feat(client-ec2): The release includes AWS verified access to support FIPs compliance in North America regions

Author: awstools

clients/client-ec2/src/commands/AttachVerifiedAccessTrustProviderCommand.ts

@@ -110,6 +110,7 @@ export interface AttachVerifiedAccessTrustProviderCommandOutput
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     FipsEnabled: true || false,
  * //   },
  * // };
  *

clients/client-ec2/src/commands/CreateVerifiedAccessInstanceCommand.ts

@@ -62,6 +62,7 @@ export interface CreateVerifiedAccessInstanceCommandOutput
  *   ],
  *   ClientToken: "STRING_VALUE",
  *   DryRun: true || false,
+ *   FIPSEnabled: true || false,
  * };
  * const command = new CreateVerifiedAccessInstanceCommand(input);
  * const response = await client.send(command);
@@ -86,6 +87,7 @@ export interface CreateVerifiedAccessInstanceCommandOutput
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     FipsEnabled: true || false,
  * //   },
  * // };
  *

clients/client-ec2/src/commands/DeleteVerifiedAccessInstanceCommand.ts

@@ -74,6 +74,7 @@ export interface DeleteVerifiedAccessInstanceCommandOutput
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     FipsEnabled: true || false,
  * //   },
  * // };
  *

clients/client-ec2/src/commands/DescribeVerifiedAccessInstancesCommand.ts

@@ -89,6 +89,7 @@ export interface DescribeVerifiedAccessInstancesCommandOutput
  * //           Value: "STRING_VALUE",
  * //         },
  * //       ],
+ * //       FipsEnabled: true || false,
  * //     },
  * //   ],
  * //   NextToken: "STRING_VALUE",

clients/client-ec2/src/commands/DetachVerifiedAccessTrustProviderCommand.ts

@@ -110,6 +110,7 @@ export interface DetachVerifiedAccessTrustProviderCommandOutput
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     FipsEnabled: true || false,
  * //   },
  * // };
  *

clients/client-ec2/src/commands/ModifyVerifiedAccessInstanceCommand.ts

@@ -75,6 +75,7 @@ export interface ModifyVerifiedAccessInstanceCommandOutput
  * //         Value: "STRING_VALUE",
  * //       },
  * //     ],
+ * //     FipsEnabled: true || false,
  * //   },
  * // };
  *

clients/client-ec2/src/commands/RevokeSecurityGroupIngressCommand.ts

@@ -45,8 +45,12 @@ export interface RevokeSecurityGroupIngressCommandOutput extends RevokeSecurityG
  *            destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type
  *            and code. If the security group rule has a description, you do not need to specify the description
  *            to revoke the rule.</p>
- *          <p>For a default VPC, if the values you specify do not match the existing rule's values, no error is
- *            returned, and the output describes the security group rules that were not revoked.</p>
+ *          <p>For a default VPC, if the values you specify do not match the existing rule's values,
+ *             no error is returned, and the output describes the security group rules that were not
+ *             revoked.</p>
+ *          <p>For a non-default VPC, if the values you specify do not match the existing rule's
+ *             values, an <code>InvalidPermission.NotFound</code> client error is returned, and no
+ *             rules are revoked.</p>
  *          <p>Amazon Web Services recommends that you describe the security group to verify that the rules were removed.</p>
  *          <p>Rule changes are propagated to instances within the security group as quickly as possible.
  *          However, a small delay might occur.</p>

clients/client-ec2/src/models/models_0.ts

@@ -5707,6 +5707,14 @@ export interface VerifiedAccessInstance {
    * <p>The tags.</p>
    */
   Tags?: Tag[];
+
+  /**
+   * @public
+   * <p>
+   * 		  Describes if support for Federal Information Processing Standards (FIPS) is enabled on the instance.
+   * 	   </p>
+   */
+  FipsEnabled?: boolean;
 }
 
 /**

clients/client-ec2/src/models/models_2.ts

@@ -4528,6 +4528,14 @@ export interface CreateVerifiedAccessInstanceRequest {
    *    Otherwise, it is <code>UnauthorizedOperation</code>.</p>
    */
   DryRun?: boolean;
+
+  /**
+   * @public
+   * <p>
+   * 		   Choose to enable or disable support for Federal Information Processing Standards (FIPS) on the instance.
+   * 	   </p>
+   */
+  FIPSEnabled?: boolean;
 }
 
 /**

clients/client-ec2/src/protocols/Aws_ec2.ts

@@ -43166,6 +43166,9 @@ const se_CreateVerifiedAccessInstanceRequest = (
   if (input.DryRun != null) {
     entries["DryRun"] = input.DryRun;
   }
+  if (input.FIPSEnabled != null) {
+    entries["FIPSEnabled"] = input.FIPSEnabled;
+  }
   return entries;
 };
 
@@ -92607,6 +92610,9 @@ const de_VerifiedAccessInstance = (output: any, context: __SerdeContext): Verifi
   } else if (output["tagSet"] !== undefined && output["tagSet"]["item"] !== undefined) {
     contents.Tags = de_TagList(__getArrayIfSingleItem(output["tagSet"]["item"]), context);
   }
+  if (output["fipsEnabled"] !== undefined) {
+    contents.FipsEnabled = __parseBoolean(output["fipsEnabled"]);
+  }
   return contents;
 };
 

codegen/sdk-codegen/aws-models/ec2.json

@@ -14227,7 +14227,7 @@
       "type": "structure",
       "members": {
         "AvailabilityZone": {
-          "target": "com.amazonaws.ec2#String",
+          "target": "com.amazonaws.ec2#AvailabilityZoneName",
           "traits": {
             "smithy.api#clientOptional": {},
             "smithy.api#documentation": "<p>The Availability Zone in which to create the default subnet.</p>",
@@ -20176,6 +20176,14 @@
             "smithy.api#default": false,
             "smithy.api#documentation": "<p>Checks whether you have the required permissions for the action, without actually making the request, \n   and provides an error response. If you have the required permissions, the error response is <code>DryRunOperation</code>. \n   Otherwise, it is <code>UnauthorizedOperation</code>.</p>"
           }
+        },
+        "FIPSEnabled": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "smithy.api#clientOptional": {},
+            "smithy.api#default": false,
+            "smithy.api#documentation": "<p>\n\t\t   Choose to enable or disable support for Federal Information Processing Standards (FIPS) on the instance.\n\t   </p>"
+          }
         }
       },
       "traits": {
@@ -88861,7 +88869,7 @@
         "target": "com.amazonaws.ec2#RevokeSecurityGroupIngressResult"
       },
       "traits": {
-        "smithy.api#documentation": "<p>Removes the specified inbound (ingress) rules from a security group.</p>\n         <p>You can specify rules using either rule IDs or security group rule properties. If you use\n           rule properties, the values that you specify (for example, ports) must match the existing rule's \n           values exactly. Each rule has a protocol, from and to ports, and source (CIDR range, \n           security group, or prefix list). For the TCP and UDP protocols, you must also specify the \n           destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type \n           and code. If the security group rule has a description, you do not need to specify the description \n           to revoke the rule.</p>\n         <p>For a default VPC, if the values you specify do not match the existing rule's values, no error is\n           returned, and the output describes the security group rules that were not revoked.</p>\n         <p>Amazon Web Services recommends that you describe the security group to verify that the rules were removed.</p>\n         <p>Rule changes are propagated to instances within the security group as quickly as possible. \n         However, a small delay might occur.</p>"
+        "smithy.api#documentation": "<p>Removes the specified inbound (ingress) rules from a security group.</p>\n         <p>You can specify rules using either rule IDs or security group rule properties. If you use\n           rule properties, the values that you specify (for example, ports) must match the existing rule's \n           values exactly. Each rule has a protocol, from and to ports, and source (CIDR range, \n           security group, or prefix list). For the TCP and UDP protocols, you must also specify the \n           destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type \n           and code. If the security group rule has a description, you do not need to specify the description \n           to revoke the rule.</p>\n         <p>For a default VPC, if the values you specify do not match the existing rule's values,\n            no error is returned, and the output describes the security group rules that were not\n            revoked.</p>\n         <p>For a non-default VPC, if the values you specify do not match the existing rule's\n            values, an <code>InvalidPermission.NotFound</code> client error is returned, and no\n            rules are revoked.</p>\n         <p>Amazon Web Services recommends that you describe the security group to verify that the rules were removed.</p>\n         <p>Rule changes are propagated to instances within the security group as quickly as possible. \n         However, a small delay might occur.</p>"
       }
     },
     "com.amazonaws.ec2#RevokeSecurityGroupIngressRequest": {
@@ -101896,6 +101904,16 @@
             "smithy.api#documentation": "<p>The tags.</p>",
             "smithy.api#xmlName": "tagSet"
           }
+        },
+        "FipsEnabled": {
+          "target": "com.amazonaws.ec2#Boolean",
+          "traits": {
+            "aws.protocols#ec2QueryName": "FipsEnabled",
+            "smithy.api#clientOptional": {},
+            "smithy.api#default": false,
+            "smithy.api#documentation": "<p>\n\t\t  Describes if support for Federal Information Processing Standards (FIPS) is enabled on the instance.\n\t   </p>",
+            "smithy.api#xmlName": "fipsEnabled"
+          }
         }
       },
       "traits": {