String requestId
String errorCode
AmazonServiceException.ErrorType errorType
AmazonServiceException.ErrorTypeString errorMessage
int statusCode
String serviceName
Map<K,V> httpHeaders
byte[] rawResponse
String proxyHost
String extraInfo
boolean autoConstruct
boolean autoConstruct
String id
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
Map<K,V> configurations
A map of resource ARNs for the proposed resource configuration.
Date createdAt
The time at which the access preview was created.
String status
The status of the access preview.
Creating - The access preview creation is in progress.
Completed - The access preview is complete. You can preview findings for external access to the
resource.
Failed - The access preview creation has failed.
AccessPreviewStatusReason statusReason
Provides more details about the current status of the access preview.
For example, if the creation of the access preview fails, a Failed status is returned. This failure
can be due to an internal issue with the analysis or due to an invalid resource configuration.
String id
The ID of the access preview finding. This ID uniquely identifies the element in the list of access preview findings and is not related to the finding ID in Access Analyzer.
String existingFindingId
The existing ID of the finding in IAM Access Analyzer, provided only for existing findings.
String existingFindingStatus
The existing status of the finding, provided only for existing findings.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to perform.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
String resource
The resource that an external principal has access to. This is the resource associated with the access preview.
Boolean isPublic
Indicates whether the policy that generated the finding allows public access to the resource.
String resourceType
The type of the resource that can be accessed in the finding.
Date createdAt
The time at which the access preview finding was created.
String changeType
Provides context on how the access preview finding compares to existing access identified in IAM Access Analyzer.
New - The finding is for newly-introduced access.
Unchanged - The preview finding is an existing finding that would remain unchanged.
Changed - The preview finding is an existing finding with a change in status.
For example, a Changed finding with preview status Resolved and existing status
Active indicates the existing Active finding would become Resolved as a
result of the proposed permissions change.
String status
The preview status of the finding. This is what the status of the finding would be after permissions deployment.
For example, a Changed finding with preview status Resolved and existing status
Active indicates the existing Active finding would become Resolved as a
result of the proposed permissions change.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning account is the account in which the resource was created.
String error
An error.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
String code
The reason code for the current status of the access preview.
String id
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
Date createdAt
The time at which the access preview was created.
String status
The status of the access preview.
Creating - The access preview creation is in progress.
Completed - The access preview is complete and previews the findings for external access to the
resource.
Failed - The access preview creation has failed.
AccessPreviewStatusReason statusReason
String resourceArn
The ARN of the resource that was analyzed.
String resourceType
The type of the resource that was analyzed.
Date createdAt
The time at which the finding was created.
Date analyzedAt
The time at which the resource was analyzed.
Date updatedAt
The time at which the finding was updated.
Boolean isPublic
Indicates whether the policy that generated the finding grants public access to the resource.
List<E> actions
The actions that an external principal is granted permission to use by the policy that generated the finding.
List<E> sharedVia
Indicates how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.
String status
The current status of the finding generated from the analyzed resource.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
An error message.
String arn
The ARN of the analyzer.
String name
The name of the analyzer.
String type
The type of analyzer, which corresponds to the zone of trust chosen for the analyzer.
Date createdAt
A timestamp for the time at which the analyzer was created.
String lastResourceAnalyzed
The resource that was most recently analyzed by the analyzer.
Date lastResourceAnalyzedAt
The time at which the most recently analyzed resource was analyzed.
Map<K,V> tags
The tags added to the analyzer.
String status
The status of the analyzer. An Active analyzer successfully monitors supported resources and
generates new findings. The analyzer is Disabled when a user action, such as removing trusted access
for Identity and Access Management Access Analyzer from Organizations, causes the analyzer to stop generating new
findings. The status is Creating when the analyzer creation is in progress and Failed
when the analyzer creation has failed.
StatusReason statusReason
The statusReason provides more details about the current status of the analyzer. For example, if the
creation for the analyzer fails, a Failed status is returned. For an analyzer with organization as
the type, this failure can be due to an issue with creating the service-linked roles required in the member
accounts of the Amazon Web Services organization.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
List<E> trails
A Trail object that contains settings for a trail.
String accessRole
The ARN of the service role that IAM Access Analyzer uses to access your CloudTrail trail and service last accessed information.
Date startTime
The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp before this time are not considered to generate a policy.
Date endTime
The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp after this time are not considered to generate a policy. If this is not included in the request, the default value is the current time.
List<E> trailProperties
A TrailProperties object that contains settings for trail properties.
Date startTime
The start of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp before this time are not considered to generate a policy.
Date endTime
The end of the time range for which IAM Access Analyzer reviews your CloudTrail events. Events with a timestamp after this time are not considered to generate a policy. If this is not included in the request, the default value is the current time.
EbsSnapshotConfiguration ebsSnapshot
The access control configuration is for an Amazon EBS volume snapshot.
EcrRepositoryConfiguration ecrRepository
The access control configuration is for an Amazon ECR repository.
IamRoleConfiguration iamRole
The access control configuration is for an IAM role.
EfsFileSystemConfiguration efsFileSystem
The access control configuration is for an Amazon EFS file system.
KmsKeyConfiguration kmsKey
The access control configuration is for a KMS key.
RdsDbClusterSnapshotConfiguration rdsDbClusterSnapshot
The access control configuration is for an Amazon RDS DB cluster snapshot.
RdsDbSnapshotConfiguration rdsDbSnapshot
The access control configuration is for an Amazon RDS DB snapshot.
SecretsManagerSecretConfiguration secretsManagerSecret
The access control configuration is for a Secrets Manager secret.
S3BucketConfiguration s3Bucket
The access control configuration is for an Amazon S3 Bucket.
SnsTopicConfiguration snsTopic
The access control configuration is for an Amazon SNS topic
SqsQueueConfiguration sqsQueue
The access control configuration is for an Amazon SQS queue.
String analyzerArn
The ARN
of the account analyzer used to generate the access preview. You can only create an access preview for
analyzers with an Account type and Active status.
Map<K,V> configurations
Access control configuration for your resource that is used to generate the access preview. The access preview includes findings for external access allowed to the resource with the proposed access control configuration. The configuration must contain exactly one element.
String clientToken
A client token.
String id
The unique ID for the access preview.
String analyzerName
The name of the analyzer to create.
String type
The type of analyzer to create. Only ACCOUNT and ORGANIZATION analyzers are supported. You can create only one analyzer per account per Region. You can create up to 5 analyzers per organization per Region.
List<E> archiveRules
Specifies the archive rules to add for the analyzer. Archive rules automatically archive findings that meet the criteria you define for the rule.
Map<K,V> tags
The tags to apply to the analyzer.
String clientToken
A client token.
String arn
The ARN of the analyzer that was created by the request.
List<E> eq
An "equals" operator to match for the filter used to create the rule.
List<E> neq
A "not equals" operator to match for the filter used to create the rule.
List<E> contains
A "contains" operator to match for the filter used to create the rule.
Boolean exists
An "exists" operator to match for the filter used to create the rule.
List<E> userIds
The IDs of the Amazon Web Services accounts that have access to the Amazon EBS volume snapshot.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the
userIds, then the access preview uses the existing shared userIds for the snapshot.
If the access preview is for a new resource and you do not specify the userIds, then the access
preview considers the snapshot without any userIds.
To propose deletion of existing shared accountIds, you can specify an empty list for
userIds.
List<E> groups
The groups that have access to the Amazon EBS volume snapshot. If the value all is specified, then
the Amazon EBS volume snapshot is public.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the groups
, then the access preview uses the existing shared groups for the snapshot.
If the access preview is for a new resource and you do not specify the groups, then the access
preview considers the snapshot without any groups.
To propose deletion of existing shared groups, you can specify an empty list for groups
.
String kmsKeyId
The KMS key identifier for an encrypted Amazon EBS volume snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon EBS volume snapshot and you do not specify the
kmsKeyId, or you specify an empty string, then the access preview uses the existing
kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the kmsKeyId, the access preview
considers the snapshot as unencrypted.
String repositoryPolicy
The JSON repository policy text to apply to the Amazon ECR repository. For more information, see Private repository policy examples in the Amazon ECR User Guide.
String fileSystemPolicy
The JSON policy definition to apply to the Amazon EFS file system. For more information on the elements that make up a file system policy, see Amazon EFS Resource-based policies.
String id
The ID of the finding.
Map<K,V> principal
The external principal that access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to use.
String resource
The resource that an external principal has access to.
Boolean isPublic
Indicates whether the policy that generated the finding allows public access to the resource.
String resourceType
The type of the resource identified in the finding.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
Date createdAt
The time at which the finding was generated.
Date analyzedAt
The time at which the resource was analyzed.
Date updatedAt
The time at which the finding was updated.
String status
The current status of the finding.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
An error.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
String type
Indicates the type of access that generated the finding.
FindingSourceDetail detail
Includes details about how the access that generated the finding is granted. This is populated for Amazon S3 bucket findings.
String accessPointArn
The ARN of the access point that generated the finding. The ARN format depends on whether the ARN represents an access point or a multi-region access point.
String accessPointAccount
The account of the cross-account access point that generated the finding.
String id
The ID of the finding.
Map<K,V> principal
The external principal that has access to a resource within the zone of trust.
List<E> action
The action in the analyzed policy statement that an external principal has permission to use.
String resource
The resource that the external principal has access to.
Boolean isPublic
Indicates whether the finding reports a resource that has a policy that allows public access.
String resourceType
The type of the resource that the external principal has access to.
Map<K,V> condition
The condition in the analyzed policy statement that resulted in a finding.
Date createdAt
The time at which the finding was created.
Date analyzedAt
The time at which the resource-based policy that generated the finding was analyzed.
Date updatedAt
The time at which the finding was most recently updated.
String status
The status of the finding.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource.
String error
The error that resulted in an Error finding.
List<E> sources
The sources of the finding. This indicates how the access that generated the finding is granted. It is populated for Amazon S3 bucket findings.
String policy
The text to use as the content for the new policy. The policy is created using the CreatePolicy action.
Boolean isComplete
This value is set to true if the generated policy contains all possible actions for a service that
IAM Access Analyzer identified from the CloudTrail trail that you specified, and false otherwise.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
CloudTrailProperties cloudTrailProperties
Lists details about the Trail used to generated policy.
GeneratedPolicyProperties properties
A GeneratedPolicyProperties object that contains properties of the generated policy.
List<E> generatedPolicies
The text to use as the content for the new policy. The policy is created using the CreatePolicy action.
String accessPreviewId
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
AccessPreview accessPreview
An object that contains information about the access preview.
String analyzerArn
The ARN of the analyzer to retrieve information from.
String resourceArn
The ARN of the resource to retrieve information about.
AnalyzedResource resource
An AnalyzedResource object that contains information that IAM Access Analyzer found when it analyzed
the resource.
String analyzerName
The name of the analyzer retrieved.
AnalyzerSummary analyzer
An AnalyzerSummary object that contains information about the analyzer.
ArchiveRuleSummary archiveRule
String analyzerArn
The ARN of the analyzer that generated the finding.
String id
The ID of the finding to retrieve.
Finding finding
A finding object that contains finding details.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
Boolean includeResourcePlaceholders
The level of detail that you want to generate. You can specify whether to generate policies with placeholders for resource ARNs for actions that support resource level granularity in policies.
For example, in the resource section of a policy, you can receive a placeholder such as
"Resource":"arn:aws:s3:::${BucketName}" instead of "*".
Boolean includeServiceLevelTemplate
The level of detail that you want to generate. You can specify whether to generate service-level policies.
IAM Access Analyzer uses iam:servicelastaccessed to identify services that have been used recently
to create this service-level template.
JobDetails jobDetails
A GeneratedPolicyDetails object that contains details about the generated policy.
GeneratedPolicyResult generatedPolicyResult
A GeneratedPolicyResult object that contains the generated policies and associated details.
String trustPolicy
The proposed trust policy for the IAM role.
Integer retryAfterSeconds
The seconds to wait to retry.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String status
The status of the job request.
Date startedOn
A timestamp of when the job was started.
Date completedOn
A timestamp of when the job was completed.
JobError jobError
The job error for the policy generation request.
List<E> operations
A list of operations that the grant permits.
String granteePrincipal
The principal that is given permission to perform the operations that the grant permits.
String retiringPrincipal
The principal that is given permission to retire the grant by using RetireGrant operation.
KmsGrantConstraints constraints
Use this structure to propose allowing cryptographic operations in the grant only when the operation request includes the specified encryption context.
String issuingAccount
The Amazon Web Services account under which the grant was issued. The account is used to propose KMS grants issued by accounts other than the owner of the key.
Map<K,V> encryptionContextEquals
A list of key-value pairs that must match the encryption context in the cryptographic operation request. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint.
Map<K,V> encryptionContextSubset
A list of key-value pairs that must be included in the encryption context of the cryptographic operation request. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs.
Map<K,V> keyPolicies
Resource policy configuration for the KMS key. The only valid value for the name of the key policy is
default. For more information, see Default key
policy.
List<E> grants
A list of proposed grant configurations for the KMS key. If the proposed grant configuration is for an existing key, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the key.
String accessPreviewId
The unique ID for the access preview.
String analyzerArn
The ARN of the analyzer used to generate the access.
Map<K,V> filter
Criteria to filter the returned findings.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer used to generate the access preview.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer to retrieve a list of analyzed resources from.
String resourceType
The type of resource.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String analyzerArn
The ARN of the analyzer to retrieve findings from.
Map<K,V> filter
A filter to match for the findings to return.
SortCriteria sort
The sort order for the findings returned.
String nextToken
A token used for pagination of results returned.
Integer maxResults
The maximum number of results to return in the response.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy. Use this with
ListGeneratedPolicies to filter the results to only include results for a specific principal.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
String resourceArn
The ARN of the resource to retrieve tags from.
VpcConfiguration vpcConfiguration
InternetConfiguration internetConfiguration
The configuration for the Amazon S3 access point or multi-region access point with an Internet
origin.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
String status
The status of the policy generation request.
Date startedOn
A timestamp of when the policy generation started.
Date completedOn
A timestamp of when the policy generation was completed.
String principalArn
The ARN of the IAM entity (user or role) for which you are generating a policy.
List<E> accountIds
The Amazon Web Services account IDs that have access to the manual Amazon RDS DB cluster snapshot. If the value
all is specified, then the Amazon RDS DB cluster snapshot is public and can be copied or restored by
all Amazon Web Services accounts.
If the configuration is for an existing Amazon RDS DB cluster snapshot and you do not specify the
accountIds in RdsDbClusterSnapshotAttributeValue, then the access preview uses the
existing shared accountIds for the snapshot.
If the access preview is for a new resource and you do not specify the specify the accountIds in
RdsDbClusterSnapshotAttributeValue, then the access preview considers the snapshot without any
attributes.
To propose deletion of existing shared accountIds, you can specify an empty list for
accountIds in the RdsDbClusterSnapshotAttributeValue.
Map<K,V> attributes
The names and values of manual DB cluster snapshot attributes. Manual DB cluster snapshot attributes are used to
authorize other Amazon Web Services accounts to restore a manual DB cluster snapshot. The only valid value for
AttributeName for the attribute map is restore
String kmsKeyId
The KMS key identifier for an encrypted Amazon RDS DB cluster snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon RDS DB cluster snapshot and you do not specify the
kmsKeyId, or you specify an empty string, then the access preview uses the existing
kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the specify the kmsKeyId, then
the access preview considers the snapshot as unencrypted.
List<E> accountIds
The Amazon Web Services account IDs that have access to the manual Amazon RDS DB snapshot. If the value
all is specified, then the Amazon RDS DB snapshot is public and can be copied or restored by all
Amazon Web Services accounts.
If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the accountIds
in RdsDbSnapshotAttributeValue, then the access preview uses the existing shared
accountIds for the snapshot.
If the access preview is for a new resource and you do not specify the specify the accountIds in
RdsDbSnapshotAttributeValue, then the access preview considers the snapshot without any attributes.
To propose deletion of an existing shared accountIds, you can specify an empty list for
accountIds in the RdsDbSnapshotAttributeValue.
Map<K,V> attributes
The names and values of manual DB snapshot attributes. Manual DB snapshot attributes are used to authorize other
Amazon Web Services accounts to restore a manual DB snapshot. The only valid value for attributeName
for the attribute map is restore.
String kmsKeyId
The KMS key identifier for an encrypted Amazon RDS DB snapshot. The KMS key identifier is the key ARN, key ID, alias ARN, or alias name for the KMS key.
If the configuration is for an existing Amazon RDS DB snapshot and you do not specify the kmsKeyId,
or you specify an empty string, then the access preview uses the existing kmsKeyId of the snapshot.
If the access preview is for a new resource and you do not specify the specify the kmsKeyId, then
the access preview considers the snapshot as unencrypted.
String accessPointPolicy
The access point or multi-region access point policy.
S3PublicAccessBlockConfiguration publicAccessBlock
The proposed S3PublicAccessBlock configuration to apply to this Amazon S3 access point or
multi-region access point.
NetworkOriginConfiguration networkOrigin
The proposed Internet and VpcConfiguration to apply to this Amazon S3 access point.
VpcConfiguration does not apply to multi-region access points. If the access preview is for a new
resource and neither is specified, the access preview uses Internet for the network origin. If the
access preview is for an existing resource and neither is specified, the access preview uses the exiting network
origin.
String permission
The permissions being granted.
AclGrantee grantee
The grantee to whom you’re assigning access rights.
String bucketPolicy
The proposed bucket policy for the Amazon S3 bucket.
List<E> bucketAclGrants
The proposed list of ACL grants for the Amazon S3 bucket. You can propose up to 100 ACL grants per bucket. If the proposed grant configuration is for an existing bucket, the access preview uses the proposed list of grant configurations in place of the existing grants. Otherwise, the access preview uses the existing grants for the bucket.
S3PublicAccessBlockConfiguration bucketPublicAccessBlock
The proposed block public access configuration for the Amazon S3 bucket.
Map<K,V> accessPoints
The configuration of Amazon S3 access points or multi-region access points for the bucket. You can propose up to 10 new access points per bucket.
String topicPolicy
The JSON policy text that defines who can access an Amazon SNS topic. For more information, see Example cases for Amazon SNS access control in the Amazon SNS Developer Guide.
String queuePolicy
The proposed resource policy for the Amazon SQS queue.
PolicyGenerationDetails policyGenerationDetails
Contains the ARN of the IAM entity (user or role) for which you are generating a policy.
CloudTrailDetails cloudTrailDetails
A CloudTrailDetails object that contains details about a Trail that you want to analyze
to generate policies.
String clientToken
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Idempotency ensures that an API request completes only once. With an idempotent request, if the original request completes successfully, the subsequent retries with the same client token return the result from the original successful request and they have no additional effect.
If you do not specify a client token, one is automatically generated by the Amazon Web Services SDK.
String jobId
The JobId that is returned by the StartPolicyGeneration operation. The
JobId can be used with GetGeneratedPolicy to retrieve the generated policies or used
with CancelPolicyGeneration to cancel the policy generation request.
String analyzerArn
The ARN of the analyzer to use to scan the policies applied to the specified resource.
String resourceArn
The ARN of the resource to scan.
String resourceOwnerAccount
The Amazon Web Services account ID that owns the resource. For most Amazon Web Services resources, the owning account is the account in which the resource was created.
String code
The reason code for the current status of the analyzer.
Integer retryAfterSeconds
The seconds to wait to retry.
String cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
List<E> regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Boolean allRegions
Possible values are true or false. If set to true, IAM Access Analyzer
retrieves CloudTrail data from all regions to analyze and generate a policy.
String cloudTrailArn
Specifies the ARN of the trail. The format of a trail ARN is
arn:aws:cloudtrail:us-east-2:123456789012:trail/MyTrail.
List<E> regions
A list of regions to get CloudTrail data from and analyze to generate a policy.
Boolean allRegions
Possible values are true or false. If set to true, IAM Access Analyzer
retrieves CloudTrail data from all regions to analyze and generate a policy.
String analyzerName
The name of the analyzer to update the archive rules for.
String ruleName
The name of the rule to update.
Map<K,V> filter
A filter to match for the rules to update. Only rules that match the filter are updated.
String clientToken
A client token.
String analyzerArn
The ARN of the analyzer that generated the findings to update.
String status
The state represents the action to take to update the finding Status. Use ARCHIVE to change an
Active finding to an Archived finding. Use ACTIVE to change an Archived finding to an Active
finding.
List<E> ids
The IDs of the findings to update.
String resourceArn
The ARN of the resource identified in the finding.
String clientToken
A client token.
String findingDetails
A localized message that explains the finding and provides guidance on how to address it.
String findingType
The impact of the finding.
Security warnings report when the policy allows access that we consider overly permissive.
Errors report when a part of the policy is not functional.
Warnings report non-security issues when a policy does not conform to policy writing best practices.
Suggestions recommend stylistic improvements in the policy that do not impact access.
String issueCode
The issue code provides an identifier of the issue associated with this finding.
String learnMoreLink
A link to additional documentation about the type of finding.
List<E> locations
The list of locations in the policy document that are related to the finding. The issue code provides a summary of an issue identified by the finding.
String locale
The locale to use for localizing the findings.
Integer maxResults
The maximum number of results to return in the response.
String nextToken
A token used for pagination of results returned.
String policyDocument
The JSON policy document to use as the content for the policy.
String policyType
The type of policy to validate. Identity policies grant permissions to IAM principals. Identity policies include managed and inline policies for IAM roles, users, and groups. They also include service-control policies (SCPs) that are attached to an Amazon Web Services organization, organizational unit (OU), or an account.
Resource policies grant permissions on Amazon Web Services resources. Resource policies include trust policies for IAM roles and bucket policies for Amazon S3 buckets. You can provide a generic input such as identity policy or resource policy or a specific input such as managed policy or Amazon S3 bucket policy.
String validatePolicyResourceType
The type of resource to attach to your resource policy. Specify a value for the policy validation resource type
only if the policy type is RESOURCE_POLICY. For example, to validate a resource policy to attach to
an Amazon S3 bucket, you can choose AWS::S3::Bucket for the policy validation resource type.
For resource types not supported as valid values, IAM Access Analyzer runs policy checks that apply to all resource policies. For example, to validate a resource policy to attach to a KMS key, do not specify a value for the policy validation resource type and IAM Access Analyzer will run policy checks that apply to all resource policies.
String vpcId
If this field is specified, this access point will only allow connections from the specified VPC ID.
String alternateContactType
The type of alternate contact.
String emailAddress
The email address associated with this alternate contact.
String name
The name associated with this alternate contact.
String phoneNumber
The phone number associated with this alternate contact.
String title
The title associated with this alternate contact.
String addressLine1
The first line of the primary contact address.
String addressLine2
The second line of the primary contact address, if any.
String addressLine3
The third line of the primary contact address, if any.
String city
The city of the primary contact address.
String companyName
The name of the company associated with the primary contact information, if any.
String countryCode
The ISO-3166 two-letter country code for the primary contact address.
String districtOrCounty
The district or county of the primary contact address, if any.
String fullName
The full name of the primary contact address.
String phoneNumber
The phone number of the primary contact information. The number will be validated and, in some countries, checked for activation.
String postalCode
The postal code of the primary contact address.
String stateOrRegion
The state or region of the primary contact address. This field is required in selected countries.
String websiteUrl
The URL of the website associated with the primary contact information, if any.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which of the alternate contacts to delete.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). When you disable a
Region, Amazon Web Services performs actions to deactivate that Region in your account, such as destroying IAM
resources in the Region. This process takes a few minutes for most accounts, but this can take several hours. You
cannot enable the Region until the disabling process is fully completed.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). When you enable a
Region, Amazon Web Services performs actions to prepare your account in that Region, such as distributing your
IAM resources to the Region. This process takes a few minutes for most accounts, but it can take several hours.
You cannot use the Region until this process is complete. Furthermore, you cannot disable the Region until the
enabling process is fully completed.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which alternate contact you want to retrieve.
AlternateContact alternateContact
A structure that contains the details for the specified alternate contact.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
ContactInformation contactInformation
Contains the details of the primary contact information associated with an Amazon Web Services account.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String regionName
Specifies the Region-code for a given Region name (for example, af-south-1). This function will
return the status of whatever Region you pass into this parameter.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
Integer maxResults
The total number of items to return in the command’s output. If the total number of items available is more than
the value specified, a NextToken is provided in the command’s output. To resume pagination, provide
the NextToken value in the starting-token argument of a subsequent command. Do not use
the NextToken response element directly outside of the Amazon Web Services CLI. For usage examples,
see Pagination in the Amazon Web
Services Command Line Interface User Guide.
String nextToken
A token used to specify where to start paginating. This is the NextToken from a previously truncated
response. For usage examples, see Pagination in the Amazon Web
Services Command Line Interface User Guide.
List<E> regionOptStatusContains
A list of Region statuses (Enabling, Enabled, Disabling, Disabled, Enabled_by_default) to use to filter the list of Regions for a given account. For example, passing in a value of ENABLING will only return a list of Regions with a Region status of ENABLING.
String nextToken
If there is more data to be returned, this will be populated. It should be passed into the
next-token request parameter of list-regions.
List<E> regions
This is a list of Regions for a given account, or if the filtered parameter was used, a list of Regions that
match the filter criteria set in the filter parameter.
String accountId
Specifies the 12 digit account ID number of the Amazon Web Services account that you want to access or modify with this operation.
If you do not specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation.
To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account, and the specified account ID must be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId; it must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, then don't specify this parameter, and call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
String alternateContactType
Specifies which alternate contact you want to create or update.
String emailAddress
Specifies an email address for the alternate contact.
String name
Specifies a name for the alternate contact.
String phoneNumber
Specifies a phone number for the alternate contact.
String title
Specifies a title for the alternate contact.
String accountId
Specifies the 12-digit account ID number of the Amazon Web Services account that you want to access or modify with this operation. If you don't specify this parameter, it defaults to the Amazon Web Services account of the identity used to call the operation. To use this parameter, the caller must be an identity in the organization's management account or a delegated administrator account. The specified account ID must also be a member account in the same organization. The organization must have all features enabled, and the organization must have trusted access enabled for the Account Management service, and optionally a delegated admin account assigned.
The management account can't specify its own AccountId. It must call the operation in standalone
context by not including the AccountId parameter.
To call this operation on an account that is not a member of an organization, don't specify this parameter. Instead, call the operation using an identity belonging to the account whose contacts you wish to retrieve or modify.
ContactInformation contactInformation
Contains the details of the primary contact information associated with an Amazon Web Services account.
AccessMethod accessMethod
The type and format of AccessDescription information.
GeneralName accessLocation
The location of AccessDescription information.
String customObjectIdentifier
An object identifier (OID) specifying the AccessMethod. The OID must satisfy the regular expression
shown below. For more information, see NIST's definition of Object Identifier (OID).
String accessMethodType
Specifies the AccessMethod.
Extensions extensions
Specifies X.509 extension information for a certificate.
ASN1Subject subject
String country
Two-digit code that specifies the country in which the certificate subject located.
String organization
Legal name of the organization with which the certificate subject is affiliated.
String organizationalUnit
A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated.
String distinguishedNameQualifier
Disambiguating information for the certificate subject.
String state
State in which the subject of the certificate is located.
String commonName
For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit.
Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject.
String serialNumber
The certificate serial number.
String locality
The locality (such as a city or town) in which the certificate subject is located.
String title
A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject.
String surname
Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first.
String givenName
First name.
String initials
Concatenation that typically contains the first letter of the GivenName, the first letter of the middle name if one exists, and the first letter of the Surname.
String pseudonym
Typically a shortened version of a longer GivenName. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza.
String generationQualifier
Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third.
List<E> customAttributes
Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of Object Identifier (OID).
Custom attributes cannot be used in combination with standard attributes.
String arn
Amazon Resource Name (ARN) for your private certificate authority (CA). The format is
12345678-1234-1234-1234-123456789012 .
String ownerAccount
The Amazon Web Services account ID that owns the certificate authority.
Date createdAt
Date and time at which your private CA was created.
Date lastStateChangeAt
Date and time at which your private CA was last updated.
String type
Type of your private CA.
String serial
Serial number of your private CA.
String status
Status of your private CA.
Date notBefore
Date and time before which your private CA certificate is not valid.
Date notAfter
Date and time after which your private CA certificate is not valid.
String failureReason
Reason the request to create your private CA failed.
CertificateAuthorityConfiguration certificateAuthorityConfiguration
Your private CA configuration.
RevocationConfiguration revocationConfiguration
Information about the Online Certificate Status Protocol (OCSP) configuration or certificate revocation list (CRL) created and maintained by your private CA.
Date restorableUntil
The period during which a deleted CA can be restored. For more information, see the
PermanentDeletionTimeInDays parameter of the DeleteCertificateAuthorityRequest action.
String keyStorageSecurityStandard
Defines a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: Amazon Web Services Region ap-northeast-3 supports only FIPS_140_2_LEVEL_2_OR_HIGHER. You must explicitly
specify this parameter and value when creating a CA in that Region. Specifying a different value (or no value)
results in an InvalidArgsException with the message
"A certificate authority cannot be created in this region with the specified security standard."
String usageMode
Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.
String keyAlgorithm
Type of the public key algorithm and size, in bits, of the key pair that your CA creates when it issues a certificate. When you create a subordinate CA, you must use a key algorithm supported by the parent CA.
String signingAlgorithm
Name of the algorithm your private CA uses to sign certificate requests.
This parameter should not be confused with the SigningAlgorithm parameter used to sign certificates
when they are issued.
ASN1Subject subject
Structure that contains X.500 distinguished name information for your private CA.
CsrExtensions csrExtensions
Specifies information to be added to the extension section of the certificate signing request (CSR).
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the CA to be audited. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String s3BucketName
The name of the S3 bucket that will contain the audit report.
String auditReportResponseFormat
The format in which to create the report. This can be either JSON or CSV.
CertificateAuthorityConfiguration certificateAuthorityConfiguration
Name and bit size of the private key algorithm, the name of the signing algorithm, and X.500 certificate subject information.
RevocationConfiguration revocationConfiguration
Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. The default is for both certificate validation mechanisms to be disabled.
The following requirements apply to revocation configurations.
A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail
if other parameters such as CustomCname or ExpirationInDays are included.
In a CRL configuration, the S3BucketName parameter must conform to Amazon S3 bucket naming
rules.
A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
For more information, see the OcspConfiguration and CrlConfiguration types.
String certificateAuthorityType
The type of the certificate authority.
String idempotencyToken
Custom string that can be used to distinguish between calls to the CreateCertificateAuthority action. Idempotency tokens for CreateCertificateAuthority time out after five minutes. Therefore, if you call CreateCertificateAuthority multiple times with the same idempotency token within five minutes, Amazon Web Services Private CA recognizes that you are requesting only certificate authority and will issue only one. If you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificate authorities.
String keyStorageSecurityStandard
Specifies a cryptographic key management compliance standard used for handling CA keys.
Default: FIPS_140_2_LEVEL_3_OR_HIGHER
Note: FIPS_140_2_LEVEL_3_OR_HIGHER is not supported in the following Regions:
ap-northeast-3
ap-southeast-3
When creating a CA in these Regions, you must provide FIPS_140_2_LEVEL_2_OR_HIGHER as the argument
for KeyStorageSecurityStandard. Failure to do this results in an InvalidArgsException
with the message,
"A certificate authority cannot be created in this region with the specified security standard."
List<E> tags
Key-value pairs that will be attached to the new private CA. You can associate up to 50 tags with a private CA. For information using tags with IAM to manage permissions, see Controlling Access Using IAM Tags.
String usageMode
Specifies whether the CA issues general-purpose certificates that typically require a revocation mechanism, or short-lived certificates that may optionally omit revocation because they expire quickly. Short-lived certificate validity is limited to seven days.
The default value is GENERAL_PURPOSE.
String certificateAuthorityArn
If successful, the Amazon Resource Name (ARN) of the certificate authority (CA). This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the CA that grants the permissions. You can find the ARN by calling the ListCertificateAuthorities action. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String principal
The Amazon Web Services service or identity that receives the permission. At this time, the only valid principal
is acm.amazonaws.com.
String sourceAccount
The ID of the calling account.
List<E> actions
The actions that the specified Amazon Web Services service principal can use. These include
IssueCertificate, GetCertificate, and ListPermissions.
Boolean enabled
Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the CreateCertificateAuthority action or for an existing CA when you call the UpdateCertificateAuthority action.
Integer expirationInDays
Validity period of the CRL in days.
String customCname
Name inserted into the certificate CRL Distribution Points extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
String s3BucketName
Name of the S3 bucket that contains the CRL. If you do not provide a value for the CustomCname argument, the name of your S3 bucket is placed into the CRL Distribution Points extension of the issued certificate. You can change the name of your bucket by calling the UpdateCertificateAuthority operation. You must specify a bucket policy that allows Amazon Web Services Private CA to write the CRL to your bucket.
The S3BucketName parameter must conform to the S3 bucket naming rules.
String s3ObjectAcl
Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access.
If no value is specified, the default is PUBLIC_READ.
Note: This default can cause CA creation to fail in some circumstances. If you have have enabled the Block
Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as
BUCKET_OWNER_FULL_CONTROL, and not doing so results in an error. If you have disabled BPA in S3,
then you can specify either BUCKET_OWNER_FULL_CONTROL or PUBLIC_READ as the value.
For more information, see Blocking public access to the S3 bucket.
KeyUsage keyUsage
Indicates the purpose of the certificate and of the key contained in the certificate.
List<E> subjectInformationAccess
For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see Subject Information Access in RFC 5280.
String objectIdentifier
Specifies the object identifier (OID) of the X.509 extension. For more information, see the Global OID reference database.
String value
Specifies the base64-encoded value of the X.509 extension.
Boolean critical
Specifies the critical flag of the X.509 extension.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
Integer permanentDeletionTimeInDays
The number of days to make a CA restorable after it has been deleted. This can be anywhere from 7 to 30 days, with 30 being the default.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA that issued the permissions. You can find the CA's ARN by calling the ListCertificateAuthorities action. This must have the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String principal
The Amazon Web Services service or identity that will have its CA permissions revoked. At this time, the only
valid service principal is acm.amazonaws.com
String sourceAccount
The Amazon Web Services account that calls this action.
String resourceArn
The Amazon Resource Number (ARN) of the private CA that will have its policy deleted. You can find the CA's ARN
by calling the ListCertificateAuthorities action. The ARN value must have the form
arn:aws:acm-pca:region:account:certificate-authority/01234567-89ab-cdef-0123-0123456789ab.
String certificateAuthorityArn
The Amazon Resource Name (ARN) of the private CA. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String auditReportId
The report ID returned by calling the CreateCertificateAuthorityAuditReport action.
String auditReportStatus
Specifies whether report creation is in progress, has succeeded, or has failed.
String s3BucketName
Name of the S3 bucket that contains the report.
String s3Key
S3 key that uniquely identifies the report file in your S3 bucket.
Date createdAt
The date and time at which the report was created.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
CertificateAuthority certificateAuthority
A CertificateAuthority structure that contains information about your private CA.
List<E> certificatePolicies
Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of Object Identifier (OID).
In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate.
List<E> extendedKeyUsage
Specifies additional purposes for which the certified public key may be used other than basic purposes indicated
in the KeyUsage extension.
KeyUsage keyUsage
List<E> subjectAlternativeNames
The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate.
List<E> customExtensions
Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the Global OID reference database.
OtherName otherName
Represents GeneralName using an OtherName object.
String rfc822Name
Represents GeneralName as an RFC 822
email address.
String dnsName
Represents GeneralName as a DNS name.
ASN1Subject directoryName
EdiPartyName ediPartyName
Represents GeneralName as an EdiPartyName object.
String uniformResourceIdentifier
Represents GeneralName as a URI.
String ipAddress
Represents GeneralName as an IPv4 or IPv6 address.
String registeredId
Represents GeneralName as an object identifier (OID).
String certificateAuthorityArn
The Amazon Resource Name (ARN) of your private CA. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificate
Base64-encoded certificate authority (CA) certificate.
String certificateChain
Base64-encoded certificate chain that includes any intermediate certificates and chains up to root certificate that you used to sign your private CA certificate. The chain does not include your private CA certificate. If this is a root CA, the value will be null.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
String csr
The base64 PEM-encoded certificate signing request (CSR) for your private CA certificate.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
.
String certificateArn
The ARN of the issued certificate. The ARN contains the certificate serial number and must be in the following form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245
String resourceArn
The Amazon Resource Number (ARN) of the private CA that will have its policy retrieved. You can find the CA's ARN by calling the ListCertificateAuthorities action.
String policy
The policy attached to the private CA as a JSON document.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
ByteBuffer certificate
The PEM-encoded certificate for a private CA. This may be a self-signed certificate in the case of a root CA, or it may be signed by another CA that you control.
ByteBuffer certificateChain
A PEM-encoded file that contains all of your certificates, other than the certificate you're importing, chaining up to your root CA. Your Amazon Web Services Private CA-hosted or on-premises root certificate is the last in the chain, and each certificate in the chain signs the one preceding.
This parameter must be supplied when you import a subordinate CA. When you import a root CA, there is no chain.
ApiPassthrough apiPassthrough
Specifies X.509 certificate information to be included in the issued certificate. An APIPassthrough
or APICSRPassthrough template variant must be selected, or else this parameter is ignored. For more
information about using these templates, see Understanding Certificate
Templates.
If conflicting or duplicate certificate information is supplied during certificate issuance, Amazon Web Services Private CA applies order of operation rules to determine what information is used.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
ByteBuffer csr
The certificate signing request (CSR) for the certificate you want to issue. As an example, you can use the following OpenSSL command to create the CSR and a 2048 bit RSA private key.
openssl req -new -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr
If you have a configuration file, you can then use the following OpenSSL command. The usr_cert block
in the configuration file contains your X509 version 3 extensions.
openssl req -new -config openssl_rsa.cnf -extensions usr_cert -newkey rsa:2048 -days 365 -keyout private/test_cert_priv_key.pem -out csr/test_cert_.csr
Note: A CSR must provide either a subject name or a subject alternative name or the request will be rejected.
String signingAlgorithm
The name of the algorithm that will be used to sign the certificate to be issued.
This parameter should not be confused with the SigningAlgorithm parameter used to sign a CSR in the
CreateCertificateAuthority action.
The specified signing algorithm family (RSA or ECDSA) much match the algorithm family of the CA's secret key.
String templateArn
Specifies a custom configuration template to use when issuing a certificate. If this parameter is not provided,
Amazon Web Services Private CA defaults to the EndEntityCertificate/V1 template. For CA
certificates, you should choose the shortest path length that meets your needs. The path length is indicated by
the PathLenN portion of the ARN, where N is the CA depth.
Note: The CA depth configured on a subordinate CA certificate must not exceed the limit set by its parents in the CA hierarchy.
For a list of TemplateArn values supported by Amazon Web Services Private CA, see Understanding Certificate
Templates.
Validity validity
Information describing the end of the validity period of the certificate. This parameter sets the “Not After” date for the certificate.
Certificate validity is the period of time during which a certificate is valid. Validity can be expressed as an explicit date and time when the certificate expires, or as a span of time after issuance, stated in days, months, or years. For more information, see Validity in RFC 5280.
This value is unaffected when ValidityNotBefore is also specified. For example, if
Validity is set to 20 days in the future, the certificate will expire 20 days from issuance time
regardless of the ValidityNotBefore value.
The end of the validity period configured on a certificate must not exceed the limit set on its parents in the CA hierarchy.
Validity validityNotBefore
Information describing the start of the validity period of the certificate. This parameter sets the “Not Before" date for the certificate.
By default, when issuing a certificate, Amazon Web Services Private CA sets the "Not Before" date to the issuance
time minus 60 minutes. This compensates for clock inconsistencies across computer systems. The
ValidityNotBefore parameter can be used to customize the “Not Before” value.
Unlike the Validity parameter, the ValidityNotBefore parameter is optional.
The ValidityNotBefore value is expressed as an explicit date and time, using the
Validity type value ABSOLUTE. For more information, see Validity in this API
reference and Validity in RFC 5280.
String idempotencyToken
Alphanumeric string that can be used to distinguish between calls to the IssueCertificate action. Idempotency tokens for IssueCertificate time out after one minute. Therefore, if you call IssueCertificate multiple times with the same idempotency token within one minute, Amazon Web Services Private CA recognizes that you are requesting only one certificate and will issue only one. If you change the idempotency token for each call, Amazon Web Services Private CA recognizes that you are requesting multiple certificates.
String certificateArn
The Amazon Resource Name (ARN) of the issued certificate and the certificate serial number. This is of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012/certificate/286535153982981100925020015808220737245
Boolean digitalSignature
Key can be used for digital signing.
Boolean nonRepudiation
Key can be used for non-repudiation.
Boolean keyEncipherment
Key can be used to encipher data.
Boolean dataEncipherment
Key can be used to decipher data.
Boolean keyAgreement
Key can be used in a key-agreement protocol.
Boolean keyCertSign
Key can be used to sign certificates.
Boolean cRLSign
Key can be used to sign CRLs.
Boolean encipherOnly
Key can be used only to encipher data.
Boolean decipherOnly
Key can be used only to decipher data.
String nextToken
Use this parameter when paginating results in a subsequent request after you receive a response with truncated
results. Set it to the value of the NextToken parameter from the response you just received.
Integer maxResults
Use this parameter when paginating results to specify the maximum number of items to return in the response on
each page. If additional items exist beyond the number you specify, the NextToken element is sent in
the response. Use this NextToken value in a subsequent request to retrieve additional items.
String resourceOwner
Use this parameter to filter the returned set of certificate authorities based on their owner. The default is SELF.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA to inspect. You can find the ARN by calling the ListCertificateAuthorities action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012 You can
get a private CA's ARN by running the ListCertificateAuthorities action.
String nextToken
When paginating results, use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.
Integer maxResults
When paginating results, use this parameter to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.
List<E> permissions
Summary information about each permission assigned by the specified private CA, including the action enabled, the policy provided, and the time of creation.
String nextToken
When the list is truncated, this value is present and should be used for the NextToken parameter in a subsequent pagination request.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
String nextToken
Use this parameter when paginating results in a subsequent request after you receive a response with truncated results. Set it to the value of NextToken from the response you just received.
Integer maxResults
Use this parameter when paginating results to specify the maximum number of items to return in the response. If additional items exist beyond the number you specify, the NextToken element is sent in the response. Use this NextToken value in a subsequent request to retrieve additional items.
Boolean enabled
Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status.
String ocspCustomCname
By default, Amazon Web Services Private CA injects an Amazon Web Services domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain.
The content of a Canonical Name (CNAME) record must conform to RFC2396 restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://".
For more information, see Customizing Online Certificate Status Protocol (OCSP) in the Amazon Web Services Private Certificate Authority User Guide.
String certificateAuthorityArn
The Amazon Resource Number (ARN) of the private CA from which the permission was issued.
Date createdAt
The time at which the permission was created.
String principal
The Amazon Web Services service or entity that holds the permission. At this time, the only valid principal is
acm.amazonaws.com.
String sourceAccount
The ID of the account that assigned the permission.
List<E> actions
The private CA actions that can be performed by the designated Amazon Web Services service.
String policy
The name of the policy that is associated with the permission.
String certPolicyId
Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of Object Identifier (OID).
List<E> policyQualifiers
Modifies the given CertPolicyId with a qualifier. Amazon Web Services Private CA supports the
certification practice statement (CPS) qualifier.
String resourceArn
The Amazon Resource Number (ARN) of the private CA to associate with the policy. The ARN of the CA can be found by calling the ListCertificateAuthorities action.
String policy
The path and file name of a JSON-formatted IAM policy to attach to the specified private CA resource. If this
policy does not contain all required statements or if it includes any statement that is not allowed, the
PutPolicy action returns an InvalidPolicyException. For information about IAM policy
and statement structure, see Overview of
JSON Policies.
String cpsUri
Contains a pointer to a certification practice statement (CPS) published by the CA.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called the CreateCertificateAuthority action. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
CrlConfiguration crlConfiguration
Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. A CRL is typically updated approximately 30 minutes after a certificate is revoked. If for any reason a CRL update fails, Amazon Web Services Private CA makes further attempts every 15 minutes.
OcspConfiguration ocspConfiguration
Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. When you revoke a certificate, OCSP responses may take up to 60 minutes to reflect the new status.
String certificateAuthorityArn
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
String certificateSerial
Serial number of the certificate to be revoked. This must be in hexadecimal format. You can retrieve the serial number by calling GetCertificate with the Amazon Resource Name (ARN) of the certificate you want and the ARN of your private CA. The GetCertificate action retrieves the certificate in the PEM format. You can use the following OpenSSL command to list the certificate in text format and copy the hexadecimal serial number.
openssl x509 -in file_path -text -noout
You can also copy the serial number from the console or use the DescribeCertificate action in the Certificate Manager API Reference.
String revocationReason
Specifies why you revoked the certificate.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
List<E> tags
List of tags to be associated with the CA.
String certificateAuthorityArn
The Amazon Resource Name (ARN) that was returned when you called CreateCertificateAuthority. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
List<E> tags
List of tags to be removed from the CA.
String certificateAuthorityArn
Amazon Resource Name (ARN) of the private CA that issued the certificate to be revoked. This must be of the form:
arn:aws:acm-pca:region:account:certificate-authority/12345678-1234-1234-1234-123456789012
RevocationConfiguration revocationConfiguration
Contains information to enable Online Certificate Status Protocol (OCSP) support, to enable a certificate revocation list (CRL), to enable both, or to enable neither. If this parameter is not supplied, existing capibilites remain unchanged. For more information, see the OcspConfiguration and CrlConfiguration types.
The following requirements apply to revocation configurations.
A configuration disabling CRLs or OCSP must contain only the Enabled=False parameter, and will fail
if other parameters such as CustomCname or ExpirationInDays are included.
In a CRL configuration, the S3BucketName parameter must conform to Amazon S3 bucket naming
rules.
A configuration containing a custom Canonical Name (CNAME) parameter for CRLs or OCSP must conform to RFC2396 restrictions on the use of special characters in a CNAME.
In a CRL or OCSP configuration, the value of a CNAME parameter must not include a protocol prefix such as "http://" or "https://".
String status
Status of your private CA.
Long value
A long integer interpreted according to the value of Type, below.
String type
Determines how Amazon Web Services Private CA interprets the Value parameter, an integer.
Supported validity types include those listed below. Type definitions with values include a sample input value
and the resulting output.
END_DATE: The specific date and time when the certificate will expire, expressed using UTCTime
(YYMMDDHHMMSS) or GeneralizedTime (YYYYMMDDHHMMSS) format. When UTCTime is used, if the year field (YY) is
greater than or equal to 50, the year is interpreted as 19YY. If the year field is less than 50, the year is
interpreted as 20YY.
Sample input value: 491231235959 (UTCTime format)
Output expiration date/time: 12/31/2049 23:59:59
ABSOLUTE: The specific date and time when the validity of a certificate will start or expire,
expressed in seconds since the Unix Epoch.
Sample input value: 2524608000
Output expiration date/time: 01/01/2050 00:00:00
DAYS, MONTHS, YEARS: The relative time from the moment of issuance until
the certificate will expire, expressed in days, months, or years.
Example if DAYS, issued on 10/12/2020 at 12:34:54 UTC:
Sample input value: 90
Output expiration date: 01/10/2020 12:34:54 UTC
The minimum validity duration for a certificate using relative time (DAYS) is one day. The minimum
validity for a certificate using absolute time (ABSOLUTE or END_DATE) is one second.
String skillId
The unique identifier of the skill.
String skillId
The private skill ID you want to make available to enrolled users.
String locale
The locale of the audio message. Currently, en-US is supported.
String location
The location of the audio file. Currently, S3 URLs are supported. Only S3 locations comprised of safe characters are valid. For more information, see Safe Characters.
String status
The status of the report generation execution (RUNNING, SUCCEEDED, or FAILED).
String failureCode
The failure code.
BusinessReportS3Location s3Location
The S3 location of the output reports.
Date deliveryTime
The time of report delivery.
String downloadUrl
The download link where a user can download the report.
String interval
The interval of the content range.
String startDate
The start date.
String scheduleArn
The ARN of the business report schedule.
String scheduleName
The name identifier of the schedule.
String s3BucketName
The S3 bucket name of the output reports.
String s3KeyPrefix
The S3 key where the report is delivered.
String format
The format of the generated report (individual CSV files or zipped files of individual files).
BusinessReportContentRange contentRange
The content range of the reports.
BusinessReportRecurrence recurrence
The recurrence of the reports.
BusinessReport lastBusinessReport
The details of the last business report delivery for a specified time interval.
String defaultConferenceProviderArn
The ARN of the default conference provider.
String arn
The ARN of the newly created conference provider.
String name
The name of the conference provider.
String type
The type of conference providers.
IPDialIn iPDialIn
The IP endpoint and protocol for calling.
PSTNDialIn pSTNDialIn
The information for PSTN conferencing.
MeetingSetting meetingSetting
The meeting settings for the conference provider.
String contactArn
The ARN of the contact.
String displayName
The name of the contact to display on the console.
String firstName
The first name of the contact, used to call the contact on the device.
String lastName
The last name of the contact, used to call the contact on the device.
String phoneNumber
The phone number of the contact. The phone number type defaults to WORK. You can either specify PhoneNumber or PhoneNumbers. We recommend that you use PhoneNumbers, which lets you specify the phone number type and multiple numbers.
List<E> phoneNumbers
The list of phone numbers for the contact.
List<E> sipAddresses
The list of SIP addresses for the contact.
String contactArn
The ARN of the contact.
String displayName
The name of the contact to display on the console.
String firstName
The first name of the contact, used to call the contact on the device.
String lastName
The last name of the contact, used to call the contact on the device.
String phoneNumber
The phone number of the contact. The phone number type defaults to WORK. You can specify PhoneNumber or PhoneNumbers. We recommend that you use PhoneNumbers, which lets you specify the phone number type and multiple numbers.
List<E> phoneNumbers
The list of phone numbers for the contact.
List<E> sipAddresses
The list of SIP addresses for the contact.
String name
The name of the address book.
String description
The description of the address book.
String clientRequestToken
A unique, user-specified identifier for the request that ensures idempotency.
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String addressBookArn
The ARN of the newly created address book.
String scheduleName
The name identifier of the schedule.
String s3BucketName
The S3 bucket name of the output reports. If this isn't specified, the report can be retrieved from a download link by calling ListBusinessReportSchedule.
String s3KeyPrefix
The S3 key where the report is delivered.
String format
The format of the generated report (individual CSV files or zipped files of individual files).
BusinessReportContentRange contentRange
The content range of the reports.
BusinessReportRecurrence recurrence
The recurrence of the reports. If this isn't specified, the report will only be delivered one time when the API is called.
String clientRequestToken
The client request token.
List<E> tags
The tags for the business report schedule.
String scheduleArn
The ARN of the business report schedule.
String conferenceProviderName
The name of the conference provider.
String conferenceProviderType
Represents a type within a list of predefined types.
IPDialIn iPDialIn
The IP endpoint and protocol for calling.
PSTNDialIn pSTNDialIn
The information for PSTN conferencing.
MeetingSetting meetingSetting
The meeting settings for the conference provider.
String clientRequestToken
The request token of the client.
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String conferenceProviderArn
The ARN of the newly-created conference provider.
String displayName
The name of the contact to display on the console.
String firstName
The first name of the contact that is used to call the contact on the device.
String lastName
The last name of the contact that is used to call the contact on the device.
String phoneNumber
The phone number of the contact in E.164 format. The phone number type defaults to WORK. You can specify PhoneNumber or PhoneNumbers. We recommend that you use PhoneNumbers, which lets you specify the phone number type and multiple numbers.
List<E> phoneNumbers
The list of phone numbers for the contact.
List<E> sipAddresses
The list of SIP addresses for the contact.
String clientRequestToken
A unique, user-specified identifier for this request that ensures idempotency.
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String contactArn
The ARN of the newly created address book.
String name
The name of the gateway group.
String description
The description of the gateway group.
String clientRequestToken
A unique, user-specified identifier for the request that ensures idempotency.
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String gatewayGroupArn
The ARN of the created gateway group.
Boolean roomUtilizationMetricsEnabled
Whether room utilization metrics are enabled or not.
CreateEndOfMeetingReminder endOfMeetingReminder
CreateInstantBooking instantBooking
Settings to automatically book a room for a configured duration if it's free when joining a meeting with Alexa.
CreateRequireCheckIn requireCheckIn
Settings for requiring a check in when a room is reserved. Alexa can cancel a room reservation if it's not checked into to make the room available for others. Users can check in by joining the meeting with Alexa or an AVS device, or by saying “Alexa, check in.”
CreateProactiveJoin proactiveJoin
String networkProfileName
The name of the network profile associated with a device.
String description
Detailed information about a device's network profile.
String ssid
The SSID of the Wi-Fi network.
String securityType
The security type of the Wi-Fi network. This can be WPA2_ENTERPRISE, WPA2_PSK, WPA_PSK, WEP, or OPEN.
String eapMethod
The authentication standard that is used in the EAP framework. Currently, EAP_TLS is supported.
String currentPassword
The current password of the Wi-Fi network.
String nextPassword
The next, or subsequent, password of the Wi-Fi network. This password is asynchronously transmitted to the device and is used when the password of the network changes to NextPassword.
String certificateAuthorityArn
The ARN of the Private Certificate Authority (PCA) created in AWS Certificate Manager (ACM). This is used to issue certificates to the devices.
List<E> trustAnchors
The root certificates of your authentication server that is installed on your devices and used to trust your authentication server during EAP negotiation.
String clientRequestToken
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String networkProfileArn
The ARN of the network profile associated with a device.
Boolean enabledByMotion
String profileName
The name of a room profile.
String timezone
The time zone used by a room profile.
String address
The valid address for the room.
String distanceUnit
The distance unit to be used by devices in the profile.
String temperatureUnit
The temperature unit to be used by devices in the profile.
String wakeWord
A wake word for Alexa, Echo, Amazon, or a computer.
String locale
The locale of the room profile. (This is currently only available to a limited preview audience.)
String clientRequestToken
The user-specified token that is used during the creation of a profile.
Boolean setupModeDisabled
Whether room profile setup is enabled.
Integer maxVolumeLimit
The maximum volume limit for a room profile.
Boolean pSTNEnabled
Whether PSTN calling is enabled.
Boolean dataRetentionOptIn
Whether data retention of the profile is enabled.
CreateMeetingRoomConfiguration meetingRoomConfiguration
The meeting room settings of a room profile.
List<E> tags
The tags for the profile.
String profileArn
The ARN of the newly created room profile in the response.
String roomName
The name for the room.
String description
The description for the room.
String profileArn
The profile ARN for the room. This is required.
String providerCalendarId
The calendar ARN for the room.
String clientRequestToken
A unique, user-specified identifier for this request that ensures idempotency.
List<E> tags
The tags for the room.
String roomArn
The ARN of the newly created room in the response.
String skillGroupName
The name for the skill group.
String description
The description for the skill group.
String clientRequestToken
A unique, user-specified identifier for this request that ensures idempotency.
List<E> tags
The tags for the skill group.
String skillGroupArn
The ARN of the newly created skill group in the response.
String userId
The ARN for the user.
String firstName
The first name for the user.
String lastName
The last name for the user.
String email
The email address for the user.
String clientRequestToken
A unique, user-specified identifier for this request that ensures idempotency.
List<E> tags
The tags for the user.
String userArn
The ARN of the newly created user in the response.
String addressBookArn
The ARN of the address book to delete.
String scheduleArn
The ARN of the business report schedule.
String conferenceProviderArn
The ARN of the conference provider.
String contactArn
The ARN of the contact to delete.
String deviceArn
The ARN of the device for which to request details.
String gatewayGroupArn
The ARN of the gateway group to delete.
String networkProfileArn
The ARN of the network profile associated with a device.
String profileArn
The ARN of the room profile to delete. Required.
String roomArn
The ARN of the room to delete. Required.
String skillGroupArn
The ARN of the skill group to delete. Required.
String deviceArn
The ARN of a device.
String deviceSerialNumber
The serial number of a device.
String deviceType
The type of a device.
String deviceName
The name of a device.
String softwareVersion
The software version of a device.
String macAddress
The MAC address of a device.
String roomArn
The room ARN of a device.
String deviceStatus
The status of a device. If the status is not READY, check the DeviceStatusInfo value for details.
DeviceStatusInfo deviceStatusInfo
Detailed information about a device's status.
DeviceNetworkProfileInfo networkProfileInfo
Detailed information about a device's network profile.
String deviceArn
The ARN of a device.
String deviceSerialNumber
The serial number of a device.
String deviceType
The type of a device.
String deviceName
The name of a device.
String softwareVersion
The software version of a device.
String macAddress
The MAC address of a device.
String deviceStatus
The status of a device.
String networkProfileArn
The ARN of the network profile associated with a device.
String networkProfileName
The name of the network profile associated with a device.
String roomArn
The room ARN associated with a device.
String roomName
The name of the room associated with a device.
DeviceStatusInfo deviceStatusInfo
Detailed information about a device's status.
Date createdTime
The time (in epoch) when the device data was created.
List<E> deviceStatusDetails
One or more device status detail descriptions.
String connectionStatus
The latest available information about the connection status of a device.
Date connectionStatusUpdatedTime
The time (in epoch) when the device connection status changed.
String deviceArn
The ARN of the device to disassociate from a room. Required.
String skillId
The private skill ID you want to make unavailable for enrolled users.
String roomArn
The room that the appliances are associated with.
String arn
The ARN of the gateway.
String name
The name of the gateway.
String description
The description of the gateway.
String gatewayGroupArn
The ARN of the gateway group that the gateway is associated to.
String softwareVersion
The software version of the gateway. The gateway automatically updates its software version during normal operation.
String arn
The ARN of the gateway.
String name
The name of the gateway.
String description
The description of the gateway.
String gatewayGroupArn
The ARN of the gateway group that the gateway is associated to.
String softwareVersion
The software version of the gateway. The gateway automatically updates its software version during normal operation.
String addressBookArn
The ARN of the address book for which to request details.
AddressBook addressBook
The details of the requested address book.
ConferencePreference preference
The conference preference.
String conferenceProviderArn
The ARN of the newly created conference provider.
ConferenceProvider conferenceProvider
The conference provider.
String contactArn
The ARN of the contact for which to request details.
Contact contact
The details of the requested contact.
String deviceArn
The ARN of the device for which to request details. Required.
Device device
The details of the device requested. Required.
String gatewayGroupArn
The ARN of the gateway group to get.
GatewayGroup gatewayGroup
String gatewayArn
The ARN of the gateway to get.
Gateway gateway
The details of the gateway.
String organizationName
The name of the organization sending the enrollment invite to a user.
String contactEmail
The email ID of the organization or individual contact that the enrolled user can use.
List<E> privateSkillIds
The list of private skill IDs that you want to recommend to the user to enable in the invitation.
String networkProfileArn
The ARN of the network profile associated with a device.
NetworkProfile networkProfile
The network profile associated with a device.
String profileArn
The ARN of the room profile for which to request details. Required.
Profile profile
The details of the room profile requested. Required.
String roomArn
The ARN of the room for which to request details. Required.
Room room
The details of the room requested.
RoomSkillParameter roomSkillParameter
The details of the room skill parameter requested. Required.
String skillGroupArn
The ARN of the skill group for which to get details. Required.
SkillGroup skillGroup
The details of the skill group requested. Required.
String deviceArn
The ARN of a device.
String eventType
The event type to filter device events. If EventType isn't specified, this returns a list of all device events in reverse chronological order. If EventType is specified, this returns a list of device events for that EventType in reverse chronological order.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response only includes results beyond the token, up to the value specified by MaxResults. When the end of results is reached, the response has a value of null.
Integer maxResults
The maximum number of results to include in the response. The default value is 50. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
String skillGroupArn
The ARN of the skill group for which to list enabled skills.
String enablementType
Whether the skill is enabled under the user's account.
String skillType
Whether the skill is publicly available or is a private skill.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
String arn
The ARN of the specified resource for which to list tags.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
Boolean roomUtilizationMetricsEnabled
Whether room utilization metrics are enabled or not.
EndOfMeetingReminder endOfMeetingReminder
Settings for the end of meeting reminder feature that are applied to a room profile. The end of meeting reminder enables Alexa to remind users when a meeting is ending.
InstantBooking instantBooking
Settings to automatically book the room if available for a configured duration when joining a meeting with Alexa.
RequireCheckIn requireCheckIn
Settings for requiring a check in when a room is reserved. Alexa can cancel a room reservation if it's not checked into. This makes the room available for others. Users can check in by joining the meeting with Alexa or an AVS device, or by saying “Alexa, check in.”
ProactiveJoin proactiveJoin
String requirePin
The values that indicate whether the pin is always required.
String networkProfileArn
The ARN of the network profile associated with a device.
String networkProfileName
The name of the network profile associated with a device.
String description
Detailed information about a device's network profile.
String ssid
The SSID of the Wi-Fi network.
String securityType
The security type of the Wi-Fi network. This can be WPA2_ENTERPRISE, WPA2_PSK, WPA_PSK, WEP, or OPEN.
String eapMethod
The authentication standard that is used in the EAP framework. Currently, EAP_TLS is supported.
String currentPassword
The current password of the Wi-Fi network.
String nextPassword
The next, or subsequent, password of the Wi-Fi network. This password is asynchronously transmitted to the device and is used when the password of the network changes to NextPassword.
String certificateAuthorityArn
The ARN of the Private Certificate Authority (PCA) created in AWS Certificate Manager (ACM). This is used to issue certificates to the devices.
List<E> trustAnchors
The root certificates of your authentication server, which is installed on your devices and used to trust your authentication server during EAP negotiation.
String networkProfileArn
The ARN of the network profile associated with a device.
String networkProfileName
The name of the network profile associated with a device.
String description
Detailed information about a device's network profile.
String ssid
The SSID of the Wi-Fi network.
String securityType
The security type of the Wi-Fi network. This can be WPA2_ENTERPRISE, WPA2_PSK, WPA_PSK, WEP, or OPEN.
String eapMethod
The authentication standard that is used in the EAP framework. Currently, EAP_TLS is supported.
String certificateAuthorityArn
The ARN of the Private Certificate Authority (PCA) created in AWS Certificate Manager (ACM). This is used to issue certificates to the devices.
Boolean enabledByMotion
String profileArn
The ARN of a room profile.
String profileName
The name of a room profile.
Boolean isDefault
Retrieves if the profile is default or not.
String address
The address of a room profile.
String timezone
The time zone of a room profile.
String distanceUnit
The distance unit of a room profile.
String temperatureUnit
The temperature unit of a room profile.
String wakeWord
The wake word of a room profile.
String locale
The locale of a room profile. (This is currently available only to a limited preview audience.)
Boolean setupModeDisabled
The setup mode of a room profile.
Integer maxVolumeLimit
The max volume limit of a room profile.
Boolean pSTNEnabled
The PSTN setting of a room profile.
Boolean dataRetentionOptIn
Whether data retention of the profile is enabled.
String addressBookArn
The ARN of the address book.
MeetingRoomConfiguration meetingRoomConfiguration
Meeting room settings of a room profile.
String profileArn
The ARN of a room profile.
String profileName
The name of a room profile.
Boolean isDefault
Retrieves if the profile data is default or not.
String address
The address of a room profile.
String timezone
The time zone of a room profile.
String distanceUnit
The distance unit of a room profile.
String temperatureUnit
The temperature unit of a room profile.
String wakeWord
The wake word of a room profile.
String locale
The locale of a room profile. (This is currently available only to a limited preview audience.)
String countryCode
The zip code.
String phoneNumber
The phone number to call to join the conference.
String oneClickIdDelay
The delay duration before Alexa enters the conference ID with dual-tone multi-frequency (DTMF). Each number on the dial pad corresponds to a DTMF tone, which is how we send data over the telephone network.
String oneClickPinDelay
The delay duration before Alexa enters the conference pin with dual-tone multi-frequency (DTMF). Each number on the dial pad corresponds to a DTMF tone, which is how we send data over the telephone network.
ConferencePreference conferencePreference
The conference preference of a specific conference provider.
String organizationName
The name of the organization sending the enrollment invite to a user.
String contactEmail
The email ID of the organization or individual contact that the enrolled user can use.
List<E> privateSkillIds
The list of private skill IDs that you want to recommend to the user to enable in the invitation.
String roomArn
The ARN of the room associated with the room skill parameter. Required.
String skillId
The ARN of the skill associated with the room skill parameter. Required.
RoomSkillParameter roomSkillParameter
The updated room skill parameter. Required.
Map<K,V> authorizationResult
The authorization result specific to OAUTH code grant output. "Code” must be populated in the AuthorizationResult map to establish the authorization.
String skillId
The unique identifier of a skill.
String roomArn
The room that the skill is authorized for.
String clientId
The client ID of the OEM used for code-based linking authorization on an AVS device.
String userCode
The code that is obtained after your AVS device has made a POST request to LWA as a part of the Device Authorization Request component of the OAuth code-based linking specification.
String productId
The product ID used to identify your AVS device during authorization.
String deviceSerialNumber
The key generated by the OEM that uniquely identifies a specified instance of your AVS device.
String amazonId
The device type ID for your AVS device generated by Amazon when the OEM creates a new product on Amazon's Developer Console.
String roomArn
The Amazon Resource Name (ARN) of the room with which to associate your AVS device.
List<E> tags
The tags to be added to the specified resource. Do not provide system tags.
String deviceArn
The ARN of the device.
String skillId
The unique identifier of the skill.
String clientRequestToken
String roomArn
The ARN of a room.
String roomName
The name of a room.
String description
The description of a room.
String providerCalendarId
The provider calendar ARN of a room.
String profileArn
The profile ARN of a room.
String profileName
The profile name of a room.
List<E> filters
The filters to use to list a specified set of address books. The supported filter key is AddressBookName.
List<E> sortCriteria
The sort order to use in listing the specified set of address books. The supported sort key is AddressBookName.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response only includes results beyond the token, up to the value specified by MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
List<E> filters
The filters to use to list a specified set of address books. The supported filter keys are DisplayName, FirstName, LastName, and AddressBookArns.
List<E> sortCriteria
The sort order to use in listing the specified set of contacts. The supported sort keys are DisplayName, FirstName, and LastName.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response only includes results beyond the token, up to the value specified by MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
List<E> filters
The filters to use to list a specified set of devices. Supported filter keys are DeviceName, DeviceStatus, DeviceStatusDetailCode, RoomName, DeviceType, DeviceSerialNumber, UnassociatedOnly, ConnectionStatus (ONLINE and OFFLINE), NetworkProfileName, NetworkProfileArn, Feature, and FailureCode.
List<E> sortCriteria
The sort order to use in listing the specified set of devices. Supported sort keys are DeviceName, DeviceStatus, RoomName, DeviceType, DeviceSerialNumber, ConnectionStatus, NetworkProfileName, NetworkProfileArn, Feature, and FailureCode.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified MaxResults value, a token is included in the response so that the remaining results can be retrieved.
List<E> filters
The filters to use to list a specified set of network profiles. Valid filters are NetworkProfileName, Ssid, and SecurityType.
List<E> sortCriteria
The sort order to use to list the specified set of network profiles. Valid sort criteria includes NetworkProfileName, Ssid, and SecurityType.
List<E> networkProfiles
The network profiles that meet the specified set of filter criteria, in sort order. It is a list of NetworkProfileData objects.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If this parameter is specified, the response includes only results beyond the token, up to the value specified by MaxResults.
Integer totalCount
The total number of network profiles returned.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
List<E> filters
The filters to use to list a specified set of room profiles. Supported filter keys are ProfileName and Address. Required.
List<E> sortCriteria
The sort order to use in listing the specified set of room profiles. Supported sort keys are ProfileName and Address.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
List<E> filters
The filters to use to list a specified set of rooms. The supported filter keys are RoomName and ProfileName.
List<E> sortCriteria
The sort order to use in listing the specified set of rooms. The supported sort keys are RoomName and ProfileName.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults. Required.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved.
List<E> filters
The filters to use to list a specified set of skill groups. The supported filter key is SkillGroupName.
List<E> sortCriteria
The sort order to use in listing the specified set of skill groups. The supported sort key is SkillGroupName.
String nextToken
An optional token returned from a prior request. Use this token for pagination of results from this action. If
this parameter is specified, the response includes only results beyond the token, up to the value specified by
MaxResults. Required.
Integer maxResults
The maximum number of results to include in the response. If more results exist than the specified
MaxResults value, a token is included in the response so that the remaining results can be
retrieved. Required.
List<E> filters
The filters to use for listing a specific set of users. Required. Supported filter keys are UserId, FirstName, LastName, Email, and EnrollmentStatus.
List<E> sortCriteria
The sort order to use in listing the filtered set of users. Required. Supported sort keys are UserId, FirstName, LastName, Email, and EnrollmentStatus.
List<E> roomFilters
The filters to use to send an announcement to a specified list of rooms. The supported filter keys are RoomName, ProfileName, RoomArn, and ProfileArn. To send to all rooms, specify an empty RoomFilters list.
Content content
The announcement content. This can contain only one of the three possible announcement types (text, SSML or audio).
Integer timeToLiveInSeconds
The time to live for an announcement. Default is 300. If delivery doesn't occur within this time, the announcement is not delivered.
String clientRequestToken
The unique, user-specified identifier for the request that ensures idempotency.
String announcementArn
The identifier of the announcement.
String userArn
The ARN of the user to whom to send an invitation. Required.
String productDescription
The description of the product.
String invocationPhrase
The phrase used to trigger the skill.
String releaseDate
The date when the skill was released.
String endUserLicenseAgreement
The URL of the end user license agreement.
List<E> genericKeywords
The generic keywords associated with the skill that can be used to find a skill.
List<E> bulletPoints
The details about what the skill supports organized as bullet points.
List<E> newInThisVersionBulletPoints
The updates added in bullet points.
List<E> skillTypes
The types of skills.
Map<K,V> reviews
This member has been deprecated.
The list of reviews for the skill, including Key and Value pair.
DeveloperInfo developerInfo
The details about the developer that published the skill.
String skillId
The ARN of the skill.
String skillName
The name of the skill.
String shortDescription
Short description about the skill.
String iconUrl
The URL where the skill icon resides.
List<E> sampleUtterances
Sample utterances that interact with the skill.
SkillDetails skillDetails
Information about the skill.
Boolean supportsLinking
Linking support for a skill.
String skillId
The ARN of the skill summary.
String skillName
The name of the skill.
Boolean supportsLinking
Linking support for a skill.
String enablementType
Whether the skill is enabled under the user's account, or if it requires linking to be used.
String skillType
Whether the skill is publicly available or is a private skill.
String roomArn
The room where smart home appliance discovery was initiated.
String scheduleArn
The ARN of the business report schedule.
String s3BucketName
The S3 location of the output reports.
String s3KeyPrefix
The S3 key where the report is delivered.
String format
The format of the generated report (individual CSV files or zipped files of individual files).
String scheduleName
The name identifier of the schedule.
BusinessReportRecurrence recurrence
The recurrence of the reports.
String conferenceProviderArn
The ARN of the conference provider.
String conferenceProviderType
The type of the conference provider.
IPDialIn iPDialIn
The IP endpoint and protocol for calling.
PSTNDialIn pSTNDialIn
The information for PSTN conferencing.
MeetingSetting meetingSetting
The meeting settings for the conference provider.
String contactArn
The ARN of the contact to update.
String displayName
The updated display name of the contact.
String firstName
The updated first name of the contact.
String lastName
The updated last name of the contact.
String phoneNumber
The updated phone number of the contact. The phone number type defaults to WORK. You can either specify PhoneNumber or PhoneNumbers. We recommend that you use PhoneNumbers, which lets you specify the phone number type and multiple numbers.
List<E> phoneNumbers
The list of phone numbers for the contact.
List<E> sipAddresses
The list of SIP addresses for the contact.
List<E> reminderAtMinutes
Updates settings for the end of meeting reminder feature that are applied to a room profile. The end of meeting reminder enables Alexa to remind users when a meeting is ending.
String reminderType
The type of sound that users hear during the end of meeting reminder.
Boolean enabled
Whether an end of meeting reminder is enabled or not.
String gatewayArn
The ARN of the gateway to update.
String name
The updated name of the gateway.
String description
The updated description of the gateway.
String softwareVersion
The updated software version of the gateway. The gateway automatically updates its software version during normal operation.
Boolean roomUtilizationMetricsEnabled
Whether room utilization metrics are enabled or not.
UpdateEndOfMeetingReminder endOfMeetingReminder
Settings for the end of meeting reminder feature that are applied to a room profile. The end of meeting reminder enables Alexa to remind users when a meeting is ending.
UpdateInstantBooking instantBooking
Settings to automatically book an available room available for a configured duration when joining a meeting with Alexa.
UpdateRequireCheckIn requireCheckIn
Settings for requiring a check in when a room is reserved. Alexa can cancel a room reservation if it's not checked into to make the room available for others. Users can check in by joining the meeting with Alexa or an AVS device, or by saying “Alexa, check in.”
UpdateProactiveJoin proactiveJoin
String networkProfileArn
The ARN of the network profile associated with a device.
String networkProfileName
The name of the network profile associated with a device.
String description
Detailed information about a device's network profile.
String currentPassword
The current password of the Wi-Fi network.
String nextPassword
The next, or subsequent, password of the Wi-Fi network. This password is asynchronously transmitted to the device and is used when the password of the network changes to NextPassword.
String certificateAuthorityArn
The ARN of the Private Certificate Authority (PCA) created in AWS Certificate Manager (ACM). This is used to issue certificates to the devices.
List<E> trustAnchors
The root certificate(s) of your authentication server that will be installed on your devices and used to trust your authentication server during EAP negotiation.
Boolean enabledByMotion
String profileArn
The ARN of the room profile to update. Required.
String profileName
The updated name for the room profile.
Boolean isDefault
Sets the profile as default if selected. If this is missing, no update is done to the default status.
String timezone
The updated timezone for the room profile.
String address
The updated address for the room profile.
String distanceUnit
The updated distance unit for the room profile.
String temperatureUnit
The updated temperature unit for the room profile.
String wakeWord
The updated wake word for the room profile.
String locale
The updated locale for the room profile. (This is currently only available to a limited preview audience.)
Boolean setupModeDisabled
Whether the setup mode of the profile is enabled.
Integer maxVolumeLimit
The updated maximum volume limit for the room profile.
Boolean pSTNEnabled
Whether the PSTN setting of the room profile is enabled.
Boolean dataRetentionOptIn
Whether data retention of the profile is enabled.
UpdateMeetingRoomConfiguration meetingRoomConfiguration
The updated meeting room settings of a room profile.
String roomArn
The ARN of the room to update.
String roomName
The updated name for the room.
String description
The updated description for the room.
String providerCalendarId
The updated provider calendar ARN for the room.
String profileArn
The updated profile ARN for the room.
String userArn
The ARN of a user.
String firstName
The first name of a user.
String lastName
The last name of a user.
String email
The email of a user.
String enrollmentStatus
The enrollment status of a user.
String enrollmentId
The enrollment ARN of a user.
String appId
The unique ID of the Amplify app.
String appArn
The Amazon Resource Name (ARN) of the Amplify app.
String name
The name for the Amplify app.
Map<K,V> tags
The tag for the Amplify app.
String description
The description for the Amplify app.
String repository
The Git repository for the Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
Date createTime
Creates a date and time for the Amplify app.
Date updateTime
Updates the date and time for the Amplify app.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) of the Amplify app.
Map<K,V> environmentVariables
The environment variables for the Amplify app.
String defaultDomain
The default domain for the Amplify app.
Boolean enableBranchAutoBuild
Enables the auto-building of branches for the Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnect a branch in the Amplify Console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for the Amplify app's branches.
String basicAuthCredentials
The basic authorization credentials for branches for the Amplify app. You must base64-encode the authorization
credentials and provide them in the format user:password.
List<E> customRules
Describes the custom redirect and rewrite rules for the Amplify app.
ProductionBranch productionBranch
Describes the information about a production branch of the Amplify app.
String buildSpec
Describes the content of the build specification (build spec) for the Amplify app.
String customHeaders
Describes the custom HTTP headers for the Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for the Amplify app.
List<E> autoBranchCreationPatterns
Describes the automated branch creation glob patterns for the Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
Describes the automated branch creation configuration for the Amplify app.
String repositoryCloneMethod
This is for internal use.
The Amplify service uses this parameter to specify the authentication protocol to use to access the Git
repository for an Amplify app. Amplify specifies TOKEN for a GitHub repository, SIGV4
for an Amazon Web Services CodeCommit repository, and SSH for GitLab and Bitbucket repositories.
String stage
Describes the current stage for the autocreated branch.
String framework
The framework for the autocreated branch.
Boolean enableAutoBuild
Enables auto building for the autocreated branch.
Map<K,V> environmentVariables
The environment variables for the autocreated branch.
String basicAuthCredentials
The basic authorization credentials for the autocreated branch. You must base64-encode the authorization
credentials and provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the autocreated branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String buildSpec
The build specification (build spec) for the autocreated branch.
Boolean enablePullRequestPreview
Enables pull request previews for the autocreated branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
String environmentName
The name for a backend environment that is part of an Amplify app.
String stackName
The AWS CloudFormation stack name of a backend environment.
String deploymentArtifacts
The name of deployment artifacts.
Date createTime
The creation date and time for a backend environment that is part of an Amplify app.
Date updateTime
The last updated date and time for a backend environment that is part of an Amplify app.
String branchArn
The Amazon Resource Name (ARN) for a branch that is part of an Amplify app.
String branchName
The name for the branch that is part of an Amplify app.
String description
The description for the branch that is part of an Amplify app.
Map<K,V> tags
The tag for the branch of an Amplify app.
String stage
The current stage for the branch that is part of an Amplify app.
String displayName
The display name for the branch. This is used as the default domain prefix.
Boolean enableNotification
Enables notifications for a branch that is part of an Amplify app.
Date createTime
The creation date and time for a branch that is part of an Amplify app.
Date updateTime
The last updated date and time for a branch that is part of an Amplify app.
Map<K,V> environmentVariables
The environment variables specific to a branch of an Amplify app.
Boolean enableAutoBuild
Enables auto-building on push for a branch of an Amplify app.
List<E> customDomains
The custom domains for a branch of an Amplify app.
String framework
The framework for a branch of an Amplify app.
String activeJobId
The ID of the active job for a branch of an Amplify app.
String totalNumberOfJobs
The total number of jobs that are part of an Amplify app.
Boolean enableBasicAuth
Enables basic authorization for a branch of an Amplify app.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String thumbnailUrl
The thumbnail URL for the branch of an Amplify app.
String basicAuthCredentials
The basic authorization credentials for a branch of an Amplify app. You must base64-encode the authorization
credentials and provide them in the format user:password.
String buildSpec
The build specification (build spec) content for the branch of an Amplify app.
String ttl
The content Time to Live (TTL) for the website in seconds.
List<E> associatedResources
A list of custom resources that are linked to this branch.
Boolean enablePullRequestPreview
Enables pull request previews for the branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String destinationBranch
The destination branch if the branch is a pull request branch.
String sourceBranch
The source branch if the branch is a pull request branch.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
String name
The name for an Amplify app.
String description
The description for an Amplify app.
String repository
The repository for an Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for an Amplify app.
String oauthToken
The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.
Use oauthToken for repository providers other than GitHub, such as Bitbucket or CodeCommit. To
authorize access to GitHub as your repository provider, use accessToken.
You must specify either oauthToken or accessToken when you create a new app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
String accessToken
The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.
Use accessToken for GitHub repositories only. To authorize access to a repository provider such as
Bitbucket or CodeCommit, use oauthToken.
You must specify either accessToken or oauthToken when you create a new app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
Map<K,V> environmentVariables
The environment variables map for an Amplify app.
Boolean enableBranchAutoBuild
Enables the auto building of branches for an Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for an Amplify app. This will apply to all branches that are part of this app.
String basicAuthCredentials
The credentials for basic authorization for an Amplify app. You must base64-encode the authorization credentials
and provide them in the format user:password.
List<E> customRules
The custom rewrite and redirect rules for an Amplify app.
Map<K,V> tags
The tag for an Amplify app.
String buildSpec
The build specification (build spec) for an Amplify app.
String customHeaders
The custom HTTP headers for an Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for an Amplify app.
List<E> autoBranchCreationPatterns
The automated branch creation glob patterns for an Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
The automated branch creation configuration for an Amplify app.
App app
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
String appId
The unique ID for an Amplify app.
String branchName
The name for the branch.
String description
The description for the branch.
String stage
Describes the current stage for the branch.
String framework
The framework for the branch.
Boolean enableNotification
Enables notifications for the branch.
Boolean enableAutoBuild
Enables auto building for the branch.
Map<K,V> environmentVariables
The environment variables for the branch.
String basicAuthCredentials
The basic authorization credentials for the branch. You must base64-encode the authorization credentials and
provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
Map<K,V> tags
The tag for the branch.
String buildSpec
The build specification (build spec) for the branch.
String ttl
The content Time To Live (TTL) for the website in seconds.
String displayName
The display name for a branch. This is used as the default domain prefix.
Boolean enablePullRequestPreview
Enables pull request previews for this branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
Branch branch
Describes the branch for an Amplify app, which maps to a third-party repository branch.
String appId
The unique ID for an Amplify app.
String branchName
The name for the branch, for the job.
Map<K,V> fileMap
An optional file map that contains the file name as the key and the file content md5 hash as the value. If this argument is provided, the service will generate a unique upload URL per file. Otherwise, the service will only generate a single upload URL for the zipped files.
String jobId
The job ID for this deployment. will supply to start deployment api.
Map<K,V> fileUploadUrls
When the fileMap argument is provided in the request, fileUploadUrls will contain a map
of file names to upload URLs.
String zipUploadUrl
When the fileMap argument is not provided in the request, this zipUploadUrl is
returned.
String appId
The unique ID for an Amplify app.
String domainName
The domain name for the domain association.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> subDomainSettings
The setting for the subdomain.
List<E> autoSubDomainCreationPatterns
Sets the branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
DomainAssociation domainAssociation
Describes the structure of a domain association, which associates a custom domain with an Amplify app.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String source
The source pattern for a URL rewrite or redirect rule.
String target
The target pattern for a URL rewrite or redirect rule.
String status
The status code for a URL rewrite or redirect rule.
Represents a 200 rewrite rule.
Represents a 301 (moved pemanently) redirect rule. This and all future requests should be directed to the target URL.
Represents a 302 temporary redirect rule.
Represents a 404 redirect rule.
Represents a 404 rewrite rule.
String condition
The condition for a URL rewrite or redirect rule, such as a country code.
String appId
The unique ID for an Amplify app.
App app
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
Branch branch
The branch for an Amplify app, which maps to a third-party repository branch.
DomainAssociation domainAssociation
JobSummary jobSummary
String webhookId
The unique ID for a webhook.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String domainAssociationArn
The Amazon Resource Name (ARN) for the domain association.
String domainName
The name of the domain.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> autoSubDomainCreationPatterns
Sets branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
String domainStatus
The current status of the domain association.
String statusReason
The reason for the current status of the domain association.
String certificateVerificationDNSRecord
The DNS record for certificate verification.
List<E> subDomains
The subdomains for the domain association.
Date startTime
The time at which the logs should start. The time range specified is inclusive of the start time.
Date endTime
The time at which the logs should end. The time range specified is inclusive of the end time.
String domainName
The name of the domain.
String appId
The unique ID for an Amplify app.
String logUrl
The pre-signed URL for the requested access logs.
String appId
The unique ID for an Amplify app.
App app
String artifactId
The unique ID for an artifact.
BackendEnvironment backendEnvironment
Describes the backend environment for an Amplify app.
Branch branch
DomainAssociation domainAssociation
Describes the structure of a domain association, which associates a custom domain with an Amplify app.
Job job
String webhookId
The unique ID for a webhook.
Webhook webhook
Describes the structure of a webhook.
JobSummary summary
Describes the summary for an execution job for an Amplify app.
List<E> steps
The execution steps for an execution job, for an Amplify app.
String jobArn
The Amazon Resource Name (ARN) for the job.
String jobId
The unique ID for the job.
String commitId
The commit ID from a third-party repository provider for the job.
String commitMessage
The commit message from a third-party repository provider for the job.
Date commitTime
The commit date and time for the job.
Date startTime
The start date and time for the job.
String status
The current status for the job.
Date endTime
The end date and time for the job.
String jobType
The type for the job. If the value is RELEASE, the job was manually released from its source by
using the StartJob API. If the value is RETRY, the job was manually retried using the
StartJob API. If the value is WEB_HOOK, the job was automatically triggered by
webhooks.
String appId
The unique ID for an Amplify app.
String branchName
The name of a branch that is part of an Amplify app.
String jobId
The unique ID for a job.
String nextToken
A pagination token. Set to null to start listing artifacts from start. If a non-null pagination token is returned in a result, pass its value in here to list more artifacts.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String environmentName
The name of the backend environment
String nextToken
A pagination token. Set to null to start listing backend environments from the start. If a non-null pagination token is returned in a result, pass its value in here to list more backend environments.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing branches from the start. If a non-null pagination token is returned in a result, pass its value in here to list more branches.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing apps from the start. If non-null, a pagination token is returned in a result. Pass its value in here to list more projects.
Integer maxResults
The maximum number of records to list in a single response.
String appId
The unique ID for an Amplify app.
String branchName
The name for a branch.
String nextToken
A pagination token. Set to null to start listing steps from the start. If a non-null pagination token is returned in a result, pass its value in here to list more steps.
Integer maxResults
The maximum number of records to list in a single response.
String resourceArn
The Amazon Resource Name (ARN) to use to list tags.
String appId
The unique ID for an Amplify app.
String nextToken
A pagination token. Set to null to start listing webhooks from the start. If non-null,the pagination token is returned in a result. Pass its value in here to list more webhooks.
Integer maxResults
The maximum number of records to list in a single response.
String code
String appId
The unique ID for an Amplify app.
String branchName
The name for the branch, for the job.
String jobId
The job ID for this deployment, generated by the create deployment request.
String sourceUrl
The source URL for this deployment, used when calling start deployment without create deployment. The source URL can be any HTTP GET URL that is publicly accessible and downloads a single .zip file.
JobSummary jobSummary
The summary for the job.
String appId
The unique ID for an Amplify app.
String branchName
The branch name for the job.
String jobId
The unique ID for an existing job. This is required if the value of jobType is RETRY.
String jobType
Describes the type for the job. The job type RELEASE starts a new job with the latest change from
the specified branch. This value is available only for apps that are connected to a repository. The job type
RETRY retries an existing job. If the job type value is RETRY, the jobId
is also required.
String jobReason
A descriptive reason for starting this job.
String commitId
The commit ID from a third-party repository provider for the job.
String commitMessage
The commit message from a third-party repository provider for the job.
Date commitTime
The commit date and time for the job.
JobSummary jobSummary
The summary for the job.
String stepName
The name of the execution step.
Date startTime
The start date and time of the execution step.
String status
The status of the execution step.
Date endTime
The end date and time of the execution step.
String logUrl
The URL to the logs for the execution step.
String artifactsUrl
The URL to the artifact for the execution step.
String testArtifactsUrl
The URL to the test artifact for the execution step.
String testConfigUrl
The URL to the test configuration for the execution step.
Map<K,V> screenshots
The list of screenshot URLs for the execution step, if relevant.
String statusReason
The reason for the current step status.
String context
The context for the current step. Includes a build image if the step is build.
JobSummary jobSummary
The summary for the job.
SubDomainSetting subDomainSetting
Describes the settings for the subdomain.
Boolean verified
The verified status of the subdomain
String dnsRecord
The DNS record for the subdomain.
String appId
The unique ID for an Amplify app.
String name
The name for an Amplify app.
String description
The description for an Amplify app.
String platform
The platform for the Amplify app. For a static app, set the platform type to WEB. For a dynamic
server-side rendered (SSR) app, set the platform type to WEB_COMPUTE. For an app requiring Amplify
Hosting's original SSR support only, set the platform type to WEB_DYNAMIC.
String iamServiceRoleArn
The AWS Identity and Access Management (IAM) service role for an Amplify app.
Map<K,V> environmentVariables
The environment variables for an Amplify app.
Boolean enableBranchAutoBuild
Enables branch auto-building for an Amplify app.
Boolean enableBranchAutoDeletion
Automatically disconnects a branch in the Amplify Console when you delete a branch from your Git repository.
Boolean enableBasicAuth
Enables basic authorization for an Amplify app.
String basicAuthCredentials
The basic authorization credentials for an Amplify app. You must base64-encode the authorization credentials and
provide them in the format user:password.
List<E> customRules
The custom redirect and rewrite rules for an Amplify app.
String buildSpec
The build specification (build spec) for an Amplify app.
String customHeaders
The custom HTTP headers for an Amplify app.
Boolean enableAutoBranchCreation
Enables automated branch creation for an Amplify app.
List<E> autoBranchCreationPatterns
Describes the automated branch creation glob patterns for an Amplify app.
AutoBranchCreationConfig autoBranchCreationConfig
The automated branch creation configuration for an Amplify app.
String repository
The name of the repository for an Amplify app
String oauthToken
The OAuth token for a third-party source control system for an Amplify app. The OAuth token is used to create a webhook and a read-only deploy key using SSH cloning. The OAuth token is not stored.
Use oauthToken for repository providers other than GitHub, such as Bitbucket or CodeCommit.
To authorize access to GitHub as your repository provider, use accessToken.
You must specify either oauthToken or accessToken when you update an app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
String accessToken
The personal access token for a GitHub repository for an Amplify app. The personal access token is used to authorize access to a GitHub repository using the Amplify GitHub App. The token is not stored.
Use accessToken for GitHub repositories only. To authorize access to a repository provider such as
Bitbucket or CodeCommit, use oauthToken.
You must specify either accessToken or oauthToken when you update an app.
Existing Amplify apps deployed from a GitHub repository using OAuth continue to work with CI/CD. However, we strongly recommend that you migrate these apps to use the GitHub App. For more information, see Migrating an existing OAuth app to the Amplify GitHub App in the Amplify User Guide .
App app
Represents the updated Amplify app.
String appId
The unique ID for an Amplify app.
String branchName
The name for the branch.
String description
The description for the branch.
String framework
The framework for the branch.
String stage
Describes the current stage for the branch.
Boolean enableNotification
Enables notifications for the branch.
Boolean enableAutoBuild
Enables auto building for the branch.
Map<K,V> environmentVariables
The environment variables for the branch.
String basicAuthCredentials
The basic authorization credentials for the branch. You must base64-encode the authorization credentials and
provide them in the format user:password.
Boolean enableBasicAuth
Enables basic authorization for the branch.
Boolean enablePerformanceMode
Enables performance mode for the branch.
Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out.
String buildSpec
The build specification (build spec) for the branch.
String ttl
The content Time to Live (TTL) for the website in seconds.
String displayName
The display name for a branch. This is used as the default domain prefix.
Boolean enablePullRequestPreview
Enables pull request previews for this branch.
String pullRequestEnvironmentName
The Amplify environment name for the pull request.
String backendEnvironmentArn
The Amazon Resource Name (ARN) for a backend environment that is part of an Amplify app.
Branch branch
The branch for an Amplify app, which maps to a third-party repository branch.
String appId
The unique ID for an Amplify app.
String domainName
The name of the domain.
Boolean enableAutoSubDomain
Enables the automated creation of subdomains for branches.
List<E> subDomainSettings
Describes the settings for the subdomain.
List<E> autoSubDomainCreationPatterns
Sets the branch patterns for automatic subdomain creation.
String autoSubDomainIAMRole
The required AWS Identity and Access Management (IAM) service role for the Amazon Resource Name (ARN) for automatically creating subdomains.
DomainAssociation domainAssociation
Describes a domain association, which associates a custom domain with an Amplify app.
Webhook webhook
Describes a webhook that connects repository events to an Amplify app.
String webhookArn
The Amazon Resource Name (ARN) for the webhook.
String webhookId
The ID of the webhook.
String webhookUrl
The URL of the webhook.
String branchName
The name for a branch that is part of an Amplify app.
String description
The description for a webhook.
Date createTime
The create date and time for a webhook.
Date updateTime
Updates the date and time for a webhook.
String cognitoUserPoolId
The Amazon Cognito user pool ID, if Amazon Cognito was used as an authentication setting to access your data models.
String description
The API key description for API_KEY, if it was used as an authentication mechanism to access your data models.
Double expirationTime
The API key expiration time for API_KEY, if it was used as an authentication mechanism to access your data models.
String openIDAuthTTL
The expiry time for the OpenID authentication mechanism.
String openIDClientId
The clientID for openID, if openID was used as an authentication setting to access your data models.
String openIDIatTTL
The expiry time for the OpenID authentication mechanism.
String openIDIssueURL
The openID issuer URL, if openID was used as an authentication setting to access your data models.
String openIDProviderName
The OpenID provider name, if OpenID was used as an authentication mechanism to access your data models.
String mode
Describes the authentication mode.
BackendAPIAppSyncAuthSettings settings
Describes settings for the authentication mode.
String resolutionStrategy
The strategy for conflict resolution.
List<E> additionalAuthTypes
Additional authentication methods used to interact with your data models.
String apiName
The API name used to interact with the data model, configured as a part of your Amplify project.
BackendAPIConflictResolution conflictResolution
The conflict resolution strategy for your data stored in the data models.
BackendAPIAuthType defaultAuthType
The default authentication type for interacting with the configured data models in your Amplify project.
String service
The service used to provision and interact with the data model.
String transformSchema
The definition of the data model in the annotated transform of the GraphQL schema.
String clientId
Describes the client_id (also called Services ID) that comes from Apple.
String keyId
Describes the key_id that comes from Apple.
String privateKey
Describes the private_key that comes from Apple.
String teamId
Describes the team_id that comes from Apple.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String createTime
The time when the job was created.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String updateTime
The time when the job was last updated.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
The resource configuration for this request.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String deliveryMethod
(DEPRECATED) Describes which mode to use (either SMS or email) to deliver messages to app users who want to recover their password.
EmailSettings emailSettings
(DEPRECATED) The configuration for the email sent when an app user forgets their password.
SmsSettings smsSettings
(DEPRECATED) The configuration for the SMS message sent when an app user forgets their password.
String domainPrefix
The domain prefix for your Amplify app.
String oAuthGrantType
The OAuth grant type that you use to allow app users to authenticate from your Amplify app.
List<E> oAuthScopes
List of OAuth-related flows used to allow your app users to authenticate from your Amplify app.
List<E> redirectSignInURIs
The redirected URI for signing in to your Amplify app.
List<E> redirectSignOutURIs
Redirect URLs that OAuth uses when a user signs out of an Amplify app.
SocialProviderSettings socialProviderSettings
The settings for using social providers to access your Amplify app.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
CreateBackendAuthResourceConfig resourceConfig
The resource configuration for this request object.
String resourceName
The name of this resource.
String authResources
Defines whether you want to configure only authentication or both authentication and authorization settings.
CreateBackendAuthIdentityPoolConfig identityPoolConfigs
Describes the authorization configuration for the Amazon Cognito identity pool, provisioned as a part of your auth resource in the Amplify project.
String service
Defines the service name to use when configuring an authentication resource in your Amplify project.
CreateBackendAuthUserPoolConfig userPoolConfigs
Describes authentication configuration for the Amazon Cognito user pool, provisioned as a part of your auth resource in the Amplify project.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
CreateBackendAuthForgotPasswordConfig forgotPassword
(DEPRECATED) Describes the forgotten password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
CreateBackendAuthMFAConfig mfa
Describes whether to apply multi-factor authentication policies for your Amazon Cognito user pool configured as a part of your Amplify project.
CreateBackendAuthOAuthConfig oAuth
Describes the OAuth policy and rules for your Amazon Cognito user pool, configured as a part of your Amplify project.
CreateBackendAuthPasswordPolicyConfig passwordPolicy
Describes the password policy for your Amazon Cognito user pool, configured as a part of your Amplify project.
List<E> requiredSignUpAttributes
The required attributes to sign up new users in the user pool.
String signInMethod
Describes the sign-in methods that your Amplify app users use to log in using the Amazon Cognito user pool, configured as a part of your Amplify project.
String userPoolName
The Amazon Cognito user pool name.
CreateBackendAuthVerificationMessageConfig verificationMessage
Describes the email or SMS verification message for your Amazon Cognito user pool, configured as a part of your Amplify project.
String deliveryMethod
The type of verification message to send.
EmailSettings emailSettings
The settings for the email message.
SmsSettings smsSettings
The settings for the SMS message.
String appId
The app ID.
String appName
The name of the app.
String backendEnvironmentName
The name of the backend environment.
ResourceConfig resourceConfig
The resource configuration for creating a backend.
String resourceName
The name of the resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
CreateBackendStorageResourceConfig resourceConfig
The resource configuration for creating backend storage.
String resourceName
The name of the storage resource.
String bucketName
The name of the S3 bucket.
BackendStoragePermissions permissions
The authorization configuration for the storage S3 bucket.
String serviceName
The name of the storage service.
String appId
The app ID.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
BackendAPIResourceConfig resourceConfig
Defines the resource configuration for the data model in your Amplify project.
String resourceName
The name of this resource.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.
String appId
The app ID.
String backendEnvironmentName
The name of the backend environment.
String error
If the request fails, this error is returned.
String jobId
The ID for the job.
String operation
The name of the operation.
String status
The current status of the request.