the deployment. The extensions that were previously
associated to the configuration profile, environment, or the application when StartDeployment was
called.
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key used to encrypt configuration data. You can encrypt secrets stored in Secrets Manager, Amazon Simple Storage Service (Amazon S3) objects encrypted with SSE-KMS, or secure string parameters stored in Amazon Web Services Systems Manager Parameter Store.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String versionLabel
A user-defined label for an AppConfig hosted configuration version.
String applicationId
The application ID.
String configurationProfileId
The ID of the configuration profile.
String name
The name of the configuration profile.
String description
A description of the configuration profile.
String retrievalRoleArn
The ARN of an IAM role with permission to access the configuration at the specified LocationUri.
List<E> validators
A list of methods for validating the configuration.
String kmsKeyIdentifier
The identifier for a Key Management Service key to encrypt new configuration data versions in the AppConfig
hosted configuration store. This attribute is only used for hosted configuration types. The
identifier can be an KMS key ID, alias, or the Amazon Resource Name (ARN) of the key ID or alias. To encrypt data
managed in other configuration stores, see the documentation for how to specify an KMS key for that particular
service.
String applicationId
The application ID.
String id
The configuration profile ID.
String name
The name of the configuration profile.
String description
The configuration profile description.
String locationUri
The URI location of the configuration.
String retrievalRoleArn
The ARN of an IAM role with permission to access the configuration at the specified LocationUri.
List<E> validators
A list of methods for validating the configuration.
String type
The type of configurations contained in the profile. AppConfig supports feature flags and
freeform configurations. We recommend you create feature flag configurations to enable or disable
new features and freeform configurations to distribute configurations to an application. When calling this API,
enter one of the following values for Type:
AWS.AppConfig.FeatureFlags
AWS.Freeform
String kmsKeyArn
The Amazon Resource Name of the Key Management Service key to encrypt new configuration data versions in the
AppConfig hosted configuration store. This attribute is only used for hosted configuration types. To
encrypt data managed in other configuration stores, see the documentation for how to specify an KMS key for that
particular service.
String kmsKeyIdentifier
The Key Management Service key identifier (key ID, key alias, or key ARN) provided when the resource was created or updated.
String deploymentStrategyId
The deployment strategy ID.
String description
A description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time for a deployment to last.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitors for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
Float growthFactor
The percentage of targets to receive a deployed configuration during each interval.
String growthType
The algorithm used to define how percentage grows over time. AppConfig supports the following growth types:
Linear: For this type, AppConfig processes the deployment by increments of the growth factor evenly distributed over the deployment time. For example, a linear deployment that uses a growth factor of 20 initially makes the configuration available to 20 percent of the targets. After 1/5th of the deployment time has passed, the system updates the percentage to 40 percent. This continues until 100% of the targets are set to receive the deployed configuration.
Exponential: For this type, AppConfig processes the deployment exponentially using the following formula:
G*(2^N). In this formula, G is the growth factor specified by the user and
N is the number of steps until the configuration is deployed to all targets. For example, if you
specify a growth factor of 2, then the system rolls out the configuration as follows:
2*(2^0)
2*(2^1)
2*(2^2)
Expressed numerically, the deployment rolls out as follows: 2% of the targets, 4% of the targets, 8% of the targets, and continues until the configuration has been deployed to all targets.
String id
The deployment strategy ID.
String name
The name of the deployment strategy.
String description
The description of the deployment strategy.
Integer deploymentDurationInMinutes
Total amount of time the deployment lasted.
String growthType
The algorithm used to define how percentage grew over time.
Float growthFactor
The percentage of targets that received a deployed configuration during each interval.
Integer finalBakeTimeInMinutes
The amount of time that AppConfig monitored for alarms before considering the deployment to be complete and no longer eligible for automatic rollback.
String replicateTo
Save the deployment strategy to a Systems Manager (SSM) document.
String applicationId
The application ID.
String environmentId
The environment ID.
String name
The name of the environment.
String description
A description of the environment.
List<E> monitors
Amazon CloudWatch alarms to monitor during the deployment process.
String applicationId
The application ID.
String id
The environment ID.
String name
The name of the environment.
String description
The description of the environment.
String state
The state of the environment. An environment can be in one of the following states:
READY_FOR_DEPLOYMENT, DEPLOYING, ROLLING_BACK, or ROLLED_BACK
List<E> monitors
Amazon CloudWatch alarms monitored during the deployment.
String id
The system-generated ID for the association.
String extensionArn
The ARN of the extension defined in the association.
String resourceArn
The ARNs of applications, configuration profiles, or environments defined in the association.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
Map<K,V> parameters
The parameter names and values defined in the association.
Integer extensionVersionNumber
The version number for the extension defined in the association.
String extensionIdentifier
The name, the ID, or the Amazon Resource Name (ARN) of the extension.
String description
Information about the extension.
Map<K,V> actions
The actions defined in the extension.
Map<K,V> parameters
One or more parameters for the actions called by the extension.
Integer versionNumber
The extension version number.
String id
The system-generated ID of the extension.
String name
The extension name.
Integer versionNumber
The extension version number.
String arn
The system-generated Amazon Resource Name (ARN) for the extension.
String description
Information about the extension.
Map<K,V> actions
The actions defined in the extension.
Map<K,V> parameters
The parameters accepted by the extension. You specify parameter values when you associate the extension to an
AppConfig resource by using the CreateExtensionAssociation API action. For Lambda extension actions,
these parameters are included in the Lambda request object.
String reason
Code indicating the reason the request was invalid.
BadRequestDetails details
Details describing why the request was invalid.
String configurationToken
Token describing the current state of the configuration session. To obtain a token, first call the
StartConfigurationSession API. Note that every call to GetLatestConfiguration will return a
new ConfigurationToken (NextPollConfigurationToken in the response) and must be
provided to subsequent GetLatestConfiguration API calls.
This token should only be used once. To support long poll use cases, the token is valid for up to 24 hours. If a
GetLatestConfiguration call uses an expired token, the system returns
BadRequestException.
String nextPollConfigurationToken
The latest token describing the current state of the configuration session. This must be provided to the
next call to GetLatestConfiguration.
This token should only be used once. To support long poll use cases, the token is valid for up to 24 hours. If a
GetLatestConfiguration call uses an expired token, the system returns
BadRequestException.
Integer nextPollIntervalInSeconds
The amount of time the client should wait before polling for configuration updates again. Use
RequiredMinimumPollIntervalInSeconds to set the desired poll interval.
String contentType
A standard MIME type describing the format of the configuration content.
ByteBuffer configuration
The data of the configuration. This may be empty if the client already has the latest version of configuration.
String versionLabel
The user-defined label for the AppConfig hosted configuration version. This attribute doesn't apply if the configuration is not from an AppConfig hosted configuration version. If the client already has the latest version of the configuration data, this value is empty.
String problem
The reason the parameter is invalid.
String applicationIdentifier
The application ID or the application name.
String environmentIdentifier
The environment ID or the environment name.
String configurationProfileIdentifier
The configuration profile ID or the configuration profile name.
Integer requiredMinimumPollIntervalInSeconds
Sets a constraint on a session. If you specify a value of, for example, 60 seconds, then the client that established the session can't call GetLatestConfiguration more frequently than every 60 seconds.
String initialConfigurationToken
Token encapsulating state about the configuration session. Provide this token to the
GetLatestConfiguration API to retrieve configuration data.
This token should only be used once in your first call to GetLatestConfiguration. You must
use the new token in the GetLatestConfiguration response (NextPollConfigurationToken)
in each subsequent call to GetLatestConfiguration.
The InitialConfigurationToken and NextPollConfigurationToken should only be used once.
To support long poll use cases, the tokens are valid for up to 24 hours. If a GetLatestConfiguration
call uses an expired token, the system returns BadRequestException.
String apiKey
An API key for an application.
String appAuthorizationArn
The Amazon Resource Name (ARN) of the app authorization.
String appBundleArn
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
String app
The name of the application.
Tenant tenant
Contains information about an application tenant, such as the application display name and identifier.
String authType
The authorization type.
String status
The state of the app authorization.
The following states are possible:
PendingConnect: The initial state of the app authorization. The app authorization is created but not
yet connected.
Connected: The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed: The app authorization received a validation exception when trying to
connect to the application. If the app authorization is in this state, you should verify the configured
credentials and try to connect the app authorization again.
TokenAutoRotationFailed: AppFabric failed to refresh the access token. If the app authorization is
in this state, you should try to reconnect the app authorization.
Date createdAt
The timestamp of when the app authorization was created.
Date updatedAt
The timestamp of when the app authorization was last updated.
String persona
The user persona of the app authorization.
This field should always be admin.
String authUrl
The application URL for the OAuth flow.
String appAuthorizationArn
The Amazon Resource Name (ARN) of the app authorization.
String appBundleArn
The Amazon Resource Name (ARN) of the app bundle for the app authorization.
String app
The name of the application.
Tenant tenant
Contains information about an application tenant, such as the application display name and identifier.
String status
The state of the app authorization.
The following states are possible:
PendingConnect: The initial state of the app authorization. The app authorization is created but not
yet connected.
Connected: The app authorization is connected to the application, and is ready to be used.
ConnectionValidationFailed: The app authorization received a validation exception when trying to
connect to the application. If the app authorization is in this state, you should verify the configured
credentials and try to connect the app authorization again.
TokenAutoRotationFailed: AppFabric failed to refresh the access token. If the app authorization is
in this state, you should try to reconnect the app authorization.
Date updatedAt
Timestamp for when the app authorization was last updated.
String arn
The Amazon Resource Name (ARN) of the app bundle.
Destination destination
Contains information about an audit log destination.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle that contains the app authorization to use for the request.
String appAuthorizationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
AuthRequest authRequest
Contains OAuth2 authorization information.
This is required if the app authorization for the request is configured with an OAuth2 (oauth2)
authorization type.
AppAuthorizationSummary appAuthorizationSummary
Contains a summary of the app authorization.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String app
The name of the application.
Valid values are:
SLACK
ASANA
JIRA
M365
M365AUDITLOGS
ZOOM
ZENDESK
OKTA
GOOGLE
DROPBOX
SMARTSHEET
CISCO
Credential credential
Contains credentials for the application, such as an API key or OAuth2 client ID and secret.
Specify credentials that match the authorization type for your request. For example, if the authorization type
for your request is OAuth2 (oauth2), then you should provide only the OAuth2 credentials.
Tenant tenant
Contains information about an application tenant, such as the application display name and identifier.
String authType
The authorization type for the app authorization.
String clientToken
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
List<E> tags
A map of the key-value pairs of the tag or tags to assign to the resource.
AppAuthorization appAuthorization
Contains information about an app authorization.
String clientToken
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
String customerManagedKeyIdentifier
The Amazon Resource Name (ARN) of the Key Management Service (KMS) key to use to encrypt the application data. If this is not specified, an Amazon Web Services owned key is used for encryption.
List<E> tags
A map of the key-value pairs of the tag or tags to assign to the resource.
AppBundle appBundle
Contains information about an app bundle.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
ProcessingConfiguration processingConfiguration
Contains information about how ingested data is processed.
DestinationConfiguration destinationConfiguration
Contains information about the destination of ingested data.
String clientToken
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
List<E> tags
A map of the key-value pairs of the tag or tags to assign to the resource.
IngestionDestination ingestionDestination
Contains information about an ingestion destination.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String app
The name of the application.
Valid values are:
SLACK
ASANA
JIRA
M365
M365AUDITLOGS
ZOOM
ZENDESK
OKTA
GOOGLE
DROPBOX
SMARTSHEET
CISCO
String tenantId
The ID of the application tenant.
String ingestionType
The ingestion type.
String clientToken
Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a UUID type of value.
If you don't provide this value, then Amazon Web Services generates a random one for you.
If you retry the operation with the same ClientToken, but with different parameters, the retry fails
with an IdempotentParameterMismatch error.
List<E> tags
A map of the key-value pairs of the tag or tags to assign to the resource.
Ingestion ingestion
Contains information about an ingestion.
Oauth2Credential oauth2Credential
Contains OAuth2 client credential information.
ApiKeyCredential apiKeyCredential
Contains API key credential information.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String appAuthorizationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
String appBundleIdentifier
The ID or Amazon Resource Name (ARN) of the app bundle that needs to be deleted.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
String ingestionDestinationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
S3Bucket s3Bucket
Contains information about an Amazon S3 bucket.
FirehoseStream firehoseStream
Contains information about an Amazon Kinesis Data Firehose delivery stream.
AuditLogDestinationConfiguration auditLog
Contains information about an audit log destination configuration.
String streamName
The name of the Amazon Kinesis Data Firehose delivery stream.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String appAuthorizationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
AppAuthorization appAuthorization
Contains information about an app authorization.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
AppBundle appBundle
Contains information about an app bundle.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
String ingestionDestinationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
IngestionDestination ingestionDestination
Contains information about an ingestion destination.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
Ingestion ingestion
Contains information about an ingestion.
String arn
The Amazon Resource Name (ARN) of the ingestion.
String appBundleArn
The Amazon Resource Name (ARN) of the app bundle for the ingestion.
String app
The name of the application.
String tenantId
The ID of the application tenant.
Date createdAt
The timestamp of when the ingestion was created.
Date updatedAt
The timestamp of when the ingestion was last updated.
String state
The status of the ingestion.
String ingestionType
The type of the ingestion.
String arn
The Amazon Resource Name (ARN) of the ingestion destination.
String ingestionArn
The Amazon Resource Name (ARN) of the ingestion.
ProcessingConfiguration processingConfiguration
Contains information about how ingested data is processed.
DestinationConfiguration destinationConfiguration
Contains information about the destination of ingested data.
String status
The state of the ingestion destination.
The following states are possible:
Active: The ingestion destination is active and is ready to be used.
Failed: The ingestion destination has failed. If the ingestion destination is in this state, you
should verify the ingestion destination configuration and try again.
String statusReason
The reason for the current status of the ingestion destination.
Only present when the status of ingestion destination is Failed.
Date createdAt
The timestamp of when the ingestion destination was created.
Date updatedAt
The timestamp of when the ingestion destination was last updated.
String arn
The Amazon Resource Name (ARN) of the ingestion destination.
Integer retryAfterSeconds
The period of time after which you should retry your request.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
Integer maxResults
The maximum number of results that are returned per call. You can use nextToken to obtain further
pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
List<E> appAuthorizationSummaryList
Contains a list of app authorization summaries.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
Integer maxResults
The maximum number of results that are returned per call. You can use nextToken to obtain further
pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
List<E> appBundleSummaryList
Contains a list of app bundle summaries.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
Integer maxResults
The maximum number of results that are returned per call. You can use nextToken to obtain further
pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
List<E> ingestionDestinations
Contains a list of ingestion destination summaries.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
Integer maxResults
The maximum number of results that are returned per call. You can use nextToken to obtain further
pages of results.
This is only an upper limit. The actual number of results returned per call might be fewer than the specified maximum.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
List<E> ingestions
Contains a list of ingestion summaries.
String nextToken
If nextToken is returned, there are more results available. The value of nextToken is a
unique pagination token for each page. Make the call again using the returned token to retrieve the next page.
Keep all other arguments unchanged. Each pagination token expires after 24 hours. Using an expired pagination
token will return an HTTP 400 InvalidToken error.
String resourceArn
The Amazon Resource Name (ARN) of the resource for which you want to retrieve tags.
AuditLogProcessingConfiguration auditLog
Contains information about an audit log processing configuration.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String appAuthorizationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app authorization to use for the request.
Credential credential
Contains credentials for the application, such as an API key or OAuth2 client ID and secret.
Specify credentials that match the authorization type of the app authorization to update. For example, if the
authorization type of the app authorization is OAuth2 (oauth2), then you should provide only the
OAuth2 credentials.
Tenant tenant
Contains information about an application tenant, such as the application display name and identifier.
AppAuthorization appAuthorization
Contains information about an app authorization.
String appBundleIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the app bundle to use for the request.
String ingestionIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion to use for the request.
String ingestionDestinationIdentifier
The Amazon Resource Name (ARN) or Universal Unique Identifier (UUID) of the ingestion destination to use for the request.
DestinationConfiguration destinationConfiguration
Contains information about the destination of ingested data.
IngestionDestination ingestionDestination
Contains information about an ingestion destination.
String app
The name of the application.
String tenantId
The ID of the application tenant.
String tenantDisplayName
The display name of the tenant.
String taskId
The unique ID of the task.
String resultStatus
The status of the user access result item.
The following states are possible:
IN_PROGRESS: The user access task is in progress.
COMPLETED: The user access task completed successfully.
FAILED: The user access task failed.
EXPIRED: The user access task expired.
String email
The email address of the target user.
String userId
The unique ID of user.
String userFullName
The full name of the user.
String userFirstName
The first name of the user.
String userLastName
The last name of the user.
String userStatus
The status of the user returned by the application.
TaskError taskError
Contains information about an error returned from a user access task.
String aggregationType
Specifies whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated.
Long targetFileSize
The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. For each file, Amazon AppFlow attempts to achieve the size that you specify. The actual file sizes might differ from this target based on the number and size of the records that each file contains.
String object
The object specified in the Amplitude flow source.
Boolean isBasicAuthSupported
Indicates whether basic authentication is supported by the connector.
Boolean isApiKeyAuthSupported
Indicates whether API key authentication is supported by the connector
Boolean isOAuth2Supported
Indicates whether OAuth 2.0 authentication is supported by the connector.
Boolean isCustomAuthSupported
Indicates whether custom authentication is supported by the connector
OAuth2Defaults oAuth2Defaults
Contains the default values required for OAuth 2.0 authentication.
List<E> customAuthConfigs
Contains information required for custom authentication.
String key
The authentication key required to authenticate with the connector.
Boolean isRequired
Indicates whether this authentication parameter is required.
String label
Label used for authentication parameter.
String description
A description about the authentication parameter.
Boolean isSensitiveField
Indicates whether this authentication parameter is a sensitive field.
List<E> connectorSuppliedValues
Contains default values for this authentication parameter that are supplied by the connector.
String flowName
The name of a flow with active runs that you want to cancel.
List<E> executionIds
The ID of each active run to cancel. These runs must belong to the flow you specify in your request.
If you omit this parameter, your request ends all active runs that belong to the flow.
Boolean canUseAsSource
Specifies whether the connector can be used as a source.
Boolean canUseAsDestination
Specifies whether the connector can be used as a destination.
List<E> supportedDestinationConnectors
Lists the connectors that are available for use as destinations.
List<E> supportedSchedulingFrequencies
Specifies the supported flow frequency for that connector.
Boolean isPrivateLinkEnabled
Specifies if PrivateLink is enabled for that connector.
Boolean isPrivateLinkEndpointUrlRequired
Specifies if a PrivateLink endpoint URL is required.
List<E> supportedTriggerTypes
Specifies the supported trigger types for the flow.
ConnectorMetadata connectorMetadata
Specifies connector-specific metadata such as oAuthScopes, supportedRegions,
privateLinkServiceUrl, and so on.
String connectorType
The connector type.
String connectorLabel
The label used for registering the connector.
String connectorDescription
A description about the connector.
String connectorOwner
The owner who developed the connector.
String connectorName
The connector name.
String connectorVersion
The connector version.
String connectorArn
The Amazon Resource Name (ARN) for the registered connector.
List<E> connectorModes
The connection modes that the connector supports.
AuthenticationConfig authenticationConfig
The authentication config required for the connector.
List<E> connectorRuntimeSettings
The required connector runtime settings.
List<E> supportedApiVersions
A list of API versions that are supported by the connector.
List<E> supportedOperators
A list of operators supported by the connector.
List<E> supportedWriteOperations
A list of write operations supported by the connector.
String connectorProvisioningType
The provisioning type used to register the connector.
ConnectorProvisioningConfig connectorProvisioningConfig
The configuration required for registering the connector.
String logoURL
Logo URL of the connector.
Date registeredAt
The date on which the connector was registered.
String registeredBy
Information about who registered the connector.
List<E> supportedDataTransferTypes
The data transfer types that the connector supports.
Structured records.
Files or binary data.
List<E> supportedDataTransferApis
The APIs of the connector application that Amazon AppFlow can use to transfer your data.
String connectorDescription
A description about the registered connector.
String connectorName
The name of the connector.
String connectorOwner
The owner of the connector.
String connectorVersion
The connector version.
String applicationType
The application type of the connector.
String connectorType
The connector type.
String connectorLabel
A label used for the connector.
Date registeredAt
The time at which the connector was registered.
String registeredBy
The user who registered the connector.
String connectorProvisioningType
The provisioning type that the connector uses.
List<E> connectorModes
The connection mode that the connector supports.
List<E> supportedDataTransferTypes
The data transfer types that the connector supports.
Structured records.
Files or binary data.
String name
The name of the connector entity.
String label
The label applied to the connector entity.
Boolean hasNestedEntities
Specifies whether the connector entity is a parent or a category and has more entities nested underneath it. If
another call is made with entitiesPath = "the_current_entity_name_with_hasNestedEntities_true", then
it returns the nested entities underneath it. This provides a way to retrieve all supported entities in a
recursive fashion.
String identifier
The unique identifier of the connector field.
String parentIdentifier
The parent identifier of the connector field.
String label
The label applied to a connector entity field.
Boolean isPrimaryKey
Booelan value that indicates whether this field can be used as a primary key.
String defaultValue
Default value that can be assigned to this field.
Boolean isDeprecated
Booelan value that indicates whether this field is deprecated or not.
SupportedFieldTypeDetails supportedFieldTypeDetails
Contains details regarding the supported FieldType, including the corresponding
filterOperators and supportedValues.
String description
A description of the connector entity field.
SourceFieldProperties sourceProperties
The properties that can be applied to a field when the connector is being used as a source.
DestinationFieldProperties destinationProperties
The properties applied to a field when the connector is being used as a destination.
Map<K,V> customProperties
A map that has specific properties related to the ConnectorEntityField.
AmplitudeMetadata amplitude
The connector metadata specific to Amplitude.
DatadogMetadata datadog
The connector metadata specific to Datadog.
DynatraceMetadata dynatrace
The connector metadata specific to Dynatrace.
GoogleAnalyticsMetadata googleAnalytics
The connector metadata specific to Google Analytics.
InforNexusMetadata inforNexus
The connector metadata specific to Infor Nexus.
MarketoMetadata marketo
The connector metadata specific to Marketo.
RedshiftMetadata redshift
The connector metadata specific to Amazon Redshift.
S3Metadata s3
The connector metadata specific to Amazon S3.
SalesforceMetadata salesforce
The connector metadata specific to Salesforce.
ServiceNowMetadata serviceNow
The connector metadata specific to ServiceNow.
SingularMetadata singular
The connector metadata specific to Singular.
SlackMetadata slack
The connector metadata specific to Slack.
SnowflakeMetadata snowflake
The connector metadata specific to Snowflake.
TrendmicroMetadata trendmicro
The connector metadata specific to Trend Micro.
VeevaMetadata veeva
The connector metadata specific to Veeva.
ZendeskMetadata zendesk
The connector metadata specific to Zendesk.
EventBridgeMetadata eventBridge
The connector metadata specific to Amazon EventBridge.
UpsolverMetadata upsolver
The connector metadata specific to Upsolver.
CustomerProfilesMetadata customerProfiles
The connector metadata specific to Amazon Connect Customer Profiles.
HoneycodeMetadata honeycode
The connector metadata specific to Amazon Honeycode.
SAPODataMetadata sAPOData
PardotMetadata pardot
The connector metadata specific to Salesforce Pardot.
String amplitude
The operation to be performed on the provided Amplitude source fields.
String datadog
The operation to be performed on the provided Datadog source fields.
String dynatrace
The operation to be performed on the provided Dynatrace source fields.
String googleAnalytics
The operation to be performed on the provided Google Analytics source fields.
String inforNexus
The operation to be performed on the provided Infor Nexus source fields.
String marketo
The operation to be performed on the provided Marketo source fields.
String s3
The operation to be performed on the provided Amazon S3 source fields.
String salesforce
The operation to be performed on the provided Salesforce source fields.
String serviceNow
The operation to be performed on the provided ServiceNow source fields.
String singular
The operation to be performed on the provided Singular source fields.
String slack
The operation to be performed on the provided Slack source fields.
String trendmicro
The operation to be performed on the provided Trend Micro source fields.
String veeva
The operation to be performed on the provided Veeva source fields.
String zendesk
The operation to be performed on the provided Zendesk source fields.
String sAPOData
The operation to be performed on the provided SAPOData source fields.
String customConnector
Operators supported by the custom connector.
String pardot
The operation to be performed on the provided Salesforce Pardot source fields.
String connectorProfileArn
The Amazon Resource Name (ARN) of the connector profile.
String connectorProfileName
The name of the connector profile. The name is unique for each ConnectorProfile in the Amazon Web
Services account.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String connectorLabel
The label for the connector profile being created.
String connectionMode
Indicates the connection mode and if it is public or private.
String credentialsArn
The Amazon Resource Name (ARN) of the connector profile credentials.
ConnectorProfileProperties connectorProfileProperties
The connector-specific properties of the profile configuration.
Date createdAt
Specifies when the connector profile was created.
Date lastUpdatedAt
Specifies when the connector profile was last updated.
PrivateConnectionProvisioningState privateConnectionProvisioningState
Specifies the private connection provisioning state.
ConnectorProfileProperties connectorProfileProperties
The connector-specific properties of the profile configuration.
ConnectorProfileCredentials connectorProfileCredentials
The connector-specific credentials required by each connector.
AmplitudeConnectorProfileCredentials amplitude
The connector-specific credentials required when using Amplitude.
DatadogConnectorProfileCredentials datadog
The connector-specific credentials required when using Datadog.
DynatraceConnectorProfileCredentials dynatrace
The connector-specific credentials required when using Dynatrace.
GoogleAnalyticsConnectorProfileCredentials googleAnalytics
The connector-specific credentials required when using Google Analytics.
HoneycodeConnectorProfileCredentials honeycode
The connector-specific credentials required when using Amazon Honeycode.
InforNexusConnectorProfileCredentials inforNexus
The connector-specific credentials required when using Infor Nexus.
MarketoConnectorProfileCredentials marketo
The connector-specific credentials required when using Marketo.
RedshiftConnectorProfileCredentials redshift
The connector-specific credentials required when using Amazon Redshift.
SalesforceConnectorProfileCredentials salesforce
The connector-specific credentials required when using Salesforce.
ServiceNowConnectorProfileCredentials serviceNow
The connector-specific credentials required when using ServiceNow.
SingularConnectorProfileCredentials singular
The connector-specific credentials required when using Singular.
SlackConnectorProfileCredentials slack
The connector-specific credentials required when using Slack.
SnowflakeConnectorProfileCredentials snowflake
The connector-specific credentials required when using Snowflake.
TrendmicroConnectorProfileCredentials trendmicro
The connector-specific credentials required when using Trend Micro.
VeevaConnectorProfileCredentials veeva
The connector-specific credentials required when using Veeva.
ZendeskConnectorProfileCredentials zendesk
The connector-specific credentials required when using Zendesk.
SAPODataConnectorProfileCredentials sAPOData
CustomConnectorProfileCredentials customConnector
PardotConnectorProfileCredentials pardot
The connector-specific credentials required when using Salesforce Pardot.
AmplitudeConnectorProfileProperties amplitude
The connector-specific properties required by Amplitude.
DatadogConnectorProfileProperties datadog
The connector-specific properties required by Datadog.
DynatraceConnectorProfileProperties dynatrace
The connector-specific properties required by Dynatrace.
GoogleAnalyticsConnectorProfileProperties googleAnalytics
The connector-specific properties required Google Analytics.
HoneycodeConnectorProfileProperties honeycode
The connector-specific properties required by Amazon Honeycode.
InforNexusConnectorProfileProperties inforNexus
The connector-specific properties required by Infor Nexus.
MarketoConnectorProfileProperties marketo
The connector-specific properties required by Marketo.
RedshiftConnectorProfileProperties redshift
The connector-specific properties required by Amazon Redshift.
SalesforceConnectorProfileProperties salesforce
The connector-specific properties required by Salesforce.
ServiceNowConnectorProfileProperties serviceNow
The connector-specific properties required by serviceNow.
SingularConnectorProfileProperties singular
The connector-specific properties required by Singular.
SlackConnectorProfileProperties slack
The connector-specific properties required by Slack.
SnowflakeConnectorProfileProperties snowflake
The connector-specific properties required by Snowflake.
TrendmicroConnectorProfileProperties trendmicro
The connector-specific properties required by Trend Micro.
VeevaConnectorProfileProperties veeva
The connector-specific properties required by Veeva.
ZendeskConnectorProfileProperties zendesk
The connector-specific properties required by Zendesk.
SAPODataConnectorProfileProperties sAPOData
CustomConnectorProfileProperties customConnector
The properties required by the custom connector.
PardotConnectorProfileProperties pardot
The connector-specific properties required by Salesforce Pardot.
LambdaConnectorProvisioningConfig lambda
Contains information about the configuration of the lambda which is being registered as the connector.
String key
Contains value information about the connector runtime setting.
String dataType
Data type of the connector runtime setting.
Boolean isRequired
Indicates whether this connector runtime setting is required.
String label
A label used for connector runtime setting.
String description
A description about the connector runtime setting.
String scope
Indicates the scope of the connector runtime setting.
List<E> connectorSuppliedValueOptions
Contains default values for the connector runtime setting that are supplied by the connector.
String connectorProfileName
The name of the connector profile. The name is unique for each ConnectorProfile in your Amazon Web
Services account.
String kmsArn
The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String connectorLabel
The label of the connector. The label is unique for each ConnectorRegistration in your Amazon Web
Services account. Only needed if calling for CUSTOMCONNECTOR connector type/.
String connectionMode
Indicates the connection mode and specifies whether it is public or private. Private flows use Amazon Web Services PrivateLink to route data over Amazon Web Services infrastructure without exposing it to the public internet.
ConnectorProfileConfig connectorProfileConfig
Defines the connector-specific configuration and credentials.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your
CreateConnectorProfile request completes only once. You choose the value to pass. For example, if
you don't receive a response from your request, you can safely retry the request with the same
clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to CreateConnectorProfile
. The token is active for 8 hours.
String connectorProfileArn
The Amazon Resource Name (ARN) of the connector profile.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String description
A description of the flow you want to create.
String kmsArn
The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.
TriggerConfig triggerConfig
The trigger settings that determine how and when the flow runs.
SourceFlowConfig sourceFlowConfig
The configuration that controls how Amazon AppFlow retrieves data from the source connector.
List<E> destinationFlowConfigList
The configuration that controls how Amazon AppFlow places data in the destination connector.
List<E> tasks
A list of tasks that Amazon AppFlow performs while transferring the data in the flow run.
Map<K,V> tags
The tags used to organize, track, or control access for your flow.
MetadataCatalogConfig metadataCatalogConfig
Specifies the configuration that Amazon AppFlow uses when it catalogs the data that's transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your CreateFlow
request completes only once. You choose the value to pass. For example, if you don't receive a response from your
request, you can safely retry the request with the same clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to CreateFlow. The token
is active for 8 hours.
String entityName
The entity specified in the custom connector as a destination in the flow.
ErrorHandlingConfig errorHandlingConfig
The settings that determine how Amazon AppFlow handles an error when placing data in the custom connector as destination.
String writeOperationType
Specifies the type of write operation to be performed in the custom connector when it's used as destination.
List<E> idFieldNames
The name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update, delete, or upsert.
Map<K,V> customProperties
The custom properties that are specific to the connector when it's used as a destination in the flow.
String authenticationType
The authentication type that the custom connector uses for authenticating while creating a connector profile.
BasicAuthCredentials basic
The basic credentials that are required for the authentication of the user.
OAuth2Credentials oauth2
The OAuth 2.0 credentials required for the authentication of the user.
ApiKeyCredentials apiKey
The API keys required for the authentication of the user.
CustomAuthCredentials custom
If the connector uses the custom authentication mechanism, this holds the required credentials.
Map<K,V> profileProperties
A map of properties that are required to create a profile for the custom connector.
OAuth2Properties oAuth2Properties
String entityName
The entity specified in the custom connector as a source in the flow.
Map<K,V> customProperties
Custom properties that are required to use the custom connector as a source.
DataTransferApi dataTransferApi
The API of the connector application that Amazon AppFlow uses to transfer your data.
String apiKey
A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API.
String applicationKey
Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API.
String instanceUrl
The location of the Datadog resource.
String object
The object specified in the Datadog flow source.
String name
The name of the connector application API.
String type
You can specify one of the following types:
The default. Optimizes a flow for datasets that fluctuate in size from small to large. For each flow run, Amazon AppFlow chooses to use the SYNC or ASYNC API type based on the amount of data that the run transfers.
A synchronous API. This type of API optimizes a flow for small to medium-sized datasets.
An asynchronous API. This type of API optimizes a flow for large datasets.
String connectorEntityName
The entity name for that connector.
String connectorType
The type of connector application, such as Salesforce, Amplitude, and so on.
String connectorProfileName
The name of the connector profile. The name is unique for each ConnectorProfile in the Amazon Web
Services account.
String apiVersion
The version of the API that's used by the connector.
List<E> connectorProfileNames
The name of the connector profile. The name is unique for each ConnectorProfile in the Amazon Web
Services account.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String connectorLabel
The name of the connector. The name is unique for each ConnectorRegistration in your Amazon Web
Services account. Only needed if calling for CUSTOMCONNECTOR connector type/.
Integer maxResults
Specifies the maximum number of items that should be returned in the result set. The default for
maxResults is 20 (for all paginated API operations).
String nextToken
The pagination token for the next page of data.
String connectorType
The connector type, such as CUSTOMCONNECTOR, Saleforce, Marketo. Please choose CUSTOMCONNECTOR for Lambda based custom connectors.
String connectorLabel
The label of the connector. The label is unique for each ConnectorRegistration in your Amazon Web
Services account. Only needed if calling for CUSTOMCONNECTOR connector type/.
ConnectorConfiguration connectorConfiguration
Configuration info of all the connectors that the user requested.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
Integer maxResults
Specifies the maximum number of items that should be returned in the result set. The default for
maxResults is 20 (for all paginated API operations).
String nextToken
The pagination token for the next page of data.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String flowArn
The flow's Amazon Resource Name (ARN).
String description
A description of the flow.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String kmsArn
The ARN (Amazon Resource Name) of the Key Management Service (KMS) key you provide for encryption. This is required if you do not want to use the Amazon AppFlow-managed KMS key. If you don't provide anything here, Amazon AppFlow uses the Amazon AppFlow-managed KMS key.
String flowStatus
Indicates the current status of the flow.
String flowStatusMessage
Contains an error message if the flow status is in a suspended or error state. This applies only to scheduled or event-triggered flows.
SourceFlowConfig sourceFlowConfig
The configuration that controls how Amazon AppFlow retrieves data from the source connector.
List<E> destinationFlowConfigList
The configuration that controls how Amazon AppFlow transfers data to the destination connector.
ExecutionDetails lastRunExecutionDetails
Describes the details of the most recent flow run.
TriggerConfig triggerConfig
The trigger settings that determine how and when the flow runs.
List<E> tasks
A list of tasks that Amazon AppFlow performs while transferring the data in the flow run.
Date createdAt
Specifies when the flow was created.
Date lastUpdatedAt
Specifies when the flow was last updated.
String createdBy
The ARN of the user who created the flow.
String lastUpdatedBy
Specifies the user name of the account that performed the most recent update.
Map<K,V> tags
The tags used to organize, track, or control access for your flow.
MetadataCatalogConfig metadataCatalogConfig
Specifies the configuration that Amazon AppFlow uses when it catalogs the data that's transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.
List<E> lastRunMetadataCatalogDetails
Describes the metadata catalog, metadata table, and data partitions that Amazon AppFlow used for the associated flow run.
Long schemaVersion
The version number of your data schema. Amazon AppFlow assigns this version number. The version number increases by one when you change any of the following settings in your flow configuration:
Source-to-destination field mappings
Field data types
Partition keys
RedshiftDestinationProperties redshift
The properties required to query Amazon Redshift.
S3DestinationProperties s3
The properties required to query Amazon S3.
SalesforceDestinationProperties salesforce
The properties required to query Salesforce.
SnowflakeDestinationProperties snowflake
The properties required to query Snowflake.
EventBridgeDestinationProperties eventBridge
The properties required to query Amazon EventBridge.
LookoutMetricsDestinationProperties lookoutMetrics
The properties required to query Amazon Lookout for Metrics.
UpsolverDestinationProperties upsolver
The properties required to query Upsolver.
HoneycodeDestinationProperties honeycode
The properties required to query Amazon Honeycode.
CustomerProfilesDestinationProperties customerProfiles
The properties required to query Amazon Connect Customer Profiles.
ZendeskDestinationProperties zendesk
The properties required to query Zendesk.
MarketoDestinationProperties marketo
The properties required to query Marketo.
CustomConnectorDestinationProperties customConnector
The properties that are required to query the custom Connector.
SAPODataDestinationProperties sAPOData
The properties required to query SAPOData.
Boolean isCreatable
Specifies if the destination field can be created by the current user.
Boolean isNullable
Specifies if the destination field can have a null value.
Boolean isUpsertable
Specifies if the flow run can either insert new rows in the destination field if they do not already exist, or update them if they do.
Boolean isUpdatable
Specifies whether the field can be updated during an UPDATE or UPSERT write operation.
Boolean isDefaultedOnCreate
Specifies whether the field can use the default value during a Create operation.
List<E> supportedWriteOperations
A list of supported write operations. For each write operation listed, this field can be used in
idFieldNames when that write operation is present as a destination option.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String apiVersion
The API version that the destination connector uses.
String connectorProfileName
The name of the connector profile. This name must be unique for each connector profile in the Amazon Web Services account.
DestinationConnectorProperties destinationConnectorProperties
This stores the information that is required to query a particular connector.
String apiToken
The API tokens used by Dynatrace API to authenticate various API calls.
String instanceUrl
The location of the Dynatrace resource.
String object
The object specified in the Dynatrace flow source.
Boolean failOnFirstDestinationError
Specifies if the flow should fail after the first instance of a failure when attempting to place data in the destination.
String bucketPrefix
Specifies the Amazon S3 bucket prefix.
String bucketName
Specifies the name of the Amazon S3 bucket.
String object
The object specified in the Amazon EventBridge flow destination.
ErrorHandlingConfig errorHandlingConfig
String mostRecentExecutionMessage
Describes the details of the most recent flow run.
Date mostRecentExecutionTime
Specifies the time of the most recent flow run.
String mostRecentExecutionStatus
Specifies the status of the most recent flow run.
String executionId
Specifies the identifier of the given flow run.
String executionStatus
Specifies the flow run status and whether it is in progress, has completed successfully, or has failed.
ExecutionResult executionResult
Describes the result of the given flow run.
Date startedAt
Specifies the start time of the flow run.
Date lastUpdatedAt
Specifies the time of the most recent update.
Date dataPullStartTime
The timestamp that determines the first new or updated record to be transferred in the flow run.
Date dataPullEndTime
The timestamp that indicates the last new or updated record to be transferred in the flow run.
List<E> metadataCatalogDetails
Describes the metadata catalog, metadata table, and data partitions that Amazon AppFlow used for the associated flow run.
ErrorInfo errorInfo
Provides any error message information related to the flow run.
Long bytesProcessed
The total number of bytes processed by the flow run.
Long bytesWritten
The total number of bytes written as a result of the flow run.
Long recordsProcessed
The number of records processed in the flow run.
Long numParallelProcesses
The number of processes that Amazon AppFlow ran at the same time when it retrieved your data.
Long maxPageSize
The maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application.
String fieldType
The type of field, such as string, integer, date, and so on.
List<E> filterOperators
The list of operators supported by a field.
List<E> supportedValues
The list of values that a field can contain. For example, a Boolean fieldType can have two values:
"true" and "false".
String valueRegexPattern
The regular expression pattern for the field name.
String supportedDateFormat
The date format that the field supports.
Range fieldValueRange
The range of values this field can hold.
Range fieldLengthRange
This is the allowable length range for this field's value.
String flowArn
The flow's Amazon Resource Name (ARN).
String description
A user-entered description of the flow.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String flowStatus
Indicates the current status of the flow.
String sourceConnectorType
Specifies the source connector type, such as Salesforce, Amazon S3, Amplitude, and so on.
String sourceConnectorLabel
The label of the source connector in the flow.
String destinationConnectorType
Specifies the destination connector type, such as Salesforce, Amazon S3, Amplitude, and so on.
String destinationConnectorLabel
The label of the destination connector in the flow.
String triggerType
Specifies the type of flow trigger. This can be OnDemand, Scheduled, or
Event.
Date createdAt
Specifies when the flow was created.
Date lastUpdatedAt
Specifies when the flow was last updated.
String createdBy
The ARN of the user who created the flow.
String lastUpdatedBy
Specifies the account user name that most recently updated the flow.
Map<K,V> tags
The tags used to organize, track, or control access for your flow.
ExecutionDetails lastRunExecutionDetails
Describes the details of the most recent flow run.
String roleArn
The Amazon Resource Name (ARN) of an IAM role that grants Amazon AppFlow the permissions it needs to create Data Catalog tables, databases, and partitions.
For an example IAM policy that has the required permissions, see Identity-based policy examples for Amazon AppFlow.
String databaseName
The name of the Data Catalog database that stores the metadata tables that Amazon AppFlow creates in your Amazon Web Services account. These tables contain metadata for the data that's transferred by the flow that you configure with this parameter.
When you configure a new flow with this parameter, you must specify an existing database.
String tablePrefix
A naming prefix for each Data Catalog table that Amazon AppFlow creates for the flow that you configure with this setting. Amazon AppFlow adds the prefix to the beginning of the each table name.
String clientId
The identifier for the desired client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The credentials used to access protected Google Analytics resources.
String refreshToken
The credentials used to acquire new access tokens. This is required only for OAuth2 access tokens, and is not required for OAuth1 access tokens.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String object
The object specified in the Google Analytics flow source.
String accessToken
The credentials used to access protected Amazon Honeycode resources.
String refreshToken
The credentials used to acquire new access tokens.
ConnectorOAuthRequest oAuthRequest
String object
The object specified in the Amazon Honeycode flow destination.
ErrorHandlingConfig errorHandlingConfig
String datetimeTypeFieldName
A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source.
String instanceUrl
The location of the Infor Nexus resource.
String object
The object specified in the Infor Nexus flow source.
String lambdaArn
Lambda ARN of the connector being registered.
String connectorProfileName
The name of the connector profile. The name is unique for each ConnectorProfile in the Amazon Web
Services account, and is used to query the downstream connector.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String entitiesPath
This optional parameter is specific to connector implementation. Some connectors support multiple levels or
categories of entities. You can find out the list of roots for such providers by sending a request without the
entitiesPath parameter. If the connector supports entities at different roots, this initial request
returns the list of roots. Otherwise, this request returns all entities supported by the provider.
String apiVersion
The version of the API that's used by the connector.
Integer maxResults
The maximum number of items that the operation returns in the response.
String nextToken
A token that was provided by your prior ListConnectorEntities operation if the response was too big
for the page size. You specify this token to get the next page of results in paginated response.
Map<K,V> connectorEntityMap
The response of ListConnectorEntities lists entities grouped by category. This map's key represents
the group name, and its value contains the list of entities belonging to that group.
String nextToken
A token that you specify in your next ListConnectorEntities operation to get the next page of
results in paginated response. The ListConnectorEntities operation provides this token if the
response is too big for the page size.
String resourceArn
The Amazon Resource Name (ARN) of the specified flow.
String clientId
The identifier for the desired client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The credentials used to access protected Marketo resources.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String instanceUrl
The location of the Marketo resource.
String object
The object specified in the Marketo flow destination.
ErrorHandlingConfig errorHandlingConfig
String object
The object specified in the Marketo flow source.
GlueDataCatalogConfig glueDataCatalog
Specifies the configuration that Amazon AppFlow uses when it catalogs your data with the Glue Data Catalog.
String catalogType
The type of metadata catalog that Amazon AppFlow used for the associated flow run. This parameter returns the following value:
The metadata catalog is provided by the Glue Data Catalog. Glue includes the Glue Data Catalog as a component.
String tableName
The name of the table that stores the metadata for the associated flow run. The table stores metadata that represents the data that the flow transferred. Amazon AppFlow stores the table in the metadata catalog.
RegistrationOutput tableRegistrationOutput
Describes the status of the attempt from Amazon AppFlow to register the metadata table with the metadata catalog. Amazon AppFlow creates or updates this table for the associated flow run.
RegistrationOutput partitionRegistrationOutput
Describes the status of the attempt from Amazon AppFlow to register the data partitions with the metadata catalog. The data partitions organize the flow output into a hierarchical path, such as a folder path in an S3 bucket. Amazon AppFlow creates the partitions (if they don't already exist) based on your flow configuration.
String clientId
The identifier for the desired client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The access token used to access the connector on your behalf.
String refreshToken
The refresh token used to refresh an expired access token.
ConnectorOAuthRequest oAuthRequest
String key
The key of the custom parameter required for OAuth 2.0 authentication.
Boolean isRequired
Indicates whether the custom parameter for OAuth 2.0 authentication is required.
String label
The label of the custom parameter used for OAuth 2.0 authentication.
String description
A description about the custom parameter used for OAuth 2.0 authentication.
Boolean isSensitiveField
Indicates whether this authentication custom parameter is a sensitive field.
List<E> connectorSuppliedValues
Contains default values for this authentication parameter that are supplied by the connector.
String type
Indicates whether custom parameter is used with TokenUrl or AuthUrl.
List<E> oauthScopes
OAuth 2.0 scopes that the connector supports.
List<E> tokenUrls
Token URLs that can be used for OAuth 2.0 authentication.
List<E> authCodeUrls
Auth code URLs that can be used for OAuth 2.0 authentication.
List<E> oauth2GrantTypesSupported
OAuth 2.0 grant types supported by the connector.
List<E> oauth2CustomProperties
List of custom parameters required for OAuth 2.0 authentication.
String tokenUrl
The token URL required for OAuth 2.0 authentication.
String oAuth2GrantType
The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication.
Map<K,V> tokenUrlCustomProperties
Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request.
String clientId
The identifier for the desired client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The access token used to access protected SAPOData resources.
String refreshToken
The refresh token used to refresh expired access token.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String tokenUrl
The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token.
String authCodeUrl
The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication.
List<E> oAuthScopes
The OAuth scopes required for OAuth type authentication.
String accessToken
The credentials used to access protected Salesforce Pardot resources.
String refreshToken
The credentials used to acquire new access tokens.
ConnectorOAuthRequest oAuthRequest
String clientCredentialsArn
The secret manager ARN, which contains the client ID and client secret of the connected app.
String instanceUrl
The location of the Salesforce Pardot resource.
Boolean isSandboxEnvironment
Indicates whether the connector profile applies to a sandbox or production environment.
String businessUnitId
The business unit id of Salesforce Pardot instance.
String object
The object specified in the Salesforce Pardot flow source.
String prefixType
Determines the format of the prefix, and whether it applies to the file name, file path, or both.
String prefixFormat
Determines the level of granularity for the date and time that's included in the prefix.
List<E> pathPrefixHierarchy
Specifies whether the destination file path includes either or both of the following elements:
The ID that Amazon AppFlow assigns to the flow run.
The version number of your data schema. Amazon AppFlow assigns this version number. The version number increases by one when you change any of the following settings in your flow configuration:
Source-to-destination field mappings
Field data types
Partition keys
String databaseUrl
The JDBC URL of the Amazon Redshift cluster.
String bucketName
A name for the associated Amazon S3 bucket.
String bucketPrefix
The object key for the destination bucket in which Amazon AppFlow places the files.
String roleArn
The Amazon Resource Name (ARN) of IAM role that grants Amazon Redshift read-only access to Amazon S3. For more information, and for the polices that you attach to this role, see Allow Amazon Redshift to access your Amazon AppFlow data in Amazon S3.
String dataApiRoleArn
The Amazon Resource Name (ARN) of an IAM role that permits Amazon AppFlow to access your Amazon Redshift database through the Data API. For more information, and for the polices that you attach to this role, see Allow Amazon AppFlow to access Amazon Redshift databases with the Data API.
Boolean isRedshiftServerless
Indicates whether the connector profile defines a connection to an Amazon Redshift Serverless data warehouse.
String clusterIdentifier
The unique ID that's assigned to an Amazon Redshift cluster.
String workgroupName
The name of an Amazon Redshift workgroup.
String databaseName
The name of an Amazon Redshift database.
String object
The object specified in the Amazon Redshift flow destination.
String intermediateBucketName
The intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift.
String bucketPrefix
The object key for the bucket in which Amazon AppFlow places the destination files.
ErrorHandlingConfig errorHandlingConfig
The settings that determine how Amazon AppFlow handles an error when placing data in the Amazon Redshift
destination. For example, this setting would determine if the flow should fail after one insertion error, or
continue and attempt to insert every record regardless of the initial failure. ErrorHandlingConfig
is a part of the destination connector details.
String connectorLabel
The name of the connector. The name is unique for each ConnectorRegistration in your Amazon Web
Services account.
String description
A description about the connector that's being registered.
String connectorProvisioningType
The provisioning type of the connector. Currently the only supported value is LAMBDA.
ConnectorProvisioningConfig connectorProvisioningConfig
The provisioning type of the connector. Currently the only supported value is LAMBDA.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your
RegisterConnector request completes only once. You choose the value to pass. For example, if you
don't receive a response from your request, you can safely retry the request with the same
clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to RegisterConnector. The
token is active for 8 hours.
String connectorArn
The ARN of the connector being registered.
String message
Explains the status of the registration attempt from Amazon AppFlow. If the attempt fails, the message explains why.
String result
Indicates the number of resources that Amazon AppFlow created or updated. Possible resources include metadata tables and data partitions.
String status
Indicates the status of the registration attempt from Amazon AppFlow.
String connectorProfileName
The name of the connector profile that you want to reset cached metadata for.
You can omit this parameter if you're resetting the cache for any of the following connectors: Amazon Connect, Amazon EventBridge, Amazon Lookout for Metrics, Amazon S3, or Upsolver. If you're resetting the cache for any other connector, you must include this parameter in your request.
String connectorType
The type of connector to reset cached metadata for.
You must include this parameter in your request if you're resetting the cache for any of the following connectors: Amazon Connect, Amazon EventBridge, Amazon Lookout for Metrics, Amazon S3, or Upsolver. If you're resetting the cache for any other connector, you can omit this parameter from your request.
String connectorEntityName
Use this parameter if you want to reset cached metadata about the details for an individual entity.
If you don't include this parameter in your request, Amazon AppFlow only resets cached metadata about entity names, not entity details.
String entitiesPath
Use this parameter only if you’re resetting the cached metadata about a nested entity. Only some connectors support nested entities. A nested entity is one that has another entity as a parent. To use this parameter, specify the name of the parent entity.
To look up the parent-child relationship of entities, you can send a ListConnectorEntities request that omits the entitiesPath parameter. Amazon AppFlow will return a list of top-level entities. For each one, it indicates whether the entity has nested entities. Then, in a subsequent ListConnectorEntities request, you can specify a parent entity name for the entitiesPath parameter. Amazon AppFlow will return a list of the child entities for that parent.
String apiVersion
The API version that you specified in the connector profile that you’re resetting cached metadata for. You must use this parameter only if the connector supports multiple API versions or if the connector type is CustomConnector.
To look up how many versions a connector supports, use the DescribeConnectors action. In the response, find the value that Amazon AppFlow returns for the connectorVersion parameter.
To look up the connector type, use the DescribeConnectorProfiles action. In the response, find the value that Amazon AppFlow returns for the connectorType parameter.
To look up the API version that you specified in a connector profile, use the DescribeConnectorProfiles action.
String bucketName
The Amazon S3 bucket name in which Amazon AppFlow places the transferred data.
String bucketPrefix
The object key for the destination bucket in which Amazon AppFlow places the files.
S3OutputFormatConfig s3OutputFormatConfig
String s3InputFileType
The file type that Amazon AppFlow gets from your Amazon S3 bucket.
String fileType
Indicates the file type that Amazon AppFlow places in the Amazon S3 bucket.
PrefixConfig prefixConfig
Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date.
AggregationConfig aggregationConfig
Boolean preserveSourceDataTyping
If your file output format is Parquet, use this parameter to set whether Amazon AppFlow preserves the data types in your source data when it writes the output to Amazon S3.
true: Amazon AppFlow preserves the data types when it writes to Amazon S3. For example, an integer
or 1 in your source data is still an integer in your output.
false: Amazon AppFlow converts all of the source data into strings when it writes to Amazon S3. For
example, an integer of 1 in your source data becomes the string "1" in the output.
String bucketName
The Amazon S3 bucket name where the source files are stored.
String bucketPrefix
The object key for the Amazon S3 bucket in which the source files are stored.
S3InputFormatConfig s3InputFormatConfig
String accessToken
The credentials used to access protected Salesforce resources.
String refreshToken
The credentials used to acquire new access tokens.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String clientCredentialsArn
The secret manager ARN, which contains the client ID and client secret of the connected app.
String oAuth2GrantType
Specifies the OAuth 2.0 grant type that Amazon AppFlow uses when it requests an access token from Salesforce. Amazon AppFlow requires an access token each time it attempts to access your Salesforce records.
You can specify one of the following values:
Amazon AppFlow passes an authorization code when it requests the access token from Salesforce. Amazon AppFlow receives the authorization code from Salesforce after you log in to your Salesforce account and authorize Amazon AppFlow to access your records.
Amazon AppFlow passes client credentials (a client ID and client secret) when it requests the access token from Salesforce. You provide these credentials to Amazon AppFlow when you define the connection to your Salesforce account.
Amazon AppFlow passes a JSON web token (JWT) when it requests the access token from Salesforce. You provide the JWT to Amazon AppFlow when you define the connection to your Salesforce account. When you use this grant type, you don't need to log in to your Salesforce account to authorize Amazon AppFlow to access your records.
String jwtToken
A JSON web token (JWT) that authorizes Amazon AppFlow to access your Salesforce records.
String instanceUrl
The location of the Salesforce resource.
Boolean isSandboxEnvironment
Indicates whether the connector profile applies to a sandbox or production environment.
Boolean usePrivateLinkForMetadataAndAuthorization
If the connection mode for the connector profile is private, this parameter sets whether Amazon AppFlow uses the private network to send metadata and authorization calls to Salesforce. Amazon AppFlow sends private calls through Amazon Web Services PrivateLink. These calls travel through Amazon Web Services infrastructure without being exposed to the public internet.
Set either of the following values:
Amazon AppFlow sends all calls to Salesforce over the private network.
These private calls are:
Calls to get metadata about your Salesforce records. This metadata describes your Salesforce objects and their fields.
Calls to get or refresh access tokens that allow Amazon AppFlow to access your Salesforce records.
Calls to transfer your Salesforce records as part of a flow run.
The default value. Amazon AppFlow sends some calls to Salesforce privately and other calls over the public internet.
The public calls are:
Calls to get metadata about your Salesforce records.
Calls to get or refresh access tokens.
The private calls are:
Calls to transfer your Salesforce records as part of a flow run.
String object
The object specified in the Salesforce flow destination.
List<E> idFieldNames
The name of the field that Amazon AppFlow uses as an ID when performing a write operation such as update or delete.
ErrorHandlingConfig errorHandlingConfig
The settings that determine how Amazon AppFlow handles an error when placing data in the Salesforce destination.
For example, this setting would determine if the flow should fail after one insertion error, or continue and
attempt to insert every record regardless of the initial failure. ErrorHandlingConfig is a part of
the destination connector details.
String writeOperationType
This specifies the type of write operation to be performed in Salesforce. When the value is UPSERT,
then idFieldNames is required.
String dataTransferApi
Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data to Salesforce.
The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers to Salesforce. If your flow transfers fewer than 1,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.
Each of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900 records, and it might use Bulk API 2.0 on the next day to transfer 1,100 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.
By choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.
Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.
Note that Bulk API 2.0 does not transfer Salesforce compound fields.
Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail with a timed out error.
List<E> oAuthScopes
The desired authorization scope for the Salesforce account.
List<E> dataTransferApis
The Salesforce APIs that you can have Amazon AppFlow use when your flows transfers data to or from Salesforce.
List<E> oauth2GrantTypesSupported
The OAuth 2.0 grant types that Amazon AppFlow can use when it requests an access token from Salesforce. Amazon AppFlow requires an access token each time it attempts to access your Salesforce records.
Amazon AppFlow passes an authorization code when it requests the access token from Salesforce. Amazon AppFlow receives the authorization code from Salesforce after you log in to your Salesforce account and authorize Amazon AppFlow to access your records.
Amazon AppFlow passes client credentials (a client ID and client secret) when it requests the access token from Salesforce. You provide these credentials to Amazon AppFlow when you define the connection to your Salesforce account.
Amazon AppFlow passes a JSON web token (JWT) when it requests the access token from Salesforce. You provide the JWT to Amazon AppFlow when you define the connection to your Salesforce account. When you use this grant type, you don't need to log in to your Salesforce account to authorize Amazon AppFlow to access your records.
String object
The object specified in the Salesforce flow source.
Boolean enableDynamicFieldUpdate
The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow.
Boolean includeDeletedRecords
Indicates whether Amazon AppFlow includes deleted files in the flow run.
String dataTransferApi
Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data from Salesforce.
The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers from Salesforce. If your flow transfers fewer than 1,000,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0.
Each of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900,000 records, and it might use Bulk API 2.0 on the next day to transfer 1,100,000 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields.
By choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output.
Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers.
Note that Bulk API 2.0 does not transfer Salesforce compound fields.
Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail wituh a timed out error.
BasicAuthCredentials basicAuthCredentials
The SAPOData basic authentication credentials.
OAuthCredentials oAuthCredentials
The SAPOData OAuth type authentication credentials.
String applicationHostUrl
The location of the SAPOData resource.
String applicationServicePath
The application path to catalog service.
Integer portNumber
The port number of the SAPOData instance.
String clientNumber
The client number for the client creating the connection.
String logonLanguage
The logon language of SAPOData instance.
String privateLinkServiceName
The SAPOData Private Link service name to be used for private data transfers.
OAuthProperties oAuthProperties
The SAPOData OAuth properties required for OAuth type authentication.
Boolean disableSSO
If you set this parameter to true, Amazon AppFlow bypasses the single sign-on (SSO) settings in your
SAP account when it accesses your SAP OData instance.
Whether you need this option depends on the types of credentials that you applied to your SAP OData connection profile. If your profile uses basic authentication credentials, SAP SSO can prevent Amazon AppFlow from connecting to your account with your username and password. In this case, bypassing SSO makes it possible for Amazon AppFlow to connect successfully. However, if your profile uses OAuth credentials, this parameter has no affect.
String objectPath
The object path specified in the SAPOData flow destination.
SuccessResponseHandlingConfig successResponseHandlingConfig
Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data.
For example, this setting would determine where to write the response from a destination connector upon a successful insert operation.
List<E> idFieldNames
ErrorHandlingConfig errorHandlingConfig
String writeOperationType
Integer maxPageSize
The maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. For transfers of OData records, the maximum page size is 3,000. For transfers of data that comes from an ODP provider, the maximum page size is 10,000.
Integer maxParallelism
The maximum number of processes that Amazon AppFlow runs at the same time when it retrieves your data from your SAP application.
String objectPath
The object path specified in the SAPOData flow source.
SAPODataParallelismConfig parallelismConfig
Sets the number of concurrent processes that transfers OData records from your SAP instance.
SAPODataPaginationConfig paginationConfig
Sets the page size for each concurrent process that transfers OData records from your SAP instance.
String scheduleExpression
The scheduling expression that determines the rate at which the schedule will run, for example
rate(5minutes).
String dataPullMode
Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run.
Date scheduleStartTime
The time at which the scheduled flow starts. The time is formatted as a timestamp that follows the ISO 8601
standard, such as 2022-04-26T13:00:00-07:00.
Date scheduleEndTime
The time at which the scheduled flow ends. The time is formatted as a timestamp that follows the ISO 8601
standard, such as 2022-04-27T13:00:00-07:00.
String timezone
Specifies the time zone used when referring to the dates and times of a scheduled flow, such as
America/New_York. This time zone is only a descriptive label. It doesn't affect how Amazon AppFlow
interprets the timestamps that you specify to schedule the flow.
If you want to schedule a flow by using times in a particular time zone, indicate the time zone as a UTC offset
in your timestamps. For example, the UTC offsets for the America/New_York timezone are
-04:00 EDT and -05:00 EST.
Long scheduleOffset
Specifies the optional offset that is added to the time interval for a schedule-triggered flow.
Date firstExecutionFrom
Specifies the date range for the records to import from the connector in the first flow run.
Integer flowErrorDeactivationThreshold
Defines how many times a scheduled flow fails consecutively before Amazon AppFlow deactivates it.
String username
The name of the user.
String password
The password that corresponds to the user name.
OAuth2Credentials oAuth2Credentials
The OAuth 2.0 credentials required to authenticate the user.
String instanceUrl
The location of the ServiceNow resource.
String object
The object specified in the ServiceNow flow source.
String apiKey
A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API.
String object
The object specified in the Singular flow source.
String clientId
The identifier for the client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The credentials used to access protected Slack resources.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String instanceUrl
The location of the Slack resource.
String object
The object specified in the Slack flow source.
String warehouse
The name of the Snowflake warehouse.
String stage
The name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the Snowflake account. This is written in the following format: < Database>< Schema><Stage Name>.
String bucketName
The name of the Amazon S3 bucket associated with Snowflake.
String bucketPrefix
The bucket path that refers to the Amazon S3 bucket associated with Snowflake.
String privateLinkServiceName
The Snowflake Private Link service name to be used for private data transfers.
String accountName
The name of the account.
String region
The Amazon Web Services Region of the Snowflake account.
String object
The object specified in the Snowflake flow destination.
String intermediateBucketName
The intermediate bucket that Amazon AppFlow uses when moving data into Snowflake.
String bucketPrefix
The object key for the destination bucket in which Amazon AppFlow places the files.
ErrorHandlingConfig errorHandlingConfig
The settings that determine how Amazon AppFlow handles an error when placing data in the Snowflake destination.
For example, this setting would determine if the flow should fail after one insertion error, or continue and
attempt to insert every record regardless of the initial failure. ErrorHandlingConfig is a part of
the destination connector details.
AmplitudeSourceProperties amplitude
Specifies the information that is required for querying Amplitude.
DatadogSourceProperties datadog
Specifies the information that is required for querying Datadog.
DynatraceSourceProperties dynatrace
Specifies the information that is required for querying Dynatrace.
GoogleAnalyticsSourceProperties googleAnalytics
Specifies the information that is required for querying Google Analytics.
InforNexusSourceProperties inforNexus
Specifies the information that is required for querying Infor Nexus.
MarketoSourceProperties marketo
Specifies the information that is required for querying Marketo.
S3SourceProperties s3
Specifies the information that is required for querying Amazon S3.
SalesforceSourceProperties salesforce
Specifies the information that is required for querying Salesforce.
ServiceNowSourceProperties serviceNow
Specifies the information that is required for querying ServiceNow.
SingularSourceProperties singular
Specifies the information that is required for querying Singular.
SlackSourceProperties slack
Specifies the information that is required for querying Slack.
TrendmicroSourceProperties trendmicro
Specifies the information that is required for querying Trend Micro.
VeevaSourceProperties veeva
Specifies the information that is required for querying Veeva.
ZendeskSourceProperties zendesk
Specifies the information that is required for querying Zendesk.
SAPODataSourceProperties sAPOData
CustomConnectorSourceProperties customConnector
PardotSourceProperties pardot
Specifies the information that is required for querying Salesforce Pardot.
Boolean isRetrievable
Indicates whether the field can be returned in a search result.
Boolean isQueryable
Indicates if the field can be queried.
Boolean isTimestampFieldForIncrementalQueries
Indicates if this timestamp field can be used for incremental queries.
String connectorType
The type of connector, such as Salesforce, Amplitude, and so on.
String apiVersion
The API version of the connector when it's used as a source in the flow.
String connectorProfileName
The name of the connector profile. This name must be unique for each connector profile in the Amazon Web Services account.
SourceConnectorProperties sourceConnectorProperties
Specifies the information that is required to query a particular source connector.
IncrementalPullConfig incrementalPullConfig
Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your StartFlow
request completes only once. You choose the value to pass. For example, if you don't receive a response from your
request, you can safely retry the request with the same clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs for flows that run on a
schedule or based on an event. However, the error doesn't occur for flows that run on demand. You set the
conditions that initiate your flow for the triggerConfig parameter.
If you use a different value for clientToken, Amazon AppFlow considers it a new call to
StartFlow. The token is active for 8 hours.
String flowArn
The flow's Amazon Resource Name (ARN).
String flowStatus
Indicates the current status of the flow.
String executionId
Returns the internal execution ID of an on-demand flow when the flow is started. For scheduled or event-triggered flows, this value is null.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
FieldTypeDetails v1
The initial supported version for fieldType. If this is later changed to a different version, v2
will be introduced.
List<E> sourceFields
The source fields to which a particular task is applied.
ConnectorOperator connectorOperator
The operation to be performed on the provided source fields.
String destinationField
A field in a destination connector, or a field value against which Amazon AppFlow validates a source field.
String taskType
Specifies the particular task implementation that Amazon AppFlow performs.
Map<K,V> taskProperties
A map used to store task-related information. The execution service looks for particular information based on the
TaskType.
String apiSecretKey
The Secret Access Key portion of the credentials.
String object
The object specified in the Trend Micro flow source.
String triggerType
Specifies the type of flow trigger. This can be OnDemand, Scheduled, or
Event.
TriggerProperties triggerProperties
Specifies the configuration details of a schedule-triggered flow as defined by the user. Currently, these
settings only apply to the Scheduled trigger type.
ScheduledTriggerProperties scheduled
Specifies the configuration details of a schedule-triggered flow as defined by the user.
String connectorLabel
The label of the connector. The label is unique for each ConnectorRegistration in your Amazon Web
Services account.
Boolean forceDelete
Indicates whether Amazon AppFlow should unregister the connector, even if it is currently in use in one or more connector profiles. The default value is false.
String connectorProfileName
The name of the connector profile and is unique for each ConnectorProfile in the Amazon Web Services
account.
String connectionMode
Indicates the connection mode and if it is public or private.
ConnectorProfileConfig connectorProfileConfig
Defines the connector-specific profile configuration and credentials.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your
UpdateConnectorProfile request completes only once. You choose the value to pass. For example, if
you don't receive a response from your request, you can safely retry the request with the same
clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to UpdateConnectorProfile
. The token is active for 8 hours.
String connectorProfileArn
The Amazon Resource Name (ARN) of the connector profile.
String connectorLabel
The name of the connector. The name is unique for each connector registration in your AWS account.
String description
A description about the update that you're applying to the connector.
ConnectorProvisioningConfig connectorProvisioningConfig
String clientToken
The clientToken parameter is an idempotency token. It ensures that your
UpdateConnectorRegistration request completes only once. You choose the value to pass. For example,
if you don't receive a response from your request, you can safely retry the request with the same
clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to
UpdateConnectorRegistration. The token is active for 8 hours.
String connectorArn
The ARN of the connector being updated.
String flowName
The specified name of the flow. Spaces are not allowed. Use underscores (_) or hyphens (-) only.
String description
A description of the flow.
TriggerConfig triggerConfig
The trigger settings that determine how and when the flow runs.
SourceFlowConfig sourceFlowConfig
List<E> destinationFlowConfigList
The configuration that controls how Amazon AppFlow transfers data to the destination connector.
List<E> tasks
A list of tasks that Amazon AppFlow performs while transferring the data in the flow run.
MetadataCatalogConfig metadataCatalogConfig
Specifies the configuration that Amazon AppFlow uses when it catalogs the data that's transferred by the associated flow. When Amazon AppFlow catalogs the data from a flow, it stores metadata in a data catalog.
String clientToken
The clientToken parameter is an idempotency token. It ensures that your UpdateFlow
request completes only once. You choose the value to pass. For example, if you don't receive a response from your
request, you can safely retry the request with the same clientToken parameter value.
If you omit a clientToken value, the Amazon Web Services SDK that you are using inserts a value for
you. This way, the SDK can safely retry requests multiple times after a network error. You must provide your own
value for other use cases.
If you specify input parameters that differ from your first request, an error occurs. If you use a different
value for clientToken, Amazon AppFlow considers it a new call to UpdateFlow. The token
is active for 8 hours.
String flowStatus
Indicates the current status of the flow.
String bucketName
The Upsolver Amazon S3 bucket name in which Amazon AppFlow places the transferred data.
String bucketPrefix
The object key for the destination Upsolver Amazon S3 bucket in which Amazon AppFlow places the files.
UpsolverS3OutputFormatConfig s3OutputFormatConfig
The configuration that determines how data is formatted when Upsolver is used as the flow destination.
String fileType
Indicates the file type that Amazon AppFlow places in the Upsolver Amazon S3 bucket.
PrefixConfig prefixConfig
AggregationConfig aggregationConfig
String instanceUrl
The location of the Veeva resource.
String object
The object specified in the Veeva flow source.
String documentType
The document type specified in the Veeva document extract flow.
Boolean includeSourceFiles
Boolean value to include source files in Veeva document extract flow.
Boolean includeRenditions
Boolean value to include file renditions in Veeva document extract flow.
Boolean includeAllVersions
Boolean value to include All Versions of files in Veeva document extract flow.
String clientId
The identifier for the desired client.
String clientSecret
The client secret used by the OAuth client to authenticate to the authorization server.
String accessToken
The credentials used to access protected Zendesk resources.
ConnectorOAuthRequest oAuthRequest
The OAuth requirement needed to request security tokens from the connector endpoint.
String instanceUrl
The location of the Zendesk resource.
String object
The object specified in the Zendesk flow destination.
List<E> idFieldNames
ErrorHandlingConfig errorHandlingConfig
String writeOperationType
String object
The object specified in the Zendesk flow source.
String applicationAssociationArn
The Amazon Resource Name (ARN) of the Application Association.
String applicationArn
The Amazon Resource Name (ARN) of the Application.
String clientId
The identifier for the client that is associated with the Application Association.
ExternalUrlConfig externalUrlConfig
The external URL source for the application.
String arn
The Amazon Resource Name (ARN) of the Application.
String id
A unique identifier for the Application.
String name
The name of the application.
String namespace
The namespace of the application.
Date createdTime
The time when the application was created.
Date lastModifiedTime
The time when the application was last modified.
String name
The name of the application.
String namespace
The namespace of the application.
String description
The description of the application.
ApplicationSourceConfig applicationSourceConfig
The configuration for where the application should be loaded from.
List<E> subscriptions
The events that the application subscribes.
List<E> publications
The events that the application publishes.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
List<E> permissions
The configuration of events or requests that the application has access to.
String name
The name of the DataIntegration.
String description
A description of the DataIntegration.
String kmsKey
The KMS key for the DataIntegration.
String sourceURI
The URI of the data source.
ScheduleConfiguration scheduleConfig
The name of the data and how often it should be pulled from the source.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
FileConfiguration fileConfiguration
The configuration for what files should be pulled from the source.
Map<K,V> objectConfiguration
The configuration for what data should be pulled from the source.
String arn
The Amazon Resource Name (ARN)
String id
A unique identifier.
String name
The name of the DataIntegration.
String description
A description of the DataIntegration.
String kmsKey
The KMS key for the DataIntegration.
String sourceURI
The URI of the data source.
ScheduleConfiguration scheduleConfiguration
The name of the data and how often it should be pulled from the source.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
FileConfiguration fileConfiguration
The configuration for what files should be pulled from the source.
Map<K,V> objectConfiguration
The configuration for what data should be pulled from the source.
String name
The name of the event integration.
String description
The description of the event integration.
EventFilter eventFilter
The event filter.
String eventBridgeBus
The EventBridge bus.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If not provided, the Amazon Web Services SDK populates this field. For more information about idempotency, see Making retries safe with idempotent APIs.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
String eventIntegrationArn
The Amazon Resource Name (ARN) of the event integration.
String dataIntegrationAssociationArn
The Amazon Resource Name (ARN) of the DataIntegration association.
String dataIntegrationArn
The Amazon Resource Name (ARN) of the DataIntegration.
String clientId
The identifier for the client that is associated with the DataIntegration association.
String arn
The Amazon Resource Name (ARN) of the Application.
String dataIntegrationIdentifier
A unique identifier for the DataIntegration.
String name
The name of the event integration.
String source
The source of the events.
String eventIntegrationArn
The Amazon Resource Name (ARN) of the event integration.
String name
The name of the event integration.
String description
The event integration description.
EventFilter eventFilter
The event integration filter.
String eventBridgeBus
The Amazon EventBridge bus for the event integration.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
String eventIntegrationAssociationArn
The Amazon Resource Name (ARN) for the event integration association.
String eventIntegrationAssociationId
The identifier for the event integration association.
String eventIntegrationName
The name of the event integration.
String clientId
The identifier for the client that is associated with the event integration.
String eventBridgeRuleName
The name of the EventBridge rule.
Map<K,V> clientAssociationMetadata
The metadata associated with the client.
String arn
The Amazon Resource Name (ARN) of the Application.
String arn
The Amazon Resource Name (ARN) of the Application.
String id
A unique identifier for the Application.
String name
The name of the application.
String namespace
The namespace of the application.
String description
The description of the application.
ApplicationSourceConfig applicationSourceConfig
The configuration for where the application should be loaded from.
List<E> subscriptions
The events that the application subscribes.
List<E> publications
The events that the application publishes.
Date createdTime
The created time of the Application.
Date lastModifiedTime
The last modified time of the Application.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
List<E> permissions
The configuration of events or requests that the application has access to.
String identifier
A unique identifier.
String arn
The Amazon Resource Name (ARN) for the DataIntegration.
String id
A unique identifier.
String name
The name of the DataIntegration.
String description
The KMS key for the DataIntegration.
String kmsKey
The KMS key for the DataIntegration.
String sourceURI
The URI of the data source.
ScheduleConfiguration scheduleConfiguration
The name of the data and how often it should be pulled from the source.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
FileConfiguration fileConfiguration
The configuration for what files should be pulled from the source.
Map<K,V> objectConfiguration
The configuration for what data should be pulled from the source.
String name
The name of the event integration.
String name
The name of the event integration.
String description
The description of the event integration.
String eventIntegrationArn
The Amazon Resource Name (ARN) for the event integration.
String eventBridgeBus
The EventBridge bus.
EventFilter eventFilter
The event filter.
Map<K,V> tags
The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }.
String applicationId
A unique identifier for the Application.
String nextToken
The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.
Integer maxResults
The maximum number of results to return per page.
String dataIntegrationIdentifier
A unique identifier for the DataIntegration.
String nextToken
The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.
Integer maxResults
The maximum number of results to return per page.
String eventIntegrationName
The name of the event integration.
String nextToken
The token for the next set of results. Use the value returned in the previous response in the next request to retrieve the next set of results.
Integer maxResults
The maximum number of results to return per page.
String resourceArn
The Amazon Resource Name (ARN) of the resource.
String firstExecutionFrom
The start date for objects to import in the first flow run as an Unix/epoch timestamp in milliseconds or in ISO-8601 format.
String object
The name of the object to pull from the data source.
String scheduleExpression
How often the data should be pulled from data source.
String arn
The Amazon Resource Name (ARN) of the Application.
String name
The name of the application.
String description
The description of the application.
ApplicationSourceConfig applicationSourceConfig
The configuration for where the application should be loaded from.
List<E> subscriptions
The events that the application subscribes.
List<E> publications
The events that the application publishes.
List<E> permissions
The configuration of events or requests that the application has access to.
String metricName
The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the Metric object that's returned by a call to ListMetrics.
String namespace
The namespace of the metric.
List<E> dimensions
The dimensions of the metric.
Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.
String statistic
The statistic of the metric.
String unit
The unit of the metric. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference.
List<E> metrics
The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions.
String policyName
The name of the scaling policy.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String scheduledActionName
The name of the scheduled action.
String resourceId
The identifier of the resource associated with the scheduled action. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
List<E> resourceIds
The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer maxResults
The maximum number of scalable targets. This value can be between 1 and 50. The default value is 50.
If this parameter is used, the operation returns up to MaxResults results at a time, along with a
NextToken value. To get the next set of results, include the NextToken value in a
subsequent call. If this parameter is not used, the operation returns up to 50 results and a
NextToken value, if applicable.
String nextToken
The token for the next set of results.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scaling activity. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer maxResults
The maximum number of scalable targets. This value can be between 1 and 50. The default value is 50.
If this parameter is used, the operation returns up to MaxResults results at a time, along with a
NextToken value. To get the next set of results, include the NextToken value in a
subsequent call. If this parameter is not used, the operation returns up to 50 results and a
NextToken value, if applicable.
String nextToken
The token for the next set of results.
Boolean includeNotScaledActivities
Specifies whether to include activities that aren't scaled (not scaled activities) in the response. Not scaled activities are activities that aren't completed or started for various reasons, such as preventing infinite scaling loops. For help interpreting the not scaled reason details in the response, see Scaling activities for Application Auto Scaling.
List<E> policyNames
The names of the scaling policies to describe.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer maxResults
The maximum number of scalable targets. This value can be between 1 and 10. The default value is 10.
If this parameter is used, the operation returns up to MaxResults results at a time, along with a
NextToken value. To get the next set of results, include the NextToken value in a
subsequent call. If this parameter is not used, the operation returns up to 10 results and a
NextToken value, if applicable.
String nextToken
The token for the next set of results.
List<E> scheduledActionNames
The names of the scheduled actions to describe.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scheduled action. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property. If you specify a scalable dimension, you must also specify a resource ID.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer maxResults
The maximum number of scheduled action results. This value can be between 1 and 50. The default value is 50.
If this parameter is used, the operation returns up to MaxResults results at a time, along with a
NextToken value. To get the next set of results, include the NextToken value in a
subsequent call. If this parameter is not used, the operation returns up to 50 results and a
NextToken value, if applicable.
String nextToken
The token for the next set of results.
String resourceARN
Specify the ARN of the scalable target.
For example:
arn:aws:application-autoscaling:us-east-1:123456789012:scalable-target/1234abcd56ab78cd901ef1234567890ab123
To get the ARN for a scalable target, use DescribeScalableTargets.
String code
A code that represents the reason for not scaling.
Valid values:
AutoScalingAnticipatedFlapping
TargetServicePutResourceAsUnscalable
AlreadyAtMaxCapacity
AlreadyAtMinCapacity
AlreadyAtDesiredCapacity
Integer maxCapacity
The maximum capacity.
Integer minCapacity
The minimum capacity.
Integer currentCapacity
The current capacity.
String predefinedMetricType
The metric type. The ALBRequestCountPerTarget metric type applies only to Spot Fleets and ECS
services.
String resourceLabel
Identifies the resource associated with the metric type. You can't specify a resource label unless the metric
type is ALBRequestCountPerTarget and there is a target group attached to the Spot Fleet or ECS
service.
You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is:
app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff.
Where:
app/<load-balancer-name>/<load-balancer-id> is the final portion of the load balancer ARN
targetgroup/<target-group-name>/<target-group-id> is the final portion of the target group ARN.
To find the ARN for an Application Load Balancer, use the DescribeLoadBalancers API operation. To find the ARN for the target group, use the DescribeTargetGroups API operation.
String policyName
The name of the scaling policy.
You cannot change the name of a scaling policy, but you can delete the original scaling policy and create a new scaling policy with the same settings and a different name.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String policyType
The scaling policy type. This parameter is required if you are creating a scaling policy.
The following policy types are supported:
TargetTrackingScaling—Not supported for Amazon EMR.
StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK,
Amazon ElastiCache, or Neptune.
For more information, see Target tracking scaling policies and Step scaling policies in the Application Auto Scaling User Guide.
StepScalingPolicyConfiguration stepScalingPolicyConfiguration
A step scaling policy.
This parameter is required if you are creating a policy and the policy type is StepScaling.
TargetTrackingScalingPolicyConfiguration targetTrackingScalingPolicyConfiguration
A target tracking scaling policy. Includes support for predefined or customized metrics.
This parameter is required if you are creating a policy and the policy type is TargetTrackingScaling
.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String schedule
The schedule for this action. The following formats are supported:
At expressions - "at(yyyy-mm-ddThh:mm:ss)"
Rate expressions - "rate(value unit)"
Cron expressions - "cron(fields)"
At expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.
At and cron expressions use Universal Coordinated Time (UTC) by default.
The cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].
For rate expressions, value is a positive integer and unit is minute |
minutes | hour | hours | day | days.
For more information, see Schedule recurring scaling actions using cron expressions in the Application Auto Scaling User Guide.
String timezone
Specifies the time zone used when setting a scheduled action by using an at or cron expression. If a time zone is not provided, UTC is used by default.
Valid values are the canonical names of the IANA time zones supported by Joda-Time (such as
Etc/GMT+9 or Pacific/Tahiti). For more information, see https://www.joda.org/joda-time/timezones.html.
String scheduledActionName
The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target.
String resourceId
The identifier of the resource associated with the scheduled action. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Date startTime
The date and time for this scheduled action to start, in UTC.
Date endTime
The date and time for the recurring schedule to end, in UTC.
ScalableTargetAction scalableTargetAction
The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource. For a resource provided by your own
application or service, use custom-resource instead.
String resourceId
The identifier of the resource that is associated with the scalable target. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer minCapacity
The minimum value that you plan to scale in to. When a scaling policy is in effect, Application Auto Scaling can scale in (contract) as needed to the minimum capacity limit in response to changing demand. This property is required when registering a new scalable target.
For the following resources, the minimum value allowed is 0.
AppStream 2.0 fleets
Aurora DB clusters
ECS services
EMR clusters
Lambda provisioned concurrency
SageMaker endpoint variants
SageMaker inference components
SageMaker serverless endpoint provisioned concurrency
Spot Fleets
custom resources
It's strongly recommended that you specify a value greater than 0. A value greater than 0 means that data points are continuously reported to CloudWatch that scaling policies can use to scale on a metric like average CPU utilization.
For all other resources, the minimum allowed value depends on the type of resource that you are using. If you provide a value that is lower than what a resource can accept, an error occurs. In which case, the error message will provide the minimum value that the resource can accept.
Integer maxCapacity
The maximum value that you plan to scale out to. When a scaling policy is in effect, Application Auto Scaling can scale out (expand) as needed to the maximum capacity limit in response to changing demand. This property is required when registering a new scalable target.
Although you can specify a large maximum capacity, note that service quotas might impose lower limits. Each service has its own default quotas for the maximum capacity of the resource. If you want to specify a higher limit, you can request an increase. For more information, consult the documentation for that service. For information about the default quotas for each service, see Service endpoints and quotas in the Amazon Web Services General Reference.
String roleARN
This parameter is required for services that do not support service-linked roles (such as Amazon EMR), and it must specify the ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf.
If the service supports service-linked roles, Application Auto Scaling uses a service-linked role, which it creates if it does not yet exist. For more information, see How Application Auto Scaling works with IAM.
SuspendedState suspendedState
An embedded object that contains attributes and attribute values that are used to suspend and resume automatic
scaling. Setting the value of an attribute to true suspends the specified scaling activities.
Setting it to false (default) resumes the specified scaling activities.
Suspension Outcomes
For DynamicScalingInSuspended, while a suspension is in effect, all scale-in activities that are
triggered by a scaling policy are suspended.
For DynamicScalingOutSuspended, while a suspension is in effect, all scale-out activities that are
triggered by a scaling policy are suspended.
For ScheduledScalingSuspended, while a suspension is in effect, all scaling activities that involve
scheduled actions are suspended.
For more information, see Suspend and resume scaling in the Application Auto Scaling User Guide.
Map<K,V> tags
Assigns one or more tags to the scalable target. Use this parameter to tag the scalable target when it is created. To tag an existing scalable target, use the TagResource operation.
Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required. You cannot have more than one tag on a scalable target with the same tag key.
Use tags to control access to a scalable target. For more information, see Tagging support for Application Auto Scaling in the Application Auto Scaling User Guide.
String scalableTargetARN
The ARN of the scalable target.
String resourceName
The name of the Application Auto Scaling resource. This value is an Amazon Resource Name (ARN).
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource, or a custom-resource.
String resourceId
The identifier of the resource associated with the scalable target. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension associated with the scalable target. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Integer minCapacity
The minimum value to scale to in response to a scale-in activity.
Integer maxCapacity
The maximum value to scale to in response to a scale-out activity.
String roleARN
The ARN of an IAM role that allows Application Auto Scaling to modify the scalable target on your behalf.
Date creationTime
The Unix timestamp for when the scalable target was created.
SuspendedState suspendedState
Specifies whether the scaling activities for a scalable target are in a suspended state.
String scalableTargetARN
The ARN of the scalable target.
Integer minCapacity
The minimum capacity.
When the scheduled action runs, the resource will have at least this much capacity, but it might have more depending on other settings, such as the target utilization level of a target tracking scaling policy.
Integer maxCapacity
The maximum capacity.
Although you can specify a large maximum capacity, note that service quotas may impose lower limits. Each service has its own default quotas for the maximum capacity of the resource. If you want to specify a higher limit, you can request an increase. For more information, consult the documentation for that service. For information about the default quotas for each service, see Service endpoints and quotas in the Amazon Web Services General Reference.
String activityId
The unique identifier of the scaling activity.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource, or a custom-resource.
String resourceId
The identifier of the resource associated with the scaling activity. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String description
A simple description of what action the scaling activity intends to accomplish.
String cause
A simple description of what caused the scaling activity to happen.
Date startTime
The Unix timestamp for when the scaling activity began.
Date endTime
The Unix timestamp for when the scaling activity ended.
String statusCode
Indicates the status of the scaling activity.
String statusMessage
A simple message about the current status of the scaling activity.
String details
The details about the scaling activity.
List<E> notScaledReasons
Machine-readable data that describes the reason for a not scaled activity. Only available when DescribeScalingActivities includes not scaled activities.
String policyARN
The Amazon Resource Name (ARN) of the scaling policy.
String policyName
The name of the scaling policy.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource, or a custom-resource.
String resourceId
The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
String policyType
The scaling policy type.
The following policy types are supported:
TargetTrackingScaling—Not supported for Amazon EMR
StepScaling—Not supported for DynamoDB, Amazon Comprehend, Lambda, Amazon Keyspaces, Amazon MSK,
Amazon ElastiCache, or Neptune.
StepScalingPolicyConfiguration stepScalingPolicyConfiguration
A step scaling policy.
TargetTrackingScalingPolicyConfiguration targetTrackingScalingPolicyConfiguration
A target tracking scaling policy.
List<E> alarms
The CloudWatch alarms associated with the scaling policy.
Date creationTime
The Unix timestamp for when the scaling policy was created.
String scheduledActionName
The name of the scheduled action.
String scheduledActionARN
The Amazon Resource Name (ARN) of the scheduled action.
String serviceNamespace
The namespace of the Amazon Web Services service that provides the resource, or a custom-resource.
String schedule
The schedule for this action. The following formats are supported:
At expressions - "at(yyyy-mm-ddThh:mm:ss)"
Rate expressions - "rate(value unit)"
Cron expressions - "cron(fields)"
At expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval.
At and cron expressions use Universal Coordinated Time (UTC) by default.
The cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year].
For rate expressions, value is a positive integer and unit is minute |
minutes | hour | hours | day | days.
For more information, see Schedule recurring scaling actions using cron expressions in the Application Auto Scaling User Guide.
String timezone
The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression.
String resourceId
The identifier of the resource associated with the scaling policy. This string consists of the resource type and unique identifier.
ECS service - The resource type is service and the unique identifier is the cluster name and service
name. Example: service/my-cluster/my-service.
Spot Fleet - The resource type is spot-fleet-request and the unique identifier is the Spot Fleet
request ID. Example: spot-fleet-request/sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE.
EMR cluster - The resource type is instancegroup and the unique identifier is the cluster ID and
instance group ID. Example: instancegroup/j-2EEZNYKUA1NTV/ig-1791Y4E1L8YI0.
AppStream 2.0 fleet - The resource type is fleet and the unique identifier is the fleet name.
Example: fleet/sample-fleet.
DynamoDB table - The resource type is table and the unique identifier is the table name. Example:
table/my-table.
DynamoDB global secondary index - The resource type is index and the unique identifier is the index
name. Example: table/my-table/index/my-table-index.
Aurora DB cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:my-db-cluster.
SageMaker endpoint variant - The resource type is variant and the unique identifier is the resource
ID. Example: endpoint/my-end-point/variant/KMeansClustering.
Custom resources are not supported with a resource type. This parameter must specify the OutputValue
from the CloudFormation template stack used to access the resources. The unique identifier is defined by the
service provider. More information is available in our GitHub repository.
Amazon Comprehend document classification endpoint - The resource type and unique identifier are specified using
the endpoint ARN. Example:
arn:aws:comprehend:us-west-2:123456789012:document-classifier-endpoint/EXAMPLE.
Amazon Comprehend entity recognizer endpoint - The resource type and unique identifier are specified using the
endpoint ARN. Example: arn:aws:comprehend:us-west-2:123456789012:entity-recognizer-endpoint/EXAMPLE.
Lambda provisioned concurrency - The resource type is function and the unique identifier is the
function name with a function version or alias name suffix that is not $LATEST. Example:
function:my-function:prod or function:my-function:1.
Amazon Keyspaces table - The resource type is table and the unique identifier is the table name.
Example: keyspace/mykeyspace/table/mytable.
Amazon MSK cluster - The resource type and unique identifier are specified using the cluster ARN. Example:
arn:aws:kafka:us-east-1:123456789012:cluster/demo-cluster-1/6357e0b2-0e6a-4b86-a0b4-70df934c2e31-5.
Amazon ElastiCache replication group - The resource type is replication-group and the unique
identifier is the replication group name. Example: replication-group/mycluster.
Neptune cluster - The resource type is cluster and the unique identifier is the cluster name.
Example: cluster:mycluster.
SageMaker serverless endpoint - The resource type is variant and the unique identifier is the
resource ID. Example: endpoint/my-end-point/variant/KMeansClustering.
SageMaker inference component - The resource type is inference-component and the unique identifier
is the resource ID. Example: inference-component/my-inference-component.
Pool of WorkSpaces - The resource type is workspacespool and the unique identifier is the pool ID.
Example: workspacespool/wspool-123456.
String scalableDimension
The scalable dimension. This string consists of the service namespace, resource type, and scaling property.
ecs:service:DesiredCount - The task count of an ECS service.
elasticmapreduce:instancegroup:InstanceCount - The instance count of an EMR Instance Group.
ec2:spot-fleet-request:TargetCapacity - The target capacity of a Spot Fleet.
appstream:fleet:DesiredCapacity - The capacity of an AppStream 2.0 fleet.
dynamodb:table:ReadCapacityUnits - The provisioned read capacity for a DynamoDB table.
dynamodb:table:WriteCapacityUnits - The provisioned write capacity for a DynamoDB table.
dynamodb:index:ReadCapacityUnits - The provisioned read capacity for a DynamoDB global secondary
index.
dynamodb:index:WriteCapacityUnits - The provisioned write capacity for a DynamoDB global secondary
index.
rds:cluster:ReadReplicaCount - The count of Aurora Replicas in an Aurora DB cluster. Available for
Aurora MySQL-compatible edition and Aurora PostgreSQL-compatible edition.
sagemaker:variant:DesiredInstanceCount - The number of EC2 instances for a SageMaker model endpoint
variant.
custom-resource:ResourceType:Property - The scalable dimension for a custom resource provided by
your own application or service.
comprehend:document-classifier-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend document classification endpoint.
comprehend:entity-recognizer-endpoint:DesiredInferenceUnits - The number of inference units for an
Amazon Comprehend entity recognizer endpoint.
lambda:function:ProvisionedConcurrency - The provisioned concurrency for a Lambda function.
cassandra:table:ReadCapacityUnits - The provisioned read capacity for an Amazon Keyspaces table.
cassandra:table:WriteCapacityUnits - The provisioned write capacity for an Amazon Keyspaces table.
kafka:broker-storage:VolumeSize - The provisioned volume size (in GiB) for brokers in an Amazon MSK
cluster.
elasticache:replication-group:NodeGroups - The number of node groups for an Amazon ElastiCache
replication group.
elasticache:replication-group:Replicas - The number of replicas per node group for an Amazon
ElastiCache replication group.
neptune:cluster:ReadReplicaCount - The count of read replicas in an Amazon Neptune DB cluster.
sagemaker:variant:DesiredProvisionedConcurrency - The provisioned concurrency for a SageMaker
serverless endpoint.
sagemaker:inference-component:DesiredCopyCount - The number of copies across an endpoint for a
SageMaker inference component.
workspaces:workspacespool:DesiredUserSessions - The number of user sessions for the WorkSpaces in
the pool.
Date startTime
The date and time that the action is scheduled to begin, in UTC.
Date endTime
The date and time that the action is scheduled to end, in UTC.
ScalableTargetAction scalableTargetAction
The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity.
Date creationTime
The date and time that the scheduled action was created.
Double metricIntervalLowerBound
The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it's exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity.
Double metricIntervalUpperBound
The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it's inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity.
The upper bound must be greater than the lower bound.
Integer scalingAdjustment
The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a non-negative value.
String adjustmentType
Specifies how the ScalingAdjustment value in a StepAdjustment is interpreted (for example, an absolute number or a percentage). The valid values are
ChangeInCapacity, ExactCapacity, and PercentChangeInCapacity.
AdjustmentType is required if you are adding a new step scaling policy configuration.
List<E> stepAdjustments
A set of adjustments that enable you to scale based on the size of the alarm breach.
At least one step adjustment is required if you are adding a new step scaling policy configuration.
Integer minAdjustmentMagnitude
The minimum value to scale by when the adjustment type is PercentChangeInCapacity. For example,
suppose that you create a step scaling policy to scale out an Amazon ECS service by 25 percent and you specify a
MinAdjustmentMagnitude of 2. If the service has 4 tasks and the scaling policy is performed, 25
percent of 4 is 1. However, because you specified a MinAdjustmentMagnitude of 2, Application Auto
Scaling scales out the service by 2 tasks.
Integer cooldown
The amount of time, in seconds, to wait for a previous scaling activity to take effect. If not specified, the default value is 300. For more information, see Cooldown period in the Application Auto Scaling User Guide.
String metricAggregationType
The aggregation type for the CloudWatch metrics. Valid values are Minimum, Maximum, and
Average. If the aggregation type is null, the value is treated as Average.
Boolean dynamicScalingInSuspended
Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to
true if you don't want Application Auto Scaling to remove capacity when a scaling policy is
triggered. The default is false.
Boolean dynamicScalingOutSuspended
Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to
true if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered.
The default is false.
Boolean scheduledScalingSuspended
Whether scheduled scaling is suspended. Set the value to true if you don't want Application Auto
Scaling to add or remove capacity by initiating scheduled actions. The default is false.
String resourceARN
Identifies the Application Auto Scaling scalable target that you want to apply tags to.
For example:
arn:aws:application-autoscaling:us-east-1:123456789012:scalable-target/1234abcd56ab78cd901ef1234567890ab123
To get the ARN for a scalable target, use DescribeScalableTargets.
Map<K,V> tags
The tags assigned to the resource. A tag is a label that you assign to an Amazon Web Services resource.
Each tag consists of a tag key and a tag value.
You cannot have more than one tag on an Application Auto Scaling scalable target with the same tag key. If you specify an existing tag key with a different tag value, Application Auto Scaling replaces the current tag value with the specified one.
For information about the rules that apply to tag keys and tag values, see User-defined tag restrictions in the Amazon Web Services Billing User Guide.
List<E> dimensions
The dimensions for the metric. For the list of available dimensions, see the Amazon Web Services documentation available from the table in Amazon Web Services services that publish CloudWatch metrics in the Amazon CloudWatch User Guide.
Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy.
String metricName
The name of the metric.
String namespace
The namespace of the metric. For more information, see the table in Amazon Web Services services that publish CloudWatch metrics in the Amazon CloudWatch User Guide.
String expression
The math expression to perform on the returned data, if this object is performing a math expression. This
expression can use the Id of the other metrics to refer to those metrics, and can also use the
Id of other expressions to use the result of those expressions.
Conditional: Within each TargetTrackingMetricDataQuery object, you must specify either
Expression or MetricStat, but not both.
String id
A short name that identifies the object's results in the response. This name must be unique among all
MetricDataQuery objects specified for a single scaling policy. If you are performing math
expressions on this set of data, this name represents that data and can serve as a variable in the mathematical
expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase
letter.
String label
A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents.
TargetTrackingMetricStat metricStat
Information about the metric data to return.
Conditional: Within each MetricDataQuery object, you must specify either Expression or
MetricStat, but not both.
Boolean returnData
Indicates whether to return the timestamps and raw data values of this metric.
If you use any math expressions, specify true for this value for only the final math expression that
the metric specification is based on. You must specify false for ReturnData for all the
other metrics and expressions used in the metric specification.
If you are only retrieving metrics and not performing any math expressions, do not specify anything for
ReturnData. This sets it to its default (true).
TargetTrackingMetric metric
The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the Metric object that is returned by a call to ListMetrics.
String stat
The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in Statistics in the Amazon CloudWatch User Guide.
The most commonly used metric for scaling is Average.
String unit
The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the MetricDatum data type in the Amazon CloudWatch API Reference.
Double targetValue
The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out.
If the scaling policy specifies the ALBRequestCountPerTarget predefined metric, specify the target
utilization as the optimal average request count per target during any one-minute interval.
PredefinedMetricSpecification predefinedMetricSpecification
A predefined metric. You can specify either a predefined metric or a customized metric.
CustomizedMetricSpecification customizedMetricSpecification
A customized metric. You can specify either a predefined metric or a customized metric.
Integer scaleOutCooldown
The amount of time, in seconds, to wait for a previous scale-out activity to take effect. For more information and for default values, see Define cooldown periods in the Application Auto Scaling User Guide.
Integer scaleInCooldown
The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. For more information and for default values, see Define cooldown periods in the Application Auto Scaling User Guide.
Boolean disableScaleIn
Indicates whether scale in by the target tracking scaling policy is disabled. If the value is true,
scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target.
Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable
target. The default value is false.
String resourceName
The name of the Application Auto Scaling resource. This value is an Amazon Resource Name (ARN).
String resourceARN
Identifies the Application Auto Scaling scalable target from which to remove tags.
For example:
arn:aws:application-autoscaling:us-east-1:123456789012:scalable-target/1234abcd56ab78cd901ef1234567890ab123
To get the ARN for a scalable target, use DescribeScalableTargets.
List<E> tagKeys
One or more tag keys. Specify only the tag keys, not the tag values.
String reportId
Required. ID of the report to delete.
String reportId
ID of the report that was deleted.
String reportId
ID of the report to retrieve.
String reportId
ID of the report retrieved.
String reportDescription
Description of the report.
String reportFrequency
Cadence used to generate the report.
String format
Format of the generated report.
S3Location destinationS3Location
Amazon Simple Storage Service (Amazon S3) location where the report is uploaded.
Date createdAt
Timestamp (milliseconds) when this report definition was created.
Date lastUpdated
Timestamp (milliseconds) when this report definition was last updated.
SourceS3Location sourceS3Location
Amazon S3 location to import application usage data from.
String importId
ID of the import request.
String reportId
Required. ID of the report. You can choose any valid string matching the pattern for the ID.
String reportDescription
Required. Description of the report.
String reportFrequency
Required. The cadence to generate the report.
String format
Required. The format to use for the generated report.
S3Location destinationS3Location
Required. Amazon Simple Storage Service (Amazon S3) location where Application Cost Profiler uploads the report.
String reportId
ID of the report.
String reportId
The ID of the report.
String reportDescription
Description of the report
String reportFrequency
The cadence at which the report is generated.
String format
The format used for the generated reports.
S3Location destinationS3Location
The location in Amazon Simple Storage Service (Amazon S3) the reports should be saved to.
Date createdAt
Timestamp (milliseconds) when this report definition was created.
Date lastUpdatedAt
Timestamp (milliseconds) when this report definition was last updated.
String bucket
Name of the bucket.
String key
Key of the object.
String region
Region of the bucket. Only required for Regions that are disabled by default. For more infomration about Regions that are disabled by default, see Enabling a Region in the AWS General Reference guide.
String reportId
Required. ID of the report to update.
String reportDescription
Required. Description of the report.
String reportFrequency
Required. The cadence to generate the report.
String format
Required. The format to use for the generated report.
S3Location destinationS3Location
Required. Amazon Simple Storage Service (Amazon S3) location where Application Cost Profiler uploads the report.
String reportId
ID of the report.
String agentId
The agent ID.
Boolean operationSucceeded
Information about the status of the StartDataCollection and StopDataCollection
operations. The system has recorded the data collection operation. The agent receives this command the next time
it polls for a new command.
String description
A description of the operation performed.
String agentId
The agent or collector ID.
String hostName
The name of the host where the agent or collector resides. The host can be a server or virtual machine.
List<E> agentNetworkInfoList
Network details about the host where the agent or collector resides.
String connectorId
The ID of the connector.
String version
The agent or collector version.
String health
The health of the agent.
String lastHealthPingTime
Time since agent health was reported.
String collectionStatus
Status of the collection process for an agent.
String agentType
Type of agent.
String registeredTime
Agent's first registration timestamp in UTC.
String agentId
The ID of the agent or data collector to delete.
String errorMessage
The description of the error that occurred for the delete failed agent.
String errorCode
The type of error that occurred for the delete failed agent. Valid status are: AGENT_IN_USE | NOT_FOUND | INTERNAL_SERVER_ERROR.
String taskId
The deletion task's unique identifier.
String status
The current execution status of the deletion task. Valid status are: INITIALIZING | VALIDATING | DELETING | COMPLETED | FAILED.
Date startTime
An epoch seconds timestamp (UTC) of when the deletion task was started.
Date endTime
An epoch seconds timestamp (UTC) of when the deletion task was completed or failed.
String configurationType
The type of configuration item to delete. Supported types are: SERVER.
List<E> requestedConfigurations
The list of configuration IDs that were originally requested to be deleted by the deletion task.
List<E> deletedConfigurations
The list of configuration IDs that were successfully deleted by the deletion task.
List<E> failedConfigurations
A list of configuration IDs that failed to delete during the deletion task, each paired with an error message.
List<E> deletionWarnings
A list of configuration IDs that produced warnings regarding their deletion, paired with a warning message.
List<E> importTaskIds
The IDs for the import tasks that you want to delete.
Boolean deleteHistory
Set to true to remove the deleted import task from DescribeImportTasks.
String configurationType
A type of IT asset to tag.
String configurationId
The configuration ID for the item to tag. You can specify a list of keys and values.
String key
A type of tag on which to filter. For example, serverType.
String value
A value on which to filter. For example key = serverType and value = web server.
Date timeOfCreation
The time the configuration tag was created in Coordinated Universal Time (UTC).
String exportId
The unique ID assigned to this export.
String status
Describes the status of the export. Can be one of the following values:
START_IN_PROGRESS - setting up resources to start continuous export.
START_FAILED - an error occurred setting up continuous export. To recover, call start-continuous-export again.
ACTIVE - data is being exported to the customer bucket.
ERROR - an error occurred during export. To fix the issue, call stop-continuous-export and start-continuous-export.
STOP_IN_PROGRESS - stopping the export.
STOP_FAILED - an error occurred stopping the export. To recover, call stop-continuous-export again.
INACTIVE - the continuous export has been stopped. Data is no longer being exported to the customer bucket.
String statusDetail
Contains information about any errors that have occurred. This data type can have the following values:
ACCESS_DENIED - You don’t have permission to start Data Exploration in Amazon Athena. Contact your Amazon Web Services administrator for help. For more information, see Setting Up Amazon Web Services Application Discovery Service in the Application Discovery Service User Guide.
DELIVERY_STREAM_LIMIT_FAILURE - You reached the limit for Amazon Kinesis Data Firehose delivery streams. Reduce the number of streams or request a limit increase and try again. For more information, see Kinesis Data Streams Limits in the Amazon Kinesis Data Streams Developer Guide.
FIREHOSE_ROLE_MISSING - The Data Exploration feature is in an error state because your user is missing the Amazon Web ServicesApplicationDiscoveryServiceFirehose role. Turn on Data Exploration in Amazon Athena and try again. For more information, see Creating the Amazon Web ServicesApplicationDiscoveryServiceFirehose Role in the Application Discovery Service User Guide.
FIREHOSE_STREAM_DOES_NOT_EXIST - The Data Exploration feature is in an error state because your user is missing one or more of the Kinesis data delivery streams.
INTERNAL_FAILURE - The Data Exploration feature is in an error state because of an internal failure. Try again later. If this problem persists, contact Amazon Web Services Support.
LAKE_FORMATION_ACCESS_DENIED - You don't have sufficient lake formation permissions to start continuous export. For more information, see Upgrading Amazon Web Services Glue Data Permissions to the Amazon Web Services Lake Formation Model in the Amazon Web Services Lake Formation Developer Guide.
You can use one of the following two ways to resolve this issue.
If you don’t want to use the Lake Formation permission model, you can change the default Data Catalog settings to use only Amazon Web Services Identity and Access Management (IAM) access control for new databases. For more information, see Change Data Catalog Settings in the Lake Formation Developer Guide.
You can give the service-linked IAM roles AWSServiceRoleForApplicationDiscoveryServiceContinuousExport and AWSApplicationDiscoveryServiceFirehose the required Lake Formation permissions. For more information, see Granting Database Permissions in the Lake Formation Developer Guide.
AWSServiceRoleForApplicationDiscoveryServiceContinuousExport - Grant database creator permissions, which gives the role database creation ability and implicit permissions for any created tables. For more information, see Implicit Lake Formation Permissions in the Lake Formation Developer Guide.
AWSApplicationDiscoveryServiceFirehose - Grant describe permissions for all tables in the database.
S3_BUCKET_LIMIT_FAILURE - You reached the limit for Amazon S3 buckets. Reduce the number of S3 buckets or request a limit increase and try again. For more information, see Bucket Restrictions and Limitations in the Amazon Simple Storage Service Developer Guide.
S3_NOT_SIGNED_UP - Your account is not signed up for the Amazon S3 service. You must sign up before you can use Amazon S3. You can sign up at the following URL: https://aws.amazon.com/s3.
String s3Bucket
The name of the s3 bucket where the export data parquet files are stored.
Date startTime
The timestamp representing when the continuous export was started.
Date stopTime
The timestamp that represents when this continuous export was stopped.
String dataSource
The type of data collector used to gather this data (currently only offered for AGENT).
Map<K,V> schemaStorageConfig
An object which describes how the data is stored.
databaseName - the name of the Glue database used to store the schema.
String configurationId
Configuration ID of an application to be created.
List<E> configurationIds
A list of configuration items that you want to tag.
List<E> tags
Tags that you want to associate with one or more configuration items. Specify the tags that you want to create in a key-value format. For example:
{"key": "serverType", "value": "webServer"}
Integer activeAgents
Number of active discovery agents.
Integer healthyAgents
Number of healthy discovery agents
Integer blackListedAgents
Number of blacklisted discovery agents.
Integer shutdownAgents
Number of discovery agents with status SHUTDOWN.
Integer unhealthyAgents
Number of unhealthy discovery agents.
Integer totalAgents
Total number of discovery agents.
Integer unknownAgents
Number of unknown discovery agents.
Integer activeAgentlessCollectors
The number of active Agentless Collector collectors.
Integer healthyAgentlessCollectors
The number of healthy Agentless Collector collectors.
Integer denyListedAgentlessCollectors
The number of deny-listed Agentless Collector collectors.
Integer shutdownAgentlessCollectors
The number of Agentless Collector collectors with SHUTDOWN status.
Integer unhealthyAgentlessCollectors
The number of unhealthy Agentless Collector collectors.
Integer totalAgentlessCollectors
The total number of Agentless Collector collectors.
Integer unknownAgentlessCollectors
The number of unknown Agentless Collector collectors.
Integer activeConnectors
Number of active discovery connectors.
Integer healthyConnectors
Number of healthy discovery connectors.
Integer blackListedConnectors
Number of blacklisted discovery connectors.
Integer shutdownConnectors
Number of discovery connectors with status SHUTDOWN,
Integer unhealthyConnectors
Number of unhealthy discovery connectors.
Integer totalConnectors
Total number of discovery connectors.
Integer unknownConnectors
Number of unknown discovery connectors.
Integer activeMeCollectors
The number of active Migration Evaluator collectors.
Integer healthyMeCollectors
The number of healthy Migration Evaluator collectors.
Integer denyListedMeCollectors
The number of deny-listed Migration Evaluator collectors.
Integer shutdownMeCollectors
The number of Migration Evaluator collectors with SHUTDOWN status.
Integer unhealthyMeCollectors
The number of unhealthy Migration Evaluator collectors.
Integer totalMeCollectors
The total number of Migration Evaluator collectors.
Integer unknownMeCollectors
The number of unknown Migration Evaluator collectors.
String agentId
The ID of the agent or data collector to delete.
Boolean force
Optional flag used to force delete an agent or data collector. It is needed to delete any agent in HEALTHY/UNHEALTHY/RUNNING status. Note that deleting an agent that is actively reporting health causes it to be re-registered with a different agent ID after data collector re-connects with Amazon Web Services.
List<E> configurationIds
A list of configuration items with tags that you want to delete.
List<E> tags
Tags that you want to delete from one or more configuration items. Specify the tags that you want to delete in a key-value format. For example:
{"key": "serverType", "value": "webServer"}
String configurationId
The unique identifier of the configuration that produced a warning.
Integer warningCode
The integer warning code associated with the warning message.
String warningText
A descriptive message of the warning the associated configuration ID produced.
List<E> agentIds
The agent or the collector IDs for which you want information. If you specify no IDs, the system returns information about all agents/collectors associated with your user.
List<E> filters
You can filter the request using various logical operators and a key-value format. For example:
{"key": "collectionStatus", "value": "STARTED"}
Integer maxResults
The total number of agents/collectors to return in a single page of output. The maximum value is 100.
String nextToken
Token to retrieve the next set of results. For example, if you previously specified 100 IDs for
DescribeAgentsRequest$agentIds but set DescribeAgentsRequest$maxResults to 10, you
received a set of 10 results along with a token. Use that token in this query to get the next set of 10.
List<E> agentsInfo
Lists agents or the collector by ID or lists all agents/collectors associated with your user, if you did not specify an agent/collector ID. The output includes agent/collector IDs, IP addresses, media access control (MAC) addresses, agent/collector health, host name where the agent/collector resides, and the version number of each agent/collector.
String nextToken
Token to retrieve the next set of results. For example, if you specified 100 IDs for
DescribeAgentsRequest$agentIds but set DescribeAgentsRequest$maxResults to 10, you
received a set of 10 results along with this token. Use this token in the next query to retrieve the next set of
10.
String taskId
The ID of the task to delete.
BatchDeleteConfigurationTask task
The BatchDeleteConfigurationTask that represents the deletion task being executed.
List<E> exportIds
One or more unique identifiers used to query the status of an export request.
List<E> filters
One or more filters.
AgentId - ID of the agent whose collected data will be exported
Integer maxResults
The maximum number of volume results returned by DescribeExportTasks in paginated output. When this
parameter is used, DescribeExportTasks only returns maxResults results in a single page
along with a nextToken response element.
String nextToken
The nextToken value returned from a previous paginated DescribeExportTasks request
where maxResults was used and the results exceeded the value of that parameter. Pagination continues
from the end of the previous results that returned the nextToken value. This value is null when
there are no more results to return.
List<E> exportsInfo
Contains one or more sets of export request details. When the status of a request is SUCCEEDED, the
response includes a URL for an Amazon S3 bucket where you can view the data in a CSV file.
String nextToken
The nextToken value to include in a future DescribeExportTasks request. When the
results of a DescribeExportTasks request exceed maxResults, this value can be used to
retrieve the next page of results. This value is null when there are no more results to return.
List<E> filters
An array of name-value pairs that you provide to filter the results for the DescribeImportTask
request to a specific subset of results. Currently, wildcard values aren't supported for filters.
Integer maxResults
The maximum number of results that you want this request to return, up to 100.
String nextToken
The token to request a specific page of results.
List<E> filters
You can filter the list using a key-value format. You can separate these items by using logical
operators. Allowed filters include tagKey, tagValue, and configurationId.
Integer maxResults
The total number of items to return in a single page of output. The maximum value is 100.
String nextToken
A token to start the list. Use this token to get the next set of results.
Boolean enabled
If set to true, the export preferences is set to Ec2RecommendationsExportPreferences.
UsageMetricBasis cpuPerformanceMetricBasis
The recommended EC2 instance type that matches the CPU usage metric of server performance data.
UsageMetricBasis ramPerformanceMetricBasis
The recommended EC2 instance type that matches the Memory usage metric of server performance data.
String tenancy
The target tenancy to use for your recommended EC2 instances.
List<E> excludedInstanceTypes
An array of instance types to exclude from recommendations.
String preferredRegion
The target Amazon Web Services Region for the recommendations. You can use any of the Region codes available for the chosen service, as listed in Amazon Web Services service endpoints in the Amazon Web Services General Reference.
ReservedInstanceOptions reservedInstanceOptions
The contract type for a reserved instance. If blank, we assume an On-Demand instance is preferred.
String exportId
A unique identifier that you can use to query the export status.
String name
A single ExportFilter name. Supported filters: agentIds.
List<E> values
A single agent ID for a Discovery Agent. An agent ID can be found using the DescribeAgents action. Typically an ADS agent ID is in the form o-0123456789abcdef0.
String condition
Supported condition: EQUALS
String exportId
A unique identifier used to query an export.
String exportStatus
The status of the data export job.
String statusMessage
A status message provided for API callers.
String configurationsDownloadUrl
A URL for an Amazon S3 bucket where you can review the exported data. The URL is displayed only if the export succeeded.
Date exportRequestTime
The time that the data export was initiated.
Boolean isTruncated
If true, the export of agent information exceeded the size limit for a single export and the exported data is
incomplete for the requested time range. To address this, select a smaller time range for the export by using
startDate and endDate.
Date requestedStartTime
The value of startTime parameter in the StartExportTask request. If no
startTime was requested, this result does not appear in ExportInfo.
Date requestedEndTime
The endTime used in the StartExportTask request. If no endTime was
requested, this result does not appear in ExportInfo.
Ec2RecommendationsExportPreferences ec2RecommendationsPreferences
If enabled, exported data includes EC2 instance type matches for on-premises servers discovered through Amazon Web Services Application Discovery Service.
String configurationId
The unique identifier of the configuration the failed to delete.
Integer errorStatusCode
The integer error code associated with the error message.
String errorMessage
A descriptive message indicating why the associated configuration failed to delete.
String name
The name of the filter.
List<E> values
A string value on which to filter. For example, if you choose the destinationServer.osVersion filter
name, you could specify Ubuntu for the value.
String condition
A conditional operator. The following operators are valid: EQUALS, NOT_EQUALS, CONTAINS, NOT_CONTAINS. If you specify multiple filters, the system utilizes all filters as though concatenated by AND. If you specify multiple values for a particular filter, the system differentiates the values using OR. Calling either DescribeConfigurations or ListConfigurations returns attributes of matching configuration items.
Long servers
The number of servers discovered.
Long applications
The number of applications discovered.
Long serversMappedToApplications
The number of servers mapped to applications.
Long serversMappedtoTags
The number of servers mapped to tags.
CustomerAgentInfo agentSummary
Details about discovered agents, including agent status and health.
CustomerConnectorInfo connectorSummary
Details about discovered connectors, including connector status and health.
CustomerMeCollectorInfo meCollectorSummary
Details about Migration Evaluator collectors, including collector status and health.
CustomerAgentlessCollectorInfo agentlessCollectorSummary
Details about Agentless Collector collectors, including status.
String importTaskId
The unique ID for a specific import task. These IDs aren't globally unique, but they are unique within an Amazon Web Services account.
String clientRequestToken
A unique token used to prevent the same import request from occurring more than once. If you didn't provide a token, a token was automatically generated when the import task request was sent.
String name
A descriptive name for an import task. You can use this name to filter future requests related to this import task, such as identifying applications and servers that were included in this import task. We recommend that you use a meaningful name for each import task.
String importUrl
The URL for your import file that you've uploaded to Amazon S3.
String status
The status of the import task. An import can have the status of IMPORT_COMPLETE and still have some
records fail to import from the overall request. More information can be found in the downloadable archive
defined in the errorsAndFailedEntriesZip field, or in the Migration Hub management console.
Date importRequestTime
The time that the import task request was made, presented in the Unix time stamp format.
Date importCompletionTime
The time that the import task request finished, presented in the Unix time stamp format.
Date importDeletedTime
The time that the import task request was deleted, presented in the Unix time stamp format.
Integer serverImportSuccess
The total number of server records in the import file that were successfully imported.
Integer serverImportFailure
The total number of server records in the import file that failed to be imported.
Integer applicationImportSuccess
The total number of application records in the import file that were successfully imported.
Integer applicationImportFailure
The total number of application records in the import file that failed to be imported.
String errorsAndFailedEntriesZip
A link to a compressed archive folder (in the ZIP format) that contains an error log and a file of failed records. You can use these two files to quickly identify records that failed, why they failed, and correct those records. Afterward, you can upload the corrected file to your Amazon S3 bucket and create another import task request.
This field also includes authorization information so you can confirm the authenticity of the compressed archive before you download it.
If some records failed to be imported we recommend that you correct the records in the failed entries file and then imports that failed entries file. This prevents you from having to correct and update the larger original file and attempt importing it again.
String configurationType
A valid configuration identified by Application Discovery Service.
List<E> filters
You can filter the request using various logical operators and a key-value format. For example:
{"key": "serverType", "value": "webServer"}
For a complete list of filter options and guidance about using them with this action, see Using the ListConfigurations Action in the Amazon Web Services Application Discovery Service User Guide.
Integer maxResults
The total number of items to return. The maximum value is 100.
String nextToken
Token to retrieve the next set of results. For example, if a previous call to ListConfigurations returned 100
items, but you set ListConfigurationsRequest$maxResults to 10, you received a set of 10 results
along with a token. Use that token in this query to get the next set of 10.
List<E> orderBy
Certain filter criteria return output that can be sorted in ascending or descending order. For a list of output characteristics for each filter, see Using the ListConfigurations Action in the Amazon Web Services Application Discovery Service User Guide.
List<E> configurations
Returns configuration details, including the configuration ID, attribute names, and attribute values.
String nextToken
Token to retrieve the next set of results. For example, if your call to ListConfigurations returned 100 items,
but you set ListConfigurationsRequest$maxResults to 10, you received a set of 10 results along with
this token. Use this token in the next query to retrieve the next set of 10.
String configurationId
Configuration ID of the server for which neighbors are being listed.
Boolean portInformationNeeded
Flag to indicate if port and protocol information is needed as part of the response.
List<E> neighborConfigurationIds
List of configuration IDs to test for one-hop-away.
Integer maxResults
Maximum number of results to return in a single page of output.
String nextToken
Token to retrieve the next set of results. For example, if you previously specified 100 IDs for
ListServerNeighborsRequest$neighborConfigurationIds but set
ListServerNeighborsRequest$maxResults to 10, you received a set of 10 results along with a token.
Use that token in this query to get the next set of 10.
List<E> neighbors
List of distinct servers that are one hop away from the given server.
String nextToken
Token to retrieve the next set of results. For example, if you specified 100 IDs for
ListServerNeighborsRequest$neighborConfigurationIds but set
ListServerNeighborsRequest$maxResults to 10, you received a set of 10 results along with this token.
Use this token in the next query to retrieve the next set of 10.
Long knownDependencyCount
Count of distinct servers that are one hop away from the given server.
String sourceServerId
The ID of the server that opened the network connection.
String destinationServerId
The ID of the server that accepted the network connection.
Integer destinationPort
The destination network port for the connection.
String transportProtocol
The network protocol used for the connection.
Long connectionsCount
The number of open network connections with the neighboring server.
String taskId
The unique identifier associated with the newly started deletion task.
String exportId
The unique ID assigned to this export.
String s3Bucket
The name of the s3 bucket where the export data parquet files are stored.
Date startTime
The timestamp representing when the continuous export was started.
String dataSource
The type of data collector used to gather this data (currently only offered for AGENT).
Map<K,V> schemaStorageConfig
A dictionary which describes how the data is stored.
databaseName - the name of the Glue database used to store the schema.
List<E> agentIds
The IDs of the agents from which to start collecting data. If you send a request to an agent ID that you do not
have permission to contact, according to your Amazon Web Services account, the service does not throw an
exception. Instead, it returns the error in the Description field. If you send a request to multiple
agents and you do not have permission to contact some of those agents, the system does not throw an exception.
Instead, the system shows Failed in the Description field.
List<E> exportDataFormat
The file format for the returned export data. Default value is CSV. Note: The
GRAPHML option has been deprecated.
List<E> filters
If a filter is present, it selects the single agentId of the Application Discovery Agent for which
data is exported. The agentId can be found in the results of the DescribeAgents API or
CLI. If no filter is present, startTime and endTime are ignored and exported data
includes both Amazon Web Services Application Discovery Service Agentless Collector collectors data and summary
data from Application Discovery Agent agents.
Date startTime
The start timestamp for exported data from the single Application Discovery Agent selected in the filters. If no value is specified, data is exported starting from the first data collected by the agent.
Date endTime
The end timestamp for exported data from the single Application Discovery Agent selected in the filters. If no value is specified, exported data includes the most recent data collected by the agent.
ExportPreferences preferences
Indicates the type of data that needs to be exported. Only one ExportPreferences can be enabled at any time.
String exportId
A unique identifier used to query the status of an export request.
String clientRequestToken
Optional. A unique token that you can provide to prevent the same import request from occurring more than once. If you don't provide a token, a token is automatically generated.
Sending more than one StartImportTask request with the same client request token will return
information about the original import task with that client request token.
String name
A descriptive name for this request. You can use this name to filter future requests related to this import task, such as identifying applications and servers that were included in this import task. We recommend that you use a meaningful name for each import task.
String importUrl
The URL for your import file that you've uploaded to Amazon S3.
If you're using the Amazon Web Services CLI, this URL is structured as follows:
s3://BucketName/ImportFileName.CSV
ImportTask task
An array of information related to the import task request including status information, times, IDs, the Amazon S3 Object URL for the import file, and more.
String exportId
The unique ID assigned to this export.
String resourceGroupName
The name of the resource group.
String componentName
The name of the component.
WorkloadConfiguration workloadConfiguration
The configuration settings of the workload. The value is the escaped JSON of the configuration.
String workloadId
The ID of the workload.
WorkloadConfiguration workloadConfiguration
The configuration settings of the workload. The value is the escaped JSON of the configuration.
String componentName
The name of the component.
String componentRemarks
If logging is supported for the resource type, indicates whether the component has configured logs to be monitored.
String resourceType
The resource type. Supported resource types include EC2 instances, Auto Scaling group, Classic ELB, Application ELB, and SQS Queue.
String osType
The operating system of the component.
String tier
The stack tier of the application component.
Boolean monitor
Indicates whether the application component is monitored.
Map<K,V> detectedWorkload
Workloads detected in the application component.
String accountId
The AWS account ID for the owner of the application.
String resourceGroupName
The name of the resource group used for the application.
String lifeCycle
The lifecycle of the application.
String opsItemSNSTopicArn
The SNS topic provided to Application Insights that is associated to the created opsItems to receive SNS notifications for opsItem updates.
Boolean opsCenterEnabled
Indicates whether Application Insights will create opsItems for any problem detected by Application Insights for an application.
Boolean cWEMonitorEnabled
Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as
instance terminated, failed deployment, and others.
String remarks
The issues on the user side that block Application Insights from successfully monitoring an application. Example remarks include:
“Configuring application, detected 1 Errors, 3 Warnings”
“Configuring application, detected 1 Unconfigured Components”
Boolean autoConfigEnabled
Indicates whether auto-configuration is turned on for this application.
String discoveryType
The method used by Application Insights to onboard your resources.
Boolean attachMissingPermission
If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing.
String resourceGroupName
The name of the resource group of the application to which the configuration event belongs.
String accountId
The AWS account ID for the owner of the application to which the configuration event belongs.
String monitoredResourceARN
The resource monitored by Application Insights.
String eventStatus
The status of the configuration update event. Possible values include INFO, WARN, and ERROR.
String eventResourceType
The resource type that Application Insights attempted to configure, for example, CLOUDWATCH_ALARM.
Date eventTime
The timestamp of the event.
String eventDetail
The details of the event in plain text.
String eventResourceName
The name of the resource Application Insights attempted to configure.
String resourceGroupName
The name of the resource group.
Boolean opsCenterEnabled
When set to true, creates opsItems for any problems detected on an application.
Boolean cWEMonitorEnabled
Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as
instance terminated, failed deployment, and others.
String opsItemSNSTopicArn
The SNS topic provided to Application Insights that is associated to the created opsItem. Allows you to receive notifications for updates to the opsItem.
List<E> tags
List of tags to add to the application. tag key (Key) and an associated tag value (
Value). The maximum length of a tag key is 128 characters. The maximum length of a tag value is 256
characters.
Boolean autoConfigEnabled
Indicates whether Application Insights automatically configures unmonitored resources in the resource group.
Boolean autoCreate
Configures all of the resources in the resource group by applying the recommended configurations.
String groupingType
Application Insights can create applications based on a resource group or on an account. To create an
account-based application using all of the resources in the account, set this parameter to
ACCOUNT_BASED.
Boolean attachMissingPermission
If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing.
ApplicationInfo applicationInfo
Information about the application.
String resourceGroupName
The name of the resource group.
String patternSetName
The name of the log pattern set.
String patternName
The name of the log pattern.
String pattern
The log pattern. The pattern must be DFA compatible. Patterns that utilize forward lookahead or backreference constructions are not supported.
Integer rank
Rank of the log pattern. Must be a value between 1 and 1,000,000. The patterns are
sorted by rank, so we recommend that you set your highest priority patterns with the lowest rank. A pattern of
rank 1 will be the first to get matched to a log line. A pattern of rank 1,000,000 will
be last to get matched. When you configure custom log patterns from the console, a Low severity
pattern translates to a 750,000 rank. A Medium severity pattern translates to a
500,000 rank. And a High severity pattern translates to a 250,000 rank.
Rank values less than 1 or greater than 1,000,000 are reserved for AWS-provided
patterns.
LogPattern logPattern
The successfully created log pattern.
String resourceGroupName
The name of the resource group.
String resourceGroupName
The name of the resource group.
ApplicationInfo applicationInfo
Information about the application.
String resourceGroupName
The name of the resource group.
String componentName
The name of the component.
String tier
The tier of the application component.
String workloadName
The name of the workload.
String recommendationType
The recommended configuration type.
String componentConfiguration
The recommended configuration settings of the component. The value is the escaped JSON of the configuration.
Boolean monitor
Indicates whether the application component is monitored.
String tier
The tier of the application component. Supported tiers include DOT_NET_CORE,
DOT_NET_WORKER, DOT_NET_WEB, SQL_SERVER, and DEFAULT
String componentConfiguration
The configuration settings of the component. The value is the escaped JSON of the configuration.
ApplicationComponent applicationComponent
List<E> resourceList
The list of resource ARNs that belong to the component.
String resourceGroupName
The name of the resource group.
String accountId
The AWS account ID for the resource group owner.
LogPattern logPattern
The successfully created log pattern.
Observation observation
Information about the observation.
RelatedObservations relatedObservations
Observations related to the problem.
Problem problem
Information about the problem.
String workloadId
The ID of the workload.
String workloadRemarks
If logging is supported for the resource type, shows whether the component has configured logs to be monitored.
WorkloadConfiguration workloadConfiguration
The configuration settings of the workload. The value is the escaped JSON of the configuration.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String accountId
The AWS account ID for the resource group owner.
String resourceGroupName
The name of the resource group.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String accountId
The AWS account ID for the resource group owner.
String resourceGroupName
Resource group to which the application belongs.
Date startTime
The start time of the event.
Date endTime
The end time of the event.
String eventStatus
The status of the configuration update event. Possible values include INFO, WARN, and ERROR.
Integer maxResults
The maximum number of results returned by ListConfigurationHistory in paginated output. When this
parameter is used, ListConfigurationHistory returns only MaxResults in a single page
along with a NextToken response element. The remaining results of the initial request can be seen by
sending another ListConfigurationHistory request with the returned NextToken value. If
this parameter is not used, then ListConfigurationHistory returns all results.
String nextToken
The NextToken value returned from a previous paginated ListConfigurationHistory request
where MaxResults was used and the results exceeded the value of that parameter. Pagination continues
from the end of the previous results that returned the NextToken value. This value is
null when there are no more results to return.
String accountId
The AWS account ID for the resource group owner.
List<E> eventList
The list of configuration events and their corresponding details.
String nextToken
The NextToken value to include in a future ListConfigurationHistory request. When the
results of a ListConfigurationHistory request exceed MaxResults, this value can be used
to retrieve the next page of results. This value is null when there are no more results to return.
String resourceGroupName
The name of the resource group.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String accountId
The AWS account ID for the resource group owner.
String resourceGroupName
The name of the resource group.
String accountId
The AWS account ID for the resource group owner.
List<E> logPatternSets
The list of log pattern sets.
String nextToken
The token used to retrieve the next page of results. This value is null when there are no more
results to return.
String resourceGroupName
The name of the resource group.
String patternSetName
The name of the log pattern set.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String accountId
The AWS account ID for the resource group owner.
String resourceGroupName
The name of the resource group.
String accountId
The AWS account ID for the resource group owner.
List<E> logPatterns
The list of log patterns.
String nextToken
The token used to retrieve the next page of results. This value is null when there are no more
results to return.
String accountId
The AWS account ID for the resource group owner.
String resourceGroupName
The name of the resource group.
Date startTime
The time when the problem was detected, in epoch seconds. If you don't specify a time frame for the request, problems within the past seven days are returned.
Date endTime
The time when the problem ended, in epoch seconds. If not specified, problems within the past seven days are returned.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String componentName
The name of the component.
String visibility
Specifies whether or not you can view the problem. If not specified, visible and ignored problems are returned.
List<E> problemList
The list of problems.
String nextToken
The token used to retrieve the next page of results. This value is null when there are no more
results to return.
String resourceGroupName
The name of the resource group.
String accountId
The AWS account ID for the resource group owner.
String resourceARN
The Amazon Resource Name (ARN) of the application that you want to retrieve tag information for.
String resourceGroupName
The name of the resource group.
String componentName
The name of the component.
Integer maxResults
The maximum number of results to return in a single call. To retrieve the remaining results, make another call
with the returned NextToken value.
String nextToken
The token to request the next page of results.
String accountId
The AWS account ID of the owner of the workload.
String patternSetName
The name of the log pattern. A log pattern name can contain as many as 30 characters, and it cannot be empty. The characters can be Unicode letters, digits, or one of the following symbols: period, dash, underscore.
String patternName
The name of the log pattern. A log pattern name can contain as many as 50 characters, and it cannot be empty. The characters can be Unicode letters, digits, or one of the following symbols: period, dash, underscore.
String pattern
A regular expression that defines the log pattern. A log pattern can contain as many as 50 characters, and it cannot be empty. The pattern must be DFA compatible. Patterns that utilize forward lookahead or backreference constructions are not supported.
Integer rank
Rank of the log pattern. Must be a value between 1 and 1,000,000. The patterns are
sorted by rank, so we recommend that you set your highest priority patterns with the lowest rank. A pattern of
rank 1 will be the first to get matched to a log line. A pattern of rank 1,000,000 will
be last to get matched. When you configure custom log patterns from the console, a Low severity
pattern translates to a 750,000 rank. A Medium severity pattern translates to a
500,000 rank. And a High severity pattern translates to a 250,000 rank.
Rank values less than 1 or greater than 1,000,000 are reserved for AWS-provided
patterns.
String id
The ID of the observation type.
Date startTime
The time when the observation was first detected, in epoch seconds.
Date endTime
The time when the observation ended, in epoch seconds.
String sourceType
The source type of the observation.
String sourceARN
The source resource ARN of the observation.
String logGroup
The log group name.
Date lineTime
The timestamp in the CloudWatch Logs that specifies when the matched line occurred.
String logText
The log text of the observation.
String logFilter
The log filter of the observation.
String metricNamespace
The namespace of the observation metric.
String metricName
The name of the observation metric.
String unit
The unit of the source observation metric.
Double value
The value of the source observation metric.
String cloudWatchEventId
The ID of the CloudWatch Event-based observation related to the detected problem.
String cloudWatchEventSource
The source of the CloudWatch Event.
String cloudWatchEventDetailType
The detail type of the CloudWatch Event-based observation, for example,
EC2 Instance State-change Notification.
String healthEventArn
The Amazon Resource Name (ARN) of the AWS Health Event-based observation.
String healthService
The service to which the AWS Health Event belongs, such as EC2.
String healthEventTypeCode
The type of the AWS Health event, for example, AWS_EC2_POWER_CONNECTIVITY_ISSUE.
String healthEventTypeCategory
The category of the AWS Health event, such as issue.
String healthEventDescription
The description of the AWS Health event provided by the service, such as Amazon EC2.
String codeDeployDeploymentId
The deployment ID of the CodeDeploy-based observation related to the detected problem.
String codeDeployDeploymentGroup
The deployment group to which the CodeDeploy deployment belongs.
String codeDeployState
The status of the CodeDeploy deployment, for example SUCCESS or FAILURE.
String codeDeployApplication
The CodeDeploy application to which the deployment belongs.
String codeDeployInstanceGroupId
The instance group to which the CodeDeploy instance belongs.
String ec2State
The state of the instance, such as STOPPING or TERMINATING.
String rdsEventCategories
The category of an RDS event.
String rdsEventMessage
The message of an RDS event.
String s3EventName
The name of the S3 CloudWatch Event-based observation.
String statesExecutionArn
The Amazon Resource Name (ARN) of the step function execution-based observation.
String statesArn
The Amazon Resource Name (ARN) of the step function-based observation.
String statesStatus
The status of the step function-related observation.
String statesInput
The input to the step function-based observation.
String ebsEvent
The type of EBS CloudWatch event, such as createVolume, deleteVolume or
attachVolume.
String ebsResult
The result of an EBS CloudWatch event, such as failed or succeeded.
String ebsCause
The cause of an EBS CloudWatch event.
String ebsRequestId
The request ID of an EBS CloudWatch event.
Integer xRayFaultPercent
The X-Ray request fault percentage for this node.
Integer xRayThrottlePercent
The X-Ray request throttle percentage for this node.
Integer xRayErrorPercent
The X-Ray request error percentage for this node.
Integer xRayRequestCount
The X-Ray request count for this node.
Long xRayRequestAverageLatency
The X-Ray node request average latency for this node.
String xRayNodeName
The name of the X-Ray node.
String xRayNodeType
The type of the X-Ray node.
String id
The ID of the problem.
String title
The name of the problem.
String insights
A detailed analysis of the problem using machine learning.
String status
The status of the problem.
String affectedResource
The resource affected by the problem.
Date startTime
The time when the problem started, in epoch seconds.
Date endTime
The time when the problem ended, in epoch seconds.
String severityLevel
A measure of the level of impact of the problem.
String accountId
The AWS account ID for the owner of the resource group affected by the problem.
String resourceGroupName
The name of the resource group affected by the problem.
Map<K,V> feedback
Feedback provided by the user about the problem.
Long recurringCount
The number of times that the same problem reoccurred after the first time it was resolved.
Date lastRecurrenceTime
The last time that the problem reoccurred after its last resolution.
String visibility
Specifies whether or not you can view the problem. Updates to ignored problems do not generate notifications.
String resolutionMethod
Specifies how the problem was resolved. If the value is AUTOMATIC, the system resolved the problem.
If the value is MANUAL, the user resolved the problem. If the value is UNRESOLVED, then
the problem is not resolved.
String key
One part of a key-value pair that defines a tag. The maximum length of a tag key is 128 characters. The minimum length is 1 character.
String value
The optional part of a key-value pair that defines a tag. The maximum length of a tag value is 256 characters. The minimum length is 0 characters. If you don't want an application to have a specific tag value, don't specify a value for this parameter.
String resourceARN
The Amazon Resource Name (ARN) of the application that you want to add one or more tags to.
List<E> tags
A list of tags that to add to the application. A tag consists of a required tag key (Key) and an
associated tag value (Value). The maximum length of a tag key is 128 characters. The maximum length
of a tag value is 256 characters.
String resourceName
The name of the resource with too many tags.
String resourceARN
The Amazon Resource Name (ARN) of the application that you want to remove one or more tags from.
List<E> tagKeys
The tags (tag keys) that you want to remove from the resource. When you specify a tag key, the action removes both that key and its associated tag value.
To remove more than one tag from the application, append the TagKeys parameter and argument for each
additional tag to remove, separated by an ampersand.
String resourceGroupName
The name of the resource group.
Boolean opsCenterEnabled
When set to true, creates opsItems for any problems detected on an application.
Boolean cWEMonitorEnabled
Indicates whether Application Insights can listen to CloudWatch events for the application resources, such as
instance terminated, failed deployment, and others.
String opsItemSNSTopicArn
The SNS topic provided to Application Insights that is associated to the created opsItem. Allows you to receive notifications for updates to the opsItem.
Boolean removeSNSTopic
Disassociates the SNS topic from the opsItem created for detected problems.
Boolean autoConfigEnabled
Turns auto-configuration on or off.
Boolean attachMissingPermission
If set to true, the managed policies for SSM and CW will be attached to the instance roles if they are missing.
ApplicationInfo applicationInfo
Information about the application.
String resourceGroupName
The name of the resource group.
String componentName
The name of the component.
Boolean monitor
Indicates whether the application component is monitored.
String tier
The tier of the application component.
String componentConfiguration
The configuration settings of the component. The value is the escaped JSON of the configuration. For more
information about the JSON format, see Working with
JSON. You can send a request to DescribeComponentConfigurationRecommendation to see the
recommended configuration for a component. For the complete format of the component configuration file, see Component
Configuration.
Boolean autoConfigEnabled
Automatically configures the component by applying the recommended configurations.
String resourceGroupName
The name of the resource group.
String patternSetName
The name of the log pattern set.
String patternName
The name of the log pattern.
String pattern
The log pattern. The pattern must be DFA compatible. Patterns that utilize forward lookahead or backreference constructions are not supported.
Integer rank
Rank of the log pattern. Must be a value between 1 and 1,000,000. The patterns are
sorted by rank, so we recommend that you set your highest priority patterns with the lowest rank. A pattern of
rank 1 will be the first to get matched to a log line. A pattern of rank 1,000,000 will
be last to get matched. When you configure custom log patterns from the console, a Low severity
pattern translates to a 750,000 rank. A Medium severity pattern translates to a
500,000 rank. And a High severity pattern translates to a 250,000 rank.
Rank values less than 1 or greater than 1,000,000 are reserved for AWS-provided
patterns.
String resourceGroupName
The name of the resource group.
LogPattern logPattern
The successfully created log pattern.
String problemId
The ID of the problem.
String updateStatus
The status of the problem. Arguments can be passed for only problems that show a status of
RECOVERING.
String visibility
The visibility of a problem. When you pass a value of IGNORED, the problem is removed from the
default view, and all notifications for the problem are suspended. When VISIBLE is passed, the
IGNORED action is reversed.
String resourceGroupName
The name of the resource group.
String componentName
The name of the component.
String workloadId
The ID of the workload.
WorkloadConfiguration workloadConfiguration
The configuration settings of the workload. The value is the escaped JSON of the configuration.
String workloadId
The ID of the workload.
WorkloadConfiguration workloadConfiguration
The configuration settings of the workload. The value is the escaped JSON of the configuration.
String workloadId
The ID of the workload.
String componentName
The name of the component.
String workloadName
The name of the workload.
String tier
The tier of the workload.
String workloadRemarks
If logging is supported for the resource type, shows whether the component has configured logs to be monitored.
Date timestamp
The date and time that the report is for. It is expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.
List<E> reports
An array of structures, where each structure is one budget report.
List<E> errors
An array of structures, where each structure includes an error indicating that one of the requests in the array was not valid.
Date startTime
The date and time when you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m.
When used in a raw HTTP Query API, it is formatted as be epoch time in seconds. For example:
1698778057
As soon as one calendar interval ends, another automatically begins.
String durationUnit
Specifies the calendar interval unit.
Integer duration
Specifies the duration of each calendar interval. For example, if Duration is 1 and
DurationUnit is MONTH, each interval is one month, aligned with the calendar.
String name
A name for this SLO.
String description
An optional description for this SLO.
ServiceLevelIndicatorConfig sliConfig
A structure that contains information about what service and what performance metric that this SLO will monitor.
Goal goal
A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold.
List<E> tags
A list of key-value pairs to associate with the SLO. You can associate as many as 50 tags with an SLO. To be able
to associate tags with the SLO when you create the SLO, you must have the cloudwatch:TagResource
permission.
Tags can help you organize and categorize your resources. You can also use them to scope user permissions by granting a user permission to access or change only resources with certain tag values.
ServiceLevelObjective slo
A structure that contains information about the SLO that you just created.
String id
The ARN or name of the service level objective to delete.
String name
The name of the dimension. Dimension names must contain only ASCII characters, must include at least one
non-whitespace character, and cannot start with a colon (:). ASCII control characters are not
supported as part of dimension names.
String value
The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values.
String id
The ARN or name of the SLO that you want to retrieve information about. You can find the ARNs of SLOs by using the ListServiceLevelObjectives operation.
ServiceLevelObjective slo
A structure containing the information about the SLO.
Date startTime
The start of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Date endTime
The end of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Map<K,V> keyAttributes
Use this field to specify which service you want to retrieve information for. You must specify at least the
Type, Name, and Environment attributes.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
Service service
A structure containing information about the service.
Date startTime
The start time of the data included in the response. In a raw HTTP Query API, it is formatted as be epoch time in
seconds. For example: 1698778057.
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
Date endTime
The end time of the data included in the response. In a raw HTTP Query API, it is formatted as be epoch time in
seconds. For example: 1698778057.
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
List<E> logGroupReferences
An array of string-to-string maps that each contain information about one log group associated with this service. Each string-to-string map includes the following fields:
"Type": "AWS::Resource"
"ResourceType": "AWS::Logs::LogGroup"
"Identifier": "name-of-log-group"
Interval interval
The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval.
If you omit this parameter, a rolling interval of 7 days is used.
Double attainmentGoal
The threshold that determines if the goal is being met. An attainment goal is the ratio of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state.
If you omit this parameter, 99 is used to represent 99% as the attainment goal.
Double warningThreshold
The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used.
RollingInterval rollingInterval
If the interval is a rolling interval, this structure contains the interval specifications.
CalendarInterval calendarInterval
If the interval is a calendar interval, this structure contains the interval specifications.
Date startTime
The start of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Date endTime
The end of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested end time will be rounded to the nearest hour.
Map<K,V> keyAttributes
Use this field to specify which service you want to retrieve information for. You must specify at least the
Type, Name, and Environment attributes.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
Integer maxResults
The maximum number of results to return in one operation. If you omit this parameter, the default of 50 is used.
String nextToken
Include this value, if it was returned by the previous operation, to get the next set of service dependencies.
Date startTime
The start of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
Date endTime
The end of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
List<E> serviceDependencies
An array, where each object in the array contains information about one of the dependencies of this service.
String nextToken
Include this value in your next use of this API to get next set of service dependencies.
Date startTime
The start of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Date endTime
The end of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Map<K,V> keyAttributes
Use this field to specify which service you want to retrieve information for. You must specify at least the
Type, Name, and Environment attributes.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
Integer maxResults
The maximum number of results to return in one operation. If you omit this parameter, the default of 50 is used.
String nextToken
Include this value, if it was returned by the previous operation, to get the next set of service dependents.
Date startTime
The start of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
Date endTime
The end of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
List<E> serviceDependents
An array, where each object in the array contains information about one of the dependents of this service.
String nextToken
Include this value in your next use of this API to get next set of service dependents.
Map<K,V> keyAttributes
You can use this optional field to specify which services you want to retrieve SLO information for.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String operationName
The name of the operation that this SLO is associated with.
Integer maxResults
The maximum number of results to return in one operation. If you omit this parameter, the default of 50 is used.
String nextToken
Include this value, if it was returned by the previous operation, to get the next set of service level objectives.
Date startTime
The start of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Date endTime
The end of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested end time will be rounded to the nearest hour.
Map<K,V> keyAttributes
Use this field to specify which service you want to retrieve information for. You must specify at least the
Type, Name, and Environment attributes.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
Integer maxResults
The maximum number of results to return in one operation. If you omit this parameter, the default of 50 is used.
String nextToken
Include this value, if it was returned by the previous operation, to get the next set of service operations.
Date startTime
The start of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
Date endTime
The end of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
List<E> serviceOperations
An array of structures that each contain information about one operation of this service.
String nextToken
Include this value in your next use of this API to get next set of service operations.
Date startTime
The start of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Date endTime
The end of the time period to retrieve information about. When used in a raw HTTP Query API, it is formatted as
be epoch time in seconds. For example: 1698778057
Your requested start time will be rounded to the nearest hour.
Integer maxResults
The maximum number of results to return in one operation. If you omit this parameter, the default of 50 is used.
String nextToken
Include this value, if it was returned by the previous operation, to get the next set of services.
Date startTime
The start of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
Date endTime
The end of the time period that the returned information applies to. When used in a raw HTTP Query API, it is
formatted as be epoch time in seconds. For example: 1698778057
This displays the time that Application Signals used for the request. It might not match your request exactly, because it was rounded to the nearest hour.
List<E> serviceSummaries
An array of structures, where each structure contains some information about a service. To get complete information about a service, use GetService.
String nextToken
Include this value in your next use of this API to get next set of services.
String resourceArn
The Amazon Resource Name (ARN) of the CloudWatch resource that you want to view tags for.
The ARN format of an Application Signals SLO is
arn:aws:cloudwatch:Region:account-id:slo:slo-name
For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.
String namespace
The namespace of the metric. For more information, see Namespaces.
String metricName
The name of the metric to use.
List<E> dimensions
An array of one or more dimensions to use to define the metric that you want to use. For more information, see Dimensions .
String id
A short name used to tie this object to the results in the response. This Id must be unique within a
MetricDataQueries array. If you are performing math expressions on this set of data, this name
represents that data and can serve as a variable in the metric math expression. The valid characters are letters,
numbers, and underscore. The first character must be a lowercase letter.
MetricStat metricStat
A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO.
Within one MetricDataQuery object, you must specify either Expression or
MetricStat but not both.
String expression
This field can contain a metric math expression to be performed on the other metrics that you are retrieving
within this MetricDataQueries structure.
A math expression can use the Id of the other metrics or queries to refer to those metrics, and can
also use the Id of other expressions to use the result of those expressions. For more information
about metric math expressions, see Metric Math Syntax and Functions in the Amazon CloudWatch User Guide.
Within each MetricDataQuery object, you must specify either Expression or
MetricStat but not both.
String label
A human-readable label for this metric or expression. This is especially useful if this is an expression, so that
you know what the value represents. If the metric or expression is shown in a CloudWatch dashboard widget, the
label is shown. If Label is omitted, CloudWatch generates a default.
You can put dynamic expressions into a label, so that it is more descriptive. For more information, see Using Dynamic Labels.
Boolean returnData
Use this only if you are using a metric math expression for the SLO. Specify true for
ReturnData for only the one expression result to use as the alarm. For all other metrics and
expressions in the same CreateServiceLevelObjective operation, specify ReturnData as
false.
Integer period
The granularity, in seconds, of the returned data points for this metric. For metrics with regular resolution, a
period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that
are collected at intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60.
High-resolution metrics are those metrics stored by a PutMetricData call that includes a
StorageResolution of 1 second.
If the StartTime parameter specifies a time stamp that is greater than 3 hours ago, you must specify
the period as follows or no data points in that time range is returned:
Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute).
Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes).
Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour).
String accountId
The ID of the account where this metric is located. If you are performing this operatiion in a monitoring account, use this to specify which source account to retrieve this metric from.
String namespace
The namespace of the metric. For more information, see CloudWatchNamespaces.
String metricType
Used to display the appropriate statistics in the CloudWatch console.
List<E> dimensions
An array of one or more dimensions that further define the metric. For more information, see CloudWatchDimensions.
String metricName
The name of the metric.
Metric metric
The metric to use as the service level indicator, including the metric name, namespace, and dimensions.
Integer period
The granularity, in seconds, to be used for the metric. For metrics with regular resolution, a period can be as
short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at
intervals of less than one minute, the period can be 1, 5, 10, 30, 60, or any multiple of 60. High-resolution
metrics are those metrics stored by a PutMetricData call that includes a
StorageResolution of 1 second.
String stat
The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see CloudWatch statistics definitions.
String unit
If you omit Unit then all data that was collected with any unit is returned, along with the
corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the
operation returns only data that was collected with that unit specified. If you specify a unit that does not
match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions.
Map<K,V> keyAttributes
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
List<E> attributeMaps
This structure contains one or more string-to-string maps that help identify this service. It can include platform attributes, application attributes, and telemetry attributes.
Platform attributes contain information the service's platform.
PlatformType defines the hosted-in platform.
EKS.Cluster is the name of the Amazon EKS cluster.
K8s.Cluster is the name of the self-hosted Kubernetes cluster.
K8s.Namespace is the name of the Kubernetes namespace in either Amazon EKS or Kubernetes clusters.
K8s.Workload is the name of the Kubernetes workload in either Amazon EKS or Kubernetes clusters.
K8s.Node is the name of the Kubernetes node in either Amazon EKS or Kubernetes clusters.
K8s.Pod is the name of the Kubernetes pod in either Amazon EKS or Kubernetes clusters.
EC2.AutoScalingGroup is the name of the Amazon EC2 Auto Scaling group.
EC2.InstanceId is the ID of the Amazon EC2 instance.
Host is the name of the host, for all platform types.
Applciation attributes contain information about the application.
AWS.Application is the application's name in Amazon Web Services Service Catalog AppRegistry.
AWS.Application.ARN is the application's ARN in Amazon Web Services Service Catalog AppRegistry.
Telemetry attributes contain telemetry information.
Telemetry.SDK is the fingerprint of the OpenTelemetry SDK version for instrumented services.
Telemetry.Agent is the fingerprint of the agent used to collect and send telemetry data.
Telemetry.Source Specifies the point of application where the telemetry was collected or specifies
what was used for the source of telemetry data.
List<E> metricReferences
An array of structures that each contain information about one metric associated with this service.
List<E> logGroupReferences
An array of string-to-string maps that each contain information about one log group associated with this service. Each string-to-string map includes the following fields:
"Type": "AWS::Resource"
"ResourceType": "AWS::Logs::LogGroup"
"Identifier": "name-of-log-group"
String operationName
The name of the operation in this service that calls the dependency.
Map<K,V> dependencyKeyAttributes
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String dependencyOperationName
The name of the called operation in the dependency.
List<E> metricReferences
An array of structures that each contain information about one metric associated with this service dependency that was discovered by Application Signals.
String operationName
If the invoked entity is an operation on an entity, the name of that dependent operation is displayed here.
Map<K,V> dependentKeyAttributes
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String dependentOperationName
If the dependent invoker was a service that invoked it from an operation, the name of that dependent operation is displayed here.
List<E> metricReferences
An array of structures that each contain information about one metric associated with this service dependent that was discovered by Application Signals.
ServiceLevelIndicatorMetric sliMetric
A structure that contains information about the metric that the SLO monitors.
Double metricThreshold
The value that the SLI metric is compared to.
String comparisonOperator
The arithmetic operation used when comparing the specified metric to the threshold.
ServiceLevelIndicatorMetricConfig sliMetricConfig
Use this structure to specify the metric to be used for the SLO.
Double metricThreshold
The value that the SLI metric is compared to.
String comparisonOperator
The arithmetic operation to use when comparing the specified metric to the threshold.
Map<K,V> keyAttributes
This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields.
Type designates the type of object that this SLO is related to.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String operationName
If the SLO monitors a specific operation of the service, this field displays that operation name.
String metricType
If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals
collects, this field displays which of those metrics is used.
List<E> metricDataQueries
If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, this structure includes the information about that metric or expression.
Map<K,V> keyAttributes
If this SLO is related to a metric collected by Application Signals, you must use this field to specify which
service the SLO metric is related to. To do so, you must specify at least the Type,
Name, and Environment attributes.
This is a string-to-string map. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String operationName
If the SLO is to monitor a specific operation of the service, use this field to specify the name of that operation.
String metricType
If the SLO is to monitor either the LATENCY or AVAILABILITY metric that Application
Signals collects, use this field to specify which of those metrics is used.
String statistic
The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. For more information about statistics, see CloudWatch statistics definitions.
Integer periodSeconds
The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance.
List<E> metricDataQueries
If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression.
String arn
The ARN of this SLO.
String name
The name of this SLO.
String description
The description that you created for this SLO.
Date createdTime
The date and time that this SLO was created. When used in a raw HTTP Query API, it is formatted as
yyyy-MM-dd'T'HH:mm:ss. For example, 2019-07-01T23:59:59.
Date lastUpdatedTime
The time that this SLO was most recently updated. When used in a raw HTTP Query API, it is formatted as
yyyy-MM-dd'T'HH:mm:ss. For example, 2019-07-01T23:59:59.
ServiceLevelIndicator sli
A structure containing information about the performance metric that this SLO monitors.
Goal goal
String arn
The ARN of the SLO that this report is for.
String name
The name of the SLO that this report is for.
String budgetStatus
The status of this SLO, as it relates to the error budget for the entire time interval.
OK means that the SLO had remaining budget above the warning threshold, as of the time that you
specified in TimeStamp.
WARNING means that the SLO's remaining budget was below the warning threshold, as of the time that
you specified in TimeStamp.
BREACHED means that the SLO's budget was exhausted, as of the time that you specified in
TimeStamp.
INSUFFICIENT_DATA means that the specifed start and end times were before the SLO was created, or
that attainment data is missing.
Double attainment
A number between 0 and 100 that represents the percentage of time periods that the service has attained the SLO's attainment goal, as of the time of the request.
Integer totalBudgetSeconds
The total number of seconds in the error budget for the interval.
Integer budgetSecondsRemaining
The budget amount remaining before the SLO status becomes BREACHING, at the time specified in the
Timestemp parameter of the request. If this value is negative, then the SLO is already in
BREACHING status.
ServiceLevelIndicator sli
A structure that contains information about the performance metric that this SLO monitors.
Goal goal
String arn
The ARN of this service level objective.
String name
The name of the service level objective.
Map<K,V> keyAttributes
This is a string-to-string map. It can include the following fields.
Type designates the type of object this service level objective is for.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
String operationName
If this service level objective is specific to a single operation, this field displays the name of that operation.
Date createdTime
The date and time that this service level objective was created. It is expressed as the number of milliseconds since Jan 1, 1970 00:00:00 UTC.
Map<K,V> keyAttributes
This is a string-to-string map that help identify the objects discovered by Application Signals. It can include the following fields.
Type designates the type of object this is.
ResourceType specifies the type of the resource. This field is used only when the value of the
Type field is Resource or AWS::Resource.
Name specifies the name of the object. This is used only if the value of the Type field
is Service, RemoteService, or AWS::Service.
Identifier identifies the resource objects of this resource. This is used only if the value of the
Type field is Resource or AWS::Resource.
Environment specifies the location where this object is hosted, or what it belongs to.
List<E> attributeMaps
This structure contains one or more string-to-string maps that help identify this service. It can include platform attributes, application attributes, and telemetry attributes.
Platform attributes contain information the service's platform.
PlatformType defines the hosted-in platform.
EKS.Cluster is the name of the Amazon EKS cluster.
K8s.Cluster is the name of the self-hosted Kubernetes cluster.
K8s.Namespace is the name of the Kubernetes namespace in either Amazon EKS or Kubernetes clusters.
K8s.Workload is the name of the Kubernetes workload in either Amazon EKS or Kubernetes clusters.
K8s.Node is the name of the Kubernetes node in either Amazon EKS or Kubernetes clusters.
K8s.Pod is the name of the Kubernetes pod in either Amazon EKS or Kubernetes clusters.
EC2.AutoScalingGroup is the name of the Amazon EC2 Auto Scaling group.
EC2.InstanceId is the ID of the Amazon EC2 instance.
Host is the name of the host, for all platform types.
Applciation attributes contain information about the application.
AWS.Application is the application's name in Amazon Web Services Service Catalog AppRegistry.
AWS.Application.ARN is the application's ARN in Amazon Web Services Service Catalog AppRegistry.
Telemetry attributes contain telemetry information.
Telemetry.SDK is the fingerprint of the OpenTelemetry SDK version for instrumented services.
Telemetry.Agent is the fingerprint of the agent used to collect and send telemetry data.
Telemetry.Source Specifies the point of application where the telemetry was collected or specifies
what was used for the source of telemetry data.
List<E> metricReferences
An array of structures that each contain information about one metric associated with this service.
String resourceArn
The Amazon Resource Name (ARN) of the CloudWatch resource that you want to set tags for.
The ARN format of an Application Signals SLO is
arn:aws:cloudwatch:Region:account-id:slo:slo-name
For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.
List<E> tags
The list of key-value pairs to associate with the alarm.
String resourceArn
The Amazon Resource Name (ARN) of the CloudWatch resource that you want to delete tags from.
The ARN format of an Application Signals SLO is
arn:aws:cloudwatch:Region:account-id:slo:slo-name
For more information about ARN format, see Resource Types Defined by Amazon CloudWatch in the Amazon Web Services General Reference.
List<E> tagKeys
The list of tag keys to remove from the resource.
String id
The Amazon Resource Name (ARN) or name of the service level objective that you want to update.
String description
An optional description for the SLO.
ServiceLevelIndicatorConfig sliConfig
A structure that contains information about what performance metric this SLO will monitor.
Goal goal
A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold.
ServiceLevelObjective slo
A structure that contains information about the SLO that you just updated.
FileAccessLog file
The file object to send virtual node access logs to.
String key
The name of an Cloud Map service instance attribute key. Any Cloud Map service instance that contains the specified key and value is returned.
String value
The value of an Cloud Map service instance attribute key. Any Cloud Map service instance that contains the specified key and value is returned.
List<E> attributes
A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.
String ipPreference
The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
String namespaceName
The name of the Cloud Map namespace to use.
String serviceName
The name of the Cloud Map service to use.
VirtualServiceBackend virtualService
Specifies a virtual service to use as a backend.
ClientPolicy clientPolicy
A reference to an object that represents a client policy.
ClientPolicyTls tls
A reference to an object that represents a Transport Layer Security (TLS) client policy.
ClientTlsCertificate certificate
A reference to an object that represents a client's TLS certificate.
Boolean enforce
Whether the policy is enforced. The default is True, if a value isn't specified.
List<E> ports
One or more ports that the policy is enforced for.
TlsValidationContext validation
A reference to an object that represents a TLS validation context.
ListenerTlsFileCertificate file
An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS).
ListenerTlsSdsCertificate sds
A reference to an object that represents a client's TLS Secret Discovery Service certificate.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String gatewayRouteName
The name to use for the gateway route.
String meshName
The name of the service mesh to create the gateway route in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
GatewayRouteSpec spec
The gateway route specification to apply.
List<E> tags
Optional metadata that you can apply to the gateway route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualGatewayName
The name of the virtual gateway to associate the gateway route with. If the virtual gateway is in a shared mesh, then you must be the owner of the virtual gateway resource.
GatewayRouteData gatewayRoute
The full description of your gateway route following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name to use for the service mesh.
MeshSpec spec
The service mesh specification to apply.
List<E> tags
Optional metadata that you can apply to the service mesh to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
MeshData mesh
The full description of your service mesh following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to create the route in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
String routeName
The name to use for the route.
RouteSpec spec
The route specification to apply.
List<E> tags
Optional metadata that you can apply to the route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualRouterName
The name of the virtual router in which to create the route. If the virtual router is in a shared mesh, then you must be the owner of the virtual router resource.
RouteData route
The full description of your mesh following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to create the virtual gateway in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
VirtualGatewaySpec spec
The virtual gateway specification to apply.
List<E> tags
Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualGatewayName
The name to use for the virtual gateway.
VirtualGatewayData virtualGateway
The full description of your virtual gateway following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to create the virtual node in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
VirtualNodeSpec spec
The virtual node specification to apply.
List<E> tags
Optional metadata that you can apply to the virtual node to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualNodeName
The name to use for the virtual node.
VirtualNodeData virtualNode
The full description of your virtual node following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to create the virtual router in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
VirtualRouterSpec spec
The virtual router specification to apply.
List<E> tags
Optional metadata that you can apply to the virtual router to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualRouterName
The name to use for the virtual router.
VirtualRouterData virtualRouter
The full description of your virtual router following the create call.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to create the virtual service in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see Working with shared meshes.
VirtualServiceSpec spec
The virtual service specification to apply.
List<E> tags
Optional metadata that you can apply to the virtual service to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
String virtualServiceName
The name to use for the virtual service.
VirtualServiceData virtualService
The full description of your virtual service following the create call.
String gatewayRouteName
The name of the gateway route to delete.
String meshName
The name of the service mesh to delete the gateway route from.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualGatewayName
The name of the virtual gateway to delete the route from.
GatewayRouteData gatewayRoute
The gateway route that was deleted.
String meshName
The name of the service mesh to delete.
MeshData mesh
The service mesh that was deleted.
String meshName
The name of the service mesh to delete the route in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String routeName
The name of the route to delete.
String virtualRouterName
The name of the virtual router to delete the route in.
RouteData route
The route that was deleted.
String meshName
The name of the service mesh to delete the virtual gateway from.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualGatewayName
The name of the virtual gateway to delete.
VirtualGatewayData virtualGateway
The virtual gateway that was deleted.
String meshName
The name of the service mesh to delete the virtual node in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualNodeName
The name of the virtual node to delete.
VirtualNodeData virtualNode
The virtual node that was deleted.
String meshName
The name of the service mesh to delete the virtual router in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualRouterName
The name of the virtual router to delete.
VirtualRouterData virtualRouter
The virtual router that was deleted.
String meshName
The name of the service mesh to delete the virtual service in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualServiceName
The name of the virtual service to delete.
VirtualServiceData virtualService
The virtual service that was deleted.
String gatewayRouteName
The name of the gateway route to describe.
String meshName
The name of the service mesh that the gateway route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualGatewayName
The name of the virtual gateway that the gateway route is associated with.
GatewayRouteData gatewayRoute
The full description of your gateway route.
String meshName
The name of the service mesh to describe.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
MeshData mesh
The full description of your service mesh.
String meshName
The name of the service mesh that the route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String routeName
The name of the route to describe.
String virtualRouterName
The name of the virtual router that the route is associated with.
RouteData route
The full description of your route.
String meshName
The name of the service mesh that the gateway route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualGatewayName
The name of the virtual gateway to describe.
VirtualGatewayData virtualGateway
The full description of your virtual gateway.
String meshName
The name of the service mesh that the virtual node resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualNodeName
The name of the virtual node to describe.
VirtualNodeData virtualNode
The full description of your virtual node.
String meshName
The name of the service mesh that the virtual router resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualRouterName
The name of the virtual router to describe.
VirtualRouterData virtualRouter
The full description of your virtual router.
String meshName
The name of the service mesh that the virtual service resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String virtualServiceName
The name of the virtual service to describe.
VirtualServiceData virtualService
The full description of your virtual service.
String hostname
Specifies the DNS service discovery hostname for the virtual node.
String ipPreference
The preferred IP version that this virtual node uses. Setting the IP preference on the virtual node only overrides the IP preference set for the mesh on this specific node.
String responseType
Specifies the DNS response type for the virtual node.
String type
The egress filter type. By default, the type is DROP_ALL, which allows egress only from virtual
nodes to other defined resources in the service mesh (and any traffic to *.amazonaws.com for Amazon
Web Services API calls). You can set the egress filter type to ALLOW_ALL to allow egress to any
endpoint inside or outside of the service mesh.
LoggingFormat format
The specified format for the logs. The format is either json_format or text_format.
String path
The file path to write access logs to. You can use /dev/stdout to send access logs to standard out
and configure your Envoy container to use a log driver, such as awslogs, to export the access logs
to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's
file system to write the files to disk.
The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.
String gatewayRouteName
The name of the gateway route.
String meshName
The name of the service mesh that the resource resides in.
ResourceMetadata metadata
GatewayRouteSpec spec
The specifications of the gateway route.
GatewayRouteStatus status
The status of the gateway route.
String virtualGatewayName
The virtual gateway that the gateway route is associated with.
String defaultTargetHostname
The default target host name to write to.
String arn
The full Amazon Resource Name (ARN) for the gateway route.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
String gatewayRouteName
The name of the gateway route.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the resource resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualGatewayName
The virtual gateway that the gateway route is associated with.
GrpcGatewayRoute grpcRoute
An object that represents the specification of a gRPC gateway route.
HttpGatewayRoute http2Route
An object that represents the specification of an HTTP/2 gateway route.
HttpGatewayRoute httpRoute
An object that represents the specification of an HTTP gateway route.
Integer priority
The ordering of the gateway routes spec.
String status
The current status for the gateway route.
Integer port
The port number of the gateway route target.
GatewayRouteVirtualService virtualService
An object that represents a virtual service gateway route target.
String virtualServiceName
The name of the virtual service that traffic is routed to.
GrpcGatewayRouteAction action
An object that represents the action to take if a match is determined.
GrpcGatewayRouteMatch match
An object that represents the criteria for determining a request match.
GrpcGatewayRouteRewrite rewrite
The gateway route action to rewrite.
GatewayRouteTarget target
An object that represents the target that traffic is routed to when a request matches the gateway route.
GatewayRouteHostnameMatch hostname
The gateway route host name to be matched on.
List<E> metadata
The gateway route metadata to be matched on.
Integer port
The gateway route port to be matched on.
String serviceName
The fully qualified domain name for the service to match from the request.
Boolean invert
Specify True to match anything except the match criteria. The default value is False.
GrpcMetadataMatchMethod match
The criteria for determining a metadata match.
String name
A name for the gateway route metadata.
GatewayRouteHostnameRewrite hostname
The host name of the gateway route to rewrite.
String exact
The exact method header to be matched on.
String prefix
The specified beginning characters of the method header to be matched on.
MatchRange range
String regex
The regex used to match the method header.
String suffix
The specified ending characters of the method header to match on.
List<E> grpcRetryEvents
Specify at least one of the valid values.
List<E> httpRetryEvents
Specify at least one of the following values.
server-error – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511
gateway-error – HTTP status codes 502, 503, and 504
client-error – HTTP status code 409
stream-error – Retry on refused stream
Long maxRetries
The maximum number of retry attempts.
Duration perRetryTimeout
The timeout for each retry attempt.
List<E> tcpRetryEvents
Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.
GrpcRouteAction action
An object that represents the action to take if a match is determined.
GrpcRouteMatch match
An object that represents the criteria for determining a request match.
GrpcRetryPolicy retryPolicy
An object that represents a retry policy.
GrpcTimeout timeout
An object that represents types of timeouts.
List<E> metadata
An object that represents the data to match from the request.
String methodName
The method name to match from the request. If you specify a name, you must also specify a
serviceName.
Integer port
The port number to match on.
String serviceName
The fully qualified domain name for the service to match from the request.
Boolean invert
Specify True to match anything except the match criteria. The default value is False.
GrpcRouteMetadataMatchMethod match
An object that represents the data to match from the request.
String name
The name of the route.
String exact
The value sent by the client must match the specified value exactly.
String prefix
The value sent by the client must begin with the specified characters.
MatchRange range
An object that represents the range of values to match on.
String regex
The value sent by the client must include the specified characters.
String suffix
The value sent by the client must end with the specified characters.
Duration idle
An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
Duration perRequest
An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
String exact
The value sent by the client must match the specified value exactly.
String prefix
The value sent by the client must begin with the specified characters.
MatchRange range
An object that represents the range of values to match on.
String regex
The value sent by the client must include the specified characters.
String suffix
The value sent by the client must end with the specified characters.
Integer healthyThreshold
The number of consecutive successful health checks that must occur before declaring listener healthy.
Long intervalMillis
The time period in milliseconds between each health check execution.
String path
The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
Integer port
The destination port for the health check request. This port must match the port defined in the PortMapping for the listener.
String protocol
The protocol for the health check request. If you specify grpc, then your service must conform to
the GRPC Health Checking Protocol.
Long timeoutMillis
The amount of time to wait when receiving a response from the health check, in milliseconds.
Integer unhealthyThreshold
The number of consecutive failed health checks that must occur before declaring a virtual node unhealthy.
HttpGatewayRouteAction action
An object that represents the action to take if a match is determined.
HttpGatewayRouteMatch match
An object that represents the criteria for determining a request match.
HttpGatewayRouteRewrite rewrite
The gateway route action to rewrite.
GatewayRouteTarget target
An object that represents the target that traffic is routed to when a request matches the gateway route.
Boolean invert
Specify True to match anything except the match criteria. The default value is False.
HeaderMatchMethod match
An object that represents the method and value to match with the header value sent in a request. Specify one match method.
String name
A name for the HTTP header in the gateway route that will be matched on.
List<E> headers
The client request headers to match on.
GatewayRouteHostnameMatch hostname
The host name to match on.
String method
The method to match on.
HttpPathMatch path
The path to match on.
Integer port
The port number to match on.
String prefix
Specifies the path to match requests with. This parameter must always start with /, which by itself
matches all requests to the virtual service name. You can also match for path-based routing of requests. For
example, if your virtual service name is my-service.local and you want the route to match requests
to my-service.local/metrics, your prefix should be /metrics.
List<E> queryParameters
The query parameter to match on.
String exact
The exact path to rewrite.
GatewayRouteHostnameRewrite hostname
The host name to rewrite.
HttpGatewayRoutePathRewrite path
The path to rewrite.
HttpGatewayRoutePrefixRewrite prefix
The specified beginning characters to rewrite.
QueryParameterMatch match
The query parameter to match on.
String name
A name for the query parameter that will be matched on.
List<E> httpRetryEvents
Specify at least one of the following values.
server-error – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511
gateway-error – HTTP status codes 502, 503, and 504
client-error – HTTP status code 409
stream-error – Retry on refused stream
Long maxRetries
The maximum number of retry attempts.
Duration perRetryTimeout
The timeout for each retry attempt.
List<E> tcpRetryEvents
Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.
HttpRouteAction action
An object that represents the action to take if a match is determined.
HttpRouteMatch match
An object that represents the criteria for determining a request match.
HttpRetryPolicy retryPolicy
An object that represents a retry policy.
HttpTimeout timeout
An object that represents types of timeouts.
Boolean invert
Specify True to match anything except the match criteria. The default value is False.
HeaderMatchMethod match
The HeaderMatchMethod object.
String name
A name for the HTTP header in the client request that will be matched on.
List<E> headers
The client request headers to match on.
String method
The client request method to match on. Specify only one.
HttpPathMatch path
The client request path to match on.
Integer port
The port number to match on.
String prefix
Specifies the path to match requests with. This parameter must always start with /, which by itself
matches all requests to the virtual service name. You can also match for path-based routing of requests. For
example, if your virtual service name is my-service.local and you want the route to match requests
to my-service.local/metrics, your prefix should be /metrics.
List<E> queryParameters
The client request query parameters to match on.
String scheme
The client request scheme to match on. Specify only one. Applicable only for HTTP2 routes.
Duration idle
An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
Duration perRequest
An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.
VirtualNodeConnectionPool connectionPool
The connection pool information for the listener.
HealthCheckPolicy healthCheck
The health check information for the listener.
OutlierDetection outlierDetection
The outlier detection information for the listener.
PortMapping portMapping
The port mapping information for the listener.
ListenerTimeout timeout
An object that represents timeouts for different protocols.
ListenerTls tls
A reference to an object that represents the Transport Layer Security (TLS) properties for a listener.
GrpcTimeout grpc
An object that represents types of timeouts.
HttpTimeout http
An object that represents types of timeouts.
HttpTimeout http2
An object that represents types of timeouts.
TcpTimeout tcp
An object that represents types of timeouts.
ListenerTlsCertificate certificate
A reference to an object that represents a listener's Transport Layer Security (TLS) certificate.
String mode
Specify one of the following modes.
STRICT – Listener only accepts connections with TLS enabled.
PERMISSIVE – Listener accepts connections with or without TLS enabled.
DISABLED – Listener only accepts connections without TLS.
ListenerTlsValidationContext validation
A reference to an object that represents a listener's Transport Layer Security (TLS) validation context.
String certificateArn
The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS).
ListenerTlsAcmCertificate acm
A reference to an object that represents an Certificate Manager certificate.
ListenerTlsFileCertificate file
A reference to an object that represents a local file certificate.
ListenerTlsSdsCertificate sds
A reference to an object that represents a listener's Secret Discovery Service certificate.
String secretName
A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
SubjectAlternativeNames subjectAlternativeNames
A reference to an object that represents the SANs for a listener's Transport Layer Security (TLS) validation context.
ListenerTlsValidationContextTrust trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
TlsValidationContextFileTrust file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
TlsValidationContextSdsTrust sds
A reference to an object that represents a listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
Integer limit
The maximum number of results returned by ListGatewayRoutes in paginated output. When you use this
parameter, ListGatewayRoutes returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListGatewayRoutes request with the returned nextToken value. This value can be
between 1 and 100. If you don't use this parameter, ListGatewayRoutes returns up to 100 results and
a nextToken value if applicable.
String meshName
The name of the service mesh to list gateway routes in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListGatewayRoutes request where
limit was used and the results exceeded the value of that parameter. Pagination continues from the
end of the previous results that returned the nextToken value.
String virtualGatewayName
The name of the virtual gateway to list gateway routes in.
List<E> gatewayRoutes
The list of existing gateway routes for the specified service mesh and virtual gateway.
String nextToken
The nextToken value to include in a future ListGatewayRoutes request. When the results
of a ListGatewayRoutes request exceed limit, you can use this value to retrieve the
next page of results. This value is null when there are no more results to return.
Integer limit
The maximum number of results returned by ListMeshes in paginated output. When you use this
parameter, ListMeshes returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListMeshes request with the returned nextToken value. This value can be between
1 and 100. If you don't use this parameter, ListMeshes returns up to 100 results and a
nextToken value if applicable.
String nextToken
The nextToken value returned from a previous paginated ListMeshes request where
limit was used and the results exceeded the value of that parameter. Pagination continues from the
end of the previous results that returned the nextToken value.
This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.
List<E> meshes
The list of existing service meshes.
String nextToken
The nextToken value to include in a future ListMeshes request. When the results of a
ListMeshes request exceed limit, you can use this value to retrieve the next page of
results. This value is null when there are no more results to return.
Integer limit
The maximum number of results returned by ListRoutes in paginated output. When you use this
parameter, ListRoutes returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListRoutes request with the returned nextToken value. This value can be between
1 and 100. If you don't use this parameter, ListRoutes returns up to 100 results and a
nextToken value if applicable.
String meshName
The name of the service mesh to list routes in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListRoutes request where
limit was used and the results exceeded the value of that parameter. Pagination continues from the
end of the previous results that returned the nextToken value.
String virtualRouterName
The name of the virtual router to list routes in.
String nextToken
The nextToken value to include in a future ListRoutes request. When the results of a
ListRoutes request exceed limit, you can use this value to retrieve the next page of
results. This value is null when there are no more results to return.
List<E> routes
The list of existing routes for the specified service mesh and virtual router.
Integer limit
The maximum number of tag results returned by ListTagsForResource in paginated output. When this
parameter is used, ListTagsForResource returns only limit results in a single page
along with a nextToken response element. You can see the remaining results of the initial request by
sending another ListTagsForResource request with the returned nextToken value. This
value can be between 1 and 100. If you don't use this parameter, ListTagsForResource returns up to
100 results and a nextToken value if applicable.
String nextToken
The nextToken value returned from a previous paginated ListTagsForResource request
where limit was used and the results exceeded the value of that parameter. Pagination continues from
the end of the previous results that returned the nextToken value.
String resourceArn
The Amazon Resource Name (ARN) that identifies the resource to list the tags for.
String nextToken
The nextToken value to include in a future ListTagsForResource request. When the
results of a ListTagsForResource request exceed limit, you can use this value to
retrieve the next page of results. This value is null when there are no more results to return.
List<E> tags
The tags for the resource.
Integer limit
The maximum number of results returned by ListVirtualGateways in paginated output. When you use this
parameter, ListVirtualGateways returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListVirtualGateways request with the returned nextToken value. This value can
be between 1 and 100. If you don't use this parameter, ListVirtualGateways returns up to 100 results
and a nextToken value if applicable.
String meshName
The name of the service mesh to list virtual gateways in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListVirtualGateways request
where limit was used and the results exceeded the value of that parameter. Pagination continues from
the end of the previous results that returned the nextToken value.
String nextToken
The nextToken value to include in a future ListVirtualGateways request. When the
results of a ListVirtualGateways request exceed limit, you can use this value to
retrieve the next page of results. This value is null when there are no more results to return.
List<E> virtualGateways
The list of existing virtual gateways for the specified service mesh.
Integer limit
The maximum number of results returned by ListVirtualNodes in paginated output. When you use this
parameter, ListVirtualNodes returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListVirtualNodes request with the returned nextToken value. This value can be
between 1 and 100. If you don't use this parameter, ListVirtualNodes returns up to 100 results and a
nextToken value if applicable.
String meshName
The name of the service mesh to list virtual nodes in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListVirtualNodes request where
limit was used and the results exceeded the value of that parameter. Pagination continues from the
end of the previous results that returned the nextToken value.
String nextToken
The nextToken value to include in a future ListVirtualNodes request. When the results
of a ListVirtualNodes request exceed limit, you can use this value to retrieve the next
page of results. This value is null when there are no more results to return.
List<E> virtualNodes
The list of existing virtual nodes for the specified service mesh.
Integer limit
The maximum number of results returned by ListVirtualRouters in paginated output. When you use this
parameter, ListVirtualRouters returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListVirtualRouters request with the returned nextToken value. This value can be
between 1 and 100. If you don't use this parameter, ListVirtualRouters returns up to 100 results and
a nextToken value if applicable.
String meshName
The name of the service mesh to list virtual routers in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListVirtualRouters request where
limit was used and the results exceeded the value of that parameter. Pagination continues from the
end of the previous results that returned the nextToken value.
String nextToken
The nextToken value to include in a future ListVirtualRouters request. When the results
of a ListVirtualRouters request exceed limit, you can use this value to retrieve the
next page of results. This value is null when there are no more results to return.
List<E> virtualRouters
The list of existing virtual routers for the specified service mesh.
Integer limit
The maximum number of results returned by ListVirtualServices in paginated output. When you use this
parameter, ListVirtualServices returns only limit results in a single page along with a
nextToken response element. You can see the remaining results of the initial request by sending
another ListVirtualServices request with the returned nextToken value. This value can
be between 1 and 100. If you don't use this parameter, ListVirtualServices returns up to 100 results
and a nextToken value if applicable.
String meshName
The name of the service mesh to list virtual services in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String nextToken
The nextToken value returned from a previous paginated ListVirtualServices request
where limit was used and the results exceeded the value of that parameter. Pagination continues from
the end of the previous results that returned the nextToken value.
String nextToken
The nextToken value to include in a future ListVirtualServices request. When the
results of a ListVirtualServices request exceed limit, you can use this value to
retrieve the next page of results. This value is null when there are no more results to return.
List<E> virtualServices
The list of existing virtual services for the specified service mesh.
AccessLog accessLog
The access log configuration for a virtual node.
String meshName
The name of the service mesh.
ResourceMetadata metadata
The associated metadata for the service mesh.
MeshSpec spec
The associated specification for the service mesh.
MeshStatus status
The status of the service mesh.
String arn
The full Amazon Resource Name (ARN) of the service mesh.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String ipPreference
The IP version to use to control traffic within the mesh.
EgressFilter egressFilter
The egress filter rules for the service mesh.
MeshServiceDiscovery serviceDiscovery
String status
The current mesh status.
Duration baseEjectionDuration
The base amount of time for which a host is ejected.
Duration interval
The time interval between ejection sweep analysis.
Integer maxEjectionPercent
Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value.
Long maxServerErrors
Number of consecutive 5xx errors required for ejection.
String exact
The exact query parameter to match on.
String arn
The full Amazon Resource Name (ARN) for the resource.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
String uid
The unique identifier for the resource.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String meshName
The name of the service mesh that the route resides in.
ResourceMetadata metadata
The associated metadata for the route.
String routeName
The name of the route.
RouteSpec spec
The specifications of the route.
RouteStatus status
The status of the route.
String virtualRouterName
The virtual router that the route is associated with.
String arn
The full Amazon Resource Name (ARN) for the route.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
String routeName
The name of the route.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualRouterName
The virtual router that the route is associated with.
GrpcRoute grpcRoute
An object that represents the specification of a gRPC route.
HttpRoute http2Route
An object that represents the specification of an HTTP/2 route.
HttpRoute httpRoute
An object that represents the specification of an HTTP route.
Integer priority
The priority for the route. Routes are matched based on the specified value, where 0 is the highest priority.
TcpRoute tcpRoute
An object that represents the specification of a TCP route.
String status
The current status for the route.
AwsCloudMapServiceDiscovery awsCloudMap
Specifies any Cloud Map information for the virtual node.
DnsServiceDiscovery dns
Specifies the DNS information for the virtual node.
SubjectAlternativeNameMatchers match
An object that represents the criteria for determining a SANs match.
String resourceArn
The Amazon Resource Name (ARN) of the resource to add tags to.
List<E> tags
The tags to add to the resource. A tag is an array of key-value pairs. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.
TcpRouteAction action
The action to take if a match is determined.
TcpRouteMatch match
An object that represents the criteria for determining a request match.
TcpTimeout timeout
An object that represents types of timeouts.
Integer port
The port number to match on.
Duration idle
An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.
SubjectAlternativeNames subjectAlternativeNames
A reference to an object that represents the SANs for a Transport Layer Security (TLS) validation context. If you don't specify SANs on the terminating mesh endpoint, the Envoy proxy for that node doesn't verify the SAN on a peer client certificate. If you don't specify SANs on the originating mesh endpoint, the SAN on the certificate provided by the terminating endpoint must match the mesh endpoint service discovery configuration. Since SPIRE vended certificates have a SPIFFE ID as a name, you must set the SAN since the name doesn't match the service discovery name.
TlsValidationContextTrust trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
String certificateChain
The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
String secretName
A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
TlsValidationContextAcmTrust acm
A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an Certificate Manager certificate.
TlsValidationContextFileTrust file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
TlsValidationContextSdsTrust sds
A reference to an object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String gatewayRouteName
The name of the gateway route to update.
String meshName
The name of the service mesh that the gateway route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
GatewayRouteSpec spec
The new gateway route specification to apply. This overwrites the existing data.
String virtualGatewayName
The name of the virtual gateway that the gateway route is associated with.
GatewayRouteData gatewayRoute
A full description of the gateway route that was updated.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh to update.
MeshSpec spec
The service mesh specification to apply.
MeshData mesh
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh that the route resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String routeName
The name of the route to update.
RouteSpec spec
The new route specification to apply. This overwrites the existing data.
String virtualRouterName
The name of the virtual router that the route is associated with.
RouteData route
A full description of the route that was updated.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh that the virtual gateway resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
VirtualGatewaySpec spec
The new virtual gateway specification to apply. This overwrites the existing data.
String virtualGatewayName
The name of the virtual gateway to update.
VirtualGatewayData virtualGateway
A full description of the virtual gateway that was updated.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh that the virtual node resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
VirtualNodeSpec spec
The new virtual node specification to apply. This overwrites the existing data.
String virtualNodeName
The name of the virtual node to update.
VirtualNodeData virtualNode
A full description of the virtual node that was updated.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh that the virtual router resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
VirtualRouterSpec spec
The new virtual router specification to apply. This overwrites the existing data.
String virtualRouterName
The name of the virtual router to update.
VirtualRouterData virtualRouter
A full description of the virtual router that was updated.
String clientToken
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.
String meshName
The name of the service mesh that the virtual service resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
VirtualServiceSpec spec
The new virtual service specification to apply. This overwrites the existing data.
String virtualServiceName
The name of the virtual service to update.
VirtualServiceData virtualService
A full description of the virtual service that was updated.
VirtualGatewayFileAccessLog file
The file object to send virtual gateway access logs to.
VirtualGatewayClientPolicy clientPolicy
A reference to an object that represents a client policy.
VirtualGatewayClientPolicyTls tls
A reference to an object that represents a Transport Layer Security (TLS) client policy.
VirtualGatewayClientTlsCertificate certificate
A reference to an object that represents a virtual gateway's client's Transport Layer Security (TLS) certificate.
Boolean enforce
Whether the policy is enforced. The default is True, if a value isn't specified.
List<E> ports
One or more ports that the policy is enforced for.
VirtualGatewayTlsValidationContext validation
A reference to an object that represents a Transport Layer Security (TLS) validation context.
VirtualGatewayListenerTlsFileCertificate file
An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS) .
VirtualGatewayListenerTlsSdsCertificate sds
A reference to an object that represents a virtual gateway's client's Secret Discovery Service certificate.
VirtualGatewayGrpcConnectionPool grpc
An object that represents a type of connection pool.
VirtualGatewayHttpConnectionPool http
An object that represents a type of connection pool.
VirtualGatewayHttp2ConnectionPool http2
An object that represents a type of connection pool.
String meshName
The name of the service mesh that the virtual gateway resides in.
ResourceMetadata metadata
VirtualGatewaySpec spec
The specifications of the virtual gateway.
VirtualGatewayStatus status
The current status of the virtual gateway.
String virtualGatewayName
The name of the virtual gateway.
LoggingFormat format
The specified format for the virtual gateway access logs. It can be either json_format or
text_format.
String path
The file path to write access logs to. You can use /dev/stdout to send access logs to standard out
and configure your Envoy container to use a log driver, such as awslogs, to export the access logs
to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's
file system to write the files to disk.
Integer maxRequests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
Integer healthyThreshold
The number of consecutive successful health checks that must occur before declaring the listener healthy.
Long intervalMillis
The time period in milliseconds between each health check execution.
String path
The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.
Integer port
The destination port for the health check request. This port must match the port defined in the PortMapping for the listener.
String protocol
The protocol for the health check request. If you specify grpc, then your service must conform to
the GRPC Health Checking Protocol.
Long timeoutMillis
The amount of time to wait when receiving a response from the health check, in milliseconds.
Integer unhealthyThreshold
The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.
Integer maxRequests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
VirtualGatewayConnectionPool connectionPool
The connection pool information for the virtual gateway listener.
VirtualGatewayHealthCheckPolicy healthCheck
The health check information for the listener.
VirtualGatewayPortMapping portMapping
The port mapping information for the listener.
VirtualGatewayListenerTls tls
A reference to an object that represents the Transport Layer Security (TLS) properties for the listener.
VirtualGatewayListenerTlsCertificate certificate
An object that represents a Transport Layer Security (TLS) certificate.
String mode
Specify one of the following modes.
STRICT – Listener only accepts connections with TLS enabled.
PERMISSIVE – Listener accepts connections with or without TLS enabled.
DISABLED – Listener only accepts connections without TLS.
VirtualGatewayListenerTlsValidationContext validation
A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context.
String certificateArn
The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see Transport Layer Security (TLS).
VirtualGatewayListenerTlsAcmCertificate acm
A reference to an object that represents an Certificate Manager certificate.
VirtualGatewayListenerTlsFileCertificate file
A reference to an object that represents a local file certificate.
VirtualGatewayListenerTlsSdsCertificate sds
A reference to an object that represents a virtual gateway's listener's Secret Discovery Service certificate.
String secretName
A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.
SubjectAlternativeNames subjectAlternativeNames
A reference to an object that represents the SANs for a virtual gateway listener's Transport Layer Security (TLS) validation context.
VirtualGatewayListenerTlsValidationContextTrust trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
VirtualGatewayTlsValidationContextFileTrust file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
VirtualGatewayTlsValidationContextSdsTrust sds
A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualGatewayAccessLog accessLog
The access log configuration.
String arn
The full Amazon Resource Name (ARN) for the resource.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the resource resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualGatewayName
The name of the resource.
VirtualGatewayBackendDefaults backendDefaults
A reference to an object that represents the defaults for backends.
List<E> listeners
The listeners that the mesh endpoint is expected to receive inbound traffic from. You can specify one listener.
VirtualGatewayLogging logging
String status
The current status.
SubjectAlternativeNames subjectAlternativeNames
A reference to an object that represents the SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.
VirtualGatewayTlsValidationContextTrust trust
A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.
String certificateChain
The certificate trust chain for a certificate stored on the file system of the virtual node that the proxy is running on.
String secretName
A reference to an object that represents the name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualGatewayTlsValidationContextAcmTrust acm
A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an Certificate Manager certificate.
VirtualGatewayTlsValidationContextFileTrust file
An object that represents a Transport Layer Security (TLS) validation context trust for a local file.
VirtualGatewayTlsValidationContextSdsTrust sds
A reference to an object that represents a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.
VirtualNodeGrpcConnectionPool grpc
An object that represents a type of connection pool.
VirtualNodeHttpConnectionPool http
An object that represents a type of connection pool.
VirtualNodeHttp2ConnectionPool http2
An object that represents a type of connection pool.
VirtualNodeTcpConnectionPool tcp
An object that represents a type of connection pool.
String meshName
The name of the service mesh that the virtual node resides in.
ResourceMetadata metadata
The associated metadata for the virtual node.
VirtualNodeSpec spec
The specifications of the virtual node.
VirtualNodeStatus status
The current status for the virtual node.
String virtualNodeName
The name of the virtual node.
Integer maxRequests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
Integer maxRequests
Maximum number of inflight requests Envoy can concurrently support across hosts in upstream cluster.
String arn
The full Amazon Resource Name (ARN) for the virtual node.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the virtual node resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualNodeName
The name of the virtual node.
String virtualNodeName
The name of the virtual node that is acting as a service provider.
BackendDefaults backendDefaults
A reference to an object that represents the defaults for backends.
List<E> backends
The backends that the virtual node is expected to send outbound traffic to.
List<E> listeners
The listener that the virtual node is expected to receive inbound traffic from. You can specify one listener.
Logging logging
The inbound and outbound access logging information for the virtual node.
ServiceDiscovery serviceDiscovery
The service discovery information for the virtual node. If your virtual node does not expect ingress traffic, you
can omit this parameter. If you specify a listener, then you must specify service discovery
information.
String status
The current status of the virtual node.
Integer maxConnections
Maximum number of outbound TCP connections Envoy can establish concurrently with all hosts in upstream cluster.
String meshName
The name of the service mesh that the virtual router resides in.
ResourceMetadata metadata
The associated metadata for the virtual router.
VirtualRouterSpec spec
The specifications of the virtual router.
VirtualRouterStatus status
The current status of the virtual router.
String virtualRouterName
The name of the virtual router.
PortMapping portMapping
String arn
The full Amazon Resource Name (ARN) for the virtual router.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the virtual router resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualRouterName
The name of the virtual router.
String virtualRouterName
The name of the virtual router that is acting as a service provider.
String status
The current status of the virtual router.
ClientPolicy clientPolicy
A reference to an object that represents the client policy for a backend.
String virtualServiceName
The name of the virtual service that is acting as a virtual node backend.
String meshName
The name of the service mesh that the virtual service resides in.
ResourceMetadata metadata
VirtualServiceSpec spec
The specifications of the virtual service.
VirtualServiceStatus status
The current status of the virtual service.
String virtualServiceName
The name of the virtual service.
VirtualNodeServiceProvider virtualNode
The virtual node associated with a virtual service.
VirtualRouterServiceProvider virtualRouter
The virtual router associated with a virtual service.
String arn
The full Amazon Resource Name (ARN) for the virtual service.
Date createdAt
The Unix epoch timestamp in seconds for when the resource was created.
Date lastUpdatedAt
The Unix epoch timestamp in seconds for when the resource was last updated.
String meshName
The name of the service mesh that the virtual service resides in.
String meshOwner
The Amazon Web Services IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see Working with shared meshes.
String resourceOwner
The Amazon Web Services IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see Working with shared meshes.
Long version
The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.
String virtualServiceName
The name of the virtual service.
VirtualServiceProvider provider
The App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router.
String status
The current status of the virtual service.
String id
The identifier of the application.
String arn
The Amazon resource name (ARN) that specifies the application across services.
String name
The name of the application. The name must be unique in the region in which you are creating the application.
String description
The description of the application.
Date creationTime
The ISO-8601 formatted timestamp of the moment when the application was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment when the application was last updated.
Map<K,V> tags
Key-value pairs you can use to associate with the application.
Map<K,V> applicationTag
A key-value pair that identifies an associated resource.
String id
The identifier of the application.
String arn
The Amazon resource name (ARN) that specifies the application across services.
String name
The name of the application. The name must be unique in the region in which you are creating the application.
String description
The description of the application.
Date creationTime
The ISO-8601 formatted timestamp of the moment when the application was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment when the application was last updated.
String applicationTagStatus
The application tag is in the process of being applied to a resource, was successfully applied to a resource, or failed to apply to a resource.
String errorMessage
The message returned if the call fails.
List<E> resources
The resources associated with an application
String nextToken
A unique pagination token for each page of results. Make the call again with the returned token to retrieve the next page of results.
TagQueryConfiguration tagQueryConfiguration
Includes the definition of a tagQuery.
String application
The name, ID, or ARN of the application.
String resourceType
The type of resource of which the application will be associated.
String resource
The name or ID of the resource of which the application will be associated.
List<E> options
Determines whether an application tag is applied or skipped.
String id
The globally unique attribute group identifier of the attribute group.
String arn
The Amazon resource name (ARN) that specifies the attribute group across services.
String name
The name of the attribute group.
String description
The description of the attribute group that the user provides.
Date creationTime
The ISO-8601 formatted timestamp of the moment the attribute group was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment the attribute group was last updated. This time is the same as the creationTime for a newly created attribute group.
Map<K,V> tags
Key-value pairs you can use to associate with the attribute group.
String id
The unique identifier of the attribute group.
String arn
The Amazon resource name (ARN) that specifies the attribute group.
String name
This field is no longer supported. We recommend you don't use the field when using
ListAttributeGroupsForApplication.
The name of the attribute group.
String createdBy
The service principal that created the attribute group.
String id
The globally unique attribute group identifier of the attribute group.
String arn
The Amazon resource name (ARN) that specifies the attribute group across services.
String name
The name of the attribute group.
String description
The description of the attribute group that the user provides.
Date creationTime
The ISO-8601 formatted timestamp of the moment the attribute group was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment the attribute group was last updated. This time is the same as the creationTime for a newly created attribute group.
String createdBy
The service principal that created the attribute group.
String name
The name of the application. The name must be unique in the region in which you are creating the application.
String description
The description of the application.
Map<K,V> tags
Key-value pairs you can use to associate with the application.
String clientToken
A unique identifier that you provide to ensure idempotency. If you retry a request that completed successfully using the same client token and the same parameters, the retry succeeds without performing any further actions. If you retry a successful request using the same client token, but one or more of the parameters are different, the retry fails.
Application application
Information about the application.
String name
The name of the attribute group.
String description
The description of the attribute group that the user provides.
String attributes
A JSON string in the form of nested key-value pairs that represent the attributes in the group and describes an application and its components.
Map<K,V> tags
Key-value pairs you can use to associate with the attribute group.
String clientToken
A unique identifier that you provide to ensure idempotency. If you retry a request that completed successfully using the same client token and the same parameters, the retry succeeds without performing any further actions. If you retry a successful request using the same client token, but one or more of the parameters are different, the retry fails.
AttributeGroup attributeGroup
Information about the attribute group.
String application
The name, ID, or ARN of the application.
ApplicationSummary application
Information about the deleted application.
String attributeGroup
The name, ID, or ARN of the attribute group that holds the attributes to describe the application.
AttributeGroupSummary attributeGroup
Information about the deleted attribute group.
String application
The name, ID, or ARN of the application.
String id
The identifier of the application.
String arn
The Amazon resource name (ARN) that specifies the application across services.
String name
The name of the application. The name must be unique in the region in which you are creating the application.
String description
The description of the application.
Date creationTime
The ISO-8601 formatted timestamp of the moment when the application was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment when the application was last updated.
Integer associatedResourceCount
The number of top-level resources that were registered as part of this application.
Map<K,V> tags
Key-value pairs associated with the application.
Integrations integrations
The information about the integration of the application with other services, such as Resource Groups.
Map<K,V> applicationTag
A key-value pair that identifies an associated resource.
String application
The name, ID, or ARN of the application.
String resourceType
The type of resource associated with the application.
String resource
The name or ID of the resource associated with the application.
String nextToken
A unique pagination token for each page of results. Make the call again with the returned token to retrieve the next page of results.
List<E> resourceTagStatus
States whether an application tag is applied, not applied, in the process of being applied, or skipped.
Integer maxResults
The maximum number of results to return. If the parameter is omitted, it defaults to 25. The value is optional.
Resource resource
The resource associated with the application.
List<E> options
Determines whether an application tag is applied or skipped.
ApplicationTagResult applicationTagResult
The result of the application that's tag applied to a resource.
String attributeGroup
The name, ID, or ARN of the attribute group that holds the attributes to describe the application.
String id
The identifier of the attribute group.
String arn
The Amazon resource name (ARN) that specifies the attribute group across services.
String name
The name of the attribute group.
String description
The description of the attribute group that the user provides.
String attributes
A JSON string in the form of nested key-value pairs that represent the attributes in the group and describes an application and its components.
Date creationTime
The ISO-8601 formatted timestamp of the moment the attribute group was created.
Date lastUpdateTime
The ISO-8601 formatted timestamp of the moment the attribute group was last updated. This time is the same as the creationTime for a newly created attribute group.
Map<K,V> tags
Key-value pairs associated with the attribute group.
String createdBy
The service principal that created the attribute group.
AppRegistryConfiguration configuration
Retrieves TagKey configuration from an account.
ResourceGroup resourceGroup
The information about the resource group integration.
ResourceGroup applicationTagResourceGroup
String application
The name or ID of the application.
String nextToken
The token to use to get the next page of results after a previous API call.
Integer maxResults
The upper bound of the number of results to return (cannot exceed 25). If this parameter is omitted, it defaults to 25. This value is optional.
String application
The name, ID, or ARN of the application.
String nextToken
The token to use to get the next page of results after a previous API call.
Integer maxResults
The upper bound of the number of results to return (cannot exceed 25). If this parameter is omitted, it defaults to 25. This value is optional.
String application
The name or ID of the application.
String nextToken
This token retrieves the next page of results after a previous API call.
Integer maxResults
The upper bound of the number of results to return. The value cannot exceed 25. If you omit this parameter, it defaults to 25. This value is optional.
String resourceArn
The Amazon resource name (ARN) that specifies the resource.
AppRegistryConfiguration configuration
Associates a TagKey configuration to an account.
String name
The name of the resource.
String arn
The Amazon resource name (ARN) of the resource.
Date associationTime
The time the resource was associated with the application.
ResourceIntegrations integrations
The service integration information about the resource.
String tagValue
The value of the tag.
String state
The state of the propagation process for the resource group. The states includes:
CREATING if the resource group is in the process of being created.
CREATE_COMPLETE if the resource group was created successfully.
CREATE_FAILED if the resource group failed to be created.
UPDATING if the resource group is in the process of being updated.
UPDATE_COMPLETE if the resource group updated successfully.
UPDATE_FAILED if the resource group could not update successfully.
String arn
The Amazon resource name (ARN) of the resource group.
String errorMessage
The error message that generates when the propagation process for the resource group fails.
String name
The name of the resource.
String arn
The Amazon resource name (ARN) that specifies the resource across services.
String resourceType
Provides information about the Service Catalog App Registry resource type.
ResourceDetails resourceDetails
The details related to the resource.
List<E> options
Determines whether an application tag is applied or skipped.
ResourceGroup resourceGroup
The information about the integration of Resource Groups.
String applicationArn
The Amazon resource name (ARN) that specifies the application.
String resourceArn
The Amazon resource name (ARN) that specifies the resource.
String actionTaken
The results of the output if an application is associated with an ARN value, which could be
syncStarted or None.
String tagKey
Condition in the IAM policy that associates resources to an application.
String serviceCode
The originating service code.
String application
The name, ID, or ARN of the application that will be updated.
String name
Deprecated: The new name of the application. The name must be unique in the region in which you are updating the application. Please do not use this field as we have stopped supporting name updates.
String description
The new description of the application.
Application application
The updated information of the application.
String attributeGroup
The name, ID, or ARN of the attribute group that holds the attributes to describe the application.
String name
Deprecated: The new name of the attribute group. The name must be unique in the region in which you are updating the attribute group. Please do not use this field as we have stopped supporting name updates.
String description
The description of the attribute group that the user provides.
String attributes
A JSON string in the form of nested key-value pairs that represent the attributes in the group and describes an application and its components.
AttributeGroup attributeGroup
The updated information of the attribute group.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to associate a custom domain name with.
String domainName
A custom domain endpoint to associate. Specify a root domain (for example, example.com), a subdomain
(for example, login.example.com or admin.login.example.com), or a wildcard (for
example, *.example.com).
Boolean enableWWWSubdomain
Set to true to associate the subdomain www.DomainName with the App Runner
service in addition to the base domain.
Default: true
String dNSTarget
The App Runner subdomain of the App Runner service. The custom domain name is mapped to this target name.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service with which a custom domain name is associated.
CustomDomain customDomain
A description of the domain name that's being associated.
List<E> vpcDNSTargets
DNS Target records for the custom domains of this Amazon VPC.
String connectionArn
The Amazon Resource Name (ARN) of the App Runner connection that enables the App Runner service to connect to a source repository. It's required for GitHub code repositories.
String accessRoleArn
The Amazon Resource Name (ARN) of the IAM role that grants the App Runner service access to a source repository. It's required for ECR image repositories (but not for ECR Public repositories).
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of this auto scaling configuration.
String autoScalingConfigurationName
The customer-provided auto scaling configuration name. It can be used in multiple revisions of a configuration.
Integer autoScalingConfigurationRevision
The revision of this auto scaling configuration. It's unique among all the active configurations (
"Status": "ACTIVE") that share the same AutoScalingConfigurationName.
Boolean latest
It's set to true for the configuration with the highest Revision among all
configurations that share the same AutoScalingConfigurationName. It's set to false
otherwise.
String status
The current state of the auto scaling configuration. If the status of a configuration revision is
INACTIVE, it was deleted and can't be used. Inactive configuration revisions are permanently removed
some time after they are deleted.
Integer maxConcurrency
The maximum number of concurrent requests that an instance processes. If the number of concurrent requests exceeds this limit, App Runner scales the service up.
Integer minSize
The minimum number of instances that App Runner provisions for a service. The service always has at least
MinSize provisioned instances. Some of them actively serve traffic. The rest of them (provisioned
and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You
pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset.
App Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code.
Integer maxSize
The maximum number of instances that a service scales up to. At most MaxSize instances actively
serve traffic for your service.
Date createdAt
The time when the auto scaling configuration was created. It's in Unix time stamp format.
Date deletedAt
The time when the auto scaling configuration was deleted. It's in Unix time stamp format.
Boolean hasAssociatedService
Indicates if this auto scaling configuration has an App Runner service associated with it. A value of
true indicates one or more services are associated. A value of false indicates no
services are associated.
Boolean isDefault
Indicates if this auto scaling configuration should be used as the default for a new App Runner service that does
not have an auto scaling configuration ARN specified during creation. Each account can have only one default
AutoScalingConfiguration per region. The default AutoScalingConfiguration can be any
revision under the same AutoScalingConfigurationName.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of this auto scaling configuration.
String autoScalingConfigurationName
The customer-provided auto scaling configuration name. It can be used in multiple revisions of a configuration.
Integer autoScalingConfigurationRevision
The revision of this auto scaling configuration. It's unique among all the active configurations (
"Status": "ACTIVE") with the same AutoScalingConfigurationName.
String status
The current state of the auto scaling configuration. If the status of a configuration revision is
INACTIVE, it was deleted and can't be used. Inactive configuration revisions are permanently removed
some time after they are deleted.
Date createdAt
The time when the auto scaling configuration was created. It's in Unix time stamp format.
Boolean hasAssociatedService
Indicates if this auto scaling configuration has an App Runner service associated with it. A value of
true indicates one or more services are associated. A value of false indicates no
services are associated.
Boolean isDefault
Indicates if this auto scaling configuration should be used as the default for a new App Runner service that does
not have an auto scaling configuration ARN specified during creation. Each account can have only one default
AutoScalingConfiguration per region. The default AutoScalingConfiguration can be any
revision under the same AutoScalingConfigurationName.
String name
The certificate CNAME record name.
String type
The record type, always CNAME.
String value
The certificate CNAME record value.
String status
The current state of the certificate CNAME record validation. It should change to SUCCESS after App
Runner completes validation with your DNS.
String configurationSource
The source of the App Runner configuration. Values are interpreted as follows:
REPOSITORY – App Runner reads configuration values from the apprunner.yaml file in the
source code repository and ignores CodeConfigurationValues.
API – App Runner uses configuration values provided in CodeConfigurationValues and
ignores the apprunner.yaml file in the source code repository.
CodeConfigurationValues codeConfigurationValues
The basic configuration for building and running the App Runner service. Use it to quickly launch an App Runner
service without providing a apprunner.yaml file in the source code repository (or ignoring the file
if it exists).
String runtime
A runtime environment type for building and running an App Runner service. It represents a programming language runtime.
String buildCommand
The command App Runner runs to build your application.
String startCommand
The command App Runner runs to start your application.
String port
The port that your application listens to in the container.
Default: 8080
Map<K,V> runtimeEnvironmentVariables
The environment variables that are available to your running App Runner service. An array of key-value pairs.
Map<K,V> runtimeEnvironmentSecrets
An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store.
If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Amazon Web Services Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified.
Currently, cross account referencing of Amazon Web Services Systems Manager Parameter Store parameter is not supported.
String repositoryUrl
The location of the repository that contains the source code.
SourceCodeVersion sourceCodeVersion
The version that should be used within the source code repository.
CodeConfiguration codeConfiguration
Configuration for building and running the service from a source code repository.
CodeConfiguration is required only for CreateService request.
String sourceDirectory
The path of the directory that stores source code and configuration files. The build and start commands also execute from here. The path is absolute from root and, if not specified, defaults to the repository root.
String connectionName
The customer-provided connection name.
String connectionArn
The Amazon Resource Name (ARN) of this connection.
String providerType
The source repository provider.
String status
The current state of the App Runner connection. When the state is AVAILABLE, you can use the
connection to create an App Runner service.
Date createdAt
The App Runner connection creation time, expressed as a Unix time stamp.
String connectionName
The customer-provided connection name.
String connectionArn
The Amazon Resource Name (ARN) of this connection.
String providerType
The source repository provider.
String status
The current state of the App Runner connection. When the state is AVAILABLE, you can use the
connection to create an App Runner service.
Date createdAt
The App Runner connection creation time, expressed as a Unix time stamp.
String autoScalingConfigurationName
A name for the auto scaling configuration. When you use it for the first time in an Amazon Web Services Region,
App Runner creates revision number 1 of this name. When you use the same name in subsequent calls,
App Runner creates incremental revisions of the configuration.
Prior to the release of Auto scale
configuration enhancements, the name DefaultConfiguration was reserved.
This restriction is no longer in place. You can now manage DefaultConfiguration the same way you
manage your custom auto scaling configurations. This means you can do the following with the
DefaultConfiguration that App Runner provides:
Create new revisions of the DefaultConfiguration.
Delete the revisions of the DefaultConfiguration.
Delete the auto scaling configuration for which the App Runner DefaultConfiguration was created.
If you delete the auto scaling configuration you can create another custom auto scaling configuration with the
same DefaultConfiguration name. The original DefaultConfiguration resource provided by
App Runner remains in your account unless you make changes to it.
Integer maxConcurrency
The maximum number of concurrent requests that you want an instance to process. If the number of concurrent requests exceeds this limit, App Runner scales up your service.
Default: 100
Integer minSize
The minimum number of instances that App Runner provisions for your service. The service always has at least
MinSize provisioned instances. Some of them actively serve traffic. The rest of them (provisioned
and inactive instances) are a cost-effective compute capacity reserve and are ready to be quickly activated. You
pay for memory usage of all the provisioned instances. You pay for CPU usage of only the active subset.
App Runner temporarily doubles the number of provisioned instances during deployments, to maintain the same capacity for both old and new code.
Default: 1
Integer maxSize
The maximum number of instances that your service scales up to. At most MaxSize instances actively
serve traffic for your service.
Default: 25
List<E> tags
A list of metadata items that you can associate with your auto scaling configuration resource. A tag is a key-value pair.
AutoScalingConfiguration autoScalingConfiguration
A description of the App Runner auto scaling configuration that's created by this request.
String connectionName
A name for the new connection. It must be unique across all App Runner connections for the Amazon Web Services account in the Amazon Web Services Region.
String providerType
The source repository provider.
List<E> tags
A list of metadata items that you can associate with your connection resource. A tag is a key-value pair.
Connection connection
A description of the App Runner connection that's created by this request.
String observabilityConfigurationName
A name for the observability configuration. When you use it for the first time in an Amazon Web Services Region,
App Runner creates revision number 1 of this name. When you use the same name in subsequent calls,
App Runner creates incremental revisions of the configuration.
The name DefaultConfiguration is reserved. You can't use it to create a new observability
configuration, and you can't create a revision of it.
When you want to use your own observability configuration for your App Runner service, create a configuration with a different name, and then provide it when you create or update your service.
TraceConfiguration traceConfiguration
The configuration of the tracing feature within this observability configuration. If you don't specify it, App Runner doesn't enable tracing.
List<E> tags
A list of metadata items that you can associate with your observability configuration resource. A tag is a key-value pair.
ObservabilityConfiguration observabilityConfiguration
A description of the App Runner observability configuration that's created by this request.
String serviceName
A name for the App Runner service. It must be unique across all the running App Runner services in your Amazon Web Services account in the Amazon Web Services Region.
SourceConfiguration sourceConfiguration
The source to deploy to the App Runner service. It can be a code or an image repository.
InstanceConfiguration instanceConfiguration
The runtime configuration of instances (scaling units) of your service.
List<E> tags
An optional list of metadata items that you can associate with the App Runner service resource. A tag is a key-value pair.
EncryptionConfiguration encryptionConfiguration
An optional custom encryption key that App Runner uses to encrypt the copy of your source repository that it maintains and your service logs. By default, App Runner uses an Amazon Web Services managed key.
HealthCheckConfiguration healthCheckConfiguration
The settings for the health check that App Runner performs to monitor the health of the App Runner service.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of an App Runner automatic scaling configuration resource that you want to associate with your service. If not provided, App Runner associates the latest revision of a default auto scaling configuration.
Specify an ARN with a name and a revision number to associate that revision. For example:
arn:aws:apprunner:us-east-1:123456789012:autoscalingconfiguration/high-availability/3
Specify just the name to associate the latest revision. For example:
arn:aws:apprunner:us-east-1:123456789012:autoscalingconfiguration/high-availability
NetworkConfiguration networkConfiguration
Configuration settings related to network traffic of the web application that the App Runner service runs.
ServiceObservabilityConfiguration observabilityConfiguration
The observability configuration of your service.
Service service
A description of the App Runner service that's created by this request.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String vpcConnectorName
A name for the VPC connector.
List<E> subnets
A list of IDs of subnets that App Runner should use when it associates your service with a custom Amazon VPC. Specify IDs of subnets of a single Amazon VPC. App Runner determines the Amazon VPC from the subnets you specify.
App Runner currently only provides support for IPv4.
List<E> securityGroups
A list of IDs of security groups that App Runner should use for access to Amazon Web Services resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.
List<E> tags
A list of metadata items that you can associate with your VPC connector resource. A tag is a key-value pair.
VpcConnector vpcConnector
A description of the App Runner VPC connector that's created by this request.
String serviceArn
The Amazon Resource Name (ARN) for this App Runner service that is used to create the VPC Ingress Connection resource.
String vpcIngressConnectionName
A name for the VPC Ingress Connection resource. It must be unique across all the active VPC Ingress Connections in your Amazon Web Services account in the Amazon Web Services Region.
IngressVpcConfiguration ingressVpcConfiguration
Specifications for the customer’s Amazon VPC and the related Amazon Web Services PrivateLink VPC endpoint that are used to create the VPC Ingress Connection resource.
List<E> tags
An optional list of metadata items that you can associate with the VPC Ingress Connection resource. A tag is a key-value pair.
VpcIngressConnection vpcIngressConnection
A description of the App Runner VPC Ingress Connection resource that's created by this request.
String domainName
An associated custom domain endpoint. It can be a root domain (for example, example.com), a
subdomain (for example, login.example.com or admin.login.example.com), or a wildcard
(for example, *.example.com).
Boolean enableWWWSubdomain
When true, the subdomain www.DomainName is associated with the App Runner
service in addition to the base domain.
List<E> certificateValidationRecords
A list of certificate CNAME records that's used for this domain name.
String status
The current state of the domain name association.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of the App Runner auto scaling configuration that you want to delete.
The ARN can be a full auto scaling configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is deleted.
Boolean deleteAllRevisions
Set to true to delete all of the revisions associated with the
AutoScalingConfigurationArn parameter value.
When DeleteAllRevisions is set to true, the only valid value for the Amazon Resource
Name (ARN) is a partial ARN ending with: .../name.
AutoScalingConfiguration autoScalingConfiguration
A description of the App Runner auto scaling configuration that this request just deleted.
String connectionArn
The Amazon Resource Name (ARN) of the App Runner connection that you want to delete.
Connection connection
A description of the App Runner connection that this request just deleted.
String observabilityConfigurationArn
The Amazon Resource Name (ARN) of the App Runner observability configuration that you want to delete.
The ARN can be a full observability configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is deleted.
ObservabilityConfiguration observabilityConfiguration
A description of the App Runner observability configuration that this request just deleted.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to delete.
Service service
A description of the App Runner service that this request just deleted.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String vpcConnectorArn
The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to delete.
The ARN must be a full VPC connector ARN.
VpcConnector vpcConnector
A description of the App Runner VPC connector that this request just deleted.
String vpcIngressConnectionArn
The Amazon Resource Name (ARN) of the App Runner VPC Ingress Connection that you want to delete.
VpcIngressConnection vpcIngressConnection
A description of the App Runner VPC Ingress Connection that this request just deleted.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of the App Runner auto scaling configuration that you want a description for.
The ARN can be a full auto scaling configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is described.
AutoScalingConfiguration autoScalingConfiguration
A full description of the App Runner auto scaling configuration that you specified in this request.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want associated custom domain names to be described for.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones that are specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
Integer maxResults
The maximum number of results that each response (result page) can include. It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String dNSTarget
The App Runner subdomain of the App Runner service. The associated custom domain names are mapped to this target name.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service whose associated custom domain names you want to describe.
List<E> customDomains
A list of descriptions of custom domain names that are associated with the service. In a paginated request, the
request returns up to MaxResults records per call.
List<E> vpcDNSTargets
DNS Target records for the custom domains of this Amazon VPC.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
String observabilityConfigurationArn
The Amazon Resource Name (ARN) of the App Runner observability configuration that you want a description for.
The ARN can be a full observability configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is described.
ObservabilityConfiguration observabilityConfiguration
A full description of the App Runner observability configuration that you specified in this request.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want a description for.
Service service
A full description of the App Runner service that you specified in this request.
String vpcConnectorArn
The Amazon Resource Name (ARN) of the App Runner VPC connector that you want a description for.
The ARN must be a full VPC connector ARN.
VpcConnector vpcConnector
A description of the App Runner VPC connector that you specified in this request.
String vpcIngressConnectionArn
The Amazon Resource Name (ARN) of the App Runner VPC Ingress Connection that you want a description for.
VpcIngressConnection vpcIngressConnection
A description of the App Runner VPC Ingress Connection that you specified in this request.
String dNSTarget
The App Runner subdomain of the App Runner service. The disassociated custom domain name was mapped to this target name.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that a custom domain name is disassociated from.
CustomDomain customDomain
A description of the domain name that's being disassociated.
List<E> vpcDNSTargets
DNS Target records for the custom domains of this Amazon VPC.
String egressType
The type of egress configuration.
Set to DEFAULT for access to resources hosted on public networks.
Set to VPC to associate your service to a custom VPC specified by VpcConnectorArn.
String vpcConnectorArn
The Amazon Resource Name (ARN) of the App Runner VPC connector that you want to associate with your App Runner
service. Only valid when EgressType = VPC.
String kmsKey
The ARN of the KMS key that's used for encryption.
String protocol
The IP protocol that App Runner uses to perform health checks for your service.
If you set Protocol to HTTP, App Runner sends health check requests to the HTTP path
specified by Path.
Default: TCP
String path
The URL that health check requests are sent to.
Path is only applicable when you set Protocol to HTTP.
Default: "/"
Integer interval
The time interval, in seconds, between health checks.
Default: 5
Integer timeout
The time, in seconds, to wait for a health check response before deciding it failed.
Default: 2
Integer healthyThreshold
The number of consecutive checks that must succeed before App Runner decides that the service is healthy.
Default: 1
Integer unhealthyThreshold
The number of consecutive checks that must fail before App Runner decides that the service is unhealthy.
Default: 5
Map<K,V> runtimeEnvironmentVariables
Environment variables that are available to your running App Runner service. An array of key-value pairs.
String startCommand
An optional command that App Runner runs to start the application in the source image. If specified, this command overrides the Docker image’s default start command.
String port
The port that your application listens to in the container.
Default: 8080
Map<K,V> runtimeEnvironmentSecrets
An array of key-value pairs representing the secrets and parameters that get referenced to your service as an environment variable. The supported values are either the full Amazon Resource Name (ARN) of the Secrets Manager secret or the full ARN of the parameter in the Amazon Web Services Systems Manager Parameter Store.
If the Amazon Web Services Systems Manager Parameter Store parameter exists in the same Amazon Web Services Region as the service that you're launching, you can use either the full ARN or name of the secret. If the parameter exists in a different Region, then the full ARN must be specified.
Currently, cross account referencing of Amazon Web Services Systems Manager Parameter Store parameter is not supported.
String imageIdentifier
The identifier of an image.
For an image in Amazon Elastic Container Registry (Amazon ECR), this is an image name. For the image name format, see Pulling an image in the Amazon ECR User Guide.
ImageConfiguration imageConfiguration
Configuration for running the identified image.
String imageRepositoryType
The type of the image repository. This reflects the repository provider and whether the repository is private or public.
Boolean isPubliclyAccessible
Specifies whether your App Runner service is publicly accessible. To make the service publicly accessible set it
to True. To make the service privately accessible, from only within an Amazon VPC set it to
False.
String cpu
The number of CPU units reserved for each instance of your App Runner service.
Default: 1 vCPU
String memory
The amount of memory, in MB or GB, reserved for each instance of your App Runner service.
Default: 2 GB
String instanceRoleArn
The Amazon Resource Name (ARN) of an IAM role that provides permissions to your App Runner service. These are permissions that your code needs when it calls any Amazon Web Services APIs.
String autoScalingConfigurationName
The name of the App Runner auto scaling configuration that you want to list. If specified, App Runner lists revisions that share this name. If not specified, App Runner returns revisions of all active configurations.
Boolean latestOnly
Set to true to list only the latest revision for each requested configuration name.
Set to false to list all revisions for each requested configuration name.
Default: true
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones that are specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
List<E> autoScalingConfigurationSummaryList
A list of summary information records for auto scaling configurations. In a paginated request, the request
returns up to MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
String connectionName
If specified, only this connection is returned. If not specified, the result isn't filtered by name.
Integer maxResults
The maximum number of results to include in each response (result page). Used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. Used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
List<E> connectionSummaryList
A list of summary information records for connections. In a paginated request, the request returns up to
MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. Returned in a paginated request.
String observabilityConfigurationName
The name of the App Runner observability configuration that you want to list. If specified, App Runner lists revisions that share this name. If not specified, App Runner returns revisions of all active configurations.
Boolean latestOnly
Set to true to list only the latest revision for each requested configuration name.
Set to false to list all revisions for each requested configuration name.
Default: true
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones that are specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
List<E> observabilityConfigurationSummaryList
A list of summary information records for observability configurations. In a paginated request, the request
returns up to MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want a list of operations for.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
List<E> operationSummaryList
A list of operation summary information records. In a paginated request, the request returns up to
MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of the App Runner auto scaling configuration that you want to list the services for.
The ARN can be a full auto scaling configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is used.
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
String nextToken
A token from a previous result page. Used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
List<E> serviceSummaryList
A list of service summary information records. In a paginated request, the request returns up to
MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
String resourceArn
The Amazon Resource Name (ARN) of the resource that a tag list is requested for.
It must be the ARN of an App Runner resource.
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones that are specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
List<E> vpcConnectors
A list of information records for VPC connectors. In a paginated request, the request returns up to
MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
ListVpcIngressConnectionsFilter filter
The VPC Ingress Connections to be listed based on either the Service Arn or Vpc Endpoint Id, or both.
Integer maxResults
The maximum number of results to include in each response (result page). It's used for a paginated request.
If you don't specify MaxResults, the request retrieves all available results in a single response.
String nextToken
A token from a previous result page. It's used for a paginated request. The request retrieves the next result page. All other parameter values must be identical to the ones that are specified in the initial request.
If you don't specify NextToken, the request retrieves the first result page.
List<E> vpcIngressConnectionSummaryList
A list of summary information records for VPC Ingress Connections. In a paginated request, the request returns up
to MaxResults records for each call.
String nextToken
The token that you can pass in a subsequent request to get the next result page. It's returned in a paginated request.
EgressConfiguration egressConfiguration
Network configuration settings for outbound message traffic.
IngressConfiguration ingressConfiguration
Network configuration settings for inbound message traffic.
String ipAddressType
App Runner provides you with the option to choose between Internet Protocol version 4 (IPv4) and dual
stack (IPv4 and IPv6) for your incoming public network configuration. This is an optional parameter. If you
do not specify an IpAddressType, it defaults to select IPv4.
Currently, App Runner supports dual stack for only Public endpoint. Only IPv4 is supported for Private endpoint. If you update a service that's using dual-stack Public endpoint to a Private endpoint, your App Runner service will default to support only IPv4 for Private endpoint and fail to receive traffic originating from IPv6 endpoint.
String observabilityConfigurationArn
The Amazon Resource Name (ARN) of this observability configuration.
String observabilityConfigurationName
The customer-provided observability configuration name. It can be used in multiple revisions of a configuration.
TraceConfiguration traceConfiguration
The configuration of the tracing feature within this observability configuration. If not specified, tracing isn't enabled.
Integer observabilityConfigurationRevision
The revision of this observability configuration. It's unique among all the active configurations (
"Status": "ACTIVE") that share the same ObservabilityConfigurationName.
Boolean latest
It's set to true for the configuration with the highest Revision among all
configurations that share the same ObservabilityConfigurationName. It's set to false
otherwise.
String status
The current state of the observability configuration. If the status of a configuration revision is
INACTIVE, it was deleted and can't be used. Inactive configuration revisions are permanently removed
some time after they are deleted.
Date createdAt
The time when the observability configuration was created. It's in Unix time stamp format.
Date deletedAt
The time when the observability configuration was deleted. It's in Unix time stamp format.
String observabilityConfigurationArn
The Amazon Resource Name (ARN) of this observability configuration.
String observabilityConfigurationName
The customer-provided observability configuration name. It can be used in multiple revisions of a configuration.
Integer observabilityConfigurationRevision
The revision of this observability configuration. It's unique among all the active configurations (
"Status": "ACTIVE") that share the same ObservabilityConfigurationName.
String id
A unique ID of this operation. It's unique in the scope of the App Runner service.
String type
The type of operation. It indicates a specific action that occured.
String status
The current state of the operation.
String targetArn
The Amazon Resource Name (ARN) of the resource that the operation acted on (for example, an App Runner service).
Date startedAt
The time when the operation started. It's in the Unix time stamp format.
Date endedAt
The time when the operation ended. It's in the Unix time stamp format.
Date updatedAt
The time when the operation was last updated. It's in the Unix time stamp format.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to pause.
Service service
A description of the App Runner service that this request just paused.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to resume.
Service service
A description of the App Runner service that this request just resumed.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String serviceName
The customer-provided service name.
String serviceId
An ID that App Runner generated for this service. It's unique within the Amazon Web Services Region.
String serviceArn
The Amazon Resource Name (ARN) of this service.
String serviceUrl
A subdomain URL that App Runner generated for this service. You can use this URL to access your service web application.
Date createdAt
The time when the App Runner service was created. It's in the Unix time stamp format.
Date updatedAt
The time when the App Runner service was last updated at. It's in the Unix time stamp format.
Date deletedAt
The time when the App Runner service was deleted. It's in the Unix time stamp format.
String status
The current state of the App Runner service. These particular values mean the following.
CREATE_FAILED – The service failed to create. The failed service isn't usable, and still counts
towards your service quota. To troubleshoot this failure, read the failure events and logs, change any parameters
that need to be fixed, and rebuild your service using UpdateService.
DELETE_FAILED – The service failed to delete and can't be successfully recovered. Retry the service
deletion call to ensure that all related resources are removed.
SourceConfiguration sourceConfiguration
The source deployed to the App Runner service. It can be a code or an image repository.
InstanceConfiguration instanceConfiguration
The runtime configuration of instances (scaling units) of this service.
EncryptionConfiguration encryptionConfiguration
The encryption key that App Runner uses to encrypt the service logs and the copy of the source repository that App Runner maintains for the service. It can be either a customer-provided encryption key or an Amazon Web Services managed key.
HealthCheckConfiguration healthCheckConfiguration
The settings for the health check that App Runner performs to monitor the health of this service.
AutoScalingConfigurationSummary autoScalingConfigurationSummary
Summary information for the App Runner automatic scaling configuration resource that's associated with this service.
NetworkConfiguration networkConfiguration
Configuration settings related to network traffic of the web application that this service runs.
ServiceObservabilityConfiguration observabilityConfiguration
The observability configuration of this service.
Boolean observabilityEnabled
When true, an observability configuration resource is associated with the service, and an
ObservabilityConfigurationArn is specified.
String observabilityConfigurationArn
The Amazon Resource Name (ARN) of the observability configuration that is associated with the service. Specified
only when ObservabilityEnabled is true.
Specify an ARN with a name and a revision number to associate that revision. For example:
arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing/3
Specify just the name to associate the latest revision. For example:
arn:aws:apprunner:us-east-1:123456789012:observabilityconfiguration/xray-tracing
String serviceName
The customer-provided service name.
String serviceId
An ID that App Runner generated for this service. It's unique within the Amazon Web Services Region.
String serviceArn
The Amazon Resource Name (ARN) of this service.
String serviceUrl
A subdomain URL that App Runner generated for this service. You can use this URL to access your service web application.
Date createdAt
The time when the App Runner service was created. It's in the Unix time stamp format.
Date updatedAt
The time when the App Runner service was last updated. It's in theUnix time stamp format.
String status
The current state of the App Runner service. These particular values mean the following.
CREATE_FAILED – The service failed to create. The failed service isn't usable, and still counts
towards your service quota. To troubleshoot this failure, read the failure events and logs, change any parameters
that need to be fixed, and rebuild your service using UpdateService.
DELETE_FAILED – The service failed to delete and can't be successfully recovered. Retry the service
deletion call to ensure that all related resources are removed.
CodeRepository codeRepository
The description of a source code repository.
You must provide either this member or ImageRepository (but not both).
ImageRepository imageRepository
The description of a source image repository.
You must provide either this member or CodeRepository (but not both).
Boolean autoDeploymentsEnabled
If true, continuous integration from the source repository is enabled for the App Runner service.
Each repository change (including any source code commit or new image version) starts a deployment.
Default: App Runner sets to false for a source image that uses an ECR Public repository or an ECR
repository that's in an Amazon Web Services account other than the one that the service is in. App Runner sets to
true in all other cases (which currently include a source code repository or a source image using a
same-account ECR repository).
AuthenticationConfiguration authenticationConfiguration
Describes the resources that are needed to authenticate access to some source repositories.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to manually deploy to.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String resourceArn
The Amazon Resource Name (ARN) of the resource that you want to update tags for.
It must be the ARN of an App Runner resource.
List<E> tags
A list of tag key-value pairs to add or update. If a key is new to the resource, the tag is added with the provided value. If a key is already associated with the resource, the value of the tag is updated.
String vendor
The implementation provider chosen for tracing App Runner services.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of the App Runner auto scaling configuration that you want to set as the default.
The ARN can be a full auto scaling configuration ARN, or a partial ARN ending with either
.../name or .../name/revision . If a revision isn't specified,
the latest active revision is set as the default.
AutoScalingConfiguration autoScalingConfiguration
A description of the App Runner auto scaling configuration that was set as default.
String serviceArn
The Amazon Resource Name (ARN) of the App Runner service that you want to update.
SourceConfiguration sourceConfiguration
The source configuration to apply to the App Runner service.
You can change the configuration of the code or image repository that the service uses. However, you can't switch
from code to image or the other way around. This means that you must provide the same structure member of
SourceConfiguration that you originally included when you created the service. Specifically, you can
include either CodeRepository or ImageRepository. To update the source configuration,
set the values to members of the structure that you include.
InstanceConfiguration instanceConfiguration
The runtime configuration to apply to instances (scaling units) of your service.
String autoScalingConfigurationArn
The Amazon Resource Name (ARN) of an App Runner automatic scaling configuration resource that you want to associate with the App Runner service.
HealthCheckConfiguration healthCheckConfiguration
The settings for the health check that App Runner performs to monitor the health of the App Runner service.
NetworkConfiguration networkConfiguration
Configuration settings related to network traffic of the web application that the App Runner service runs.
ServiceObservabilityConfiguration observabilityConfiguration
The observability configuration of your service.
Service service
A description of the App Runner service updated by this request. All configuration values in the returned
Service structure reflect configuration changes that are being applied by this request.
String operationId
The unique ID of the asynchronous operation that this request started. You can use it combined with the ListOperations call to track the operation's progress.
String vpcIngressConnectionArn
The Amazon Resource Name (Arn) for the App Runner VPC Ingress Connection resource that you want to update.
IngressVpcConfiguration ingressVpcConfiguration
Specifications for the customer’s Amazon VPC and the related Amazon Web Services PrivateLink VPC endpoint that are used to update the VPC Ingress Connection resource.
VpcIngressConnection vpcIngressConnection
A description of the App Runner VPC Ingress Connection resource that's updated by this request.
String vpcConnectorName
The customer-provided VPC connector name.
String vpcConnectorArn
The Amazon Resource Name (ARN) of this VPC connector.
Integer vpcConnectorRevision
The revision of this VPC connector. It's unique among all the active connectors ("Status": "ACTIVE")
that share the same Name.
At this time, App Runner supports only one revision per name.
List<E> subnets
A list of IDs of subnets that App Runner uses for your service. All IDs are of subnets of a single Amazon VPC.
List<E> securityGroups
A list of IDs of security groups that App Runner uses for access to Amazon Web Services resources under the specified subnets. If not specified, App Runner uses the default security group of the Amazon VPC. The default security group allows all outbound traffic.
String status
The current state of the VPC connector. If the status of a connector revision is INACTIVE, it was
deleted and can't be used. Inactive connector revisions are permanently removed some time after they are deleted.
Date createdAt
The time when the VPC connector was created. It's in Unix time stamp format.
Date deletedAt
The time when the VPC connector was deleted. It's in Unix time stamp format.
String vpcIngressConnectionArn
The Amazon Resource Name (ARN) of the VPC Ingress Connection that is associated with your service.
String vpcId
The ID of the Amazon VPC that is associated with the custom domain name of the target DNS.
String domainName
The domain name of your target DNS that is associated with the Amazon VPC.
String vpcIngressConnectionArn
The Amazon Resource Name (ARN) of the VPC Ingress Connection.
String vpcIngressConnectionName
The customer-provided VPC Ingress Connection name.
String serviceArn
The Amazon Resource Name (ARN) of the service associated with the VPC Ingress Connection.
String status
The current status of the VPC Ingress Connection. The VPC Ingress Connection displays one of the following
statuses: AVAILABLE, PENDING_CREATION, PENDING_UPDATE,
PENDING_DELETION,FAILED_CREATION, FAILED_UPDATE,
FAILED_DELETION, and DELETED..
String accountId
The Account Id you use to create the VPC Ingress Connection resource.
String domainName
The domain name associated with the VPC Ingress Connection resource.
IngressVpcConfiguration ingressVpcConfiguration
Specifications for the customer’s VPC and related PrivateLink VPC endpoint that are used to associate with the VPC Ingress Connection resource.
Date createdAt
The time when the VPC Ingress Connection was created. It's in the Unix time stamp format.
Type: Timestamp
Required: Yes
Date deletedAt
The time when the App Runner service was deleted. It's in the Unix time stamp format.
Type: Timestamp
Required: No
String name
The name of the app block.
String arn
The ARN of the app block.
String description
The description of the app block.
String displayName
The display name of the app block.
S3Location sourceS3Location
The source S3 location of the app block.
ScriptDetails setupScriptDetails
The setup script details of the app block.
This only applies to app blocks with PackagingType CUSTOM.
Date createdTime
The created time of the app block.
ScriptDetails postSetupScriptDetails
The post setup script details of the app block.
This only applies to app blocks with PackagingType APPSTREAM2.
String packagingType
The packaging type of the app block.
String state
The state of the app block.
An app block with AppStream 2.0 packaging will be in the INACTIVE state if no application package
(VHD) is assigned to it. After an application package (VHD) is created by an app block builder for an app block,
it becomes ACTIVE.
Custom app blocks are always in the ACTIVE state and no action is required to use them.
List<E> appBlockErrors
The errors of the app block.
String arn
The ARN of the app block builder.
String name
The name of the app block builder.
String displayName
The display name of the app block builder.
String description
The description of the app block builder.
String platform
The platform of the app block builder.
WINDOWS_SERVER_2019 is the only valid value.
String instanceType
The instance type of the app block builder.
Boolean enableDefaultInternetAccess
Indicates whether default internet access is enabled for the app block builder.
String iamRoleArn
The ARN of the IAM role that is applied to the app block builder.
VpcConfig vpcConfig
The VPC configuration for the app block builder.
String state
The state of the app block builder.
Date createdTime
The creation time of the app block builder.
List<E> appBlockBuilderErrors
The app block builder errors.
AppBlockBuilderStateChangeReason stateChangeReason
The state change reason.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Administrators can connect to the app block builder only through the specified endpoints.
String name
The name of the application.
String displayName
The application name to display.
String iconURL
The URL for the application icon. This URL might be time-limited.
String launchPath
The path to the application executable in the instance.
String launchParameters
The arguments that are passed to the application at launch.
Boolean enabled
If there is a problem, the application can be disabled after image creation.
Map<K,V> metadata
Additional attributes that describe the application.
String workingDirectory
The working directory for the application.
String description
The description of the application.
String arn
The ARN of the application.
String appBlockArn
The app block ARN of the application.
S3Location iconS3Location
The S3 location of the application icon.
List<E> platforms
The platforms on which the application can run.
List<E> instanceFamilies
The instance families for the application.
Date createdTime
The time at which the application was created within the app block.
Boolean enabled
Enables or disables persistent application settings for users during their streaming sessions.
String settingsGroup
The path prefix for the S3 bucket where users’ persistent application settings are stored. You can allow the same persistent application settings to be used across multiple stacks by specifying the same settings group for each stack.
Boolean enabled
Specifies whether persistent application settings are enabled for users during their streaming sessions.
String settingsGroup
The path prefix for the S3 bucket where users’ persistent application settings are stored.
String s3BucketName
The S3 bucket where users’ persistent application settings are stored. When persistent application settings are enabled for the first time for an account in an AWS Region, an S3 bucket is created. The bucket is unique to the AWS account and the Region.
AppBlockBuilderAppBlockAssociation appBlockBuilderAppBlockAssociation
The list of app block builders associated with app blocks.
ApplicationFleetAssociation applicationFleetAssociation
If fleet name is specified, this returns the list of applications that are associated to it. If application ARN is specified, this returns the list of fleets to which it is associated.
Integer desiredInstances
The desired number of streaming instances.
Integer desiredSessions
The desired number of user sessions for a multi-session fleet. This is not allowed for single-session fleets.
When you create a fleet, you must set either the DesiredSessions or DesiredInstances attribute, based on the type of fleet you create. You can’t define both attributes or leave both attributes blank.
Integer desired
The desired number of streaming instances.
Integer running
The total number of simultaneous streaming instances that are running.
Integer inUse
The number of instances in use for streaming.
Integer available
The number of currently available instances that can be used to stream sessions.
Integer desiredUserSessions
The total number of sessions slots that are either running or pending. This represents the total number of concurrent streaming sessions your fleet can support in a steady state.
DesiredUserSessionCapacity = ActualUserSessionCapacity + PendingUserSessionCapacity
This only applies to multi-session fleets.
Integer availableUserSessions
The number of idle session slots currently available for user sessions.
AvailableUserSessionCapacity = ActualUserSessionCapacity - ActiveUserSessions
This only applies to multi-session fleets.
Integer activeUserSessions
The number of user sessions currently being used for streaming sessions. This only applies to multi-session fleets.
Integer actualUserSessions
The total number of session slots that are available for streaming or are currently streaming.
ActualUserSessionCapacity = AvailableUserSessionCapacity + ActiveUserSessions
This only applies to multi-session fleets.
String sourceImageName
The name of the image to copy.
String destinationImageName
The name that the image will have when it is copied to the destination.
String destinationRegion
The destination region to which the image will be copied. This parameter is required, even if you are copying an image within the same region.
String destinationImageDescription
The description that the image will have when it is copied to the destination.
String destinationImageName
The name of the destination image.
String name
The unique name for the app block builder.
String description
The description of the app block builder.
String displayName
The display name of the app block builder.
Map<K,V> tags
The tags to associate with the app block builder. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
If you do not specify a value, the value is set to an empty string.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
For more information, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
String platform
The platform of the app block builder.
WINDOWS_SERVER_2019 is the only valid value.
String instanceType
The instance type to use when launching the app block builder. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
VpcConfig vpcConfig
The VPC configuration for the app block builder.
App block builders require that you specify at least two subnets in different availability zones.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the app block builder.
String iamRoleArn
The Amazon Resource Name (ARN) of the IAM role to apply to the app block builder. To assume a role, the app block
builder calls the AWS Security Token Service (STS) AssumeRole API operation and passes the ARN of
the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the
temporary credentials and creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Administrators can connect to the app block builder only through the specified endpoints.
AppBlockBuilder appBlockBuilder
String name
The name of the app block.
String description
The description of the app block.
String displayName
The display name of the app block. This is not displayed to the user.
S3Location sourceS3Location
The source S3 location of the app block.
ScriptDetails setupScriptDetails
The setup script details of the app block. This must be provided for the CUSTOM PackagingType.
Map<K,V> tags
The tags assigned to the app block.
ScriptDetails postSetupScriptDetails
The post setup script details of the app block. This can only be provided for the APPSTREAM2
PackagingType.
String packagingType
The packaging type of the app block.
AppBlock appBlock
The app block.
String name
The name of the application. This name is visible to users when display name is not specified.
String displayName
The display name of the application. This name is visible to users in the application catalog.
String description
The description of the application.
S3Location iconS3Location
The location in S3 of the application icon.
String launchPath
The launch path of the application.
String workingDirectory
The working directory of the application.
String launchParameters
The launch parameters of the application.
List<E> platforms
The platforms the application supports. WINDOWS_SERVER_2019 and AMAZON_LINUX2 are supported for Elastic fleets.
List<E> instanceFamilies
The instance families the application supports. Valid values are GENERAL_PURPOSE and GRAPHICS_G4.
String appBlockArn
The app block ARN to which the application should be associated
Map<K,V> tags
The tags assigned to the application.
Application application
String directoryName
The fully qualified name of the directory (for example, corp.example.com).
List<E> organizationalUnitDistinguishedNames
The distinguished names of the organizational units for computer accounts.
ServiceAccountCredentials serviceAccountCredentials
The credentials for the service account used by the fleet or image builder to connect to the directory.
CertificateBasedAuthProperties certificateBasedAuthProperties
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
DirectoryConfig directoryConfig
Information about the directory configuration.
String name
The name of the entitlement.
String stackName
The name of the stack with which the entitlement is associated.
String description
The description of the entitlement.
String appVisibility
Specifies whether all or selected apps are entitled.
List<E> attributes
The attributes of the entitlement.
Entitlement entitlement
The entitlement.
String name
A unique name for the fleet.
String imageName
The name of the image used to create the fleet.
String imageArn
The ARN of the public, private, or shared image to use.
String instanceType
The instance type to use when launching fleet instances. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
stream.compute.large
stream.compute.xlarge
stream.compute.2xlarge
stream.compute.4xlarge
stream.compute.8xlarge
stream.memory.large
stream.memory.xlarge
stream.memory.2xlarge
stream.memory.4xlarge
stream.memory.8xlarge
stream.memory.z1d.large
stream.memory.z1d.xlarge
stream.memory.z1d.2xlarge
stream.memory.z1d.3xlarge
stream.memory.z1d.6xlarge
stream.memory.z1d.12xlarge
stream.graphics-design.large
stream.graphics-design.xlarge
stream.graphics-design.2xlarge
stream.graphics-design.4xlarge
stream.graphics-desktop.2xlarge
stream.graphics.g4dn.xlarge
stream.graphics.g4dn.2xlarge
stream.graphics.g4dn.4xlarge
stream.graphics.g4dn.8xlarge
stream.graphics.g4dn.12xlarge
stream.graphics.g4dn.16xlarge
stream.graphics-pro.4xlarge
stream.graphics-pro.8xlarge
stream.graphics-pro.16xlarge
The following instance types are available for Elastic fleets:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
String fleetType
The fleet type.
Provides users with instant-on access to their apps. You are charged for all running instances in your fleet, even if no users are streaming apps.
Provide users with access to applications after they connect, which takes one to two minutes. You are charged for instance streaming when users are connected and a small hourly fee for instances that are not streaming apps.
ComputeCapacity computeCapacity
The desired capacity for the fleet. This is not allowed for Elastic fleets. For Elastic fleets, specify MaxConcurrentSessions instead.
VpcConfig vpcConfig
The VPC configuration for the fleet. This is required for Elastic fleets, but not required for other fleet types. Elastic fleets require that you specify at least two subnets in different availability zones.
Integer maxUserDurationInSeconds
The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.
Specify a value between 600 and 432000.
Integer disconnectTimeoutInSeconds
The amount of time that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.
Specify a value between 60 and 36000.
String description
The description to display.
String displayName
The fleet name to display.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the fleet.
DomainJoinInfo domainJoinInfo
The name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain. This is not allowed for Elastic fleets.
Map<K,V> tags
The tags to associate with the fleet. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
If you do not specify a value, the value is set to an empty string.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
For more information, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
Integer idleDisconnectTimeoutInSeconds
The amount of time that users can be idle (inactive) before they are disconnected from their streaming session
and the DisconnectTimeoutInSeconds time interval begins. Users are notified before they are
disconnected due to inactivity. If they try to reconnect to the streaming session before the time interval
specified in DisconnectTimeoutInSeconds elapses, they are connected to their previous session. Users
are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads
and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be
idle after the time interval in IdleDisconnectTimeoutInSeconds elapses, they are disconnected.
To prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000. The default value is 0.
If you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.
String iamRoleArn
The Amazon Resource Name (ARN) of the IAM role to apply to the fleet. To assume a role, a fleet instance calls
the AWS Security Token Service (STS) AssumeRole API operation and passes the ARN of the role to use.
The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials
and creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
String streamView
The AppStream 2.0 view that is displayed to your users when they stream from the fleet. When APP is
specified, only the windows of applications opened by users display. When DESKTOP is specified, the
standard desktop that is provided by the operating system displays.
The default value is APP.
String platform
The fleet platform. WINDOWS_SERVER_2019 and AMAZON_LINUX2 are supported for Elastic fleets.
Integer maxConcurrentSessions
The maximum concurrent sessions of the Elastic fleet. This is required for Elastic fleets, and not allowed for other fleet types.
List<E> usbDeviceFilterStrings
The USB device filter strings that specify which USB devices a user can redirect to the fleet streaming session, when using the Windows native client. This is allowed but not required for Elastic fleets.
S3Location sessionScriptS3Location
The S3 location of the session scripts configuration zip file. This only applies to Elastic fleets.
Integer maxSessionsPerInstance
The maximum number of user sessions on an instance. This only applies to multi-session fleets.
Fleet fleet
Information about the fleet.
String name
A unique name for the image builder.
String imageName
The name of the image used to create the image builder.
String imageArn
The ARN of the public, private, or shared image to use.
String instanceType
The instance type to use when launching the image builder. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.compute.large
stream.compute.xlarge
stream.compute.2xlarge
stream.compute.4xlarge
stream.compute.8xlarge
stream.memory.large
stream.memory.xlarge
stream.memory.2xlarge
stream.memory.4xlarge
stream.memory.8xlarge
stream.memory.z1d.large
stream.memory.z1d.xlarge
stream.memory.z1d.2xlarge
stream.memory.z1d.3xlarge
stream.memory.z1d.6xlarge
stream.memory.z1d.12xlarge
stream.graphics-design.large
stream.graphics-design.xlarge
stream.graphics-design.2xlarge
stream.graphics-design.4xlarge
stream.graphics-desktop.2xlarge
stream.graphics.g4dn.xlarge
stream.graphics.g4dn.2xlarge
stream.graphics.g4dn.4xlarge
stream.graphics.g4dn.8xlarge
stream.graphics.g4dn.12xlarge
stream.graphics.g4dn.16xlarge
stream.graphics-pro.4xlarge
stream.graphics-pro.8xlarge
stream.graphics-pro.16xlarge
String description
The description to display.
String displayName
The image builder name to display.
VpcConfig vpcConfig
The VPC configuration for the image builder. You can specify only one subnet.
String iamRoleArn
The Amazon Resource Name (ARN) of the IAM role to apply to the image builder. To assume a role, the image builder
calls the AWS Security Token Service (STS) AssumeRole API operation and passes the ARN of the role
to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary
credentials and creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the image builder.
DomainJoinInfo domainJoinInfo
The name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain.
String appstreamAgentVersion
The version of the AppStream 2.0 agent to use for this image builder. To use the latest version of the AppStream 2.0 agent, specify [LATEST].
Map<K,V> tags
The tags to associate with the image builder. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
If you do not specify a value, the value is set to an empty string.
For more information about tags, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Administrators can connect to the image builder only through the specified endpoints.
ImageBuilder imageBuilder
Information about the image builder.
String name
The name of the stack.
String description
The description to display.
String displayName
The stack name to display.
List<E> storageConnectors
The storage connectors to enable.
String redirectURL
The URL that users are redirected to after their streaming session ends.
String feedbackURL
The URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed.
List<E> userSettings
The actions that are enabled or disabled for users during their streaming sessions. By default, these actions are enabled.
ApplicationSettings applicationSettings
The persistent application settings for users of a stack. When these settings are enabled, changes that users make to applications and Windows settings are automatically saved after each session and applied to the next session.
Map<K,V> tags
The tags to associate with the stack. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
If you do not specify a value, the value is set to an empty string.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
For more information about tags, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.
List<E> embedHostDomains
The domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.
StreamingExperienceSettings streamingExperienceSettings
The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.
Stack stack
Information about the stack.
String stackName
The name of the stack.
String fleetName
The name of the fleet.
String userId
The identifier of the user.
String applicationId
The name of the application to launch after the session starts. This is the name that you specified as Name in the Image Assistant. If your fleet is enabled for the Desktop stream view, you can also choose to launch directly to the operating system desktop. To do so, specify Desktop.
Long validity
The time that the streaming URL will be valid, in seconds. Specify a value between 1 and 604800 seconds. The default is 60 seconds.
String sessionContext
The session context. For more information, see Session Context in the Amazon AppStream 2.0 Administration Guide.
String existingImageName
The name of the image to update.
String newImageName
The name of the new image. The name must be unique within the AWS account and Region.
String newImageDescription
The description to display for the new image.
String newImageDisplayName
The name to display for the new image.
Map<K,V> newImageTags
The tags to associate with the new image. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
If you do not specify a value, the value is set to an empty string.
For more information about tags, see Tagging Your Resources in the Amazon AppStream 2.0 Administration Guide.
Boolean dryRun
Indicates whether to display the status of image update availability before AppStream 2.0 initiates the process
of creating a new updated image. If this value is set to true, AppStream 2.0 displays whether image
updates are available. If this value is set to false, AppStream 2.0 initiates the process of
creating a new updated image without displaying whether image updates are available.
String s3BucketName
The Amazon S3 bucket where generated reports are stored.
If you enabled on-instance session scripts and Amazon S3 logging for your session script configuration, AppStream 2.0 created an S3 bucket to store the script output. The bucket is unique to your account and Region. When you enable usage reporting in this case, AppStream 2.0 uses the same bucket to store your usage reports. If you haven't already enabled on-instance session scripts, when you enable usage reports, AppStream 2.0 creates a new S3 bucket.
String schedule
The schedule for generating usage reports.
String userName
The email address of the user.
Users' email addresses are case-sensitive. During login, if they specify an email address that doesn't use the same capitalization as the email address specified when their user pool account was created, a "user does not exist" error message displays.
String messageAction
The action to take for the welcome email that is sent to a user after the user is created in the user pool. If you specify SUPPRESS, no email is sent. If you specify RESEND, do not specify the first name or last name of the user. If the value is null, the email is sent.
The temporary password in the welcome email is valid for only 7 days. If users don’t set their passwords within 7 days, you must send them a new welcome email.
String firstName
The first name, or given name, of the user.
String lastName
The last name, or surname, of the user.
String authenticationType
The authentication type for the user. You must specify USERPOOL.
String name
The name of the app block builder.
String name
The name of the app block.
String name
The name of the application.
String directoryName
The name of the directory configuration.
String name
The name of the fleet.
String name
The name of the image builder.
ImageBuilder imageBuilder
Information about the image builder.
String name
The name of the image.
Image image
Information about the image.
String name
The name of the stack.
String appBlockArn
The ARN of the app block.
String appBlockBuilderName
The name of the app block builder.
Integer maxResults
The maximum size of each page of results.
String nextToken
The pagination token used to retrieve the next page of results for this operation.
List<E> directoryConfigs
Information about the directory configurations. Note that although the response syntax in this topic includes the account password, this password is not returned in the actual response.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
String name
The name of the entitlement.
String stackName
The name of the stack with which the entitlement is associated.
String nextToken
The pagination token used to retrieve the next page of results for this operation.
Integer maxResults
The maximum size of each page of results.
List<E> names
The names of the image builders to describe.
Integer maxResults
The maximum size of each page of results.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
String name
The name of the private image for which to describe permissions. The image must be one that you own.
Integer maxResults
The maximum size of each page of results.
List<E> sharedAwsAccountIds
The 12-digit identifier of one or more AWS accounts with which the image is shared.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
String name
The name of the private image.
List<E> sharedImagePermissionsList
The permissions for a private image that you own.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If there are no more pages, this value is null.
List<E> names
The names of the public or private images to describe.
List<E> arns
The ARNs of the public, private, and shared images to describe.
String type
The type of image (public, private, or shared) to describe.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
Integer maxResults
The maximum size of each page of results.
String stackName
The name of the stack. This value is case-sensitive.
String fleetName
The name of the fleet. This value is case-sensitive.
String userId
The user identifier (ID). If you specify a user ID, you must also specify the authentication type.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
Integer limit
The size of each page of results. The default value is 20 and the maximum value is 50.
String authenticationType
The authentication method. Specify API for a user authenticated using a streaming URL or
SAML for a SAML federated user. The default is to authenticate users using a streaming URL.
String instanceId
The identifier for the instance hosting the session.
String authenticationType
The authentication type for the users in the user pool to describe. You must specify USERPOOL.
Integer maxResults
The maximum size of each page of results.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
String stackName
The name of the stack that is associated with the user.
String userName
The email address of the user who is associated with the stack.
Users' email addresses are case-sensitive.
String authenticationType
The authentication type for the user who is associated with the stack. You must specify USERPOOL.
Integer maxResults
The maximum size of each page of results.
String nextToken
The pagination token to use to retrieve the next page of results for this operation. If this value is null, it retrieves the first page.
String directoryName
The fully qualified name of the directory (for example, corp.example.com).
List<E> organizationalUnitDistinguishedNames
The distinguished names of the organizational units for computer accounts.
ServiceAccountCredentials serviceAccountCredentials
The credentials for the service account used by the fleet or image builder to connect to the directory.
Date createdTime
The time the directory configuration was created.
CertificateBasedAuthProperties certificateBasedAuthProperties
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
String userName
The email address of the user.
Users' email addresses are case-sensitive. During login, if they specify an email address that doesn't use the same capitalization as the email address specified when their user pool account was created, a "user does not exist" error message displays.
String authenticationType
The authentication type for the user. You must specify USERPOOL.
String applicationIdentifier
The identifier of the application.
String name
The name of the entitlement.
String stackName
The name of the stack with which the entitlement is associated.
String description
The description of the entitlement.
String appVisibility
Specifies whether all or selected apps are entitled.
List<E> attributes
The attributes of the entitlement.
Date createdTime
The time when the entitlement was created.
Date lastModifiedTime
The time when the entitlement was last modified.
String name
A supported AWS IAM SAML PrincipalTag attribute that is matched to the associated value when a user
identity federates into an Amazon AppStream 2.0 SAML application.
The following are valid values:
roles
department
organization
groups
title
costCenter
userType
String value
A value that is matched to a supported SAML attribute name when a user identity federates into an Amazon AppStream 2.0 SAML application.
String sessionId
The identifier of the streaming session.
String arn
The Amazon Resource Name (ARN) for the fleet.
String name
The name of the fleet.
String displayName
The fleet name to display.
String description
The description to display.
String imageName
The name of the image used to create the fleet.
String imageArn
The ARN for the public, private, or shared image.
String instanceType
The instance type to use when launching fleet instances. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.compute.large
stream.compute.xlarge
stream.compute.2xlarge
stream.compute.4xlarge
stream.compute.8xlarge
stream.memory.large
stream.memory.xlarge
stream.memory.2xlarge
stream.memory.4xlarge
stream.memory.8xlarge
stream.memory.z1d.large
stream.memory.z1d.xlarge
stream.memory.z1d.2xlarge
stream.memory.z1d.3xlarge
stream.memory.z1d.6xlarge
stream.memory.z1d.12xlarge
stream.graphics-design.large
stream.graphics-design.xlarge
stream.graphics-design.2xlarge
stream.graphics-design.4xlarge
stream.graphics-desktop.2xlarge
stream.graphics.g4dn.xlarge
stream.graphics.g4dn.2xlarge
stream.graphics.g4dn.4xlarge
stream.graphics.g4dn.8xlarge
stream.graphics.g4dn.12xlarge
stream.graphics.g4dn.16xlarge
stream.graphics-pro.4xlarge
stream.graphics-pro.8xlarge
stream.graphics-pro.16xlarge
String fleetType
The fleet type.
Provides users with instant-on access to their apps. You are charged for all running instances in your fleet, even if no users are streaming apps.
Provide users with access to applications after they connect, which takes one to two minutes. You are charged for instance streaming when users are connected and a small hourly fee for instances that are not streaming apps.
ComputeCapacityStatus computeCapacityStatus
The capacity status for the fleet.
Integer maxUserDurationInSeconds
The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.
Specify a value between 600 and 360000.
Integer disconnectTimeoutInSeconds
The amount of time that a streaming session remains active after users disconnect. If they try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.
Specify a value between 60 and 36000.
String state
The current state for the fleet.
VpcConfig vpcConfig
The VPC configuration for the fleet.
Date createdTime
The time the fleet was created.
List<E> fleetErrors
The fleet errors.
Boolean enableDefaultInternetAccess
Indicates whether default internet access is enabled for the fleet.
DomainJoinInfo domainJoinInfo
The name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain.
Integer idleDisconnectTimeoutInSeconds
The amount of time that users can be idle (inactive) before they are disconnected from their streaming session
and the DisconnectTimeoutInSeconds time interval begins. Users are notified before they are
disconnected due to inactivity. If users try to reconnect to the streaming session before the time interval
specified in DisconnectTimeoutInSeconds elapses, they are connected to their previous session. Users
are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads
and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be
idle after the time interval in IdleDisconnectTimeoutInSeconds elapses, they are disconnected.
To prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000. The default value is 0.
If you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.
String iamRoleArn
The ARN of the IAM role that is applied to the fleet. To assume a role, the fleet instance calls the AWS Security
Token Service (STS) AssumeRole API operation and passes the ARN of the role to use. The operation
creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and creates
the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
String streamView
The AppStream 2.0 view that is displayed to your users when they stream from the fleet. When APP is
specified, only the windows of applications opened by users display. When DESKTOP is specified, the
standard desktop that is provided by the operating system displays.
The default value is APP.
String platform
The platform of the fleet.
Integer maxConcurrentSessions
The maximum number of concurrent sessions for the fleet.
List<E> usbDeviceFilterStrings
The USB device filter strings associated with the fleet.
S3Location sessionScriptS3Location
The S3 location of the session scripts configuration zip file. This only applies to Elastic fleets.
Integer maxSessionsPerInstance
The maximum number of user sessions on an instance. This only applies to multi-session fleets.
String name
The name of the image.
String arn
The ARN of the image.
String baseImageArn
The ARN of the image from which this image was created.
String displayName
The image name to display.
String state
The image starts in the PENDING state. If image creation succeeds, the state is
AVAILABLE. If image creation fails, the state is FAILED.
String visibility
Indicates whether the image is public or private.
Boolean imageBuilderSupported
Indicates whether an image builder can be launched from this image.
String imageBuilderName
The name of the image builder that was used to create the private image. If the image is shared, this value is null.
String platform
The operating system platform of the image.
String description
The description to display.
ImageStateChangeReason stateChangeReason
The reason why the last state change occurred.
List<E> applications
The applications associated with the image.
Date createdTime
The time the image was created.
Date publicBaseImageReleasedDate
The release date of the public base image. For private images, this date is the release date of the base image from which the image was created.
String appstreamAgentVersion
The version of the AppStream 2.0 agent to use for instances that are launched from this image.
ImagePermissions imagePermissions
The permissions to provide to the destination AWS account for the specified image.
List<E> imageErrors
Describes the errors that are returned when a new image can't be created.
String name
The name of the image builder.
String arn
The ARN for the image builder.
String imageArn
The ARN of the image from which this builder was created.
String description
The description to display.
String displayName
The image builder name to display.
VpcConfig vpcConfig
The VPC configuration of the image builder.
String instanceType
The instance type for the image builder. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.compute.large
stream.compute.xlarge
stream.compute.2xlarge
stream.compute.4xlarge
stream.compute.8xlarge
stream.memory.large
stream.memory.xlarge
stream.memory.2xlarge
stream.memory.4xlarge
stream.memory.8xlarge
stream.memory.z1d.large
stream.memory.z1d.xlarge
stream.memory.z1d.2xlarge
stream.memory.z1d.3xlarge
stream.memory.z1d.6xlarge
stream.memory.z1d.12xlarge
stream.graphics-design.large
stream.graphics-design.xlarge
stream.graphics-design.2xlarge
stream.graphics-design.4xlarge
stream.graphics-desktop.2xlarge
stream.graphics.g4dn.xlarge
stream.graphics.g4dn.2xlarge
stream.graphics.g4dn.4xlarge
stream.graphics.g4dn.8xlarge
stream.graphics.g4dn.12xlarge
stream.graphics.g4dn.16xlarge
stream.graphics-pro.4xlarge
stream.graphics-pro.8xlarge
stream.graphics-pro.16xlarge
String platform
The operating system platform of the image builder.
String iamRoleArn
The ARN of the IAM role that is applied to the image builder. To assume a role, the image builder calls the AWS
Security Token Service (STS) AssumeRole API operation and passes the ARN of the role to use. The
operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials and
creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
String state
The state of the image builder.
ImageBuilderStateChangeReason stateChangeReason
The reason why the last state change occurred.
Date createdTime
The time stamp when the image builder was created.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the image builder.
DomainJoinInfo domainJoinInfo
The name of the directory and organizational unit (OU) to use to join the image builder to a Microsoft Active Directory domain.
NetworkAccessConfiguration networkAccessConfiguration
List<E> imageBuilderErrors
The image builder errors.
String appstreamAgentVersion
The version of the AppStream 2.0 agent that is currently being used by the image builder.
List<E> accessEndpoints
The list of virtual private cloud (VPC) interface endpoint objects. Administrators can connect to the image builder only through the specified endpoints.
String stackName
The name of the stack with which the entitlement is associated.
String entitlementName
The name of the entitlement.
String nextToken
The pagination token used to retrieve the next page of results for this operation.
Integer maxResults
The maximum size of each page of results.
String resourceArn
The Amazon Resource Name (ARN) of the resource.
String eniPrivateIpAddress
The private IP address of the elastic network interface that is attached to instances in your VPC.
String eniId
The resource identifier of the elastic network interface that is attached to instances in your VPC. All network interfaces have the eni-xxxxxxxx resource identifier.
String s3Bucket
The S3 bucket of the S3 object.
String s3Key
The S3 key of the S3 object.
This is required when used for the following:
IconS3Location (Actions: CreateApplication and UpdateApplication)
SessionScriptS3Location (Actions: CreateFleet and UpdateFleet)
ScriptDetails (Actions: CreateAppBlock)
SourceS3Location when creating an app block with CUSTOM PackagingType (Actions: CreateAppBlock)
SourceS3Location when creating an app block with APPSTREAM2 PackagingType, and using an existing
application package (VHD file). In this case, S3Key refers to the VHD file. If a new application
package is required, then S3Key is not required. (Actions: CreateAppBlock)
S3Location scriptS3Location
The S3 object location for the script.
String executablePath
The run path for the script.
String executableParameters
The runtime parameters passed to the run path for the script.
Integer timeoutInSeconds
The run timeout, in seconds, for the script.
String accountName
The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified.
String accountPassword
The password for the account.
String id
The identifier of the streaming session.
String userId
The identifier of the user for whom the session was created.
String stackName
The name of the stack for the streaming session.
String fleetName
The name of the fleet for the streaming session.
String state
The current state of the streaming session.
String connectionState
Specifies whether a user is connected to the streaming session.
Date startTime
The time when a streaming instance is dedicated for the user.
Date maxExpirationTime
The time when the streaming session is set to expire. This time is based on the
MaxUserDurationinSeconds value, which determines the maximum length of time that a streaming session
can run. A streaming session might end earlier than the time specified in SessionMaxExpirationTime,
when the DisconnectTimeOutInSeconds elapses or the user chooses to end his or her session. If the
DisconnectTimeOutInSeconds elapses, or the user chooses to end his or her session, the streaming
instance is terminated and the streaming session ends.
String authenticationType
The authentication method. The user is authenticated using a streaming URL (API) or SAML 2.0
federation (SAML).
NetworkAccessConfiguration networkAccessConfiguration
The network details for the streaming session.
String instanceId
The identifier for the instance hosting the session.
String sharedAccountId
The 12-digit identifier of the AWS account with which the image is shared.
ImagePermissions imagePermissions
Describes the permissions for a shared image.
String arn
The ARN of the stack.
String name
The name of the stack.
String description
The description to display.
String displayName
The stack name to display.
Date createdTime
The time the stack was created.
List<E> storageConnectors
The storage connectors to enable.
String redirectURL
The URL that users are redirected to after their streaming session ends.
String feedbackURL
The URL that users are redirected to after they click the Send Feedback link. If no URL is specified, no Send Feedback link is displayed.
List<E> stackErrors
The errors for the stack.
List<E> userSettings
The actions that are enabled or disabled for users during their streaming sessions. By default these actions are enabled.
ApplicationSettingsResponse applicationSettings
The persistent application settings for users of the stack.
List<E> accessEndpoints
The list of virtual private cloud (VPC) interface endpoint objects. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.
List<E> embedHostDomains
The domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.
StreamingExperienceSettings streamingExperienceSettings
The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.
String name
The name of the app block builder.
AppBlockBuilder appBlockBuilder
String name
The name of the fleet.
ImageBuilder imageBuilder
Information about the image builder.
String name
The name of the app block builder.
AppBlockBuilder appBlockBuilder
String name
The name of the fleet.
String name
The name of the image builder.
ImageBuilder imageBuilder
Information about the image builder.
String preferredProtocol
The preferred protocol that you want to use while streaming your application.
String resourceArn
The Amazon Resource Name (ARN) of the resource.
Map<K,V> tags
The tags to associate. A tag is a key-value pair, and the value is optional. For example, Environment=Test. If you do not specify a value, Environment=.
If you do not specify a value, the value is set to an empty string.
Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following special characters:
_ . : / = + \ - @
String name
The unique name for the app block builder.
String description
The description of the app block builder.
String displayName
The display name of the app block builder.
String platform
The platform of the app block builder.
WINDOWS_SERVER_2019 is the only valid value.
String instanceType
The instance type to use when launching the app block builder. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
VpcConfig vpcConfig
The VPC configuration for the app block builder.
App block builders require that you specify at least two subnets in different availability zones.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the app block builder.
String iamRoleArn
The Amazon Resource Name (ARN) of the IAM role to apply to the app block builder. To assume a role, the app block
builder calls the AWS Security Token Service (STS) AssumeRole API operation and passes the ARN of
the role to use. The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the
temporary credentials and creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Administrators can connect to the app block builder only through the specified endpoints.
List<E> attributesToDelete
The attributes to delete from the app block builder.
AppBlockBuilder appBlockBuilder
String name
The name of the application. This name is visible to users when display name is not specified.
String displayName
The display name of the application. This name is visible to users in the application catalog.
String description
The description of the application.
S3Location iconS3Location
The icon S3 location of the application.
String launchPath
The launch path of the application.
String workingDirectory
The working directory of the application.
String launchParameters
The launch parameters of the application.
String appBlockArn
The ARN of the app block.
List<E> attributesToDelete
The attributes to delete for an application.
Application application
String directoryName
The name of the Directory Config object.
List<E> organizationalUnitDistinguishedNames
The distinguished names of the organizational units for computer accounts.
ServiceAccountCredentials serviceAccountCredentials
The credentials for the service account used by the fleet or image builder to connect to the directory.
CertificateBasedAuthProperties certificateBasedAuthProperties
The certificate-based authentication properties used to authenticate SAML 2.0 Identity Provider (IdP) user identities to Active Directory domain-joined streaming instances. Fallback is turned on by default when certificate-based authentication is Enabled . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. Enabled_no_directory_login_fallback enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates.
DirectoryConfig directoryConfig
Information about the Directory Config object.
String name
The name of the entitlement.
String stackName
The name of the stack with which the entitlement is associated.
String description
The description of the entitlement.
String appVisibility
Specifies whether all or only selected apps are entitled.
List<E> attributes
The attributes of the entitlement.
Entitlement entitlement
The entitlement.
String imageName
The name of the image used to create the fleet.
String imageArn
The ARN of the public, private, or shared image to use.
String name
A unique name for the fleet.
String instanceType
The instance type to use when launching fleet instances. The following instance types are available:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
stream.compute.large
stream.compute.xlarge
stream.compute.2xlarge
stream.compute.4xlarge
stream.compute.8xlarge
stream.memory.large
stream.memory.xlarge
stream.memory.2xlarge
stream.memory.4xlarge
stream.memory.8xlarge
stream.memory.z1d.large
stream.memory.z1d.xlarge
stream.memory.z1d.2xlarge
stream.memory.z1d.3xlarge
stream.memory.z1d.6xlarge
stream.memory.z1d.12xlarge
stream.graphics-design.large
stream.graphics-design.xlarge
stream.graphics-design.2xlarge
stream.graphics-design.4xlarge
stream.graphics-desktop.2xlarge
stream.graphics.g4dn.xlarge
stream.graphics.g4dn.2xlarge
stream.graphics.g4dn.4xlarge
stream.graphics.g4dn.8xlarge
stream.graphics.g4dn.12xlarge
stream.graphics.g4dn.16xlarge
stream.graphics-pro.4xlarge
stream.graphics-pro.8xlarge
stream.graphics-pro.16xlarge
The following instance types are available for Elastic fleets:
stream.standard.small
stream.standard.medium
stream.standard.large
stream.standard.xlarge
stream.standard.2xlarge
ComputeCapacity computeCapacity
The desired capacity for the fleet. This is not allowed for Elastic fleets.
VpcConfig vpcConfig
The VPC configuration for the fleet. This is required for Elastic fleets, but not required for other fleet types. Elastic fleets require that you specify at least two subnets in different availability zones.
Integer maxUserDurationInSeconds
The maximum amount of time that a streaming session can remain active, in seconds. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance.
Specify a value between 600 and 432000.
Integer disconnectTimeoutInSeconds
The amount of time that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within this time interval, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance.
Specify a value between 60 and 36000.
Boolean deleteVpcConfig
Deletes the VPC association for the specified fleet.
String description
The description to display.
String displayName
The fleet name to display.
Boolean enableDefaultInternetAccess
Enables or disables default internet access for the fleet.
DomainJoinInfo domainJoinInfo
The name of the directory and organizational unit (OU) to use to join the fleet to a Microsoft Active Directory domain.
Integer idleDisconnectTimeoutInSeconds
The amount of time that users can be idle (inactive) before they are disconnected from their streaming session
and the DisconnectTimeoutInSeconds time interval begins. Users are notified before they are
disconnected due to inactivity. If users try to reconnect to the streaming session before the time interval
specified in DisconnectTimeoutInSeconds elapses, they are connected to their previous session. Users
are considered idle when they stop providing keyboard or mouse input during their streaming session. File uploads
and downloads, audio in, audio out, and pixels changing do not qualify as user activity. If users continue to be
idle after the time interval in IdleDisconnectTimeoutInSeconds elapses, they are disconnected.
To prevent users from being disconnected due to inactivity, specify a value of 0. Otherwise, specify a value between 60 and 36000. The default value is 0.
If you enable this feature, we recommend that you specify a value that corresponds exactly to a whole number of minutes (for example, 60, 120, and 180). If you don't do this, the value is rounded to the nearest minute. For example, if you specify a value of 70, users are disconnected after 1 minute of inactivity. If you specify a value that is at the midpoint between two different minutes, the value is rounded up. For example, if you specify a value of 90, users are disconnected after 2 minutes of inactivity.
List<E> attributesToDelete
The fleet attributes to delete.
String iamRoleArn
The Amazon Resource Name (ARN) of the IAM role to apply to the fleet. To assume a role, a fleet instance calls
the AWS Security Token Service (STS) AssumeRole API operation and passes the ARN of the role to use.
The operation creates a new session with temporary credentials. AppStream 2.0 retrieves the temporary credentials
and creates the appstream_machine_role credential profile on the instance.
For more information, see Using an IAM Role to Grant Permissions to Applications and Scripts Running on AppStream 2.0 Streaming Instances in the Amazon AppStream 2.0 Administration Guide.
String streamView
The AppStream 2.0 view that is displayed to your users when they stream from the fleet. When APP is
specified, only the windows of applications opened by users display. When DESKTOP is specified, the
standard desktop that is provided by the operating system displays.
The default value is APP.
String platform
The platform of the fleet. WINDOWS_SERVER_2019 and AMAZON_LINUX2 are supported for Elastic fleets.
Integer maxConcurrentSessions
The maximum number of concurrent sessions for a fleet.
List<E> usbDeviceFilterStrings
The USB device filter strings that specify which USB devices a user can redirect to the fleet streaming session, when using the Windows native client. This is allowed but not required for Elastic fleets.
S3Location sessionScriptS3Location
The S3 location of the session scripts configuration zip file. This only applies to Elastic fleets.
Integer maxSessionsPerInstance
The maximum number of user sessions on an instance. This only applies to multi-session fleets.
Fleet fleet
Information about the fleet.
String name
The name of the private image.
String sharedAccountId
The 12-digit identifier of the AWS account for which you want add or update image permissions.
ImagePermissions imagePermissions
The permissions for the image.
String displayName
The stack name to display.
String description
The description to display.
String name
The name of the stack.
List<E> storageConnectors
The storage connectors to enable.
Boolean deleteStorageConnectors
Deletes the storage connectors currently enabled for the stack.
String redirectURL
The URL that users are redirected to after their streaming session ends.
String feedbackURL
The URL that users are redirected to after they choose the Send Feedback link. If no URL is specified, no Send Feedback link is displayed.
List<E> attributesToDelete
The stack attributes to delete.
List<E> userSettings
The actions that are enabled or disabled for users during their streaming sessions. By default, these actions are enabled.
ApplicationSettings applicationSettings
The persistent application settings for users of a stack. When these settings are enabled, changes that users make to applications and Windows settings are automatically saved after each session and applied to the next session.
List<E> accessEndpoints
The list of interface VPC endpoint (interface endpoint) objects. Users of the stack can connect to AppStream 2.0 only through the specified endpoints.
List<E> embedHostDomains
The domains where AppStream 2.0 streaming sessions can be embedded in an iframe. You must approve the domains that you want to host embedded AppStream 2.0 streaming sessions.
StreamingExperienceSettings streamingExperienceSettings
The streaming protocol you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client.
Stack stack
Information about the stack.
String s3BucketName
The Amazon S3 bucket where generated reports are stored.
If you enabled on-instance session scripts and Amazon S3 logging for your session script configuration, AppStream 2.0 created an S3 bucket to store the script output. The bucket is unique to your account and Region. When you enable usage reporting in this case, AppStream 2.0 uses the same bucket to store your usage reports. If you haven't already enabled on-instance session scripts, when you enable usage reports, AppStream 2.0 creates a new S3 bucket.
String schedule
The schedule for generating usage reports.
Date lastGeneratedReportDate
The time when the last usage report was generated.
List<E> subscriptionErrors
The errors that were returned if usage reports couldn't be generated.
String arn
The ARN of the user.
String userName
The email address of the user.
Users' email addresses are case-sensitive.
Boolean enabled
Specifies whether the user in the user pool is enabled.
String status
The status of the user in the user pool. The status can be one of the following:
UNCONFIRMED – The user is created but not confirmed.
CONFIRMED – The user is confirmed.
ARCHIVED – The user is no longer active.
COMPROMISED – The user is disabled because of a potential security threat.
UNKNOWN – The user status is not known.
String firstName
The first name, or given name, of the user.
String lastName
The last name, or surname, of the user.
Date createdTime
The date and time the user was created in the user pool.
String authenticationType
The authentication type for the user.
String action
The action that is enabled or disabled.
String permission
Indicates whether the action is enabled or disabled.
Integer maximumLength
Specifies the number of characters that can be copied by end users from the local device to the remote session, and to the local device from the remote session.
This can be specified only for the CLIPBOARD_COPY_FROM_LOCAL_DEVICE and
CLIPBOARD_COPY_TO_LOCAL_DEVICE actions.
This defaults to 20,971,520 (20 MB) when unspecified and the permission is ENABLED. This can't be
specified when the permission is DISABLED.
The value can be between 1 and 20,971,520 (20 MB).
String stackName
The name of the stack that is associated with the user.
String userName
The email address of the user who is associated with the stack.
Users' email addresses are case-sensitive.
String authenticationType
The authentication type for the user.
Boolean sendEmailNotification
Specifies whether a welcome email is sent to a user after the user is created in the user pool.
UserStackAssociation userStackAssociation
Information about the user and associated stack.
String errorCode
The error code for the error that is returned when a user can’t be associated with or disassociated from a stack.
String errorMessage
The error message for the error that is returned when a user can’t be associated with or disassociated from a stack.
List<E> subnetIds
The identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. Fleet instances use one or more subnets. Image builder instances use one subnet.
List<E> securityGroupIds
The identifiers of the security groups for the fleet or image builder.
String authenticationType
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
OpenIDConnectConfig openIDConnectConfig
The OIDC configuration.
CognitoUserPoolConfig userPoolConfig
The Amazon Cognito user pool configuration.
LambdaAuthorizerConfig lambdaAuthorizerConfig
Configuration for Lambda function authorization.
String domainName
The domain name.
String apiId
The API ID.
String associationStatus
Identifies the status of an association.
PROCESSING: The API association is being created. You cannot modify association requests during processing.
SUCCESS: The API association was successful. You can modify associations after success.
FAILED: The API association has failed. You can modify associations after failure.
String deploymentDetail
Details about the last deployment status.
Long ttl
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
String apiCachingBehavior
Caching behavior.
FULL_REQUEST_CACHING: All requests are fully cached.
PER_RESOLVER_CACHING: Individual resolvers that you specify are cached.
Boolean transitEncryptionEnabled
Transit encryption flag when connecting to cache. You cannot update this setting after creation.
Boolean atRestEncryptionEnabled
At-rest encryption flag for cache. You cannot update this setting after creation.
String type
The cache instance type. Valid values are
SMALL
MEDIUM
LARGE
XLARGE
LARGE_2X
LARGE_4X
LARGE_8X (not available in all regions)
LARGE_12X
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
T2_SMALL: A t2.small instance type.
T2_MEDIUM: A t2.medium instance type.
R4_LARGE: A r4.large instance type.
R4_XLARGE: A r4.xlarge instance type.
R4_2XLARGE: A r4.2xlarge instance type.
R4_4XLARGE: A r4.4xlarge instance type.
R4_8XLARGE: A r4.8xlarge instance type.
String status
The cache instance status.
AVAILABLE: The instance is available for use.
CREATING: The instance is currently creating.
DELETING: The instance is currently deleting.
MODIFYING: The instance is currently modifying.
FAILED: The instance has failed creation.
String healthMetricsConfig
Controls how cache health metrics will be emitted to CloudWatch. Cache health metrics include:
NetworkBandwidthOutAllowanceExceeded: The network packets dropped because the throughput exceeded the aggregated bandwidth limit. This is useful for diagnosing bottlenecks in a cache configuration.
EngineCPUUtilization: The CPU utilization (percentage) allocated to the Redis process. This is useful for diagnosing bottlenecks in a cache configuration.
Metrics will be recorded by API ID. You can set the value to ENABLED or DISABLED.
String id
The API key ID.
String description
A description of the purpose of the API key.
Long expires
The time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour.
Long deletes
The time after which the API key is deleted. The date is represented as seconds since the epoch, rounded down to the nearest hour.
ApiAssociation apiAssociation
The ApiAssociation object.
String sourceApiIdentifier
The identifier of the AppSync Source API. This is generated by the AppSync service. In most cases, source APIs (especially in your account) only require the API ID value or ARN of the source API. However, source APIs from other accounts (cross-account use cases) strictly require the full resource ARN of the source API.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String description
The description field.
SourceApiAssociationConfig sourceApiAssociationConfig
The SourceApiAssociationConfig object data.
SourceApiAssociation sourceApiAssociation
The SourceApiAssociation object data.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String sourceApiIdentifier
The identifier of the AppSync Source API. This is generated by the AppSync service. In most cases, source APIs (especially in your account) only require the API ID value or ARN of the source API. However, source APIs from other accounts (cross-account use cases) strictly require the full resource ARN of the source API.
String description
The description field.
SourceApiAssociationConfig sourceApiAssociationConfig
The SourceApiAssociationConfig object data.
SourceApiAssociation sourceApiAssociation
The SourceApiAssociation object data.
String authorizationType
The authorization type that the HTTP endpoint requires.
AWS_IAM: The authorization type is Signature Version 4 (SigV4).
AwsIamConfig awsIamConfig
The Identity and Access Management (IAM) settings.
String reason
BadRequestDetail detail
String errorType
The type of code error.
Examples include, but aren't limited to: LINT_ERROR, PARSER_ERROR.
String value
A user presentable error.
Examples include, but aren't limited to: Parsing error: Unterminated string literal.
CodeErrorLocation location
The line, column, and span location of the error in the code.
String userPoolId
The user pool ID.
String awsRegion
The Amazon Web Services Region in which the user pool was created.
String appIdClientRegex
A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.
String apiId
The GraphQL API ID.
Long ttl
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
Boolean transitEncryptionEnabled
Transit encryption flag when connecting to cache. You cannot update this setting after creation.
Boolean atRestEncryptionEnabled
At-rest encryption flag for cache. You cannot update this setting after creation.
String apiCachingBehavior
Caching behavior.
FULL_REQUEST_CACHING: All requests are fully cached.
PER_RESOLVER_CACHING: Individual resolvers that you specify are cached.
String type
The cache instance type. Valid values are
SMALL
MEDIUM
LARGE
XLARGE
LARGE_2X
LARGE_4X
LARGE_8X (not available in all regions)
LARGE_12X
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
T2_SMALL: A t2.small instance type.
T2_MEDIUM: A t2.medium instance type.
R4_LARGE: A r4.large instance type.
R4_XLARGE: A r4.xlarge instance type.
R4_2XLARGE: A r4.2xlarge instance type.
R4_4XLARGE: A r4.4xlarge instance type.
R4_8XLARGE: A r4.8xlarge instance type.
String healthMetricsConfig
Controls how cache health metrics will be emitted to CloudWatch. Cache health metrics include:
NetworkBandwidthOutAllowanceExceeded: The network packets dropped because the throughput exceeded the aggregated bandwidth limit. This is useful for diagnosing bottlenecks in a cache configuration.
EngineCPUUtilization: The CPU utilization (percentage) allocated to the Redis process. This is useful for diagnosing bottlenecks in a cache configuration.
Metrics will be recorded by API ID. You can set the value to ENABLED or DISABLED.
ApiCache apiCache
The ApiCache object.
String apiId
The ID for your GraphQL API.
String description
A description of the purpose of the API key.
Long expires
From the creation time, the time after which the API key expires. The date is represented as seconds since the epoch, rounded down to the nearest hour. The default value for this parameter is 7 days from creation time. For more information, see .
ApiKey apiKey
The API key.
String apiId
The API ID for the GraphQL API for the DataSource.
String name
A user-supplied name for the DataSource.
String description
A description of the DataSource.
String type
The type of the DataSource.
String serviceRoleArn
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
DynamodbDataSourceConfig dynamodbConfig
Amazon DynamoDB settings.
LambdaDataSourceConfig lambdaConfig
Lambda settings.
ElasticsearchDataSourceConfig elasticsearchConfig
Amazon OpenSearch Service settings.
As of September 2021, Amazon Elasticsearch service is Amazon OpenSearch Service. This configuration is deprecated. For new data sources, use CreateDataSourceRequest$openSearchServiceConfig to create an OpenSearch data source.
OpenSearchServiceDataSourceConfig openSearchServiceConfig
Amazon OpenSearch Service settings.
HttpDataSourceConfig httpConfig
HTTP endpoint settings.
RelationalDatabaseDataSourceConfig relationalDatabaseConfig
Relational database settings.
EventBridgeDataSourceConfig eventBridgeConfig
Amazon EventBridge settings.
String metricsConfig
Enables or disables enhanced data source metrics for specified data sources. Note that metricsConfig
won't be used unless the dataSourceLevelMetricsBehavior value is set to
PER_DATA_SOURCE_METRICS. If the dataSourceLevelMetricsBehavior is set to
FULL_REQUEST_DATA_SOURCE_METRICS instead, metricsConfig will be ignored. However, you
can still set its value.
metricsConfig can be ENABLED or DISABLED.
DataSource dataSource
The DataSource object.
String domainName
The domain name.
String certificateArn
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
String description
A description of the DomainName.
DomainNameConfig domainNameConfig
The configuration for the DomainName.
String apiId
The GraphQL API ID.
String name
The Function name. The function name does not have to be unique.
String description
The Function description.
String dataSourceName
The Function DataSource name.
String requestMappingTemplate
The Function request mapping template. Functions support only the 2018-05-29 version of the request
mapping template.
String responseMappingTemplate
The Function response mapping template.
String functionVersion
The version of the request mapping template. Currently, the supported value is 2018-05-29. Note that
when using VTL and mapping templates, the functionVersion is required.
SyncConfig syncConfig
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The function code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
FunctionConfiguration functionConfiguration
The Function object.
String name
A user-supplied name for the GraphqlApi.
LogConfig logConfig
The Amazon CloudWatch Logs configuration.
String authenticationType
The authentication type: API key, Identity and Access Management (IAM), OpenID Connect (OIDC), Amazon Cognito user pools, or Lambda.
UserPoolConfig userPoolConfig
The Amazon Cognito user pool configuration.
OpenIDConnectConfig openIDConnectConfig
The OIDC configuration.
Map<K,V> tags
A TagMap object.
List<E> additionalAuthenticationProviders
A list of additional authentication providers for the GraphqlApi API.
Boolean xrayEnabled
A flag indicating whether to use X-Ray tracing for the GraphqlApi.
LambdaAuthorizerConfig lambdaAuthorizerConfig
Configuration for Lambda function authorization.
String visibility
Sets the value of the GraphQL API to public (GLOBAL) or private (PRIVATE). If no value
is provided, the visibility will be set to GLOBAL by default. This value cannot be changed once the
API has been created.
String apiType
The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (
MERGED).
String mergedApiExecutionRoleArn
The Identity and Access Management service role ARN for a merged API. The AppSync service assumes this role on
behalf of the Merged API to validate access to source APIs at runtime and to prompt the AUTO_MERGE
to update the merged API endpoint with the source API changes automatically.
String ownerContact
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
String introspectionConfig
Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED)
introspection. If no value is provided, the introspection configuration will be set to ENABLED by
default. This field will produce an error if the operation attempts to use the introspection feature while this
field is disabled.
For more information about introspection, see GraphQL introspection.
Integer queryDepthLimit
The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in
the body of query. The default value is 0 (or unspecified), which indicates there's no depth limit.
If you set a limit, it can be between 1 and 75 nested levels. This field will produce a
limit error if the operation falls out of bounds.
Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
Integer resolverCountLimit
The maximum number of resolvers that can be invoked in a single request. The default value is 0 (or
unspecified), which will set the limit to 10000. When specified, the limit value can be between
1 and 10000. This field will produce a limit error if the operation falls out of
bounds.
EnhancedMetricsConfig enhancedMetricsConfig
The enhancedMetricsConfig object.
GraphqlApi graphqlApi
The GraphqlApi.
String apiId
The ID for the GraphQL API for which the resolver is being created.
String typeName
The name of the Type.
String fieldName
The name of the field to attach the resolver to.
String dataSourceName
The name of the data source for which the resolver is being created.
String requestMappingTemplate
The mapping template to use for requests.
A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).
VTL request mapping templates are optional when using an Lambda data source. For all other data sources, VTL request and response mapping templates are required.
String responseMappingTemplate
The mapping template to use for responses from the data source.
String kind
The resolver type.
UNIT: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.
PIPELINE: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of
Function objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against
multiple data sources.
PipelineConfig pipelineConfig
The PipelineConfig.
SyncConfig syncConfig
The SyncConfig for a resolver attached to a versioned data source.
CachingConfig cachingConfig
The caching configuration for the resolver.
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The resolver code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
String metricsConfig
Enables or disables enhanced resolver metrics for specified resolvers. Note that metricsConfig won't
be used unless the resolverLevelMetricsBehavior value is set to PER_RESOLVER_METRICS.
If the resolverLevelMetricsBehavior is set to FULL_REQUEST_RESOLVER_METRICS instead,
metricsConfig will be ignored. However, you can still set its value.
metricsConfig can be ENABLED or DISABLED.
Resolver resolver
The Resolver object.
String apiId
The API ID.
String definition
The type definition, in GraphQL Schema Definition Language (SDL) format.
For more information, see the GraphQL SDL documentation.
String format
The type format: SDL or JSON.
Type type
The Type object.
String dataSourceArn
The data source Amazon Resource Name (ARN).
String name
The name of the data source.
String description
The description of the data source.
String type
The type of the data source.
AWS_LAMBDA: The data source is an Lambda function.
AMAZON_DYNAMODB: The data source is an Amazon DynamoDB table.
AMAZON_ELASTICSEARCH: The data source is an Amazon OpenSearch Service domain.
AMAZON_OPENSEARCH_SERVICE: The data source is an Amazon OpenSearch Service domain.
AMAZON_EVENTBRIDGE: The data source is an Amazon EventBridge configuration.
NONE: There is no data source. Use this type when you want to invoke a GraphQL operation without connecting to a data source, such as when you're performing data transformation with resolvers or invoking a subscription from a mutation.
HTTP: The data source is an HTTP endpoint.
RELATIONAL_DATABASE: The data source is a relational database.
String serviceRoleArn
The Identity and Access Management (IAM) service role Amazon Resource Name (ARN) for the data source. The system assumes this role when accessing the data source.
DynamodbDataSourceConfig dynamodbConfig
DynamoDB settings.
LambdaDataSourceConfig lambdaConfig
Lambda settings.
ElasticsearchDataSourceConfig elasticsearchConfig
Amazon OpenSearch Service settings.
OpenSearchServiceDataSourceConfig openSearchServiceConfig
Amazon OpenSearch Service settings.
HttpDataSourceConfig httpConfig
HTTP endpoint settings.
RelationalDatabaseDataSourceConfig relationalDatabaseConfig
Relational database settings.
EventBridgeDataSourceConfig eventBridgeConfig
Amazon EventBridge settings.
String metricsConfig
Enables or disables enhanced data source metrics for specified data sources. Note that metricsConfig
won't be used unless the dataSourceLevelMetricsBehavior value is set to
PER_DATA_SOURCE_METRICS. If the dataSourceLevelMetricsBehavior is set to
FULL_REQUEST_DATA_SOURCE_METRICS instead, metricsConfig will be ignored. However, you
can still set its value.
metricsConfig can be ENABLED or DISABLED.
String name
The name of the model. For example, this could be the name of a single table in a database.
List<E> fields
The DataSourceIntrospectionModelField object data.
DataSourceIntrospectionModelIndex primaryKey
The primary key stored as a DataSourceIntrospectionModelIndex object.
List<E> indexes
The array of DataSourceIntrospectionModelIndex objects.
String sdl
Contains the output of the SDL that was generated from the introspected types. This is controlled by the
includeModelsSDL parameter of the GetDataSourceIntrospection operation.
String name
The name of the field that was retrieved from the introspected data.
DataSourceIntrospectionModelFieldType type
The DataSourceIntrospectionModelFieldType object data.
Long length
The length value of the introspected field.
String kind
Specifies the classification of data. For example, this could be set to values like Scalar or
NonNull to indicate a fundamental property of the field.
Valid values include:
Scalar: Indicates the value is a primitive type (scalar).
NonNull: Indicates the field cannot be null.
List: Indicates the field contains a list.
String name
The name of the data type that represents the field. For example, String is a valid
name value.
DataSourceIntrospectionModelFieldType type
The DataSourceIntrospectionModelFieldType object data. The type is only present if
DataSourceIntrospectionModelFieldType.kind is set to NonNull or List.
The type typically contains its own kind and name fields to represent the
actual type data. For instance, type could contain a kind value of Scalar
with a name value of String. The values Scalar and String
will be collectively stored in the values field.
List<E> values
The values of the type field. This field represents the AppSync data type equivalent of the
introspected field.
String apiId
The API ID.
String domainName
The domain name.
String apiId
The API ID.
String domainName
The domain name.
String sourceApiIdentifier
The identifier of the AppSync Source API. This is generated by the AppSync service. In most cases, source APIs (especially in your account) only require the API ID value or ARN of the source API. However, source APIs from other accounts (cross-account use cases) strictly require the full resource ARN of the source API.
String associationId
The ID generated by the AppSync service for the source API association.
String sourceApiAssociationStatus
The state of the source API association.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String associationId
The ID generated by the AppSync service for the source API association.
String sourceApiAssociationStatus
The state of the source API association.
String domainName
The domain name.
String description
A description of the DomainName configuration.
String certificateArn
The Amazon Resource Name (ARN) of the certificate. This can be an Certificate Manager (ACM) certificate or an Identity and Access Management (IAM) server certificate.
String appsyncDomainName
The domain name that AppSync provides.
String hostedZoneId
The ID of your Amazon Route 53 hosted zone.
String tableName
The table name.
String awsRegion
The Amazon Web Services Region.
Boolean useCallerCredentials
Set to TRUE to use Amazon Cognito credentials with this data source.
DeltaSyncConfig deltaSyncConfig
The DeltaSyncConfig for a versioned data source.
Boolean versioned
Set to TRUE to use Conflict Detection and Resolution with this data source.
String resolverLevelMetricsBehavior
Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include:
GraphQL errors: The number of GraphQL errors that occurred.
Requests: The number of invocations that occurred during a request.
Latency: The time to complete a resolver invocation.
Cache hits: The number of cache hits during a request.
Cache misses: The number of cache misses during a request.
These metrics can be emitted to CloudWatch per resolver or for all resolvers in the request. Metrics will be
recorded by API ID and resolver name. resolverLevelMetricsBehavior accepts one of these values at a
time:
FULL_REQUEST_RESOLVER_METRICS: Records and emits metric data for all resolvers in the request.
PER_RESOLVER_METRICS: Records and emits metric data for resolvers that have the
metricsConfig value set to ENABLED.
String dataSourceLevelMetricsBehavior
Controls how data source metrics will be emitted to CloudWatch. Data source metrics include:
Requests: The number of invocations that occured during a request.
Latency: The time to complete a data source invocation.
Errors: The number of errors that occurred during a data source invocation.
These metrics can be emitted to CloudWatch per data source or for all data sources in the request. Metrics will
be recorded by API ID and data source name. dataSourceLevelMetricsBehavior accepts one of these
values at a time:
FULL_REQUEST_DATA_SOURCE_METRICS: Records and emits metric data for all data sources in the request.
PER_DATA_SOURCE_METRICS: Records and emits metric data for data sources that have the
metricsConfig value set to ENABLED.
String operationLevelMetricsConfig
Controls how operation metrics will be emitted to CloudWatch. Operation metrics include:
Requests: The number of times a specified GraphQL operation was called.
GraphQL errors: The number of GraphQL errors that occurred during a specified GraphQL operation.
Metrics will be recorded by API ID and operation name. You can set the value to ENABLED or
DISABLED.
String message
The error payload.
AppSyncRuntime runtime
The runtime to be used when evaluating the code. Currently, only the APPSYNC_JS runtime is
supported.
String code
The code definition to be evaluated. Note that code and runtime are both required for
this action. The runtime value must be APPSYNC_JS.
String context
The map that holds all of the contextual information for your resolver invocation. A context is
required for this action.
String function
The function within the code to be evaluated. If provided, the valid values are request and
response.
String evaluationResult
The result of the evaluation operation.
EvaluateCodeErrorDetail error
Contains the payload of the response error.
List<E> logs
A list of logs that were generated by calls to util.log.info and util.log.error in the
evaluated code.
String evaluationResult
The mapping template; this can be a request or response template.
ErrorDetail error
The ErrorDetail object.
List<E> logs
A list of logs that were generated by calls to util.log.info and util.log.error in the
evaluated code.
String eventBusArn
The ARN of the event bus. For more information about event buses, see Amazon EventBridge event buses.
String apiId
The API ID.
String functionId
A unique ID representing the Function object.
String functionArn
The Amazon Resource Name (ARN) of the Function object.
String name
The name of the Function object.
String description
The Function description.
String dataSourceName
The name of the DataSource.
String requestMappingTemplate
The Function request mapping template. Functions support only the 2018-05-29 version of the request
mapping template.
String responseMappingTemplate
The Function response mapping template.
String functionVersion
The version of the request mapping template. Currently, only the 2018-05-29 version of the template is supported.
SyncConfig syncConfig
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The function code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
String domainName
The domain name.
ApiAssociation apiAssociation
The ApiAssociation object.
String apiId
The API ID.
ApiCache apiCache
The ApiCache object.
String introspectionId
The introspection ID. Each introspection contains a unique ID that can be used to reference the instrospection record.
Boolean includeModelsSDL
A boolean flag that determines whether SDL should be generated for introspected types or not. If set to
true, each model will contain an sdl property that contains the SDL for that type. The
SDL only contains the type data and no additional metadata or directives.
String nextToken
Determines the number of types to be returned in a single response before paginating. This value is typically
taken from nextToken value from the previous response.
Integer maxResults
The maximum number of introspected types that will be returned in a single response.
String introspectionId
The introspection ID. Each introspection contains a unique ID that can be used to reference the instrospection record.
String introspectionStatus
The status of the introspection during retrieval. By default, when a new instrospection is being retrieved, the
status will be set to PROCESSING. Once the operation has been completed, the status will change to
SUCCESS or FAILED depending on how the data was parsed. A FAILED operation
will return an error and its details as an introspectionStatusDetail.
String introspectionStatusDetail
The error detail field. When a FAILED introspectionStatus is returned, the
introspectionStatusDetail will also return the exact error that was generated during the operation.
DataSourceIntrospectionResult introspectionResult
The DataSourceIntrospectionResult object data.
DataSource dataSource
The DataSource object.
String domainName
The domain name.
DomainNameConfig domainNameConfig
The configuration for the DomainName.
FunctionConfiguration functionConfiguration
The Function object.
String apiId
The ID of the API from which the environmental variable list will be retrieved.
String apiId
The API ID for the GraphQL API.
GraphqlApi graphqlApi
The GraphqlApi object.
ByteBuffer schema
The schema, in GraphQL Schema Definition Language (SDL) format.
For more information, see the GraphQL SDL documentation.
Resolver resolver
The Resolver object.
String apiId
The API ID.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String associationId
The ID generated by the AppSync service for the source API association.
SourceApiAssociation sourceApiAssociation
The SourceApiAssociation object data.
Type type
The Type object.
String name
The API name.
String apiId
The API ID.
String authenticationType
The authentication type.
LogConfig logConfig
The Amazon CloudWatch Logs configuration.
UserPoolConfig userPoolConfig
The Amazon Cognito user pool configuration.
OpenIDConnectConfig openIDConnectConfig
The OpenID Connect configuration.
String arn
The Amazon Resource Name (ARN).
Map<K,V> uris
The URIs.
Map<K,V> tags
The tags.
List<E> additionalAuthenticationProviders
A list of additional authentication providers for the GraphqlApi API.
Boolean xrayEnabled
A flag indicating whether to use X-Ray tracing for this GraphqlApi.
String wafWebAclArn
The ARN of the WAF access control list (ACL) associated with this GraphqlApi, if one exists.
LambdaAuthorizerConfig lambdaAuthorizerConfig
Configuration for Lambda function authorization.
Map<K,V> dns
The DNS records for the API.
String visibility
Sets the value of the GraphQL API to public (GLOBAL) or private (PRIVATE). If no value
is provided, the visibility will be set to GLOBAL by default. This value cannot be changed once the
API has been created.
String apiType
The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (
MERGED).
String mergedApiExecutionRoleArn
The Identity and Access Management service role ARN for a merged API. The AppSync service assumes this role on
behalf of the Merged API to validate access to source APIs at runtime and to prompt the AUTO_MERGE
to update the merged API endpoint with the source API changes automatically.
String owner
The account owner of the GraphQL API.
String ownerContact
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
String introspectionConfig
Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED)
introspection. If no value is provided, the introspection configuration will be set to ENABLED by
default. This field will produce an error if the operation attempts to use the introspection feature while this
field is disabled.
For more information about introspection, see GraphQL introspection.
Integer queryDepthLimit
The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in
the body of query. The default value is 0 (or unspecified), which indicates there's no depth limit.
If you set a limit, it can be between 1 and 75 nested levels. This field will produce a
limit error if the operation falls out of bounds.
Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
Integer resolverCountLimit
The maximum number of resolvers that can be invoked in a single request. The default value is 0 (or
unspecified), which will set the limit to 10000. When specified, the limit value can be between
1 and 10000. This field will produce a limit error if the operation falls out of
bounds.
EnhancedMetricsConfig enhancedMetricsConfig
The enhancedMetricsConfig object.
String endpoint
The HTTP URL endpoint. You can specify either the domain name or IP, and port combination, and the URL scheme must be HTTP or HTTPS. If you don't specify the port, AppSync uses the default port 80 for the HTTP endpoint and port 443 for HTTPS endpoints.
AuthorizationConfig authorizationConfig
The authorization configuration in case the HTTP endpoint requires authorization.
Integer authorizerResultTtlInSeconds
The number of seconds a response should be cached for. The default is 0 seconds, which disables caching. If you
don't specify a value for authorizerResultTtlInSeconds, the default value is used. The maximum value
is one hour (3600 seconds). The Lambda function can override this by returning a ttlOverride key in
its response.
String authorizerUri
The Amazon Resource Name (ARN) of the Lambda function to be called for authorization. This can be a standard
Lambda ARN, a version ARN (.../v3), or an alias ARN.
Note: This Lambda function must have the following resource-based policy assigned to it. When configuring Lambda authorizers in the console, this is done for you. To use the Command Line Interface (CLI), run the following:
aws lambda add-permission --function-name "arn:aws:lambda:us-east-2:111122223333:function:my-function" --statement-id "appsync" --principal appsync.amazonaws.com --action lambda:InvokeFunction
String identityValidationExpression
A regular expression for validation of tokens before the Lambda function is called.
String lambdaConflictHandlerArn
The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler.
String lambdaFunctionArn
The Amazon Resource Name (ARN) for the Lambda function.
String nextToken
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Integer maxResults
The maximum number of results that you want the request to return.
String apiType
The value that indicates whether the GraphQL API is a standard API (GRAPHQL) or merged API (
MERGED).
String owner
The account owner of the GraphQL API.
String apiId
The API ID.
String functionId
The function ID.
String nextToken
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Integer maxResults
The maximum number of results that you want the request to return.
String apiId
The API ID.
String typeName
The type name.
String nextToken
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Integer maxResults
The maximum number of results that you want the request to return.
String resourceArn
The GraphqlApi Amazon Resource Name (ARN).
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String associationId
The ID generated by the AppSync service for the source API association.
String format
The format type.
String nextToken
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Integer maxResults
The maximum number of results that you want the request to return.
String apiId
The API ID.
String format
The type format: SDL or JSON.
String nextToken
An identifier that was returned from the previous call to this operation, which you can use to return the next set of items in the list.
Integer maxResults
The maximum number of results that you want the request to return.
String fieldLogLevel
The field logging level. Values can be NONE, ERROR, or ALL.
NONE: No field-level logs are captured.
ERROR: Logs the following information only for the fields that are in error:
The error section in the server response.
Field-level errors.
The generated request/response functions that got resolved for error fields.
ALL: The following information is logged for all fields in the query:
Field-level tracing information.
The generated request/response functions that got resolved for each field.
String cloudWatchLogsRoleArn
The service role that AppSync assumes to publish to CloudWatch logs in your account.
Boolean excludeVerboseContent
Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level.
String issuer
The issuer for the OIDC configuration. The issuer returned by discovery must exactly match the value of
iss in the ID token.
String clientId
The client identifier of the relying party at the OpenID identity provider. This identifier is typically obtained when the relying party is registered with the OpenID identity provider. You can specify a regular expression so that AppSync can validate against multiple client identifiers at a time.
Long iatTTL
The number of milliseconds that a token is valid after it's issued to a user.
Long authTTL
The number of milliseconds that a token is valid after being authenticated.
String apiId
The ID of the API to which the environmental variable list will be written.
Map<K,V> environmentVariables
The list of environmental variables to add to the API.
When creating an environmental variable key-value pair, it must follow the additional constraints below:
Keys must begin with a letter.
Keys must be at least two characters long.
Keys can only contain letters, numbers, and the underscore character (_).
Values can be up to 512 characters long.
You can configure up to 50 key-value pairs in a GraphQL API.
You can create a list of environmental variables by adding it to the environmentVariables payload as
a list in the format {"key1":"value1","key2":"value2", …}. Note that each call of the
PutGraphqlApiEnvironmentVariables action will result in the overwriting of the existing
environmental variable list of that API. This means the existing environmental variables will be lost. To avoid
this, you must include all existing and new environmental variables in the list each time you call this action.
String resourceArn
The resource ARN of the RDS cluster.
String secretArn
The secret's ARN that was obtained from Secrets Manager. A secret consists of secret information, the secret value, plus metadata about the secret. A secret value can be a string or binary. It typically includes the ARN, secret name and description, policies, tags, encryption key from the Key Management Service, and key rotation data.
String databaseName
The name of the database in the cluster.
String awsRegion
Amazon Web Services Region for Amazon RDS HTTP endpoint.
String dbClusterIdentifier
Amazon RDS cluster Amazon Resource Name (ARN).
String databaseName
Logical database name.
String schema
Logical schema name.
String awsSecretStoreArn
Amazon Web Services secret store Amazon Resource Name (ARN) for database credentials.
String relationalDatabaseSourceType
Source type for the relational database.
RDS_HTTP_ENDPOINT: The relational database source type is an Amazon Relational Database Service (Amazon RDS) HTTP endpoint.
RdsHttpEndpointConfig rdsHttpEndpointConfig
Amazon RDS HTTP endpoint settings.
String typeName
The resolver type name.
String fieldName
The resolver field name.
String dataSourceName
The resolver data source name.
String resolverArn
The resolver Amazon Resource Name (ARN).
String requestMappingTemplate
The request mapping template.
String responseMappingTemplate
The response mapping template.
String kind
The resolver type.
UNIT: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.
PIPELINE: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of
Function objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against
multiple data sources.
PipelineConfig pipelineConfig
The PipelineConfig.
SyncConfig syncConfig
The SyncConfig for a resolver attached to a versioned data source.
CachingConfig cachingConfig
The caching configuration for the resolver.
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The resolver code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
String metricsConfig
Enables or disables enhanced resolver metrics for specified resolvers. Note that metricsConfig won't
be used unless the resolverLevelMetricsBehavior value is set to PER_RESOLVER_METRICS.
If the resolverLevelMetricsBehavior is set to FULL_REQUEST_RESOLVER_METRICS instead,
metricsConfig will be ignored. However, you can still set its value.
metricsConfig can be ENABLED or DISABLED.
String associationId
The ID generated by the AppSync service for the source API association.
String associationArn
The Amazon Resource Name (ARN) of the source API association.
String sourceApiId
The ID of the AppSync source API.
String sourceApiArn
The Amazon Resource Name (ARN) of the AppSync source API.
String mergedApiArn
The Amazon Resource Name (ARN) of the AppSync Merged API.
String mergedApiId
The ID of the AppSync Merged API.
String description
The description field.
SourceApiAssociationConfig sourceApiAssociationConfig
The SourceApiAssociationConfig object data.
String sourceApiAssociationStatus
The state of the source API association.
String sourceApiAssociationStatusDetail
The detailed message related to the current state of the source API association.
Date lastSuccessfulMergeDate
The datetime value of the last successful merge of the source API association. The result will be in UTC format and your local time zone.
String mergeType
The property that indicates which merging option is enabled in the source API association.
Valid merge types are MANUAL_MERGE (default) and AUTO_MERGE. Manual merges are the
default behavior and require the user to trigger any changes from the source APIs to the merged API manually.
Auto merges subscribe the merged API to the changes performed on the source APIs so that any change in the source
APIs are also made to the merged API. Auto merges use MergedApiExecutionRoleArn to perform merge
operations.
String associationId
The ID generated by the AppSync service for the source API association.
String associationArn
The Amazon Resource Name (ARN) of the source API association.
String sourceApiId
The ID of the AppSync source API.
String sourceApiArn
The Amazon Resource Name (ARN) of the AppSync Source API.
String mergedApiId
The ID of the AppSync Merged API.
String mergedApiArn
The Amazon Resource Name (ARN) of the AppSync Merged API.
String description
The description field.
RdsDataApiConfig rdsDataApiConfig
The rdsDataApiConfig object data.
String introspectionId
The introspection ID. Each introspection contains a unique ID that can be used to reference the instrospection record.
String introspectionStatus
The status of the introspection during creation. By default, when a new instrospection has been created, the
status will be set to PROCESSING. Once the operation has been completed, the status will change to
SUCCESS or FAILED depending on how the data was parsed. A FAILED operation
will return an error and its details as an introspectionStatusDetail.
String introspectionStatusDetail
The error detail field. When a FAILED introspectionStatus is returned, the
introspectionStatusDetail will also return the exact error that was generated during the operation.
String apiId
The API ID.
ByteBuffer definition
The schema definition, in GraphQL schema language format.
String status
The current state of the schema (PROCESSING, FAILED, SUCCESS, or NOT_APPLICABLE). When the schema is in the ACTIVE state, you can add data.
String associationId
The ID generated by the AppSync service for the source API association.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String sourceApiAssociationStatus
The state of the source API association.
String conflictHandler
The Conflict Resolution strategy to perform in the event of a conflict.
OPTIMISTIC_CONCURRENCY: Resolve conflicts by rejecting mutations when versions don't match the latest version at the server.
AUTOMERGE: Resolve conflicts with the Automerge conflict resolution strategy.
LAMBDA: Resolve conflicts with an Lambda function supplied in the LambdaConflictHandlerConfig
.
String conflictDetection
The Conflict Detection strategy to use.
VERSION: Detect conflicts based on object versions for this resolver.
NONE: Do not detect conflicts when invoking this resolver.
LambdaConflictHandlerConfig lambdaConflictHandlerConfig
The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler.
String apiId
The GraphQL API ID.
Long ttl
TTL in seconds for cache entries.
Valid values are 1–3,600 seconds.
String apiCachingBehavior
Caching behavior.
FULL_REQUEST_CACHING: All requests are fully cached.
PER_RESOLVER_CACHING: Individual resolvers that you specify are cached.
String type
The cache instance type. Valid values are
SMALL
MEDIUM
LARGE
XLARGE
LARGE_2X
LARGE_4X
LARGE_8X (not available in all regions)
LARGE_12X
Historically, instance types were identified by an EC2-style value. As of July 2020, this is deprecated, and the generic identifiers above should be used.
The following legacy instance types are available, but their use is discouraged:
T2_SMALL: A t2.small instance type.
T2_MEDIUM: A t2.medium instance type.
R4_LARGE: A r4.large instance type.
R4_XLARGE: A r4.xlarge instance type.
R4_2XLARGE: A r4.2xlarge instance type.
R4_4XLARGE: A r4.4xlarge instance type.
R4_8XLARGE: A r4.8xlarge instance type.
String healthMetricsConfig
Controls how cache health metrics will be emitted to CloudWatch. Cache health metrics include:
NetworkBandwidthOutAllowanceExceeded: The network packets dropped because the throughput exceeded the aggregated bandwidth limit. This is useful for diagnosing bottlenecks in a cache configuration.
EngineCPUUtilization: The CPU utilization (percentage) allocated to the Redis process. This is useful for diagnosing bottlenecks in a cache configuration.
Metrics will be recorded by API ID. You can set the value to ENABLED or DISABLED.
ApiCache apiCache
The ApiCache object.
String apiId
The ID for the GraphQL API.
String id
The API key ID.
String description
A description of the purpose of the API key.
Long expires
From the update time, the time after which the API key expires. The date is represented as seconds since the epoch. For more information, see .
ApiKey apiKey
The API key.
String apiId
The API ID.
String name
The new name for the data source.
String description
The new description for the data source.
String type
The new data source type.
String serviceRoleArn
The new service role Amazon Resource Name (ARN) for the data source.
DynamodbDataSourceConfig dynamodbConfig
The new Amazon DynamoDB configuration.
LambdaDataSourceConfig lambdaConfig
The new Lambda configuration.
ElasticsearchDataSourceConfig elasticsearchConfig
The new OpenSearch configuration.
As of September 2021, Amazon Elasticsearch service is Amazon OpenSearch Service. This configuration is deprecated. Instead, use UpdateDataSourceRequest$openSearchServiceConfig to update an OpenSearch data source.
OpenSearchServiceDataSourceConfig openSearchServiceConfig
The new OpenSearch configuration.
HttpDataSourceConfig httpConfig
The new HTTP endpoint configuration.
RelationalDatabaseDataSourceConfig relationalDatabaseConfig
The new relational database configuration.
EventBridgeDataSourceConfig eventBridgeConfig
The new Amazon EventBridge settings.
String metricsConfig
Enables or disables enhanced data source metrics for specified data sources. Note that metricsConfig
won't be used unless the dataSourceLevelMetricsBehavior value is set to
PER_DATA_SOURCE_METRICS. If the dataSourceLevelMetricsBehavior is set to
FULL_REQUEST_DATA_SOURCE_METRICS instead, metricsConfig will be ignored. However, you
can still set its value.
metricsConfig can be ENABLED or DISABLED.
DataSource dataSource
The updated DataSource object.
DomainNameConfig domainNameConfig
The configuration for the DomainName.
String apiId
The GraphQL API ID.
String name
The Function name.
String description
The Function description.
String functionId
The function ID.
String dataSourceName
The Function DataSource name.
String requestMappingTemplate
The Function request mapping template. Functions support only the 2018-05-29 version of the request
mapping template.
String responseMappingTemplate
The Function request mapping template.
String functionVersion
The version of the request mapping template. Currently, the supported value is 2018-05-29. Note that
when using VTL and mapping templates, the functionVersion is required.
SyncConfig syncConfig
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The function code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
FunctionConfiguration functionConfiguration
The Function object.
String apiId
The API ID.
String name
The new name for the GraphqlApi object.
LogConfig logConfig
The Amazon CloudWatch Logs configuration for the GraphqlApi object.
String authenticationType
The new authentication type for the GraphqlApi object.
UserPoolConfig userPoolConfig
The new Amazon Cognito user pool configuration for the ~GraphqlApi object.
OpenIDConnectConfig openIDConnectConfig
The OpenID Connect configuration for the GraphqlApi object.
List<E> additionalAuthenticationProviders
A list of additional authentication providers for the GraphqlApi API.
Boolean xrayEnabled
A flag indicating whether to use X-Ray tracing for the GraphqlApi.
LambdaAuthorizerConfig lambdaAuthorizerConfig
Configuration for Lambda function authorization.
String mergedApiExecutionRoleArn
The Identity and Access Management service role ARN for a merged API. The AppSync service assumes this role on
behalf of the Merged API to validate access to source APIs at runtime and to prompt the AUTO_MERGE
to update the merged API endpoint with the source API changes automatically.
String ownerContact
The owner contact information for an API resource.
This field accepts any string input with a length of 0 - 256 characters.
String introspectionConfig
Sets the value of the GraphQL API to enable (ENABLED) or disable (DISABLED)
introspection. If no value is provided, the introspection configuration will be set to ENABLED by
default. This field will produce an error if the operation attempts to use the introspection feature while this
field is disabled.
For more information about introspection, see GraphQL introspection.
Integer queryDepthLimit
The maximum depth a query can have in a single request. Depth refers to the amount of nested levels allowed in
the body of query. The default value is 0 (or unspecified), which indicates there's no depth limit.
If you set a limit, it can be between 1 and 75 nested levels. This field will produce a
limit error if the operation falls out of bounds.
Note that fields can still be set to nullable or non-nullable. If a non-nullable field produces an error, the error will be thrown upwards to the first nullable field available.
Integer resolverCountLimit
The maximum number of resolvers that can be invoked in a single request. The default value is 0 (or
unspecified), which will set the limit to 10000. When specified, the limit value can be between
1 and 10000. This field will produce a limit error if the operation falls out of
bounds.
EnhancedMetricsConfig enhancedMetricsConfig
The enhancedMetricsConfig object.
GraphqlApi graphqlApi
The updated GraphqlApi object.
String apiId
The API ID.
String typeName
The new type name.
String fieldName
The new field name.
String dataSourceName
The new data source name.
String requestMappingTemplate
The new request mapping template.
A resolver uses a request mapping template to convert a GraphQL expression into a format that a data source can understand. Mapping templates are written in Apache Velocity Template Language (VTL).
VTL request mapping templates are optional when using an Lambda data source. For all other data sources, VTL request and response mapping templates are required.
String responseMappingTemplate
The new response mapping template.
String kind
The resolver type.
UNIT: A UNIT resolver type. A UNIT resolver is the default resolver type. You can use a UNIT resolver to run a GraphQL query against a single data source.
PIPELINE: A PIPELINE resolver type. You can use a PIPELINE resolver to invoke a series of
Function objects in a serial manner. You can use a pipeline resolver to run a GraphQL query against
multiple data sources.
PipelineConfig pipelineConfig
The PipelineConfig.
SyncConfig syncConfig
The SyncConfig for a resolver attached to a versioned data source.
CachingConfig cachingConfig
The caching configuration for the resolver.
Integer maxBatchSize
The maximum batching size for a resolver.
AppSyncRuntime runtime
String code
The resolver code that contains the request and response functions. When code is used, the
runtime is required. The runtime value must be APPSYNC_JS.
String metricsConfig
Enables or disables enhanced resolver metrics for specified resolvers. Note that metricsConfig won't
be used unless the resolverLevelMetricsBehavior value is set to PER_RESOLVER_METRICS.
If the resolverLevelMetricsBehavior is set to FULL_REQUEST_RESOLVER_METRICS instead,
metricsConfig will be ignored. However, you can still set its value.
metricsConfig can be ENABLED or DISABLED.
Resolver resolver
The updated Resolver object.
String associationId
The ID generated by the AppSync service for the source API association.
String mergedApiIdentifier
The identifier of the AppSync Merged API. This is generated by the AppSync service. In most cases, Merged APIs (especially in your account) only require the API ID value or ARN of the merged API. However, Merged APIs in other accounts (cross-account use cases) strictly require the full resource ARN of the merged API.
String description
The description field.
SourceApiAssociationConfig sourceApiAssociationConfig
The SourceApiAssociationConfig object data.
SourceApiAssociation sourceApiAssociation
The SourceApiAssociation object data.
Type type
The updated Type object.
String userPoolId
The user pool ID.
String awsRegion
The Amazon Web Services Region in which the user pool was created.
String defaultAction
The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration.
String appIdClientRegex
A regular expression for validating the incoming Amazon Cognito user pool app client ID. If this value isn't set, no filtering is applied.
MainframeResourceSummary resource
The resource of the batch step input.
String batchJobName
The batch job name of the batch step input.