lib/aws-sdk-elasticloadbalancingv2/client.rb in aws-sdk-elasticloadbalancingv2-1.9.0 vs lib/aws-sdk-elasticloadbalancingv2/client.rb in aws-sdk-elasticloadbalancingv2-1.10.0

- old
+ new

@@ -288,19 +288,29 @@ # \[HTTPS listeners\] The security policy that defines which ciphers and # protocols are supported. The default is the current predefined # security policy. # # @option params [Array<Types::Certificate>] :certificates - # \[HTTPS listeners\] The SSL server certificate. You must provide - # exactly one certificate. + # \[HTTPS listeners\] The default SSL server certificate. You must + # provide exactly one certificate. To create a certificate list, use + # AddListenerCertificates. # # @option params [required, Array<Types::Action>] :default_actions - # The default action for the listener. For Application Load Balancers, - # the protocol of the specified target group must be HTTP or HTTPS. For - # Network Load Balancers, the protocol of the specified target group - # must be TCP. + # The actions for the default rule. The rule must include one forward + # action. # + # If the action type is `forward`, you can specify a single target + # group. The protocol of the target group must be HTTP or HTTPS for an + # Application Load Balancer or TCP for a Network Load Balancer. + # + # If the action type is `authenticate-oidc`, you can use an identity + # provider that is OpenID Connect (OIDC) compliant to authenticate users + # as they access your application. + # + # If the action type is `authenticate-cognito`, you can use Amazon + # Cognito to authenticate users as they access your application. + # # @return [Types::CreateListenerOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreateListenerOutput#listeners #listeners} => Array&lt;Types::Listener&gt; # # @@ -401,12 +411,40 @@ # is_default: false, # }, # ], # default_actions: [ # required # { - # type: "forward", # required, accepts forward - # target_group_arn: "TargetGroupArn", # required + # type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito + # target_group_arn: "TargetGroupArn", + # authenticate_oidc_config: { + # issuer: "AuthenticateOidcActionIssuer", # required + # authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required + # token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required + # user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required + # client_id: "AuthenticateOidcActionClientId", # required + # client_secret: "AuthenticateOidcActionClientSecret", # required + # session_cookie_name: "AuthenticateOidcActionSessionCookieName", + # scope: "AuthenticateOidcActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # authenticate_cognito_config: { + # user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required + # user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required + # user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required + # session_cookie_name: "AuthenticateCognitoActionSessionCookieName", + # scope: "AuthenticateCognitoActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # order: 1, # }, # ], # }) # # @example Response structure @@ -419,12 +457,34 @@ # resp.listeners[0].certificates #=> Array # resp.listeners[0].certificates[0].certificate_arn #=> String # resp.listeners[0].certificates[0].is_default #=> Boolean # resp.listeners[0].ssl_policy #=> String # resp.listeners[0].default_actions #=> Array - # resp.listeners[0].default_actions[0].type #=> String, one of "forward" + # resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.listeners[0].default_actions[0].target_group_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].order #=> Integer # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateListener AWS API Documentation # # @overload create_listener(params = {}) # @param [Hash] params ({}) @@ -677,14 +737,14 @@ # Creates a rule for the specified listener. The listener must be # associated with an Application Load Balancer. # # Rules are evaluated in priority order, from the lowest value to the - # highest value. When the condition for a rule is met, the specified - # action is taken. If no conditions are met, the action for the default - # rule is taken. For more information, see [Listener Rules][1] in the - # *Application Load Balancers Guide*. + # highest value. When the conditions for a rule are met, its actions are + # performed. If the conditions for no rules are met, the actions for the + # default rule are performed. For more information, see [Listener + # Rules][1] in the *Application Load Balancers Guide*. # # To view your current rules, use DescribeRules. To update a rule, use # ModifyRule. To set the priorities of your rules, use # SetRulePriorities. To delete a rule, use DeleteRule. # @@ -726,17 +786,26 @@ # * * (matches 0 or more characters) # # * ? (matches exactly 1 character) # # @option params [required, Integer] :priority - # The priority for the rule. A listener can't have multiple rules with - # the same priority. + # The rule priority. A listener can't have multiple rules with the same + # priority. # # @option params [required, Array<Types::Action>] :actions - # An action. Each action has the type `forward` and specifies a target + # The actions. Each rule must include one forward action. + # + # If the action type is `forward`, you can specify a single target # group. # + # If the action type is `authenticate-oidc`, you can use an identity + # provider that is OpenID Connect (OIDC) compliant to authenticate users + # as they access your application. + # + # If the action type is `authenticate-cognito`, you can use Amazon + # Cognito to authenticate users as they access your application. + # # @return [Types::CreateRuleOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::CreateRuleOutput#rules #rules} => Array&lt;Types::Rule&gt; # # @@ -800,12 +869,40 @@ # }, # ], # priority: 1, # required # actions: [ # required # { - # type: "forward", # required, accepts forward - # target_group_arn: "TargetGroupArn", # required + # type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito + # target_group_arn: "TargetGroupArn", + # authenticate_oidc_config: { + # issuer: "AuthenticateOidcActionIssuer", # required + # authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required + # token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required + # user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required + # client_id: "AuthenticateOidcActionClientId", # required + # client_secret: "AuthenticateOidcActionClientSecret", # required + # session_cookie_name: "AuthenticateOidcActionSessionCookieName", + # scope: "AuthenticateOidcActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # authenticate_cognito_config: { + # user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required + # user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required + # user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required + # session_cookie_name: "AuthenticateCognitoActionSessionCookieName", + # scope: "AuthenticateCognitoActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # order: 1, # }, # ], # }) # # @example Response structure @@ -816,12 +913,34 @@ # resp.rules[0].conditions #=> Array # resp.rules[0].conditions[0].field #=> String # resp.rules[0].conditions[0].values #=> Array # resp.rules[0].conditions[0].values[0] #=> String # resp.rules[0].actions #=> Array - # resp.rules[0].actions[0].type #=> String, one of "forward" + # resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.rules[0].actions[0].target_group_arn #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].order #=> Integer # resp.rules[0].is_default #=> Boolean # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/CreateRule AWS API Documentation # # @overload create_rule(params = {}) @@ -1370,12 +1489,34 @@ # resp.listeners[0].certificates #=> Array # resp.listeners[0].certificates[0].certificate_arn #=> String # resp.listeners[0].certificates[0].is_default #=> Boolean # resp.listeners[0].ssl_policy #=> String # resp.listeners[0].default_actions #=> Array - # resp.listeners[0].default_actions[0].type #=> String, one of "forward" + # resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.listeners[0].default_actions[0].target_group_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].order #=> Integer # resp.next_marker #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/DescribeListeners AWS API Documentation # # @overload describe_listeners(params = {}) @@ -1644,12 +1785,34 @@ # resp.rules[0].conditions #=> Array # resp.rules[0].conditions[0].field #=> String # resp.rules[0].conditions[0].values #=> Array # resp.rules[0].conditions[0].values[0] #=> String # resp.rules[0].actions #=> Array - # resp.rules[0].actions[0].type #=> String, one of "forward" + # resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.rules[0].actions[0].target_group_arn #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].order #=> Integer # resp.rules[0].is_default #=> Boolean # resp.next_marker #=> String # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/DescribeRules AWS API Documentation # @@ -2188,26 +2351,38 @@ # The protocol for connections from clients to the load balancer. # Application Load Balancers support HTTP and HTTPS and Network Load # Balancers support TCP. # # @option params [String] :ssl_policy - # The security policy that defines which protocols and ciphers are - # supported. For more information, see [Security Policies][1] in the - # *Application Load Balancers Guide*. + # \[HTTPS listeners\] The security policy that defines which protocols + # and ciphers are supported. For more information, see [Security + # Policies][1] in the *Application Load Balancers Guide*. # # # # [1]: http://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies # # @option params [Array<Types::Certificate>] :certificates - # The default SSL server certificate. + # \[HTTPS listeners\] The default SSL server certificate. You must + # provide exactly one certificate. To create a certificate list, use + # AddListenerCertificates. # # @option params [Array<Types::Action>] :default_actions - # The default action. For Application Load Balancers, the protocol of - # the specified target group must be HTTP or HTTPS. For Network Load - # Balancers, the protocol of the specified target group must be TCP. + # The actions for the default rule. The rule must include one forward + # action. # + # If the action type is `forward`, you can specify a single target + # group. The protocol of the target group must be HTTP or HTTPS for an + # Application Load Balancer or TCP for a Network Load Balancer. + # + # If the action type is `authenticate-oidc`, you can use an identity + # provider that is OpenID Connect (OIDC) compliant to authenticate users + # as they access your application. + # + # If the action type is `authenticate-cognito`, you can use Amazon + # Cognito to authenticate users as they access your application. + # # @return [Types::ModifyListenerOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ModifyListenerOutput#listeners #listeners} => Array&lt;Types::Listener&gt; # # @@ -2293,12 +2468,40 @@ # is_default: false, # }, # ], # default_actions: [ # { - # type: "forward", # required, accepts forward - # target_group_arn: "TargetGroupArn", # required + # type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito + # target_group_arn: "TargetGroupArn", + # authenticate_oidc_config: { + # issuer: "AuthenticateOidcActionIssuer", # required + # authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required + # token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required + # user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required + # client_id: "AuthenticateOidcActionClientId", # required + # client_secret: "AuthenticateOidcActionClientSecret", # required + # session_cookie_name: "AuthenticateOidcActionSessionCookieName", + # scope: "AuthenticateOidcActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # authenticate_cognito_config: { + # user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required + # user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required + # user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required + # session_cookie_name: "AuthenticateCognitoActionSessionCookieName", + # scope: "AuthenticateCognitoActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # order: 1, # }, # ], # }) # # @example Response structure @@ -2311,12 +2514,34 @@ # resp.listeners[0].certificates #=> Array # resp.listeners[0].certificates[0].certificate_arn #=> String # resp.listeners[0].certificates[0].is_default #=> Boolean # resp.listeners[0].ssl_policy #=> String # resp.listeners[0].default_actions #=> Array - # resp.listeners[0].default_actions[0].type #=> String, one of "forward" + # resp.listeners[0].default_actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.listeners[0].default_actions[0].target_group_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.issuer #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.client_secret #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.scope #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.listeners[0].default_actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.listeners[0].default_actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.listeners[0].default_actions[0].order #=> Integer # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyListener AWS API Documentation # # @overload modify_listener(params = {}) # @param [Hash] params ({}) @@ -2502,21 +2727,60 @@ # Modifies the specified rule. # # Any existing properties that you do not modify retain their current # values. # - # To modify the default action, use ModifyListener. + # To modify the actions for the default rule, use ModifyListener. # # @option params [required, String] :rule_arn # The Amazon Resource Name (ARN) of the rule. # # @option params [Array<Types::RuleCondition>] :conditions - # The conditions. + # The conditions. Each condition specifies a field name and a single + # value. # + # If the field name is `host-header`, you can specify a single host name + # (for example, my.example.com). A host name is case insensitive, can be + # up to 128 characters in length, and can contain any of the following + # characters. Note that you can include up to three wildcard characters. + # + # * A-Z, a-z, 0-9 + # + # * \- . + # + # * * (matches 0 or more characters) + # + # * ? (matches exactly 1 character) + # + # If the field name is `path-pattern`, you can specify a single path + # pattern. A path pattern is case sensitive, can be up to 128 characters + # in length, and can contain any of the following characters. Note that + # you can include up to three wildcard characters. + # + # * A-Z, a-z, 0-9 + # + # * \_ - . $ / ~ " ' @ : + + # + # * &amp; (using &amp;amp;) + # + # * * (matches 0 or more characters) + # + # * ? (matches exactly 1 character) + # # @option params [Array<Types::Action>] :actions - # The actions. The target group must use the HTTP or HTTPS protocol. + # The actions. # + # If the action type is `forward`, you can specify a single target + # group. + # + # If the action type is `authenticate-oidc`, you can use an identity + # provider that is OpenID Connect (OIDC) compliant to authenticate users + # as they access your application. + # + # If the action type is `authenticate-cognito`, you can use Amazon + # Cognito to authenticate users as they access your application. + # # @return [Types::ModifyRuleOutput] Returns a {Seahorse::Client::Response response} object which responds to the following methods: # # * {Types::ModifyRuleOutput#rules #rules} => Array&lt;Types::Rule&gt; # # @@ -2571,12 +2835,40 @@ # values: ["StringValue"], # }, # ], # actions: [ # { - # type: "forward", # required, accepts forward - # target_group_arn: "TargetGroupArn", # required + # type: "forward", # required, accepts forward, authenticate-oidc, authenticate-cognito + # target_group_arn: "TargetGroupArn", + # authenticate_oidc_config: { + # issuer: "AuthenticateOidcActionIssuer", # required + # authorization_endpoint: "AuthenticateOidcActionAuthorizationEndpoint", # required + # token_endpoint: "AuthenticateOidcActionTokenEndpoint", # required + # user_info_endpoint: "AuthenticateOidcActionUserInfoEndpoint", # required + # client_id: "AuthenticateOidcActionClientId", # required + # client_secret: "AuthenticateOidcActionClientSecret", # required + # session_cookie_name: "AuthenticateOidcActionSessionCookieName", + # scope: "AuthenticateOidcActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateOidcActionAuthenticationRequestParamName" => "AuthenticateOidcActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # authenticate_cognito_config: { + # user_pool_arn: "AuthenticateCognitoActionUserPoolArn", # required + # user_pool_client_id: "AuthenticateCognitoActionUserPoolClientId", # required + # user_pool_domain: "AuthenticateCognitoActionUserPoolDomain", # required + # session_cookie_name: "AuthenticateCognitoActionSessionCookieName", + # scope: "AuthenticateCognitoActionScope", + # session_timeout: 1, + # authentication_request_extra_params: { + # "AuthenticateCognitoActionAuthenticationRequestParamName" => "AuthenticateCognitoActionAuthenticationRequestParamValue", + # }, + # on_unauthenticated_request: "deny", # accepts deny, allow, authenticate + # }, + # order: 1, # }, # ], # }) # # @example Response structure @@ -2587,12 +2879,34 @@ # resp.rules[0].conditions #=> Array # resp.rules[0].conditions[0].field #=> String # resp.rules[0].conditions[0].values #=> Array # resp.rules[0].conditions[0].values[0] #=> String # resp.rules[0].actions #=> Array - # resp.rules[0].actions[0].type #=> String, one of "forward" + # resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.rules[0].actions[0].target_group_arn #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].order #=> Integer # resp.rules[0].is_default #=> Boolean # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/ModifyRule AWS API Documentation # # @overload modify_rule(params = {}) @@ -3082,12 +3396,34 @@ # resp.rules[0].conditions #=> Array # resp.rules[0].conditions[0].field #=> String # resp.rules[0].conditions[0].values #=> Array # resp.rules[0].conditions[0].values[0] #=> String # resp.rules[0].actions #=> Array - # resp.rules[0].actions[0].type #=> String, one of "forward" + # resp.rules[0].actions[0].type #=> String, one of "forward", "authenticate-oidc", "authenticate-cognito" # resp.rules[0].actions[0].target_group_arn #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.issuer #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.authorization_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.token_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.user_info_endpoint #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_id #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.client_secret #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.scope #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_oidc_config.authentication_request_extra_params["AuthenticateOidcActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_oidc_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_arn #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_client_id #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.user_pool_domain #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_cookie_name #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.scope #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.session_timeout #=> Integer + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params #=> Hash + # resp.rules[0].actions[0].authenticate_cognito_config.authentication_request_extra_params["AuthenticateCognitoActionAuthenticationRequestParamName"] #=> String + # resp.rules[0].actions[0].authenticate_cognito_config.on_unauthenticated_request #=> String, one of "deny", "allow", "authenticate" + # resp.rules[0].actions[0].order #=> Integer # resp.rules[0].is_default #=> Boolean # # @see http://docs.aws.amazon.com/goto/WebAPI/elasticloadbalancingv2-2015-12-01/SetRulePriorities AWS API Documentation # # @overload set_rule_priorities(params = {}) @@ -3161,11 +3497,11 @@ # Note that you can't change the subnets for a Network Load Balancer. # # @option params [required, String] :load_balancer_arn # The Amazon Resource Name (ARN) of the load balancer. # - # @option params [required, Array<String>] :subnets + # @option params [Array<String>] :subnets # The IDs of the public subnets. You must specify subnets from at least # two Availability Zones. You can specify only one subnet per # Availability Zone. You must specify either subnets or subnet mappings. # # @option params [Array<Types::SubnetMapping>] :subnet_mappings @@ -3208,11 +3544,11 @@ # # @example Request syntax with placeholder values # # resp = client.set_subnets({ # load_balancer_arn: "LoadBalancerArn", # required - # subnets: ["SubnetId"], # required + # subnets: ["SubnetId"], # subnet_mappings: [ # { # subnet_id: "SubnetId", # allocation_id: "AllocationId", # }, @@ -3248,10 +3584,10 @@ operation: config.api.operation(operation_name), client: self, params: params, config: config) context[:gem_name] = 'aws-sdk-elasticloadbalancingv2' - context[:gem_version] = '1.9.0' + context[:gem_version] = '1.10.0' Seahorse::Client::Request.new(handlers, context) end # Polls an API operation until a resource enters a desired state. #