feat(client-ec2): API changes to AWS Verified Access to include data …

…from trust providers in logs
aws · Jun 19, 2023 · 880a917 · 880a917
1 parent 947c8ba
commit 880a917
Show file tree

Hide file tree

Showing 7 changed files with 103,229 additions and 101,162 deletions.
diff --git a/clients/client-ec2/src/commands/DescribeAccountAttributesCommand.ts b/clients/client-ec2/src/commands/DescribeAccountAttributesCommand.ts
@@ -40,13 +40,7 @@ export interface DescribeAccountAttributesCommandOutput extends DescribeAccountA
  *          <ul>
  *             <li>
  *                <p>
- *                   <code>supported-platforms</code>: Indicates whether your account can launch instances
- *           into EC2-Classic and EC2-VPC, or only into EC2-VPC.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <code>default-vpc</code>: The ID of the default VPC for your account, or
- *             <code>none</code>.</p>
+ *                   <code>default-vpc</code>: The ID of the default VPC for your account, or <code>none</code>.</p>
  *             </li>
  *             <li>
  *                <p>
@@ -57,23 +51,22 @@ export interface DescribeAccountAttributesCommandOutput extends DescribeAccountA
  *             </li>
  *             <li>
  *                <p>
- *                   <code>vpc-max-security-groups-per-interface</code>: The maximum number of security groups
- *           that you can assign to a network interface.</p>
+ *                   <code>max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate.</p>
  *             </li>
  *             <li>
  *                <p>
- *                   <code>max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can
- *           allocate for use with EC2-Classic. </p>
+ *                   <code>supported-platforms</code>: This attribute is deprecated.</p>
  *             </li>
  *             <li>
  *                <p>
- *                   <code>vpc-max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can
- *           allocate for use with EC2-VPC.</p>
+ *                   <code>vpc-max-elastic-ips</code>: The maximum number of Elastic IP addresses that you can allocate.</p>
+ *             </li>
+ *             <li>
+ *                <p>
+ *                   <code>vpc-max-security-groups-per-interface</code>: The maximum number of security groups
+ *                   that you can assign to a network interface.</p>
  *             </li>
  *          </ul>
- *          <note>
- *             <p>We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate from EC2-Classic to a VPC. For more information, see <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html">Migrate from EC2-Classic to a VPC</a> in the <i>Amazon EC2 User Guide</i>.</p>
- *          </note>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

diff --git a/...nts/client-ec2/src/commands/DescribeVerifiedAccessInstanceLoggingConfigurationsCommand.ts b/...nts/client-ec2/src/commands/DescribeVerifiedAccessInstanceLoggingConfigurationsCommand.ts
@@ -99,6 +99,8 @@ export interface DescribeVerifiedAccessInstanceLoggingConfigurationsCommandOutpu
  * //           },
  * //           DeliveryStream: "STRING_VALUE",
  * //         },
+ * //         LogVersion: "STRING_VALUE",
+ * //         IncludeTrustContext: true || false,
  * //       },
  * //     },
  * //   ],

diff --git a/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts b/clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceLoggingConfigurationCommand.ts
@@ -69,6 +69,8 @@ export interface ModifyVerifiedAccessInstanceLoggingConfigurationCommandOutput
  *       Enabled: true || false, // required
  *       DeliveryStream: "STRING_VALUE",
  *     },
+ *     LogVersion: "STRING_VALUE",
+ *     IncludeTrustContext: true || false,
  *   },
  *   DryRun: true || false,
  *   ClientToken: "STRING_VALUE",
@@ -105,6 +107,8 @@ export interface ModifyVerifiedAccessInstanceLoggingConfigurationCommandOutput
  * //         },
  * //         DeliveryStream: "STRING_VALUE",
  * //       },
+ * //       LogVersion: "STRING_VALUE",
+ * //       IncludeTrustContext: true || false,
  * //     },
  * //   },
  * // };

diff --git a/clients/client-ec2/src/models/models_4.ts b/clients/client-ec2/src/models/models_4.ts
@@ -11125,7 +11125,7 @@ export interface VerifiedAccessLogS3Destination {
 
 /**
  * @public
- * <p>Describes the destinations for Verified Access logs.</p>
+ * <p>Describes the options for Verified Access logs.</p>
  */
 export interface VerifiedAccessLogs {
   /**
@@ -11142,6 +11142,20 @@ export interface VerifiedAccessLogs {
    * <p>Kinesis logging destination.</p>
    */
   KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestination;
+
+  /**
+   * <p>
+   *          Describes current setting for the logging version.
+   *       </p>
+   */
+  LogVersion?: string;
+
+  /**
+   * <p>
+   * 		   Describes current setting for including trust data into the logs.
+   * 	   </p>
+   */
+  IncludeTrustContext?: boolean;
 }
 
 /**

diff --git a/clients/client-ec2/src/models/models_6.ts b/clients/client-ec2/src/models/models_6.ts
@@ -3998,7 +3998,7 @@ export interface VerifiedAccessLogS3DestinationOptions {
 
 /**
  * @public
- * <p>Describes the destinations for Verified Access logs.</p>
+ * <p>Options for Verified Access logs.</p>
  */
 export interface VerifiedAccessLogOptions {
   /**
@@ -4015,6 +4015,22 @@ export interface VerifiedAccessLogOptions {
    * <p>Sends Verified Access logs to Kinesis.</p>
    */
   KinesisDataFirehose?: VerifiedAccessLogKinesisDataFirehoseDestinationOptions;
+
+  /**
+   * <p>
+   * 		   The logging version to use.
+   * 	   </p>
+   *          <p>Valid values: <code>ocsf-0.1</code> | <code>ocsf-1.0.0-rc.2</code>
+   *          </p>
+   */
+  LogVersion?: string;
+
+  /**
+   * <p>
+   * 		   Include trust data sent by trust providers into the logs.
+   * 	   </p>
+   */
+  IncludeTrustContext?: boolean;
 }
 
 /**

diff --git a/clients/client-ec2/src/protocols/Aws_ec2.ts b/clients/client-ec2/src/protocols/Aws_ec2.ts
@@ -64853,6 +64853,12 @@ const se_VerifiedAccessLogOptions = (input: VerifiedAccessLogOptions, context: _
       entries[loc] = value;
     });
   }
+  if (input.LogVersion != null) {
+    entries["LogVersion"] = input.LogVersion;
+  }
+  if (input.IncludeTrustContext != null) {
+    entries["IncludeTrustContext"] = input.IncludeTrustContext;
+  }
   return entries;
 };
 
@@ -92229,6 +92235,12 @@ const de_VerifiedAccessLogs = (output: any, context: __SerdeContext): VerifiedAc
       context
     );
   }
+  if (output["logVersion"] !== undefined) {
+    contents.LogVersion = __expectString(output["logVersion"]);
+  }
+  if (output["includeTrustContext"] !== undefined) {
+    contents.IncludeTrustContext = __parseBoolean(output["includeTrustContext"]);
+  }
   return contents;
 };
 
@@ -93523,7 +93535,7 @@ const parseBody = (streamBody: any, context: __SerdeContext): any =>
         ignoreDeclaration: true,
         parseTagValue: false,
         trimValues: false,
-        tagValueProcessor: (_, val) => (val.trim() === "" && val.includes("\n") ? "" : undefined),
+        tagValueProcessor: (_: any, val: any) => (val.trim() === "" && val.includes("\n") ? "" : undefined),
       });
       parser.addEntity("#xD", "\r");
       parser.addEntity("#10", "\n");