{ "smithy": "1.0", "metadata": { "suppressions": [ { "id": "HttpMethodSemantics", "namespace": "*" }, { "id": "HttpResponseCodeSemantics", "namespace": "*" }, { "id": "PaginatedTrait", "namespace": "*" }, { "id": "HttpHeaderTrait", "namespace": "*" }, { "id": "HttpUriConflict", "namespace": "*" }, { "id": "Service", "namespace": "*" } ] }, "shapes": { "com.amazonaws.route53resolver#AccessDeniedException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "
The current account doesn't have the IAM permissions required to perform the specified Resolver operation.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#AccountId": { "type": "string", "traits": { "smithy.api#length": { "min": 12, "max": 32 } } }, "com.amazonaws.route53resolver#Action": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "ALLOW", "name": "ALLOW" }, { "value": "BLOCK", "name": "BLOCK" }, { "value": "ALERT", "name": "ALERT" } ] } }, "com.amazonaws.route53resolver#Arn": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 255 } } }, "com.amazonaws.route53resolver#AssociateFirewallRuleGroup": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#AssociateFirewallRuleGroupRequest" }, "output": { "target": "com.amazonaws.route53resolver#AssociateFirewallRuleGroupResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#ConflictException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Associates a FirewallRuleGroup with a VPC, to provide DNS filtering for the VPC.
" } }, "com.amazonaws.route53resolver#AssociateFirewallRuleGroupRequest": { "type": "structure", "members": { "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request and that allows failed requests \n to be retried without the risk of executing the operation twice. \n CreatorRequestId
can be any unique string, for example, a date/time stamp.
The unique identifier of the firewall rule group.
", "smithy.api#required": {} } }, "VpcId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the VPC that you want to associate with the rule group.
", "smithy.api#required": {} } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall \n filters VPC traffic starting from rule group with the lowest numeric priority setting.
\nYou must specify a unique priority for each rule group that you associate with a single VPC. \n To make it easier to insert rule groups later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for a rule group association after you create it.
", "smithy.api#required": {} } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "A name that lets you identify the association, to manage and use it.
", "smithy.api#required": {} } }, "MutationProtection": { "target": "com.amazonaws.route53resolver#MutationProtectionStatus", "traits": { "smithy.api#documentation": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections. \n When you create the association, the default setting is DISABLED
.
A list of the tag keys and values that you want to associate with the rule group association.
" } } } }, "com.amazonaws.route53resolver#AssociateFirewallRuleGroupResponse": { "type": "structure", "members": { "FirewallRuleGroupAssociation": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociation", "traits": { "smithy.api#documentation": "The association that you just created. The association has an Id that you can use to identify it in other requests, like update and delete.
" } } } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddress": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressRequest" }, "output": { "target": "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceExistsException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Adds IP addresses to an inbound or an outbound Resolver endpoint. If you want to add more than one IP address, \n\t\t\tsubmit one AssociateResolverEndpointIpAddress
request for each IP address.
To remove an IP address from an endpoint, see \n\t\t\tDisassociateResolverEndpointIpAddress.\n\t\t
" } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressRequest": { "type": "structure", "members": { "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint that you want to associate IP addresses with.
", "smithy.api#required": {} } }, "IpAddress": { "target": "com.amazonaws.route53resolver#IpAddressUpdate", "traits": { "smithy.api#documentation": "Either the IPv4 address that you want to add to a Resolver endpoint or a subnet ID. If you specify a subnet ID, \n\t\t\tResolver chooses an IP address for you from the available IPs in the specified subnet.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddressResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "The response to an AssociateResolverEndpointIpAddress
request.
Associates an Amazon VPC with a specified query logging configuration. Route 53 Resolver logs DNS queries that originate in all of the Amazon VPCs \n\t\t\tthat are associated with a specified query logging configuration. To associate more than one VPC with a configuration, submit one AssociateResolverQueryLogConfig
\n\t\t\trequest for each VPC.
The VPCs that you associate with a query logging configuration must be in the same Region as the configuration.
\nTo remove a VPC from a query logging configuration, see \n\t\t\tDisassociateResolverQueryLogConfig.\n\t\t\t
" } }, "com.amazonaws.route53resolver#AssociateResolverQueryLogConfigRequest": { "type": "structure", "members": { "ResolverQueryLogConfigId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the query logging configuration that you want to associate a VPC with.
", "smithy.api#required": {} } }, "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of an Amazon VPC that you want this query logging configuration to log queries for.
\n\t\t\n\t\tThe VPCs and the query logging configuration must be in the same Region.
\n\t\tA complex type that contains settings for a specified association between an Amazon VPC and a query logging configuration.
" } } } }, "com.amazonaws.route53resolver#AssociateResolverRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#AssociateResolverRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#AssociateResolverRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceExistsException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ResourceUnavailableException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Associates a Resolver rule with a VPC. When you associate a rule with a VPC, Resolver forwards all DNS queries \n\t\t\tfor the domain name that is specified in the rule and that originate in the VPC. The queries are forwarded to the \n\t\t\tIP addresses for the DNS resolvers that are specified in the rule. For more information about rules, see \n\t\t\tCreateResolverRule.
" } }, "com.amazonaws.route53resolver#AssociateResolverRuleRequest": { "type": "structure", "members": { "ResolverRuleId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver rule that you want to associate with the VPC. To list the existing Resolver rules, use \n\t\t\tListResolverRules.
", "smithy.api#required": {} } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "A name for the association that you're creating between a Resolver rule and a VPC.
" } }, "VPCId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the VPC that you want to associate the Resolver rule with.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#AssociateResolverRuleResponse": { "type": "structure", "members": { "ResolverRuleAssociation": { "target": "com.amazonaws.route53resolver#ResolverRuleAssociation", "traits": { "smithy.api#documentation": "Information about the AssociateResolverRule
request, including the status of the request.
Creates an empty firewall domain list for use in DNS Firewall rules. You can populate the domains for the new list with a file, using ImportFirewallDomains, or with domain strings, using UpdateFirewallDomains.
" } }, "com.amazonaws.route53resolver#CreateFirewallDomainListRequest": { "type": "structure", "members": { "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request and that allows you to retry failed requests \n without the risk of executing the operation twice. \n CreatorRequestId
can be any unique string, for example, a date/time stamp.
A name that lets you identify the domain list to manage and use it.
", "smithy.api#required": {} } }, "Tags": { "target": "com.amazonaws.route53resolver#TagList", "traits": { "smithy.api#documentation": "A list of the tag keys and values that you want to associate with the domain list.
" } } } }, "com.amazonaws.route53resolver#CreateFirewallDomainListResponse": { "type": "structure", "members": { "FirewallDomainList": { "target": "com.amazonaws.route53resolver#FirewallDomainList", "traits": { "smithy.api#documentation": "The domain list that you just created.
" } } } }, "com.amazonaws.route53resolver#CreateFirewallRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#CreateFirewallRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#CreateFirewallRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Creates a single DNS Firewall rule in the specified rule group, using the specified domain list.
" } }, "com.amazonaws.route53resolver#CreateFirewallRuleGroup": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#CreateFirewallRuleGroupRequest" }, "output": { "target": "com.amazonaws.route53resolver#CreateFirewallRuleGroupResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Creates an empty DNS Firewall rule group for filtering DNS network traffic in a VPC. You can add rules to the new rule group \n by calling CreateFirewallRule.
" } }, "com.amazonaws.route53resolver#CreateFirewallRuleGroupRequest": { "type": "structure", "members": { "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
", "smithy.api#idempotencyToken": {}, "smithy.api#required": {} } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "A name that lets you identify the rule group, to manage and use it.
", "smithy.api#required": {} } }, "Tags": { "target": "com.amazonaws.route53resolver#TagList", "traits": { "smithy.api#documentation": "A list of the tag keys and values that you want to associate with the rule group.
" } } } }, "com.amazonaws.route53resolver#CreateFirewallRuleGroupResponse": { "type": "structure", "members": { "FirewallRuleGroup": { "target": "com.amazonaws.route53resolver#FirewallRuleGroup", "traits": { "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } } }, "com.amazonaws.route53resolver#CreateFirewallRuleRequest": { "type": "structure", "members": { "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request and that allows you to retry failed requests \n without the risk of executing the operation twice. \n CreatorRequestId
can be any unique string, for example, a date/time stamp.
The unique identifier of the firewall rule group where you want to create the rule.
", "smithy.api#required": {} } }, "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list that you want to use in the rule.
", "smithy.api#required": {} } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#documentation": "The setting that determines the processing order of the rule in the rule group. DNS Firewall \n processes the rules in a rule group by order of priority, starting from the lowest setting.
\nYou must specify a unique priority for each rule in a rule group. \n To make it easier to insert rules later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for the rules in a rule group at any time.
", "smithy.api#required": {} } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { "smithy.api#documentation": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW
- Permit the request to go through.
\n ALERT
- Permit the request and send metrics and log to Cloud Watch.
\n BLOCK
- Disallow the request. This option requires additional details in the rule's BlockResponse
.
The way that you want DNS Firewall to block the request, used with the rule aciton setting BLOCK
.
\n NODATA
- Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN
- Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE
- Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride*
settings.
This setting is required if the rule action setting is BLOCK
.
The custom DNS record to send back in response to the query. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
This setting is required if the BlockResponse
setting is OVERRIDE
.
The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain
. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
This setting is required if the BlockResponse
setting is OVERRIDE
.
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
This setting is required if the BlockResponse
setting is OVERRIDE
.
A name that lets you identify the rule in the rule group.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#CreateFirewallRuleResponse": { "type": "structure", "members": { "FirewallRule": { "target": "com.amazonaws.route53resolver#FirewallRule", "traits": { "smithy.api#documentation": "The firewall rule that you just created.
" } } } }, "com.amazonaws.route53resolver#CreateResolverEndpoint": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#CreateResolverEndpointRequest" }, "output": { "target": "com.amazonaws.route53resolver#CreateResolverEndpointResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceExistsException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Creates a Resolver endpoint. There are two types of Resolver endpoints, inbound and outbound:
\n\t\tAn inbound Resolver endpoint forwards DNS queries to the DNS service for a VPC \n\t\t\t\tfrom your network.
\nAn outbound Resolver endpoint forwards DNS queries from the DNS service for a VPC \n\t\t\t\tto your network.
\nA unique string that identifies the request and that allows failed requests to be retried without the risk of executing the operation twice. \n\t\t\tCreatorRequestId
can be any unique string, for example, a date/time stamp.
A friendly name that lets you easily find a configuration in the Resolver dashboard in the Route 53 console.
" } }, "SecurityGroupIds": { "target": "com.amazonaws.route53resolver#SecurityGroupIds", "traits": { "smithy.api#documentation": "The ID of one or more security groups that you want to use to control access to this VPC. The security group that you specify \n\t\t\tmust include one or more inbound rules (for inbound Resolver endpoints) or outbound rules (for outbound Resolver endpoints). \n\t\t\tInbound and outbound rules must allow TCP and UDP access. For inbound access, open port 53. For outbound access, open the port \n\t\t\tthat you're using for DNS queries on your network.
", "smithy.api#required": {} } }, "Direction": { "target": "com.amazonaws.route53resolver#ResolverEndpointDirection", "traits": { "smithy.api#documentation": "Specify the applicable value:
\n\t\t\n INBOUND
: Resolver forwards DNS queries to the DNS service for a VPC from your network
\n OUTBOUND
: Resolver forwards DNS queries from the DNS service for a VPC to your network
The subnets and IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward \n\t\t\tDNS queries to (for inbound endpoints). The subnet ID uniquely identifies a VPC.
", "smithy.api#required": {} } }, "Tags": { "target": "com.amazonaws.route53resolver#TagList", "traits": { "smithy.api#documentation": "A list of the tag keys and values that you want to associate with the endpoint.
" } } } }, "com.amazonaws.route53resolver#CreateResolverEndpointResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "Information about the CreateResolverEndpoint
request, including the status of the request.
Creates a Resolver query logging configuration, which defines where you want Resolver to save DNS query logs that originate in your VPCs. \n\t\t\tResolver can log queries only for VPCs that are in the same Region as the query logging configuration.
\n\t\t\n\t\tTo specify which VPCs you want to log queries for, you use AssociateResolverQueryLogConfig
. For more information, see \n\t\t\tAssociateResolverQueryLogConfig.
You can optionally use AWS Resource Access Manager (AWS RAM) to share a query logging configuration with other AWS accounts. The other accounts \n\t\t\tcan then associate VPCs with the configuration. The query logs that Resolver creates for a configuration include all DNS queries that originate in all \n\t\t\tVPCs that are associated with the configuration.
" } }, "com.amazonaws.route53resolver#CreateResolverQueryLogConfigRequest": { "type": "structure", "members": { "Name": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigName", "traits": { "smithy.api#documentation": "The name that you want to give the query logging configuration
", "smithy.api#required": {} } }, "DestinationArn": { "target": "com.amazonaws.route53resolver#DestinationArn", "traits": { "smithy.api#documentation": "The ARN of the resource that you want Resolver to send query logs. You can send query logs to an S3 bucket, a CloudWatch Logs log group, \n\t\t\tor a Kinesis Data Firehose delivery stream. Examples of valid values include the following:
\n\t\t\n\t\t\n S3 bucket:
\n\t\t\t\t\n arn:aws:s3:::examplebucket
\n
You can optionally append a file prefix to the end of the ARN.
\n\t\t\t\t\n arn:aws:s3:::examplebucket/development/
\n
\n CloudWatch Logs log group:
\n\t\t\t\t\n arn:aws:logs:us-west-1:123456789012:log-group:/mystack-testgroup-12ABC1AB12A1:*
\n
\n Kinesis Data Firehose delivery stream:
\n\t\t\t\t\n arn:aws:kinesis:us-east-2:0123456789:stream/my_stream_name
\n
A unique string that identifies the request and that allows failed requests to be retried without the risk of executing the operation twice. \n\t\t\tCreatorRequestId
can be any unique string, for example, a date/time stamp.
A list of the tag keys and values that you want to associate with the query logging configuration.
" } } } }, "com.amazonaws.route53resolver#CreateResolverQueryLogConfigResponse": { "type": "structure", "members": { "ResolverQueryLogConfig": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfig", "traits": { "smithy.api#documentation": "Information about the CreateResolverQueryLogConfig
request, including the status of the request.
For DNS queries that originate in your VPCs, specifies which Resolver endpoint the queries pass through, \n\t\t\tone domain name that you want to forward to your network, and the IP addresses of the DNS resolvers in your network.
" } }, "com.amazonaws.route53resolver#CreateResolverRuleRequest": { "type": "structure", "members": { "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request and that allows failed requests to be retried without the risk of executing the operation twice. \n\t\t\tCreatorRequestId
can be any unique string, for example, a date/time stamp.
A friendly name that lets you easily find a rule in the Resolver dashboard in the Route 53 console.
" } }, "RuleType": { "target": "com.amazonaws.route53resolver#RuleTypeOption", "traits": { "smithy.api#documentation": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD
.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM
.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
\n\t\t\tfor RuleType
. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM
for RuleType
.
Currently, only Resolver can create rules that have a value of RECURSIVE
for RuleType
.
DNS queries for this domain name are forwarded to the IP addresses that you specify in TargetIps
. If a query matches \n\t\t\tmultiple Resolver rules (example.com and www.example.com), outbound DNS queries are routed using the Resolver rule that contains \n\t\t\tthe most specific domain name (www.example.com).
The IPs that you want Resolver to forward DNS queries to. You can specify only IPv4 addresses. Separate IP addresses with a comma.
\n\t\t\n TargetIps
is available only when the value of Rule type
is FORWARD
.
The ID of the outbound Resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify \n\t\t\tin TargetIps
.
A list of the tag keys and values that you want to associate with the endpoint.
" } } } }, "com.amazonaws.route53resolver#CreateResolverRuleResponse": { "type": "structure", "members": { "ResolverRule": { "target": "com.amazonaws.route53resolver#ResolverRule", "traits": { "smithy.api#documentation": "Information about the CreateResolverRule
request, including the status of the request.
Deletes the specified domain list.
" } }, "com.amazonaws.route53resolver#DeleteFirewallDomainListRequest": { "type": "structure", "members": { "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list that you want to delete.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteFirewallDomainListResponse": { "type": "structure", "members": { "FirewallDomainList": { "target": "com.amazonaws.route53resolver#FirewallDomainList", "traits": { "smithy.api#documentation": "The domain list that you just deleted.
" } } } }, "com.amazonaws.route53resolver#DeleteFirewallRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DeleteFirewallRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#DeleteFirewallRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Deletes the specified firewall rule.
" } }, "com.amazonaws.route53resolver#DeleteFirewallRuleGroup": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DeleteFirewallRuleGroupRequest" }, "output": { "target": "com.amazonaws.route53resolver#DeleteFirewallRuleGroupResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#ConflictException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Deletes the specified firewall rule group.
" } }, "com.amazonaws.route53resolver#DeleteFirewallRuleGroupRequest": { "type": "structure", "members": { "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group that you want to delete.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteFirewallRuleGroupResponse": { "type": "structure", "members": { "FirewallRuleGroup": { "target": "com.amazonaws.route53resolver#FirewallRuleGroup", "traits": { "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } } }, "com.amazonaws.route53resolver#DeleteFirewallRuleRequest": { "type": "structure", "members": { "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group that you want to delete the rule from.
", "smithy.api#required": {} } }, "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list that's used in the rule.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteFirewallRuleResponse": { "type": "structure", "members": { "FirewallRule": { "target": "com.amazonaws.route53resolver#FirewallRule", "traits": { "smithy.api#documentation": "The specification for the firewall rule that you just deleted.
" } } } }, "com.amazonaws.route53resolver#DeleteResolverEndpoint": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DeleteResolverEndpointRequest" }, "output": { "target": "com.amazonaws.route53resolver#DeleteResolverEndpointResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Deletes a Resolver endpoint. The effect of deleting a Resolver endpoint depends on whether it's an inbound or an outbound \n\t\t\tResolver endpoint:
\n\t\t\n Inbound: DNS queries from your network are no longer routed \n\t\t\t\tto the DNS service for the specified VPC.
\n\n Outbound: DNS queries from a VPC are no longer routed to your network.
\nThe ID of the Resolver endpoint that you want to delete.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteResolverEndpointResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "Information about the DeleteResolverEndpoint
request, including the status of the request.
Deletes a query logging configuration. When you delete a configuration, Resolver stops logging DNS queries for all of the Amazon VPCs that are \n\t\t\tassociated with the configuration. This also applies if the query logging configuration is shared with other AWS accounts, and \n\t\t\tthe other accounts have associated VPCs with the shared configuration.
\n\t\t\n\t\tBefore you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. See \n\t\t\tDisassociateResolverQueryLogConfig.
\n\t\t\t\n\t\tIf you used Resource Access Manager (RAM) to share a query logging configuration with other accounts, you must stop sharing \n\t\t\tthe configuration before you can delete a configuration. The accounts that you shared the configuration with can first disassociate VPCs \n\t\t\tthat they associated with the configuration, but that's not necessary. If you stop sharing the configuration, those VPCs are automatically \n\t\t\tdisassociated from the configuration.
" } }, "com.amazonaws.route53resolver#DeleteResolverQueryLogConfigRequest": { "type": "structure", "members": { "ResolverQueryLogConfigId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the query logging configuration that you want to delete.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteResolverQueryLogConfigResponse": { "type": "structure", "members": { "ResolverQueryLogConfig": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfig", "traits": { "smithy.api#documentation": "Information about the query logging configuration that you deleted, including the status of the request.
" } } } }, "com.amazonaws.route53resolver#DeleteResolverRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DeleteResolverRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#DeleteResolverRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#ResourceInUseException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Deletes a Resolver rule. Before you can delete a Resolver rule, you must disassociate it from all the VPCs that you \n\t\t\tassociated the Resolver rule with. For more information, see \n\t\t\tDisassociateResolverRule.
" } }, "com.amazonaws.route53resolver#DeleteResolverRuleRequest": { "type": "structure", "members": { "ResolverRuleId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver rule that you want to delete.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DeleteResolverRuleResponse": { "type": "structure", "members": { "ResolverRule": { "target": "com.amazonaws.route53resolver#ResolverRule", "traits": { "smithy.api#documentation": "Information about the DeleteResolverRule
request, including the status of the request.
Disassociates a FirewallRuleGroup from a VPC, to remove DNS filtering from the VPC.
" } }, "com.amazonaws.route53resolver#DisassociateFirewallRuleGroupRequest": { "type": "structure", "members": { "FirewallRuleGroupAssociationId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The identifier of the FirewallRuleGroupAssociation.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DisassociateFirewallRuleGroupResponse": { "type": "structure", "members": { "FirewallRuleGroupAssociation": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociation", "traits": { "smithy.api#documentation": "The firewall rule group association that you just removed.
" } } } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddress": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressRequest" }, "output": { "target": "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceExistsException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Removes IP addresses from an inbound or an outbound Resolver endpoint. If you want to remove more than one IP address, \n\t\t\tsubmit one DisassociateResolverEndpointIpAddress
request for each IP address.
To add an IP address to an endpoint, see \n\t\t\tAssociateResolverEndpointIpAddress.\n\t\t
" } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressRequest": { "type": "structure", "members": { "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint that you want to disassociate an IP address from.
", "smithy.api#required": {} } }, "IpAddress": { "target": "com.amazonaws.route53resolver#IpAddressUpdate", "traits": { "smithy.api#documentation": "The IPv4 address that you want to remove from a Resolver endpoint.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddressResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "The response to an DisassociateResolverEndpointIpAddress
request.
Disassociates a VPC from a query logging configuration.
\n\t\t\n\t\tBefore you can delete a query logging configuration, you must first disassociate all VPCs from the configuration. If you used \n\t\t\t\tResource Access Manager (RAM) to share a query logging configuration with other accounts, VPCs can be disassociated from the configuration \n\t\t\t\tin the following ways:
\n\t\t\tThe accounts that you shared the configuration with can disassociate VPCs from the configuration.
\nYou can stop sharing the configuration.
\nThe ID of the query logging configuration that you want to disassociate a specified VPC from.
", "smithy.api#required": {} } }, "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Amazon VPC that you want to disassociate from a specified query logging configuration.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DisassociateResolverQueryLogConfigResponse": { "type": "structure", "members": { "ResolverQueryLogConfigAssociation": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociation", "traits": { "smithy.api#documentation": "A complex type that contains settings for the association that you deleted between an Amazon VPC and a query logging configuration.
" } } } }, "com.amazonaws.route53resolver#DisassociateResolverRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#DisassociateResolverRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#DisassociateResolverRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Removes the association between a specified Resolver rule and a specified VPC.
\n\t\tIf you disassociate a Resolver rule from a VPC, Resolver stops forwarding DNS queries for the \n\t\t\t\tdomain name that you specified in the Resolver rule.
\n\t\tThe ID of the VPC that you want to disassociate the Resolver rule from.
", "smithy.api#required": {} } }, "ResolverRuleId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver rule that you want to disassociate from the specified VPC.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#DisassociateResolverRuleResponse": { "type": "structure", "members": { "ResolverRuleAssociation": { "target": "com.amazonaws.route53resolver#ResolverRuleAssociation", "traits": { "smithy.api#documentation": "Information about the DisassociateResolverRule
request, including the status of the request.
The name of the parameter that you want to use to filter objects.
\n\t\tThe valid values for Name
depend on the action that you're including the filter in, \n\t\t\tListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tor \n\t\t\tListResolverQueryLogConfigAssociations.
In early versions of Resolver, values for Name
were listed as uppercase, with underscore (_) delimiters. For example, \n\t\t\t\tCreatorRequestId
was originally listed as CREATOR_REQUEST_ID
. Uppercase values for Name
are still supported.
\n ListResolverEndpoints\n
\n\t\tValid values for Name
include the following:
\n CreatorRequestId
: The value that you specified when you created the Resolver endpoint.
\n Direction
: Whether you want to return inbound or outbound Resolver endpoints. If you specify DIRECTION
\n\t\t\t\tfor Name
, specify INBOUND
or OUTBOUND
for Values
.
\n HostVpcId
: The ID of the VPC that inbound DNS queries pass through on the way from your network to your VPCs in a region, or \n\t\t\t\tthe VPC that outbound queries pass through on the way from your VPCs to your network. In a \n\t\t\t\tCreateResolverEndpoint\n\t\t\t\trequest, SubnetId
indirectly identifies the VPC. In a \n\t\t\t\tGetResolverEndpoint\n\t\t\t\trequest, the VPC ID for a Resolver endpoint \n\t\t\t\tis returned in the HostVPCId
element.
\n IpAddressCount
: The number of IP addresses that you have associated with the Resolver endpoint.
\n Name
: The name of the Resolver endpoint.
\n SecurityGroupIds
: The IDs of the VPC security groups that you specified when you created the \n\t\t\t\tResolver endpoint.
\n Status
: The status of the Resolver endpoint. If you specify Status
for Name
, \n\t\t\t\tspecify one of the following status codes for Values
: CREATING
, OPERATIONAL
, UPDATING
,\n\t\t\t\tAUTO_RECOVERING
, ACTION_NEEDED
, or DELETING
. For more information, see Status
in\n\t\t\t\tResolverEndpoint.
\n ListResolverRules\n
\n\t\tValid values for Name
include the following:
\n CreatorRequestId
: The value that you specified when you created the Resolver rule.
\n DomainName
: The domain name for which Resolver is forwarding DNS queries to your network. In the value that \n\t\t\t\tyou specify for Values
, include a trailing dot (.) after the domain name. For example, if the domain name is example.com, \n\t\t\t\tspecify the following value. Note the \".\" after com
:
\n example.com.
\n
\n Name
: The name of the Resolver rule.
\n ResolverEndpointId
: The ID of the Resolver endpoint that the Resolver rule is associated with.
You can filter on the Resolver endpoint only for rules that have a value of FORWARD
for \n\t\t\t\t\tRuleType
.
\n Status
: The status of the Resolver rule. If you specify Status
for Name
, \n\t\t\t\tspecify one of the following status codes for Values
: COMPLETE
, DELETING
, UPDATING
, \n\t\t\t\tor FAILED
.
\n Type
: The type of the Resolver rule. If you specify TYPE
\n\t\t\t\tfor Name
, specify FORWARD
or SYSTEM
for Values
.
\n ListResolverRuleAssociations\n
\n\t\tValid values for Name
include the following:
\n Name
: The name of the Resolver rule association.
\n ResolverRuleId
: The ID of the Resolver rule that is associated with one or more VPCs.
\n Status
: The status of the Resolver rule association. If you specify Status
for Name
, \n\t\t\t\tspecify one of the following status codes for Values
: CREATING
, COMPLETE
, DELETING
, or \n\t\t\t\tFAILED
.
\n VPCId
: The ID of the VPC that the Resolver rule is associated with.
\n ListResolverQueryLogConfigs\n
\n\t\tValid values for Name
include the following:
\n Arn
: The ARN for the query logging configuration.
\n AssociationCount
: The number of VPCs that are associated with the query logging configuration.
\n CreationTime
: The date and time that the query logging configuration was created, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n CreatorRequestId
: A unique string that identifies the request that created the query logging configuration.
\n Destination
: The AWS service that you want to forward query logs to. Valid values include the following:
\n S3
\n
\n CloudWatchLogs
\n
\n KinesisFirehose
\n
\n DestinationArn
: The ARN of the location that Resolver is sending query logs to. This value can be the ARN for an \n\t\t\t\tS3 bucket, a CloudWatch Logs log group, or a Kinesis Data Firehose delivery stream.
\n Id
: The ID of the query logging configuration
\n Name
: The name of the query logging configuration
\n OwnerId
: The AWS account ID for the account that created the query logging configuration.
\n ShareStatus
: An indication of whether the query logging configuration is shared with other AWS accounts, \n\t\t\t\tor was shared with the current account by another AWS account. Valid values include: NOT_SHARED
, SHARED_WITH_ME
, \n\t\t\t\tor SHARED_BY_ME
.
\n Status
: The status of the query logging configuration. If you specify Status
for Name
, \n\t\t\t\tspecify the applicable status code for Values
: CREATING
, CREATED
, \n\t\t\t\tDELETING
, or FAILED
. For more information, see \n\t\t\t\tStatus.\n\t\t\t\t
\n ListResolverQueryLogConfigAssociations\n
\n\t\tValid values for Name
include the following:
\n CreationTime
: The date and time that the VPC was associated with the query logging configuration, in Unix time format and \n\t\t\t\tCoordinated Universal Time (UTC).
\n Error
: If the value of Status
is FAILED
, specify the cause: \n\t\t\t\tDESTINATION_NOT_FOUND
or ACCESS_DENIED
.
\n Id
: The ID of the query logging association.
\n ResolverQueryLogConfigId
: The ID of the query logging configuration that a VPC is associated with.
\n ResourceId
: The ID of the Amazon VPC that is associated with the query logging configuration.
\n Status
: The status of the query logging association. If you specify Status
for Name
, \n\t\t\t\tspecify the applicable status code for Values
: CREATING
, CREATED
, \n\t\t\t\tDELETING
, or FAILED
. For more information, see \n\t\t\t Status.\n\t\t\t\t
When you're using a List
operation and you want the operation to return a subset of objects, such as Resolver endpoints or Resolver rules,\n\t\t\tthe value of the parameter that you want to use to filter objects. For example, to list only inbound Resolver endpoints, specify Direction
for \n\t\t\tName
and specify INBOUND
for Values
.
For Resolver list operations \n\t\t\t(ListResolverEndpoints, \n\t\t\tListResolverRules, \n\t\t\tListResolverRuleAssociations, \n\t\t\tListResolverQueryLogConfigs,\n\t\t\tListResolverQueryLogConfigAssociations),\n\t\t\tand\n\t\t\tListResolverDnssecConfigs), \n\t\t\tan optional specification to return a subset of objects.
\n\t\tTo filter objects, such as Resolver endpoints or Resolver rules, you specify Name
and Values
. For example, \n\t\t\tto list only inbound Resolver endpoints, specify Direction
for Name
and specify INBOUND
for Values
.
The Id of the firewall configuration.
" } }, "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the VPC that this firewall configuration applies to.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "The AWS account ID of the owner of the VPC that this firewall configuration applies to.
" } }, "FirewallFailOpen": { "target": "com.amazonaws.route53resolver#FirewallFailOpenStatus", "traits": { "smithy.api#documentation": "Determines how DNS Firewall operates during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply.
\nBy default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. DNS Firewall returns\n a failure error when it is unable to properly evaluate a query.
\nIf you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it \n is unable to properly evaluate them.
\nThis behavior is only enforced for VPCs that have at least one DNS Firewall rule group association.
" } } }, "traits": { "smithy.api#documentation": "Configuration of the firewall behavior provided by DNS Firewall for a single Amazon virtual private cloud (VPC).
" } }, "com.amazonaws.route53resolver#FirewallConfigList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallConfig" } }, "com.amazonaws.route53resolver#FirewallDomainImportOperation": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "REPLACE", "name": "REPLACE" } ] } }, "com.amazonaws.route53resolver#FirewallDomainList": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) of the firewall domain list.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the domain list.
" } }, "DomainCount": { "target": "com.amazonaws.route53resolver#Unsigned", "traits": { "smithy.api#documentation": "The number of domain names that are specified in the domain list.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallDomainListStatus", "traits": { "smithy.api#documentation": "The status of the domain list.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "Additional information about the status of the list, if available.
" } }, "ManagedOwnerName": { "target": "com.amazonaws.route53resolver#ServicePrinciple", "traits": { "smithy.api#documentation": "The owner of the list, used only for lists that are not managed by you. For example, the managed domain list AWSManagedDomainsMalwareDomainList
has the managed owner name Route 53 Resolver DNS Firewall
.
A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the domain list was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the domain list was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "High level information about a list of firewall domains for use in a FirewallRule. This is returned by GetFirewallDomainList.
\nTo retrieve the domains that are defined for this domain list, call ListFirewallDomains.
" } }, "com.amazonaws.route53resolver#FirewallDomainListMetadata": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) of the firewall domain list metadata.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the domain list.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "ManagedOwnerName": { "target": "com.amazonaws.route53resolver#ServicePrinciple", "traits": { "smithy.api#documentation": "The owner of the list, used only for lists that are not managed by you. For example, the managed domain list AWSManagedDomainsMalwareDomainList
has the managed owner name Route 53 Resolver DNS Firewall
.
Minimal high-level information for a firewall domain list. The action ListFirewallDomainLists returns an array of these objects.
\nTo retrieve full information for a firewall domain list, call GetFirewallDomainList and ListFirewallDomains.
" } }, "com.amazonaws.route53resolver#FirewallDomainListMetadataList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallDomainListMetadata" } }, "com.amazonaws.route53resolver#FirewallDomainListStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "COMPLETE", "name": "COMPLETE" }, { "value": "COMPLETE_IMPORT_FAILED", "name": "COMPLETE_IMPORT_FAILED" }, { "value": "IMPORTING", "name": "IMPORTING" }, { "value": "DELETING", "name": "DELETING" }, { "value": "UPDATING", "name": "UPDATING" } ] } }, "com.amazonaws.route53resolver#FirewallDomainName": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 255 } } }, "com.amazonaws.route53resolver#FirewallDomainUpdateOperation": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "ADD", "name": "ADD" }, { "value": "REMOVE", "name": "REMOVE" }, { "value": "REPLACE", "name": "REPLACE" } ] } }, "com.amazonaws.route53resolver#FirewallDomains": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallDomainName" } }, "com.amazonaws.route53resolver#FirewallFailOpenStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "ENABLED", "name": "ENABLED" }, { "value": "DISABLED", "name": "DISABLED" } ] } }, "com.amazonaws.route53resolver#FirewallRule": { "type": "structure", "members": { "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group of the rule.
" } }, "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list that's used in the rule.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the rule.
" } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#documentation": "The priority of the rule in the rule group. This value must be unique within the rule group. DNS Firewall processes the rules in a rule group by order of priority, starting from the lowest setting.
" } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { "smithy.api#documentation": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW
- Permit the request to go through.
\n ALERT
- Permit the request to go through but send an alert to the logs.
\n BLOCK
- Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse
setting.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK
.
\n NODATA
- Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN
- Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE
- Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride*
settings.
The custom DNS record to send back in response to the query. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain
. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the rule was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the rule was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "A single firewall rule in a rule group.
" } }, "com.amazonaws.route53resolver#FirewallRuleGroup": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the rule group.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN (Amazon Resource Name) of the rule group.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the rule group.
" } }, "RuleCount": { "target": "com.amazonaws.route53resolver#Unsigned", "traits": { "smithy.api#documentation": "The number of rules in the rule group.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupStatus", "traits": { "smithy.api#documentation": "The status of the domain list.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "Additional information about the status of the rule group, if available.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "The AWS account ID for the account that created the rule group. When a rule group is shared with your account,\n this is the account that has shared the rule group with you.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "ShareStatus": { "target": "com.amazonaws.route53resolver#ShareStatus", "traits": { "smithy.api#documentation": "Whether the rule group is shared with other AWS accounts, or was shared with the current account by another \n AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM).
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the rule group was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the rule group was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "High-level information for a firewall rule group. A firewall rule group is a collection of rules that DNS Firewall uses to filter DNS network traffic for a VPC. To retrieve the rules for the rule group, call ListFirewallRules.
" } }, "com.amazonaws.route53resolver#FirewallRuleGroupAssociation": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The identifier for the association.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) of the firewall rule group association.
" } }, "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group.
" } }, "VpcId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the VPC that is associated with the rule group.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the association.
" } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall \n filters VPC traffic starting from rule group with the lowest numeric priority setting.
" } }, "MutationProtection": { "target": "com.amazonaws.route53resolver#MutationProtectionStatus", "traits": { "smithy.api#documentation": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
" } }, "ManagedOwnerName": { "target": "com.amazonaws.route53resolver#ServicePrinciple", "traits": { "smithy.api#documentation": "The owner of the association, used only for associations that are not managed by you. If you use AWS Firewall Manager to \n manage your DNS Firewalls, then this reports Firewall Manager as the managed owner.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociationStatus", "traits": { "smithy.api#documentation": "The current status of the association.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "Additional information about the status of the response, if available.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the association was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the association was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "An association between a firewall rul group and a VPC, which enables DNS filtering for the VPC.
" } }, "com.amazonaws.route53resolver#FirewallRuleGroupAssociationStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "COMPLETE", "name": "COMPLETE" }, { "value": "DELETING", "name": "DELETING" }, { "value": "UPDATING", "name": "UPDATING" } ] } }, "com.amazonaws.route53resolver#FirewallRuleGroupAssociations": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociation" } }, "com.amazonaws.route53resolver#FirewallRuleGroupMetadata": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the rule group.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN (Amazon Resource Name) of the rule group.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the rule group.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "The AWS account ID for the account that created the rule group. When a rule group is shared with your account,\n this is the account that has shared the rule group with you.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string defined by you to identify the request. This allows you to retry failed requests \n without the risk of executing the operation twice. This can be any unique string, for example, a timestamp.
" } }, "ShareStatus": { "target": "com.amazonaws.route53resolver#ShareStatus", "traits": { "smithy.api#documentation": "Whether the rule group is shared with other AWS accounts, or was shared with the current account by another \n AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM).
" } } }, "traits": { "smithy.api#documentation": "Minimal high-level information for a firewall rule group. The action ListFirewallRuleGroups returns an array of these objects.
\nTo retrieve full information for a firewall rule group, call GetFirewallRuleGroup and ListFirewallRules.
" } }, "com.amazonaws.route53resolver#FirewallRuleGroupMetadataList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupMetadata" } }, "com.amazonaws.route53resolver#FirewallRuleGroupPolicy": { "type": "string", "traits": { "smithy.api#length": { "min": 0, "max": 5000 } } }, "com.amazonaws.route53resolver#FirewallRuleGroupStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "COMPLETE", "name": "COMPLETE" }, { "value": "DELETING", "name": "DELETING" }, { "value": "UPDATING", "name": "UPDATING" } ] } }, "com.amazonaws.route53resolver#FirewallRules": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#FirewallRule" } }, "com.amazonaws.route53resolver#GetFirewallConfig": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetFirewallConfigRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetFirewallConfigResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Retrieves the configuration of the firewall behavior provided by DNS Firewall for a single Amazon virtual private cloud (VPC).
" } }, "com.amazonaws.route53resolver#GetFirewallConfigRequest": { "type": "structure", "members": { "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Amazon virtual private cloud (VPC) that the configuration is for.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetFirewallConfigResponse": { "type": "structure", "members": { "FirewallConfig": { "target": "com.amazonaws.route53resolver#FirewallConfig", "traits": { "smithy.api#documentation": "Configuration of the firewall behavior provided by DNS Firewall for a single Amazon virtual private cloud (VPC).
" } } } }, "com.amazonaws.route53resolver#GetFirewallDomainList": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetFirewallDomainListRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetFirewallDomainListResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Retrieves the specified firewall domain list.
" } }, "com.amazonaws.route53resolver#GetFirewallDomainListRequest": { "type": "structure", "members": { "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetFirewallDomainListResponse": { "type": "structure", "members": { "FirewallDomainList": { "target": "com.amazonaws.route53resolver#FirewallDomainList", "traits": { "smithy.api#documentation": "The domain list that you requested.
" } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroup": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Retrieves the specified firewall rule group.
" } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociation": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociationRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociationResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Retrieves a firewall rule group association, which enables DNS filtering for a VPC with one rule group. A VPC can have more than one firewall rule group association, and a rule group can be associated with more than one VPC.
" } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociationRequest": { "type": "structure", "members": { "FirewallRuleGroupAssociationId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The identifier of the FirewallRuleGroupAssociation.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociationResponse": { "type": "structure", "members": { "FirewallRuleGroupAssociation": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociation", "traits": { "smithy.api#documentation": "The association that you requested.
" } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicy": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicyRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicyResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Returns the AWS Identity and Access Management (AWS IAM) policy for sharing the specified rule group. You can use the policy to share the rule group using AWS Resource Access Manager (RAM).
" } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN (Amazon Resource Name) for the rule group.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicyResponse": { "type": "structure", "members": { "FirewallRuleGroupPolicy": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupPolicy", "traits": { "smithy.api#documentation": "The AWS Identity and Access Management (AWS IAM) policy for sharing the specified rule group. You can use the policy to share the rule group using AWS Resource Access Manager (RAM).
" } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupRequest": { "type": "structure", "members": { "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetFirewallRuleGroupResponse": { "type": "structure", "members": { "FirewallRuleGroup": { "target": "com.amazonaws.route53resolver#FirewallRuleGroup", "traits": { "smithy.api#documentation": "A collection of rules used to filter DNS network traffic.
" } } } }, "com.amazonaws.route53resolver#GetResolverDnssecConfig": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetResolverDnssecConfigRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetResolverDnssecConfigResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Gets DNSSEC validation information for a specified resource.
" } }, "com.amazonaws.route53resolver#GetResolverDnssecConfigRequest": { "type": "structure", "members": { "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the virtual private cloud (VPC) for the DNSSEC validation status.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverDnssecConfigResponse": { "type": "structure", "members": { "ResolverDNSSECConfig": { "target": "com.amazonaws.route53resolver#ResolverDnssecConfig", "traits": { "smithy.api#documentation": "The information about a configuration for DNSSEC validation.
" } } } }, "com.amazonaws.route53resolver#GetResolverEndpoint": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetResolverEndpointRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetResolverEndpointResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Gets information about a specified Resolver endpoint, such as whether it's an inbound or an outbound Resolver endpoint, and the \n\t\t\tcurrent status of the endpoint.
" } }, "com.amazonaws.route53resolver#GetResolverEndpointRequest": { "type": "structure", "members": { "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint that you want to get information about.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverEndpointResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "Information about the Resolver endpoint that you specified in a GetResolverEndpoint
request.
Gets information about a specified Resolver query logging configuration, such as the number of VPCs that the configuration \n\t\t\tis logging queries for and the location that logs are sent to.
" } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociation": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociationRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociationResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Gets information about a specified association between a Resolver query logging configuration and an Amazon VPC. When you associate a VPC \n\t\t\twith a query logging configuration, Resolver logs DNS queries that originate in that VPC.
" } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociationRequest": { "type": "structure", "members": { "ResolverQueryLogConfigAssociationId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver query logging configuration association that you want to get information about.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociationResponse": { "type": "structure", "members": { "ResolverQueryLogConfigAssociation": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociation", "traits": { "smithy.api#documentation": "Information about the Resolver query logging configuration association that you specified in a GetQueryLogConfigAssociation
request.
Gets information about a query logging policy. A query logging policy specifies the Resolver query logging \n\t\t\toperations and resources that you want to allow another AWS account to be able to use.
" } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigPolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN of the query logging configuration that you want to get the query logging policy for.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigPolicyResponse": { "type": "structure", "members": { "ResolverQueryLogConfigPolicy": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigPolicy", "traits": { "smithy.api#documentation": "Information about the query logging policy for the query logging configuration that you specified in a \n\t\t\tGetResolverQueryLogConfigPolicy
request.
The ID of the Resolver query logging configuration that you want to get information about.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverQueryLogConfigResponse": { "type": "structure", "members": { "ResolverQueryLogConfig": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfig", "traits": { "smithy.api#documentation": "Information about the Resolver query logging configuration that you specified in a GetQueryLogConfig
request.
Gets information about a specified Resolver rule, such as the domain name that the rule forwards DNS queries for and the ID of the \n\t\t\toutbound Resolver endpoint that the rule is associated with.
" } }, "com.amazonaws.route53resolver#GetResolverRuleAssociation": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#GetResolverRuleAssociationRequest" }, "output": { "target": "com.amazonaws.route53resolver#GetResolverRuleAssociationResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Gets information about an association between a specified Resolver rule and a VPC. You associate a Resolver rule and a VPC using \n\t\t\tAssociateResolverRule.
" } }, "com.amazonaws.route53resolver#GetResolverRuleAssociationRequest": { "type": "structure", "members": { "ResolverRuleAssociationId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver rule association that you want to get information about.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverRuleAssociationResponse": { "type": "structure", "members": { "ResolverRuleAssociation": { "target": "com.amazonaws.route53resolver#ResolverRuleAssociation", "traits": { "smithy.api#documentation": "Information about the Resolver rule association that you specified in a GetResolverRuleAssociation
request.
Gets information about the Resolver rule policy for a specified rule. A Resolver rule policy includes the rule that you want to share \n\t\t\twith another account, the account that you want to share the rule with, and the Resolver operations that you want to allow the account to use.
" } }, "com.amazonaws.route53resolver#GetResolverRulePolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ID of the Resolver rule that you want to get the Resolver rule policy for.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverRulePolicyResponse": { "type": "structure", "members": { "ResolverRulePolicy": { "target": "com.amazonaws.route53resolver#ResolverRulePolicy", "traits": { "smithy.api#documentation": "The Resolver rule policy for the rule that you specified in a GetResolverRulePolicy
request.
The ID of the Resolver rule that you want to get information about.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#GetResolverRuleResponse": { "type": "structure", "members": { "ResolverRule": { "target": "com.amazonaws.route53resolver#ResolverRule", "traits": { "smithy.api#documentation": "Information about the Resolver rule that you specified in a GetResolverRule
request.
Imports domain names from a file into a domain list, for use in a DNS firewall rule group.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with *
(asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z
, a-z
,\n \t 0-9
, -
(hyphen).
It must be from 1-255 characters in length.
\n \tThe ID of the domain list that you want to modify with the import operation.
", "smithy.api#required": {} } }, "Operation": { "target": "com.amazonaws.route53resolver#FirewallDomainImportOperation", "traits": { "smithy.api#documentation": "What you want DNS Firewall to do with the domains that are listed in the file. This must be set to REPLACE
, which updates the domain list to exactly match the list in the file.
The fully qualified URL or URI of the file stored in Amazon Simple Storage Service (S3) that contains the list of domains to import.
\nThe file must be in an S3 bucket that's in the same Region\n as your DNS Firewall. The file must be a text file and must contain a single domain per line.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#ImportFirewallDomainsResponse": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The Id of the firewall domain list that DNS Firewall just updated.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the domain list.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallDomainListStatus", "traits": { "smithy.api#documentation": "" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "
Additional information about the status of the list, if available.
" } } } }, "com.amazonaws.route53resolver#InternalServiceErrorException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "We encountered an unknown error. Try again in a few minutes.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#InvalidNextTokenException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" } }, "traits": { "smithy.api#documentation": "The value that you specified for NextToken
in a List
request isn't valid.
For an InvalidParameterException
error, the name of the parameter that's invalid.
One or more parameters in this request are not valid.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#InvalidPolicyDocument": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "The specified Resolver rule policy is invalid.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#InvalidRequestException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "The request is invalid.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#InvalidTagException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "The specified tag is invalid.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#Ip": { "type": "string", "traits": { "smithy.api#length": { "min": 7, "max": 36 } } }, "com.amazonaws.route53resolver#IpAddressCount": { "type": "integer", "traits": { "smithy.api#box": {} } }, "com.amazonaws.route53resolver#IpAddressRequest": { "type": "structure", "members": { "SubnetId": { "target": "com.amazonaws.route53resolver#SubnetId", "traits": { "smithy.api#documentation": "The ID of the subnet that contains the IP address.
", "smithy.api#required": {} } }, "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { "smithy.api#documentation": "The IP address that you want to use for DNS queries.
" } } }, "traits": { "smithy.api#documentation": "In a \n\t\t\tCreateResolverEndpoint \n\t\t\trequest, the IP address that DNS queries originate from (for outbound endpoints) or that you forward DNS queries to (for inbound endpoints). \n\t\t\tIpAddressRequest
also includes the ID of the subnet that contains the IP address.
The ID of one IP address.
" } }, "SubnetId": { "target": "com.amazonaws.route53resolver#SubnetId", "traits": { "smithy.api#documentation": "The ID of one subnet.
" } }, "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { "smithy.api#documentation": "One IP address that the Resolver endpoint uses for DNS queries.
" } }, "Status": { "target": "com.amazonaws.route53resolver#IpAddressStatus", "traits": { "smithy.api#documentation": "A status code that gives the current status of the request.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "A message that provides additional information about the status of the request.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the IP address was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the IP address was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "In the response to a \n\t\t\tGetResolverEndpoint\n\t\t\trequest, information about the IP addresses that the Resolver endpoint uses for DNS queries.
" } }, "com.amazonaws.route53resolver#IpAddressStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "CREATING", "name": "Creating" }, { "value": "FAILED_CREATION", "name": "FailedCreation" }, { "value": "ATTACHING", "name": "Attaching" }, { "value": "ATTACHED", "name": "Attached" }, { "value": "REMAP_DETACHING", "name": "RemapDetaching" }, { "value": "REMAP_ATTACHING", "name": "RemapAttaching" }, { "value": "DETACHING", "name": "Detaching" }, { "value": "FAILED_RESOURCE_GONE", "name": "FailedResourceGone" }, { "value": "DELETING", "name": "Deleting" }, { "value": "DELETE_FAILED_FAS_EXPIRED", "name": "DeleteFailedFasExpired" } ] } }, "com.amazonaws.route53resolver#IpAddressUpdate": { "type": "structure", "members": { "IpId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "\n Only when removing an IP address from a Resolver endpoint: The ID of the IP address that you want to remove. \n\t\t\tTo get this ID, use \n\t\t\tGetResolverEndpoint.
" } }, "SubnetId": { "target": "com.amazonaws.route53resolver#SubnetId", "traits": { "smithy.api#documentation": "The ID of the subnet that includes the IP address that you want to update. To get this ID, use \n\t\t\tGetResolverEndpoint.
" } }, "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { "smithy.api#documentation": "The new IP address.
" } } }, "traits": { "smithy.api#documentation": "In an \n\t\t\tUpdateResolverEndpoint \n\t\t\trequest, information about an IP address to update.
" } }, "com.amazonaws.route53resolver#IpAddressesRequest": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#IpAddressRequest" }, "traits": { "smithy.api#length": { "min": 1, "max": 10 } } }, "com.amazonaws.route53resolver#IpAddressesResponse": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#IpAddressResponse" } }, "com.amazonaws.route53resolver#LimitExceededException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" }, "ResourceType": { "target": "com.amazonaws.route53resolver#String", "traits": { "smithy.api#documentation": "For a LimitExceededException
error, the type of resource that exceeded the current limit.
The request caused one or more limits to be exceeded.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#ListDomainMaxResults": { "type": "integer", "traits": { "smithy.api#box": {}, "smithy.api#range": { "min": 1, "max": 5000 } } }, "com.amazonaws.route53resolver#ListFirewallConfigs": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListFirewallConfigsRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListFirewallConfigsResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Retrieves the firewall configurations that you have defined. DNS Firewall uses the configurations to manage firewall behavior for your VPCs.
\nA single call might return only a partial list of the configurations. For information, see MaxResults
.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "FirewallConfigs": { "target": "com.amazonaws.route53resolver#FirewallConfigList", "traits": { "smithy.api#documentation": "The configurations for the firewall behavior provided by DNS Firewall for Amazon virtual private clouds (VPC).
" } } } }, "com.amazonaws.route53resolver#ListFirewallDomainLists": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListFirewallDomainListsRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListFirewallDomainListsResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Retrieves the firewall domain lists that you have defined. For each firewall domain list, you can retrieve the domains that are defined for a list by calling ListFirewallDomains.
\nA single call to this list operation might return only a partial list of the domain lists. For information, see MaxResults
.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "FirewallDomainLists": { "target": "com.amazonaws.route53resolver#FirewallDomainListMetadataList", "traits": { "smithy.api#documentation": "A list of the domain lists that you have defined.
\nThis might be a parital list of the domain lists that you've defined. For information, see MaxResults
.
Retrieves the domains that you have defined for the specified firewall domain list.
\nA single call might return only a partial list of the domains. For information, see MaxResults
.
The ID of the domain list whose domains you want to retrieve.
", "smithy.api#required": {} } }, "MaxResults": { "target": "com.amazonaws.route53resolver#ListDomainMaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "Domains": { "target": "com.amazonaws.route53resolver#FirewallDomains", "traits": { "smithy.api#documentation": "A list of the domains in the firewall domain list.
\nThis might be a parital list of the domains that you've defined in the domain list. For information, see MaxResults
.
Retrieves the firewall rule group associations that you have defined. Each association enables DNS filtering for a VPC with one rule group.
\nA single call might return only a partial list of the associations. For information, see MaxResults
.
The unique identifier of the firewall rule group that you want to retrieve the associations\n for. Leave this blank to retrieve associations for any rule group.
" } }, "VpcId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the VPC that you want to retrieve the associations\n for. Leave this blank to retrieve associations for any VPC.
" } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule groups that are associated with a single VPC. DNS Firewall \n filters VPC traffic starting from rule group with the lowest numeric priority setting.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociationStatus", "traits": { "smithy.api#documentation": "The association Status
setting that you want DNS Firewall to filter on for the list. If you don't specify this, then DNS Firewall returns all associations, regardless of status.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "FirewallRuleGroupAssociations": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociations", "traits": { "smithy.api#documentation": "A list of your firewall rule group associations.
\nThis might be a partial list of the associations that you have defined. For information, see MaxResults
.
Retrieves the minimal high-level information for the rule groups that you have defined.
\nA single call might return only a partial list of the rule groups. For information, see MaxResults
.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "FirewallRuleGroups": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupMetadataList", "traits": { "smithy.api#documentation": "A list of your firewall rule groups.
\nThis might be a partial list of the rule groups that you have defined. For information, see MaxResults
.
Retrieves the firewall rules that you have defined for the specified firewall rule group. DNS Firewall uses the rules in a rule group to filter DNS network traffic for a VPC.
\nA single call might return only a partial list of the rules. For information, see MaxResults
.
The unique identifier of the firewall rule group that you want to retrieve the rules for.
", "smithy.api#required": {} } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "Optional additional filter for the rules to retrieve.
\nThe setting that determines the processing order of the rules in a rule group. DNS Firewall \n processes the rules in a rule group by order of priority, starting from the lowest setting.
" } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { "smithy.api#documentation": "Optional additional filter for the rules to retrieve.
\nThe action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW
- Permit the request to go through.
\n ALERT
- Permit the request to go through but send an alert to the logs.
\n BLOCK
- Disallow the request. If this is specified, additional handling details are provided in the rule's BlockResponse
setting.
The maximum number of objects that you want Resolver to return for this request. If more\n objects are available, in the response, Resolver provides a\n NextToken
value that you can use in a subsequent call to get the next batch of objects.
If you don't specify a value for MaxResults
, Resolver returns up to 100 objects.
For the first call to this list request, omit this value.
\nWhen you request a list of objects, Resolver returns at most the number of objects \n specified in MaxResults
. If more objects are available for retrieval,\n Resolver returns a NextToken
value in the response. To retrieve the next \n batch of objects, use the token that was returned for the prior request in your next request.
If objects are still available for retrieval, Resolver returns this token in the response. \n To retrieve the next batch of objects, provide this token in your next request.
" } }, "FirewallRules": { "target": "com.amazonaws.route53resolver#FirewallRules", "traits": { "smithy.api#documentation": "A list of the rules that you have defined.
\nThis might be a parital list of the firewall rules that you've defined. For information, see MaxResults
.
Lists the configurations for DNSSEC validation that are associated with the current AWS account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverDnssecConfigsRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "\n Optional: An integer that specifies the maximum number of DNSSEC configuration results that you want Amazon Route 53 to return. \n\t\t\tIf you don't specify a value for MaxResults
, Route 53 returns up to 100 configuration per page.
(Optional) If the current AWS account has more than MaxResults
DNSSEC configurations, use NextToken
\n\t\t\tto get the second and subsequent pages of results.
For the first ListResolverDnssecConfigs
request, omit this value.
For the second and subsequent requests, get the value of NextToken
from the previous response and specify that value \n\t\t\tfor NextToken
in the request.
An optional specification to return a subset of objects.
" } } } }, "com.amazonaws.route53resolver#ListResolverDnssecConfigsResponse": { "type": "structure", "members": { "NextToken": { "target": "com.amazonaws.route53resolver#NextToken", "traits": { "smithy.api#documentation": "If a response includes the last of the DNSSEC configurations that are associated with the current AWS account, \n\t\t\tNextToken
doesn't appear in the response.
If a response doesn't include the last of the configurations, you can get more configurations by submitting another \n\t\t\tListResolverDnssecConfigs \n\t\t\trequest. Get the value of NextToken
that Amazon Route 53 returned in the previous response and include it in \n\t\t\tNextToken
in the next request.
An array that contains one \n\t\t\tResolverDnssecConfig element \n\t\t\tfor each configuration for DNSSEC validation that is associated with the current AWS account.
" } } } }, "com.amazonaws.route53resolver#ListResolverEndpointIpAddresses": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListResolverEndpointIpAddressesRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListResolverEndpointIpAddressesResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidNextTokenException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Gets the IP addresses for a specified Resolver endpoint.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverEndpointIpAddressesRequest": { "type": "structure", "members": { "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint that you want to get IP addresses for.
", "smithy.api#required": {} } }, "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of IP addresses that you want to return in the response to a ListResolverEndpointIpAddresses
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 IP addresses.
For the first ListResolverEndpointIpAddresses
request, omit this value.
If the specified Resolver endpoint has more than MaxResults
IP addresses, you can submit another \n\t\t\tListResolverEndpointIpAddresses
request to get the next group of IP addresses. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
If the specified endpoint has more than MaxResults
IP addresses, you can submit another \n\t\t\tListResolverEndpointIpAddresses
request to get the next group of IP addresses. In the next request, \n\t\t\tspecify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
Information about the IP addresses in your VPC that DNS queries originate from (for outbound endpoints) or that you forward \n\t\t\tDNS queries to (for inbound endpoints).
" } } } }, "com.amazonaws.route53resolver#ListResolverEndpoints": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListResolverEndpointsRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListResolverEndpointsResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidNextTokenException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Lists all the Resolver endpoints that were created using the current AWS account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverEndpointsRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of Resolver endpoints that you want to return in the response to a ListResolverEndpoints
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 Resolver endpoints.
For the first ListResolverEndpoints
request, omit this value.
If you have more than MaxResults
Resolver endpoints, you can submit another ListResolverEndpoints
request \n\t\t\tto get the next group of Resolver endpoints. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of Resolver endpoints, such as all inbound Resolver endpoints.
\n\t\tIf you submit a second or subsequent ListResolverEndpoints
request and specify the NextToken
parameter, \n\t\t\tyou must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
IP addresses match the specified criteria, you can submit another ListResolverEndpoint
request \n\t\t\tto get the next group of results. In the next request, specify the value of NextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The Resolver endpoints that were created by using the current AWS account, and that match the specified filters, if any.
" } } } }, "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociations": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociationsRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociationsResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Lists information about associations between Amazon VPCs and query logging configurations.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociationsRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#documentation": "The maximum number of query logging associations that you want to return in the response to a ListResolverQueryLogConfigAssociations
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 query logging associations.
For the first ListResolverQueryLogConfigAssociations
request, omit this value.
If there are more than MaxResults
query logging associations that match the values that you specify for Filters
, \n\t\t\tyou can submit another ListResolverQueryLogConfigAssociations
request to get the next group of associations. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
An optional specification to return a subset of query logging associations.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigAssociations
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same values for Filters
, if any, as in the previous request.
The element that you want Resolver to sort query logging associations by.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigAssociations
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same value for SortBy
, if any, as in the previous request.
Valid values include the following elements:
\n\t\t\n CreationTime
: The ID of the query logging association.
\n Error
: If the value of Status
is FAILED
, the value of Error
\n\t\t\t\tindicates the cause:
\n DESTINATION_NOT_FOUND
: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED
: Permissions don't allow sending logs to the destination.
If Status
is a value other than FAILED
, ERROR
is null.
\n Id
: The ID of the query logging association
\n ResolverQueryLogConfigId
: The ID of the query logging configuration
\n ResourceId
: The ID of the VPC that is associated with the query logging configuration
\n Status
: The current status of the configuration. Valid values include the following:
\n CREATING
: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED
: The association between an Amazon VPC and a query logging configuration \n\t\t\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING
: Resolver is deleting this query logging association.
\n FAILED
: Resolver either couldn't create or couldn't delete the query logging association. \n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nIf you specified a value for SortBy
, the order that you want query logging associations to be listed in, \n\t\t\tASCENDING
or DESCENDING
.
If you submit a second or subsequent ListResolverQueryLogConfigAssociations
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same value for SortOrder
, if any, as in the previous request.
If there are more than MaxResults
query logging associations, you can submit another ListResolverQueryLogConfigAssociations
request \n\t\t\tto get the next group of associations. In the next request, specify the value of NextToken
from the previous response.
The total number of query logging associations that were created by the current account in the specified Region. This count can differ from the \n\t\t\tnumber of associations that are returned in a ListResolverQueryLogConfigAssociations
response, depending on the values that you specify \n\t\t\tin the request.
The total number of query logging associations that were created by the current account in the specified Region and that match the filters \n\t\t\tthat were specified in the ListResolverQueryLogConfigAssociations
request. For the total number of associations that were created by the \n\t\t\tcurrent account in the specified Region, see TotalCount
.
A list that contains one ResolverQueryLogConfigAssociations
element for each query logging association that matches the \n\t\t\tvalues that you specified for Filter
.
Lists information about the specified query logging configurations. Each configuration defines where you want Resolver to save \n\t\t\tDNS query logs and specifies the VPCs that you want to log queries for.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverQueryLogConfigsRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of query logging configurations that you want to return in the response to a ListResolverQueryLogConfigs
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 query logging configurations.
For the first ListResolverQueryLogConfigs
request, omit this value.
If there are more than MaxResults
query logging configurations that match the values that you specify for Filters
, \n\t\t\tyou can submit another ListResolverQueryLogConfigs
request to get the next group of configurations. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
An optional specification to return a subset of query logging configurations.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigs
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same values for Filters
, if any, as in the previous request.
The element that you want Resolver to sort query logging configurations by.
\n\t\tIf you submit a second or subsequent ListResolverQueryLogConfigs
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same value for SortBy
, if any, as in the previous request.
Valid values include the following elements:
\n\t\t\n Arn
: The ARN of the query logging configuration
\n AssociationCount
: The number of VPCs that are associated with the specified configuration
\n CreationTime
: The date and time that Resolver returned when the configuration was created
\n CreatorRequestId
: The value that was specified for CreatorRequestId
when the configuration was created
\n DestinationArn
: The location that logs are sent to
\n Id
: The ID of the configuration
\n Name
: The name of the configuration
\n OwnerId
: The AWS account number of the account that created the configuration
\n ShareStatus
: Whether the configuration is shared with other AWS accounts or shared with the current account by \n\t\t\t\tanother AWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM).
\n Status
: The current status of the configuration. Valid values include the following:
\n CREATING
: Resolver is creating the query logging configuration.
\n CREATED
: The query logging configuration was successfully created. \n\t\t\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING
: Resolver is deleting this query logging configuration.
\n FAILED
: Resolver either couldn't create or couldn't delete the query logging configuration.\n\t\t\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nIf you specified a value for SortBy
, the order that you want query logging configurations to be listed in, \n\t\t\tASCENDING
or DESCENDING
.
If you submit a second or subsequent ListResolverQueryLogConfigs
request and specify the NextToken
parameter, \n\t\t\t\tyou must use the same value for SortOrder
, if any, as in the previous request.
If there are more than MaxResults
query logging configurations, you can submit another ListResolverQueryLogConfigs
request \n\t\t\tto get the next group of configurations. In the next request, specify the value of NextToken
from the previous response.
The total number of query logging configurations that were created by the current account in the specified Region. This count can differ from the \n\t\t\tnumber of query logging configurations that are returned in a ListResolverQueryLogConfigs
response, depending on the values that you specify \n\t\t\tin the request.
The total number of query logging configurations that were created by the current account in the specified Region and that match the filters \n\t\t\tthat were specified in the ListResolverQueryLogConfigs
request. For the total number of query logging configurations that were created by the \n\t\t\tcurrent account in the specified Region, see TotalCount
.
A list that contains one ResolverQueryLogConfig
element for each query logging configuration that matches the \n\t\t\tvalues that you specified for Filter
.
Lists the associations that were created between Resolver rules and VPCs using the current AWS account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverRuleAssociationsRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of rule associations that you want to return in the response to a ListResolverRuleAssociations
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 rule associations.
For the first ListResolverRuleAssociation
request, omit this value.
If you have more than MaxResults
rule associations, you can submit another ListResolverRuleAssociation
request \n\t\t\tto get the next group of rule associations. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of Resolver rules, such as Resolver rules that are associated with the same VPC ID.
\n\t\tIf you submit a second or subsequent ListResolverRuleAssociations
request and specify the NextToken
parameter, \n\t\t\tyou must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
rule associations match the specified criteria, you can submit another \n\t\t\tListResolverRuleAssociation
request to get the next group of results. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The associations that were created between Resolver rules and VPCs using the current AWS account, and that match the \n\t\t\tspecified filters, if any.
" } } } }, "com.amazonaws.route53resolver#ListResolverRules": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListResolverRulesRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListResolverRulesResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidNextTokenException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Lists the Resolver rules that were created using the current AWS account.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListResolverRulesRequest": { "type": "structure", "members": { "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of Resolver rules that you want to return in the response to a ListResolverRules
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 Resolver rules.
For the first ListResolverRules
request, omit this value.
If you have more than MaxResults
Resolver rules, you can submit another ListResolverRules
request \n\t\t\tto get the next group of Resolver rules. In the next request, specify the value of NextToken
from the previous response.
An optional specification to return a subset of Resolver rules, such as all Resolver rules that are associated with the same Resolver endpoint.
\n\t\tIf you submit a second or subsequent ListResolverRules
request and specify the NextToken
parameter, \n\t\t\tyou must use the same values for Filters
, if any, as in the previous request.
If more than MaxResults
Resolver rules match the specified criteria, you can submit another \n\t\t\tListResolverRules
request to get the next group of results. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
The value that you specified for MaxResults
in the request.
The Resolver rules that were created using the current AWS account and that match the specified filters, if any.
" } } } }, "com.amazonaws.route53resolver#ListTagsForResource": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#ListTagsForResourceRequest" }, "output": { "target": "com.amazonaws.route53resolver#ListTagsForResourceResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidNextTokenException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Lists the tags that you associated with the specified resource.
", "smithy.api#paginated": { "inputToken": "NextToken", "outputToken": "NextToken", "pageSize": "MaxResults" } } }, "com.amazonaws.route53resolver#ListTagsForResourceRequest": { "type": "structure", "members": { "ResourceArn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource that you want to list tags for.
", "smithy.api#required": {} } }, "MaxResults": { "target": "com.amazonaws.route53resolver#MaxResults", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The maximum number of tags that you want to return in the response to a ListTagsForResource
request. \n\t\t\tIf you don't specify a value for MaxResults
, Resolver returns up to 100 tags.
For the first ListTagsForResource
request, omit this value.
If you have more than MaxResults
tags, you can submit another ListTagsForResource
request \n\t\t\tto get the next group of tags for the resource. In the next request, specify the value of NextToken
from the previous response.
The tags that are associated with the resource that you specified in the ListTagsForResource
request.
If more than MaxResults
tags match the specified criteria, you can submit another \n\t\t\tListTagsForResource
request to get the next group of results. In the next request, specify the value of \n\t\t\tNextToken
from the previous response.
Attaches an AWS Identity and Access Management (AWS IAM) policy for sharing the rule group. You can use the policy to share the rule group using AWS Resource Access Manager (RAM).
" } }, "com.amazonaws.route53resolver#PutFirewallRuleGroupPolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN (Amazon Resource Name) for the rule group that you want to share.
", "smithy.api#required": {} } }, "FirewallRuleGroupPolicy": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupPolicy", "traits": { "smithy.api#documentation": "The AWS Identity and Access Management (AWS IAM) policy to attach to the rule group.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#PutFirewallRuleGroupPolicyResponse": { "type": "structure", "members": { "ReturnValue": { "target": "com.amazonaws.route53resolver#Boolean", "traits": { "smithy.api#documentation": "" } } } }, "com.amazonaws.route53resolver#PutResolverQueryLogConfigPolicy": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#PutResolverQueryLogConfigPolicyRequest" }, "output": { "target": "com.amazonaws.route53resolver#PutResolverQueryLogConfigPolicyResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidPolicyDocument" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#UnknownResourceException" } ], "traits": { "smithy.api#documentation": "Specifies an AWS account that you want to share a query logging configuration with, the query logging configuration that you want to share, \n\t\t\tand the operations that you want the account to be able to perform on the configuration.
" } }, "com.amazonaws.route53resolver#PutResolverQueryLogConfigPolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) of the account that you want to share rules with.
", "smithy.api#required": {} } }, "ResolverQueryLogConfigPolicy": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigPolicy", "traits": { "smithy.api#documentation": "An AWS Identity and Access Management policy statement that lists the query logging configurations that you want to share with another AWS account \n\t\t\tand the operations that you want the account to be able to perform. You can specify the following operations in the Actions
section \n\t\t\tof the statement:
\n route53resolver:AssociateResolverQueryLogConfig
\n
\n route53resolver:DisassociateResolverQueryLogConfig
\n
\n route53resolver:ListResolverQueryLogConfigAssociations
\n
\n route53resolver:ListResolverQueryLogConfigs
\n
In the Resource
section of the statement, you specify the ARNs for the query logging configurations that you want to share \n\t\t\twith the account that you specified in Arn
.
Whether the PutResolverQueryLogConfigPolicy
request was successful.
The response to a PutResolverQueryLogConfigPolicy
request.
Specifies an AWS rule that you want to share with another account, the account that you want to share the rule with, \n\t\t\tand the operations that you want the account to be able to perform on the rule.
" } }, "com.amazonaws.route53resolver#PutResolverRulePolicyRequest": { "type": "structure", "members": { "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) of the rule that you want to share with another account.
", "smithy.api#required": {} } }, "ResolverRulePolicy": { "target": "com.amazonaws.route53resolver#ResolverRulePolicy", "traits": { "smithy.api#documentation": "An AWS Identity and Access Management policy statement that lists the rules that you want to share with another AWS account and the operations that you want the account \n\t\t\tto be able to perform. You can specify the following operations in the Action
section of the statement:
\n route53resolver:GetResolverRule
\n
\n route53resolver:AssociateResolverRule
\n
\n route53resolver:DisassociateResolverRule
\n
\n route53resolver:ListResolverRules
\n
\n route53resolver:ListResolverRuleAssociations
\n
In the Resource
section of the statement, specify the ARN for the rule that you want to share with another account. Specify the same ARN \n\t\t\tthat you specified in Arn
.
Whether the PutResolverRulePolicy
request was successful.
The response to a PutResolverRulePolicy
request.
The ID for a configuration for DNSSEC validation.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "The owner account ID of the virtual private cloud (VPC) for a configuration for DNSSEC validation.
" } }, "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the virtual private cloud (VPC) that you're configuring the DNSSEC validation status for.
" } }, "ValidationStatus": { "target": "com.amazonaws.route53resolver#ResolverDNSSECValidationStatus", "traits": { "smithy.api#documentation": "The validation status for a DNSSEC configuration. The status can be one of the following:
\n\t\t\n ENABLING: DNSSEC validation is being enabled but is not complete.
\n\n ENABLED: DNSSEC validation is enabled.
\n\n DISABLING: DNSSEC validation is being disabled but is not complete.
\n\n DISABLED DNSSEC validation is disabled.
\nA complex type that contains information about a configuration for DNSSEC validation.
" } }, "com.amazonaws.route53resolver#ResolverDnssecConfigList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverDnssecConfig" } }, "com.amazonaws.route53resolver#ResolverEndpoint": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request that created the Resolver endpoint. The CreatorRequestId
allows failed requests \n\t\t\tto be retried without the risk of executing the operation twice.
The ARN (Amazon Resource Name) for the Resolver endpoint.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name that you assigned to the Resolver endpoint when you submitted a \n\t\t\tCreateResolverEndpoint \n\t\t\trequest.
" } }, "SecurityGroupIds": { "target": "com.amazonaws.route53resolver#SecurityGroupIds", "traits": { "smithy.api#documentation": "The ID of one or more security groups that control access to this VPC. The security group must include one or more inbound rules \n\t\t\t(for inbound endpoints) or outbound rules (for outbound endpoints). Inbound and outbound rules must allow TCP and UDP access. \n\t\t\tFor inbound access, open port 53. For outbound access, open the port that you're using for DNS queries on your network.
" } }, "Direction": { "target": "com.amazonaws.route53resolver#ResolverEndpointDirection", "traits": { "smithy.api#documentation": "Indicates whether the Resolver endpoint allows inbound or outbound DNS queries:
\n\t\t\n INBOUND
: allows DNS queries to your VPC from your network
\n OUTBOUND
: allows DNS queries from your VPC to your network
The number of IP addresses that the Resolver endpoint can use for DNS queries.
" } }, "HostVPCId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the VPC that you want to create the Resolver endpoint in.
" } }, "Status": { "target": "com.amazonaws.route53resolver#ResolverEndpointStatus", "traits": { "smithy.api#documentation": "A code that specifies the current status of the Resolver endpoint. Valid values include the following:
\n\t\t\n CREATING
: Resolver is creating and configuring one or more Amazon VPC network interfaces \n\t\t\t\tfor this endpoint.
\n OPERATIONAL
: The Amazon VPC network interfaces for this endpoint are correctly configured and \n\t\t\t\table to pass inbound or outbound DNS queries between your network and Resolver.
\n UPDATING
: Resolver is associating or disassociating one or more network interfaces \n\t\t\t\twith this endpoint.
\n AUTO_RECOVERING
: Resolver is trying to recover one or more of the network interfaces \n\t\t\t\tthat are associated with this endpoint. During the recovery process, the endpoint functions with limited capacity because of the \n\t\t\t\tlimit on the number of DNS queries per IP address (per network interface). For the current limit, see \n\t\t\t\tLimits on Route 53 Resolver.
\n ACTION_NEEDED
: This endpoint is unhealthy, and Resolver can't automatically recover it. \n\t\t\t\tTo resolve the problem, we recommend that you check each IP address that you associated with the endpoint. For each IP address \n\t\t\t\tthat isn't available, add another IP address and then delete the IP address that isn't available. (An endpoint must always include \n\t\t\t\tat least two IP addresses.) A status of ACTION_NEEDED
can have a variety of causes. Here are two common causes:
One or more of the network interfaces that are associated with the endpoint were deleted using Amazon VPC.
\nThe network interface couldn't be created for some reason that's outside the control of Resolver.
\n\n DELETING
: Resolver is deleting this endpoint and the associated network interfaces.
A detailed description of the status of the Resolver endpoint.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the endpoint was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the endpoint was last modified, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "In the response to a \n\t\t\tCreateResolverEndpoint, \n\t\t\tDeleteResolverEndpoint, \n\t\t\tGetResolverEndpoint, \n\t\t\tListResolverEndpoints, \n\t\t\tor \n\t\t\tUpdateResolverEndpoint \n\t\t\trequest, a complex type that contains settings for an existing inbound or outbound Resolver endpoint.
" } }, "com.amazonaws.route53resolver#ResolverEndpointDirection": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "INBOUND", "name": "Inbound" }, { "value": "OUTBOUND", "name": "Outbound" } ] } }, "com.amazonaws.route53resolver#ResolverEndpointStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "CREATING", "name": "Creating" }, { "value": "OPERATIONAL", "name": "Operational" }, { "value": "UPDATING", "name": "Updating" }, { "value": "AUTO_RECOVERING", "name": "AutoRecovering" }, { "value": "ACTION_NEEDED", "name": "ActionNeeded" }, { "value": "DELETING", "name": "Deleting" } ] } }, "com.amazonaws.route53resolver#ResolverEndpoints": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverEndpoint" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfig": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID for the query logging configuration.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "The AWS account ID for the account that created the query logging configuration.
" } }, "Status": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigStatus", "traits": { "smithy.api#documentation": "The status of the specified query logging configuration. Valid values include the following:
\n\t\t\n CREATING
: Resolver is creating the query logging configuration.
\n CREATED
: The query logging configuration was successfully created. \n\t\t\t\tResolver is logging queries that originate in the specified VPC.
\n DELETING
: Resolver is deleting this query logging configuration.
\n FAILED
: Resolver can't deliver logs to the location that is specified in the query logging configuration. \n\t\t\t\tHere are two common causes:
The specified destination (for example, an Amazon S3 bucket) was deleted.
\nPermissions don't allow sending logs to the destination.
\nAn indication of whether the query logging configuration is shared with other AWS accounts, or was shared with the current account by another \n\t\t\tAWS account. Sharing is configured through AWS Resource Access Manager (AWS RAM).
" } }, "AssociationCount": { "target": "com.amazonaws.route53resolver#Count", "traits": { "smithy.api#documentation": "The number of VPCs that are associated with the query logging configuration.
" } }, "Arn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The ARN for the query logging configuration.
" } }, "Name": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigName", "traits": { "smithy.api#documentation": "The name of the query logging configuration.
" } }, "DestinationArn": { "target": "com.amazonaws.route53resolver#DestinationArn", "traits": { "smithy.api#documentation": "The ARN of the resource that you want Resolver to send query logs: an Amazon S3 bucket, a CloudWatch Logs log group, or \n\t\t\ta Kinesis Data Firehose delivery stream.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that identifies the request that created the query logging configuration. The CreatorRequestId
allows failed requests \n\t\t\tto be retried without the risk of executing the operation twice.
The date and time that the query logging configuration was created, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "In the response to a \n\t\t\tCreateResolverQueryLogConfig, \n\t\t\tDeleteResolverQueryLogConfig, \n\t\t\tGetResolverQueryLogConfig, \n\t\t\tor \n\t\t\tListResolverQueryLogConfigs \n\t\t\trequest, a complex type that contains settings for one query logging configuration.
" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociation": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the query logging association.
" } }, "ResolverQueryLogConfigId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the query logging configuration that a VPC is associated with.
" } }, "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Amazon VPC that is associated with the query logging configuration.
" } }, "Status": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociationStatus", "traits": { "smithy.api#documentation": "The status of the specified query logging association. Valid values include the following:
\n\t\t\n CREATING
: Resolver is creating an association between an Amazon VPC and a query logging configuration.
\n CREATED
: The association between an Amazon VPC and a query logging configuration \n\t\t\t\twas successfully created. Resolver is logging queries that originate in the specified VPC.
\n DELETING
: Resolver is deleting this query logging association.
\n FAILED
: Resolver either couldn't create or couldn't delete the query logging association.
If the value of Status
is FAILED
, the value of Error
indicates the cause:
\n DESTINATION_NOT_FOUND
: The specified destination (for example, an Amazon S3 bucket) was deleted.
\n ACCESS_DENIED
: Permissions don't allow sending logs to the destination.
If the value of Status
is a value other than FAILED
, Error
is null.
Contains additional information about the error. If the value or Error
is null, the value of ErrorMessage
also is null.
The date and time that the VPC was associated with the query logging configuration, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "In the response to an \n\t\t\tAssociateResolverQueryLogConfig, \n\t\t\tDisassociateResolverQueryLogConfig, \n\t\t\tGetResolverQueryLogConfigAssociation, \n\t\t\tor \n\t\t\tListResolverQueryLogConfigAssociations,\n\t\t\trequest, a complex type that contains settings for a specified association between an Amazon VPC and a query logging configuration.
" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociationError": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "NONE", "name": "None" }, { "value": "DESTINATION_NOT_FOUND", "name": "DestinationNotFound" }, { "value": "ACCESS_DENIED", "name": "AccessDenied" }, { "value": "INTERNAL_SERVICE_ERROR", "name": "InternalServiceError" } ] } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociationErrorMessage": { "type": "string" }, "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociationList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociation" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigAssociationStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "CREATING", "name": "Creating" }, { "value": "ACTIVE", "name": "Active" }, { "value": "ACTION_NEEDED", "name": "ActionNeeded" }, { "value": "DELETING", "name": "Deleting" }, { "value": "FAILED", "name": "Failed" } ] } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverQueryLogConfig" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigName": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 64 }, "smithy.api#pattern": "(?!^[0-9]+$)([a-zA-Z0-9\\-_' ']+)" } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigPolicy": { "type": "string", "traits": { "smithy.api#length": { "min": 0, "max": 5000 } } }, "com.amazonaws.route53resolver#ResolverQueryLogConfigStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "CREATING", "name": "Creating" }, { "value": "CREATED", "name": "Created" }, { "value": "DELETING", "name": "Deleting" }, { "value": "FAILED", "name": "Failed" } ] } }, "com.amazonaws.route53resolver#ResolverRule": { "type": "structure", "members": { "Id": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID that Resolver assigned to the Resolver rule when you created it.
" } }, "CreatorRequestId": { "target": "com.amazonaws.route53resolver#CreatorRequestId", "traits": { "smithy.api#documentation": "A unique string that you specified when you created the Resolver rule. CreatorRequestId
identifies the request and \n\t\t\tallows failed requests to be retried without the risk of executing the operation twice.
The ARN (Amazon Resource Name) for the Resolver rule specified by Id
.
DNS queries for this domain name are forwarded to the IP addresses that are specified in TargetIps
. If a query matches \n\t\t\tmultiple Resolver rules (example.com and www.example.com), the query is routed using the Resolver rule that contains the most specific domain name \n\t\t\t(www.example.com).
A code that specifies the current status of the Resolver rule.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "A detailed description of the status of a Resolver rule.
" } }, "RuleType": { "target": "com.amazonaws.route53resolver#RuleTypeOption", "traits": { "smithy.api#documentation": "When you want to forward DNS queries for specified domain name to resolvers on your network, specify FORWARD
.
When you have a forwarding rule to forward DNS queries for a domain to your network and you want Resolver to process queries for \n\t\t\ta subdomain of that domain, specify SYSTEM
.
For example, to forward DNS queries for example.com to resolvers on your network, you create a rule and specify FORWARD
\n\t\t\tfor RuleType
. To then have Resolver process queries for apex.example.com, you create a rule and specify \n\t\t\tSYSTEM
for RuleType
.
Currently, only Resolver can create rules that have a value of RECURSIVE
for RuleType
.
The name for the Resolver rule, which you specified when you created the Resolver rule.
" } }, "TargetIps": { "target": "com.amazonaws.route53resolver#TargetList", "traits": { "smithy.api#documentation": "An array that contains the IP addresses and ports that an outbound endpoint forwards DNS queries to. Typically, \n\t\t\tthese are the IP addresses of DNS resolvers on your network. Specify IPv4 addresses. IPv6 is not supported.
" } }, "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the endpoint that the rule is associated with.
" } }, "OwnerId": { "target": "com.amazonaws.route53resolver#AccountId", "traits": { "smithy.api#documentation": "When a rule is shared with another AWS account, the account ID of the account that the rule is shared with.
" } }, "ShareStatus": { "target": "com.amazonaws.route53resolver#ShareStatus", "traits": { "smithy.api#documentation": "Whether the rules is shared and, if so, whether the current account is sharing the rule with another account, or \n\t\t\tanother account is sharing the rule with the current account.
" } }, "CreationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the Resolver rule was created, in Unix time format and Coordinated Universal Time (UTC).
" } }, "ModificationTime": { "target": "com.amazonaws.route53resolver#Rfc3339TimeString", "traits": { "smithy.api#documentation": "The date and time that the Resolver rule was last updated, in Unix time format and Coordinated Universal Time (UTC).
" } } }, "traits": { "smithy.api#documentation": "For queries that originate in your VPC, detailed information about a Resolver rule, which specifies how to route DNS queries \n\t\t\tout of the VPC. The ResolverRule
parameter appears in the response to a \n\t\t\tCreateResolverRule, \n\t\t\tDeleteResolverRule, \n\t\t\tGetResolverRule, \n\t\t\tListResolverRules, \n\t\t\tor \n\t\t\tUpdateResolverRule request.
The ID of the association between a Resolver rule and a VPC. Resolver assigns this value when you submit an \n\t\t\tAssociateResolverRule \n\t\t\trequest.
" } }, "ResolverRuleId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver rule that you associated with the VPC that is specified by VPCId
.
The name of an association between a Resolver rule and a VPC.
" } }, "VPCId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the VPC that you associated the Resolver rule with.
" } }, "Status": { "target": "com.amazonaws.route53resolver#ResolverRuleAssociationStatus", "traits": { "smithy.api#documentation": "A code that specifies the current status of the association between a Resolver rule and a VPC.
" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "A detailed description of the status of the association between a Resolver rule and a VPC.
" } } }, "traits": { "smithy.api#documentation": "In the response to an \n\t\t\tAssociateResolverRule, \n\t\t\tDisassociateResolverRule, \n\t\t\tor \n\t\t\tListResolverRuleAssociations \n\t\t\trequest, provides information about an association between a Resolver rule and a VPC. \n\t\t\tThe association determines which DNS queries that originate in the VPC are forwarded to your network.
" } }, "com.amazonaws.route53resolver#ResolverRuleAssociationStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "CREATING", "name": "Creating" }, { "value": "COMPLETE", "name": "Complete" }, { "value": "DELETING", "name": "Deleting" }, { "value": "FAILED", "name": "Failed" }, { "value": "OVERRIDDEN", "name": "Overridden" } ] } }, "com.amazonaws.route53resolver#ResolverRuleAssociations": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverRuleAssociation" } }, "com.amazonaws.route53resolver#ResolverRuleConfig": { "type": "structure", "members": { "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The new name for the Resolver rule. The name that you specify appears in the Resolver dashboard in the Route 53 console.
" } }, "TargetIps": { "target": "com.amazonaws.route53resolver#TargetList", "traits": { "smithy.api#documentation": "For DNS queries that originate in your VPC, the new IP addresses that you want to route outbound DNS queries to.
" } }, "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the new outbound Resolver endpoint that you want to use to route DNS queries to the IP addresses that you specify in \n\t\t\tTargetIps
.
In an \n\t\t\tUpdateResolverRule\n\t\t\trequest, information about the changes that you want to make.
" } }, "com.amazonaws.route53resolver#ResolverRulePolicy": { "type": "string", "traits": { "smithy.api#length": { "min": 0, "max": 5000 } } }, "com.amazonaws.route53resolver#ResolverRuleStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "COMPLETE", "name": "Complete" }, { "value": "DELETING", "name": "Deleting" }, { "value": "UPDATING", "name": "Updating" }, { "value": "FAILED", "name": "Failed" } ] } }, "com.amazonaws.route53resolver#ResolverRules": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResolverRule" } }, "com.amazonaws.route53resolver#ResourceExistsException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" }, "ResourceType": { "target": "com.amazonaws.route53resolver#String", "traits": { "smithy.api#documentation": "For a ResourceExistsException
error, the type of resource that the error applies to.
The resource that you tried to create already exists.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#ResourceId": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 64 } } }, "com.amazonaws.route53resolver#ResourceInUseException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" }, "ResourceType": { "target": "com.amazonaws.route53resolver#String", "traits": { "smithy.api#documentation": "For a ResourceInUseException
error, the type of resource that is currently in use.
The resource that you tried to update or delete is currently in use.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#ResourceNotFoundException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" }, "ResourceType": { "target": "com.amazonaws.route53resolver#String", "traits": { "smithy.api#documentation": "For a ResourceNotFoundException
error, the type of resource that doesn't exist.
The specified resource doesn't exist.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#ResourceUnavailableException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#String" }, "ResourceType": { "target": "com.amazonaws.route53resolver#String", "traits": { "smithy.api#documentation": "For a ResourceUnavailableException
error, the type of resource that isn't available.
The specified resource isn't available.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#Rfc3339TimeString": { "type": "string", "traits": { "smithy.api#length": { "min": 20, "max": 40 } } }, "com.amazonaws.route53resolver#Route53Resolver": { "type": "service", "version": "2018-04-01", "operations": [ { "target": "com.amazonaws.route53resolver#AssociateFirewallRuleGroup" }, { "target": "com.amazonaws.route53resolver#AssociateResolverEndpointIpAddress" }, { "target": "com.amazonaws.route53resolver#AssociateResolverQueryLogConfig" }, { "target": "com.amazonaws.route53resolver#AssociateResolverRule" }, { "target": "com.amazonaws.route53resolver#CreateFirewallDomainList" }, { "target": "com.amazonaws.route53resolver#CreateFirewallRule" }, { "target": "com.amazonaws.route53resolver#CreateFirewallRuleGroup" }, { "target": "com.amazonaws.route53resolver#CreateResolverEndpoint" }, { "target": "com.amazonaws.route53resolver#CreateResolverQueryLogConfig" }, { "target": "com.amazonaws.route53resolver#CreateResolverRule" }, { "target": "com.amazonaws.route53resolver#DeleteFirewallDomainList" }, { "target": "com.amazonaws.route53resolver#DeleteFirewallRule" }, { "target": "com.amazonaws.route53resolver#DeleteFirewallRuleGroup" }, { "target": "com.amazonaws.route53resolver#DeleteResolverEndpoint" }, { "target": "com.amazonaws.route53resolver#DeleteResolverQueryLogConfig" }, { "target": "com.amazonaws.route53resolver#DeleteResolverRule" }, { "target": "com.amazonaws.route53resolver#DisassociateFirewallRuleGroup" }, { "target": "com.amazonaws.route53resolver#DisassociateResolverEndpointIpAddress" }, { "target": "com.amazonaws.route53resolver#DisassociateResolverQueryLogConfig" }, { "target": "com.amazonaws.route53resolver#DisassociateResolverRule" }, { "target": "com.amazonaws.route53resolver#GetFirewallConfig" }, { "target": "com.amazonaws.route53resolver#GetFirewallDomainList" }, { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroup" }, { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupAssociation" }, { "target": "com.amazonaws.route53resolver#GetFirewallRuleGroupPolicy" }, { "target": "com.amazonaws.route53resolver#GetResolverDnssecConfig" }, { "target": "com.amazonaws.route53resolver#GetResolverEndpoint" }, { "target": "com.amazonaws.route53resolver#GetResolverQueryLogConfig" }, { "target": "com.amazonaws.route53resolver#GetResolverQueryLogConfigAssociation" }, { "target": "com.amazonaws.route53resolver#GetResolverQueryLogConfigPolicy" }, { "target": "com.amazonaws.route53resolver#GetResolverRule" }, { "target": "com.amazonaws.route53resolver#GetResolverRuleAssociation" }, { "target": "com.amazonaws.route53resolver#GetResolverRulePolicy" }, { "target": "com.amazonaws.route53resolver#ImportFirewallDomains" }, { "target": "com.amazonaws.route53resolver#ListFirewallConfigs" }, { "target": "com.amazonaws.route53resolver#ListFirewallDomainLists" }, { "target": "com.amazonaws.route53resolver#ListFirewallDomains" }, { "target": "com.amazonaws.route53resolver#ListFirewallRuleGroupAssociations" }, { "target": "com.amazonaws.route53resolver#ListFirewallRuleGroups" }, { "target": "com.amazonaws.route53resolver#ListFirewallRules" }, { "target": "com.amazonaws.route53resolver#ListResolverDnssecConfigs" }, { "target": "com.amazonaws.route53resolver#ListResolverEndpointIpAddresses" }, { "target": "com.amazonaws.route53resolver#ListResolverEndpoints" }, { "target": "com.amazonaws.route53resolver#ListResolverQueryLogConfigAssociations" }, { "target": "com.amazonaws.route53resolver#ListResolverQueryLogConfigs" }, { "target": "com.amazonaws.route53resolver#ListResolverRuleAssociations" }, { "target": "com.amazonaws.route53resolver#ListResolverRules" }, { "target": "com.amazonaws.route53resolver#ListTagsForResource" }, { "target": "com.amazonaws.route53resolver#PutFirewallRuleGroupPolicy" }, { "target": "com.amazonaws.route53resolver#PutResolverQueryLogConfigPolicy" }, { "target": "com.amazonaws.route53resolver#PutResolverRulePolicy" }, { "target": "com.amazonaws.route53resolver#TagResource" }, { "target": "com.amazonaws.route53resolver#UntagResource" }, { "target": "com.amazonaws.route53resolver#UpdateFirewallConfig" }, { "target": "com.amazonaws.route53resolver#UpdateFirewallDomains" }, { "target": "com.amazonaws.route53resolver#UpdateFirewallRule" }, { "target": "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociation" }, { "target": "com.amazonaws.route53resolver#UpdateResolverDnssecConfig" }, { "target": "com.amazonaws.route53resolver#UpdateResolverEndpoint" }, { "target": "com.amazonaws.route53resolver#UpdateResolverRule" } ], "traits": { "aws.api#service": { "sdkId": "Route53Resolver", "arnNamespace": "route53resolver", "cloudFormationName": "Route53Resolver", "cloudTrailEventSource": "route53resolver.amazonaws.com", "endpointPrefix": "route53resolver" }, "aws.auth#sigv4": { "name": "route53resolver" }, "aws.protocols#awsJson1_1": {}, "smithy.api#documentation": "When you create a VPC using Amazon VPC, you automatically get DNS resolution within the VPC from Route 53 Resolver. \n\t\t\tBy default, Resolver answers DNS queries for VPC domain names such as domain names for EC2 instances or ELB load balancers. \n\t\t\tResolver performs recursive lookups against public name servers for all other domain names.
\n\n\t\tYou can also configure DNS resolution between your VPC and your network over a Direct Connect or VPN connection:
\n\n\t\t\n Forward DNS queries from resolvers on your network to Route 53 Resolver\n
\n\n\t\tDNS resolvers on your network can forward DNS queries to Resolver in a specified VPC. This allows your DNS resolvers \n\t\t\tto easily resolve domain names for AWS resources such as EC2 instances or records in a Route 53 private hosted zone. \n\t\t\tFor more information, see \n\t\t\tHow DNS Resolvers \n\t\t\ton Your Network Forward DNS Queries to Route 53 Resolver in the Amazon Route 53 Developer Guide.
\n\t\t\n\t\t\n Conditionally forward queries from a VPC to resolvers on your network\n
\n\n\t\tYou can configure Resolver to forward queries that it receives from EC2 instances in your VPCs to DNS resolvers on your network. \n\t\t\tTo forward selected queries, you create Resolver rules that specify the domain names for the DNS queries that you want to forward \n\t\t\t(such as example.com), and the IP addresses of the DNS resolvers on your network that you want to forward the queries to. \n\t\t\tIf a query matches multiple rules (example.com, acme.example.com), Resolver chooses the rule with the most specific match \n\t\t\t(acme.example.com) and forwards the query to the IP addresses that you specified in that rule. For more information, see \n\t\t\tHow Route 53 Resolver \n\t\t\tForwards DNS Queries from Your VPCs to Your Network in the Amazon Route 53 Developer Guide.
\n\n\t\tLike Amazon VPC, Resolver is regional. In each region where you have VPCs, you can choose whether to forward queries from your VPCs \n\t\t\tto your network (outbound queries), from your network to your VPCs (inbound queries), or both.
", "smithy.api#title": "Amazon Route 53 Resolver" } }, "com.amazonaws.route53resolver#RuleTypeOption": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "FORWARD", "name": "Forward" }, { "value": "SYSTEM", "name": "System" }, { "value": "RECURSIVE", "name": "Recursive" } ] } }, "com.amazonaws.route53resolver#SecurityGroupIds": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#ResourceId" } }, "com.amazonaws.route53resolver#ServicePrinciple": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 512 } } }, "com.amazonaws.route53resolver#ShareStatus": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "NOT_SHARED", "name": "NotShared" }, { "value": "SHARED_WITH_ME", "name": "SharedWithMe" }, { "value": "SHARED_BY_ME", "name": "SharedByMe" } ] } }, "com.amazonaws.route53resolver#SortByKey": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 64 } } }, "com.amazonaws.route53resolver#SortOrder": { "type": "string", "traits": { "smithy.api#enum": [ { "value": "ASCENDING", "name": "Ascending" }, { "value": "DESCENDING", "name": "Descending" } ] } }, "com.amazonaws.route53resolver#StatusMessage": { "type": "string", "traits": { "smithy.api#length": { "min": 0, "max": 255 } } }, "com.amazonaws.route53resolver#String": { "type": "string" }, "com.amazonaws.route53resolver#SubnetId": { "type": "string", "traits": { "smithy.api#length": { "min": 1, "max": 32 } } }, "com.amazonaws.route53resolver#Tag": { "type": "structure", "members": { "Key": { "target": "com.amazonaws.route53resolver#TagKey", "traits": { "smithy.api#documentation": "The name for the tag. For example, if you want to associate Resolver resources with the account IDs of your customers for billing purposes, \n\t\t\tthe value of Key
might be account-id
.
The value for the tag. For example, if Key
is account-id
, then Value
might be the ID of the \n\t\t\tcustomer account that you're creating the resource for.
One tag that you want to add to the specified resource. A tag consists of a Key
(a name for the tag) and a Value
.
Adds one or more tags to a specified resource.
" } }, "com.amazonaws.route53resolver#TagResourceRequest": { "type": "structure", "members": { "ResourceArn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource that you want to add tags to. To get the ARN for a resource, use the applicable \n\t\t\tGet
or List
command:
\n GetResolverEndpoint\n
\n\t\t\t\t\n GetResolverRule\n
\n\t\t\t\t\n ListResolverRules\n
\n\t\t\t\tThe tags that you want to add to the specified resource.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#TagResourceResponse": { "type": "structure", "members": {} }, "com.amazonaws.route53resolver#TagValue": { "type": "string", "traits": { "smithy.api#length": { "min": 0, "max": 256 } } }, "com.amazonaws.route53resolver#TargetAddress": { "type": "structure", "members": { "Ip": { "target": "com.amazonaws.route53resolver#Ip", "traits": { "smithy.api#documentation": "One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses.
", "smithy.api#required": {} } }, "Port": { "target": "com.amazonaws.route53resolver#Port", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The port at Ip
that you want to forward DNS queries to.
In a \n\t\t\tCreateResolverRule\n\t\t\trequest, an array of the IPs that you want to forward DNS queries to.
" } }, "com.amazonaws.route53resolver#TargetList": { "type": "list", "member": { "target": "com.amazonaws.route53resolver#TargetAddress" }, "traits": { "smithy.api#length": { "min": 1 } } }, "com.amazonaws.route53resolver#ThrottlingException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "The request was throttled. Try again in a few minutes.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#UnknownResourceException": { "type": "structure", "members": { "Message": { "target": "com.amazonaws.route53resolver#ExceptionMessage" } }, "traits": { "smithy.api#documentation": "The specified resource doesn't exist.
", "smithy.api#error": "client" } }, "com.amazonaws.route53resolver#Unsigned": { "type": "integer", "traits": { "smithy.api#box": {} } }, "com.amazonaws.route53resolver#UntagResource": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UntagResourceRequest" }, "output": { "target": "com.amazonaws.route53resolver#UntagResourceResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Removes one or more tags from a specified resource.
" } }, "com.amazonaws.route53resolver#UntagResourceRequest": { "type": "structure", "members": { "ResourceArn": { "target": "com.amazonaws.route53resolver#Arn", "traits": { "smithy.api#documentation": "The Amazon Resource Name (ARN) for the resource that you want to remove tags from. To get the ARN for a resource, use the applicable \n\t\t\tGet
or List
command:
\n GetResolverEndpoint\n
\n\t\t\t\t\n GetResolverRule\n
\n\t\t\t\t\n ListResolverRules\n
\n\t\t\t\tThe tags that you want to remove to the specified resource.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#UntagResourceResponse": { "type": "structure", "members": {} }, "com.amazonaws.route53resolver#UpdateFirewallConfig": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateFirewallConfigRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateFirewallConfigResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Updates the configuration of the firewall behavior provided by DNS Firewall for a single Amazon virtual private cloud (VPC).
" } }, "com.amazonaws.route53resolver#UpdateFirewallConfigRequest": { "type": "structure", "members": { "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Amazon virtual private cloud (VPC) that the configuration is for.
", "smithy.api#required": {} } }, "FirewallFailOpen": { "target": "com.amazonaws.route53resolver#FirewallFailOpenStatus", "traits": { "smithy.api#documentation": "Determines how Route 53 Resolver handles queries during failures, for example when all traffic that is sent to DNS Firewall fails to receive a reply.
\nBy default, fail open is disabled, which means the failure mode is closed. This approach favors security over availability. \n DNS Firewall blocks queries that it is unable to evaluate properly.
\nIf you enable this option, the failure mode is open. This approach favors availability over security. DNS Firewall allows queries to proceed if it \n is unable to properly evaluate them.
\nThis behavior is only enforced for VPCs that have at least one DNS Firewall rule group association.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#UpdateFirewallConfigResponse": { "type": "structure", "members": { "FirewallConfig": { "target": "com.amazonaws.route53resolver#FirewallConfig", "traits": { "smithy.api#documentation": "Configuration of the firewall behavior provided by DNS Firewall for a single Amazon virtual private cloud (VPC).
" } } } }, "com.amazonaws.route53resolver#UpdateFirewallDomains": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateFirewallDomainsRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateFirewallDomainsResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#ConflictException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#LimitExceededException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Updates the firewall domain list from an array of domain specifications.
" } }, "com.amazonaws.route53resolver#UpdateFirewallDomainsRequest": { "type": "structure", "members": { "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list whose domains you want to update.
", "smithy.api#required": {} } }, "Operation": { "target": "com.amazonaws.route53resolver#FirewallDomainUpdateOperation", "traits": { "smithy.api#documentation": "What you want DNS Firewall to do with the domains that you are providing:
\n\n ADD
- Add the domains to the ones that are already in the domain list.
\n REMOVE
- Search the domain list for the domains and remove them from the list.
\n REPLACE
- Update the domain list to exactly match the list that you are providing.
A list of domains to use in the update operation.
\nEach domain specification in your domain list must satisfy the following\n\trequirements:
\nIt can optionally start with *
(asterisk).
With the exception of the optional starting asterisk, it must only contain\n \t the following characters: A-Z
, a-z
,\n \t 0-9
, -
(hyphen).
It must be from 1-255 characters in length.
\n \tThe Id of the firewall domain list that DNS Firewall just updated.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the domain list.
" } }, "Status": { "target": "com.amazonaws.route53resolver#FirewallDomainListStatus", "traits": { "smithy.api#documentation": "" } }, "StatusMessage": { "target": "com.amazonaws.route53resolver#StatusMessage", "traits": { "smithy.api#documentation": "
Additional information about the status of the list, if available.
" } } } }, "com.amazonaws.route53resolver#UpdateFirewallRule": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateFirewallRuleRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateFirewallRuleResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#ConflictException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Updates the specified firewall rule.
" } }, "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociation": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociationRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociationResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#ConflictException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" }, { "target": "com.amazonaws.route53resolver#ValidationException" } ], "traits": { "smithy.api#documentation": "Changes the association of a FirewallRuleGroup with a VPC. The association enables DNS filtering for the VPC.
" } }, "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociationRequest": { "type": "structure", "members": { "FirewallRuleGroupAssociationId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The identifier of the FirewallRuleGroupAssociation.
", "smithy.api#required": {} } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The setting that determines the processing order of the rule group among the rule groups that you associate with the specified VPC. DNS Firewall \n filters VPC traffic starting from rule group with the lowest numeric priority setting.
\nYou must specify a unique priority for each rule group that you associate with a single VPC. \n To make it easier to insert rule groups later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for a rule group association after you create it.
" } }, "MutationProtection": { "target": "com.amazonaws.route53resolver#MutationProtectionStatus", "traits": { "smithy.api#documentation": "If enabled, this setting disallows modification or removal of the association, to help prevent against accidentally altering DNS firewall protections.
" } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the rule group association.
" } } } }, "com.amazonaws.route53resolver#UpdateFirewallRuleGroupAssociationResponse": { "type": "structure", "members": { "FirewallRuleGroupAssociation": { "target": "com.amazonaws.route53resolver#FirewallRuleGroupAssociation", "traits": { "smithy.api#documentation": "The association that you just updated.
" } } } }, "com.amazonaws.route53resolver#UpdateFirewallRuleRequest": { "type": "structure", "members": { "FirewallRuleGroupId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The unique identifier of the firewall rule group for the rule.
", "smithy.api#required": {} } }, "FirewallDomainListId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the domain list to use in the rule.
", "smithy.api#required": {} } }, "Priority": { "target": "com.amazonaws.route53resolver#Priority", "traits": { "smithy.api#box": {}, "smithy.api#documentation": "The setting that determines the processing order of the rule in the rule group. DNS Firewall \n processes the rules in a rule group by order of priority, starting from the lowest setting.
\nYou must specify a unique priority for each rule in a rule group. \n To make it easier to insert rules later, leave space between the numbers, for example, use 100, 200, and so on. You \n can change the priority setting for the rules in a rule group at any time.
" } }, "Action": { "target": "com.amazonaws.route53resolver#Action", "traits": { "smithy.api#documentation": "The action that DNS Firewall should take on a DNS query when it matches one of the domains in the rule's domain list:
\n\n ALLOW
- Permit the request to go through.
\n ALERT
- Permit the request to go through but send an alert to the logs.
\n BLOCK
- Disallow the request. This option requires additional details in the rule's BlockResponse
.
The way that you want DNS Firewall to block the request. Used for the rule action setting BLOCK
.
\n NODATA
- Respond indicating that the query was successful, but no response is available for it.
\n NXDOMAIN
- Respond indicating that the domain name that's in the query doesn't exist.
\n OVERRIDE
- Provide a custom override in the response. This option requires custom handling details in the rule's BlockOverride*
settings.
The custom DNS record to send back in response to the query. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
The DNS record's type. This determines the format of the record value that you provided in BlockOverrideDomain
. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
The recommended amount of time, in seconds, for the DNS resolver or web browser to cache the provided override record. Used for the rule action BLOCK
with a BlockResponse
setting of OVERRIDE
.
The name of the rule.
" } } } }, "com.amazonaws.route53resolver#UpdateFirewallRuleResponse": { "type": "structure", "members": { "FirewallRule": { "target": "com.amazonaws.route53resolver#FirewallRule", "traits": { "smithy.api#documentation": "The firewall rule that you just updated.
" } } } }, "com.amazonaws.route53resolver#UpdateResolverDnssecConfig": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateResolverDnssecConfigRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateResolverDnssecConfigResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#AccessDeniedException" }, { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Updates an existing DNSSEC validation configuration. If there is no existing DNSSEC validation configuration, one is created.
" } }, "com.amazonaws.route53resolver#UpdateResolverDnssecConfigRequest": { "type": "structure", "members": { "ResourceId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the virtual private cloud (VPC) that you're updating the DNSSEC validation status for.
", "smithy.api#required": {} } }, "Validation": { "target": "com.amazonaws.route53resolver#Validation", "traits": { "smithy.api#documentation": "The new value that you are specifying for DNSSEC validation for the VPC. The value can be ENABLE
\n\t\t\tor DISABLE
. Be aware that it can take time for a validation status change to be completed.
A complex type that contains settings for the specified DNSSEC configuration.
" } } } }, "com.amazonaws.route53resolver#UpdateResolverEndpoint": { "type": "operation", "input": { "target": "com.amazonaws.route53resolver#UpdateResolverEndpointRequest" }, "output": { "target": "com.amazonaws.route53resolver#UpdateResolverEndpointResponse" }, "errors": [ { "target": "com.amazonaws.route53resolver#InternalServiceErrorException" }, { "target": "com.amazonaws.route53resolver#InvalidParameterException" }, { "target": "com.amazonaws.route53resolver#InvalidRequestException" }, { "target": "com.amazonaws.route53resolver#ResourceNotFoundException" }, { "target": "com.amazonaws.route53resolver#ThrottlingException" } ], "traits": { "smithy.api#documentation": "Updates the name of an inbound or an outbound Resolver endpoint.
" } }, "com.amazonaws.route53resolver#UpdateResolverEndpointRequest": { "type": "structure", "members": { "ResolverEndpointId": { "target": "com.amazonaws.route53resolver#ResourceId", "traits": { "smithy.api#documentation": "The ID of the Resolver endpoint that you want to update.
", "smithy.api#required": {} } }, "Name": { "target": "com.amazonaws.route53resolver#Name", "traits": { "smithy.api#documentation": "The name of the Resolver endpoint that you want to update.
" } } } }, "com.amazonaws.route53resolver#UpdateResolverEndpointResponse": { "type": "structure", "members": { "ResolverEndpoint": { "target": "com.amazonaws.route53resolver#ResolverEndpoint", "traits": { "smithy.api#documentation": "The response to an UpdateResolverEndpoint
request.
Updates settings for a specified Resolver rule. ResolverRuleId
is required, and all other parameters are optional. \n\t\t\tIf you don't specify a parameter, it retains its current value.
The ID of the Resolver rule that you want to update.
", "smithy.api#required": {} } }, "Config": { "target": "com.amazonaws.route53resolver#ResolverRuleConfig", "traits": { "smithy.api#documentation": "The new settings for the Resolver rule.
", "smithy.api#required": {} } } } }, "com.amazonaws.route53resolver#UpdateResolverRuleResponse": { "type": "structure", "members": { "ResolverRule": { "target": "com.amazonaws.route53resolver#ResolverRule", "traits": { "smithy.api#documentation": "The response to an UpdateResolverRule
request.