UNPKG

openapi-directory

Version:

Building & bundling https://github.com/APIs-guru/openapi-directory for easy use from JS

github.com/httptoolkit/openapi-directory-js

httptoolkit/openapi-directory-js

1 lines 268 kB
1
{"openapi":"3.0.0","info":{"version":"2018-01-04","x-release":"v4","title":"AWS Resource Access Manager","description":"<p>This is the <i>Resource Access Manager API Reference</i>. This documentation provides descriptions and syntax for each of the actions and data types in RAM. RAM is a service that helps you securely share your Amazon Web Services resources to other Amazon Web Services accounts. If you use Organizations to manage your accounts, then you can share your resources with your entire organization or to organizational units (OUs). For supported resource types, you can also share resources with individual Identity and Access Management (IAM) roles and users. </p> <p>To learn more about RAM, see the following resources:</p> <ul> <li> <p> <a href=\"http://aws.amazon.com/ram\">Resource Access Manager product page</a> </p> </li> <li> <p> <a href=\"https://docs.aws.amazon.com/ram/latest/userguide/\">Resource Access Manager User Guide</a> </p> </li> </ul>","x-logo":{"url":"https://twitter.com/awscloud/profile_image?size=original","backgroundColor":"#FFFFFF"},"termsOfService":"https://aws.amazon.com/service-terms/","contact":{"name":"Mike Ralphson","email":"mike.ralphson@gmail.com","url":"https://github.com/mermade/aws2openapi","x-twitter":"PermittedSoc"},"license":{"name":"Apache 2.0 License","url":"http://www.apache.org/licenses/"},"x-providerName":"amazonaws.com","x-serviceName":"ram","x-origin":[{"contentType":"application/json","url":"https://raw.githubusercontent.com/aws/aws-sdk-js/master/apis/ram-2018-01-04.normal.json","converter":{"url":"https://github.com/mermade/aws2openapi","version":"1.0.0"},"x-apisguru-driver":"external"}],"x-apiClientRegistration":{"url":"https://portal.aws.amazon.com/gp/aws/developer/registration/index.html?nc2=h_ct"},"x-apisguru-categories":["cloud"],"x-preferred":true},"externalDocs":{"description":"Amazon Web Services documentation","url":"https://docs.aws.amazon.com/ram/"},"servers":[{"url":"http://ram.{region}.amazonaws.com","variables":{"region":{"description":"The AWS region","enum":["us-east-1","us-east-2","us-west-1","us-west-2","us-gov-west-1","us-gov-east-1","ca-central-1","eu-north-1","eu-west-1","eu-west-2","eu-west-3","eu-central-1","eu-south-1","af-south-1","ap-northeast-1","ap-northeast-2","ap-northeast-3","ap-southeast-1","ap-southeast-2","ap-east-1","ap-south-1","sa-east-1","me-south-1"],"default":"us-east-1"}},"description":"The RAM multi-region endpoint"},{"url":"https://ram.{region}.amazonaws.com","variables":{"region":{"description":"The AWS region","enum":["us-east-1","us-east-2","us-west-1","us-west-2","us-gov-west-1","us-gov-east-1","ca-central-1","eu-north-1","eu-west-1","eu-west-2","eu-west-3","eu-central-1","eu-south-1","af-south-1","ap-northeast-1","ap-northeast-2","ap-northeast-3","ap-southeast-1","ap-southeast-2","ap-east-1","ap-south-1","sa-east-1","me-south-1"],"default":"us-east-1"}},"description":"The RAM multi-region endpoint"},{"url":"http://ram.{region}.amazonaws.com.cn","variables":{"region":{"description":"The AWS region","enum":["cn-north-1","cn-northwest-1"],"default":"cn-north-1"}},"description":"The RAM endpoint for China (Beijing) and China (Ningxia)"},{"url":"https://ram.{region}.amazonaws.com.cn","variables":{"region":{"description":"The AWS region","enum":["cn-north-1","cn-northwest-1"],"default":"cn-north-1"}},"description":"The RAM endpoint for China (Beijing) and China (Ningxia)"}],"paths":{"/acceptresourceshareinvitation":{"post":{"operationId":"AcceptResourceShareInvitation","description":"Accepts an invitation to a resource share from another Amazon Web Services account. After you accept the invitation, the resources included in the resource share are available to interact with in the relevant Amazon Web Services Management Consoles and tools.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AcceptResourceShareInvitationResponse"}}}},"480":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"481":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"482":{"description":"ResourceShareInvitationArnNotFoundException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareInvitationArnNotFoundException"}}}},"483":{"description":"ResourceShareInvitationAlreadyAcceptedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareInvitationAlreadyAcceptedException"}}}},"484":{"description":"ResourceShareInvitationAlreadyRejectedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareInvitationAlreadyRejectedException"}}}},"485":{"description":"ResourceShareInvitationExpiredException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareInvitationExpiredException"}}}},"486":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"487":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"488":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"489":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["resourceShareInvitationArn"],"properties":{"resourceShareInvitationArn":{"description":"The <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the invitation that you want to accept.","type":"string"},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/associateresourceshare":{"post":{"operationId":"AssociateResourceShare","description":"Adds the specified list of principals and list of resources to a resource share. Principals that already have access to this resource share immediately receive access to the added resources. Newly added principals immediately receive access to the resources shared in this resource share. ","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AssociateResourceShareResponse"}}}},"480":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}},"481":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"482":{"description":"InvalidStateTransitionException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidStateTransitionException"}}}},"483":{"description":"ResourceShareLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareLimitExceededException"}}}},"484":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"485":{"description":"InvalidStateTransitionException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidStateTransitionException"}}}},"486":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"487":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"488":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"489":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"490":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"491":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"492":{"description":"ThrottlingException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ThrottlingException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["resourceShareArn"],"properties":{"resourceShareArn":{"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the resource share that you want to add principals or resources to.","type":"string"},"resourceArns":{"description":"Specifies a list of <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names (ARNs)</a> of the resources that you want to share. This can be <code>null</code> if you want to add only principals.","type":"array","items":{"$ref":"#/components/schemas/String"}},"principals":{"description":"<p>Specifies a list of principals to whom you want to the resource share. This can be <code>null</code> if you want to add only resources.</p> <p>What the principals can do with the resources in the share is determined by the RAM permissions that you associate with the resource share. See <a>AssociateResourceSharePermission</a>.</p> <p>You can include the following values:</p> <ul> <li> <p>An Amazon Web Services account ID, for example: <code>123456789012</code> </p> </li> <li> <p>An <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of an organization in Organizations, for example: <code>organizations::123456789012:organization/o-exampleorgid</code> </p> </li> <li> <p>An ARN of an organizational unit (OU) in Organizations, for example: <code>organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123</code> </p> </li> <li> <p>An ARN of an IAM role, for example: <code>iam::123456789012:role/rolename</code> </p> </li> <li> <p>An ARN of an IAM user, for example: <code>iam::123456789012user/username</code> </p> </li> </ul> <note> <p>Not all resource types can be shared with IAM roles and users. For more information, see <a href=\"https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types\">Sharing with IAM roles and users</a> in the <i>Resource Access Manager User Guide</i>.</p> </note>","type":"array","items":{"$ref":"#/components/schemas/String"}},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"},"sources":{"description":"Specifies from which source accounts the service principal has access to the resources in this resource share.","type":"array","items":{"$ref":"#/components/schemas/String"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/associateresourcesharepermission":{"post":{"operationId":"AssociateResourceSharePermission","description":"Adds or replaces the RAM permission for a resource type included in a resource share. You can have exactly one permission associated with each resource type in the resource share. You can add a new RAM permission only if there are currently no resources of that resource type currently in the resource share.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/AssociateResourceSharePermissionResponse"}}}},"480":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"481":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"482":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"483":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"484":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"485":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"486":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["resourceShareArn","permissionArn"],"properties":{"resourceShareArn":{"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the resource share to which you want to add or replace permissions.","type":"string"},"permissionArn":{"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the RAM permission to associate with the resource share. To find the ARN for a permission, use either the <a>ListPermissions</a> operation or go to the <a href=\"https://console.aws.amazon.com/ram/home#Permissions:\">Permissions library</a> page in the RAM console and then choose the name of the permission. The ARN is displayed on the detail page.","type":"string"},"replace":{"description":"<p>Specifies whether the specified permission should replace the existing permission associated with the resource share. Use <code>true</code> to replace the current permissions. Use <code>false</code> to add the permission to a resource share that currently doesn't have a permission. The default value is <code>false</code>.</p> <note> <p>A resource share can have only one permission per resource type. If a resource share already has a permission for the specified resource type and you don't set <code>replace</code> to <code>true</code> then the operation returns an error. This helps prevent accidental overwriting of a permission.</p> </note>","type":"boolean"},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"},"permissionVersion":{"description":"<p>Specifies the version of the RAM permission to associate with the resource share. You can specify <i>only</i> the version that is currently set as the default version for the permission. If you also set the <code>replace</code> pararameter to <code>true</code>, then this operation updates an outdated version of the permission to the current default version.</p> <note> <p>You don't need to specify this parameter because the default behavior is to use the version that is currently set as the default version for the permission. This parameter is supported for backwards compatibility.</p> </note>","type":"integer"}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/createpermission":{"post":{"operationId":"CreatePermission","description":"Creates a customer managed permission for a specified resource type that you can attach to resource shares. It is created in the Amazon Web Services Region in which you call the operation.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreatePermissionResponse"}}}},"480":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"481":{"description":"InvalidPolicyException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidPolicyException"}}}},"482":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"483":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"484":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"485":{"description":"PermissionAlreadyExistsException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/PermissionAlreadyExistsException"}}}},"486":{"description":"MalformedPolicyTemplateException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedPolicyTemplateException"}}}},"487":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"488":{"description":"PermissionLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/PermissionLimitExceededException"}}}},"489":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name","resourceType","policyTemplate"],"properties":{"name":{"description":"Specifies the name of the customer managed permission. The name must be unique within the Amazon Web Services Region.","type":"string","pattern":"[\\w.-]*","minLength":1,"maxLength":36},"resourceType":{"description":"<p>Specifies the name of the resource type that this customer managed permission applies to.</p> <p>The format is <code> <i>&lt;service-code&gt;</i>:<i>&lt;resource-type&gt;</i> </code> and is not case sensitive. For example, to specify an Amazon EC2 Subnet, you can use the string <code>ec2:subnet</code>. To see the list of valid values for this parameter, query the <a>ListResourceTypes</a> operation.</p>","type":"string"},"policyTemplate":{"description":"<p>A string in JSON format string that contains the following elements of a resource-based policy:</p> <ul> <li> <p> <b>Effect</b>: must be set to <code>ALLOW</code>.</p> </li> <li> <p> <b>Action</b>: specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html\">Actions, resources, and condition keys for Amazon Web Services services</a> in the <i>Identity and Access Management User Guide</i>.</p> </li> <li> <p> <b>Condition</b>: (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html\">IAM policies: Condition element</a> in the <i>Identity and Access Management User Guide</i>.</p> </li> </ul> <p>This template can't include either the <code>Resource</code> or <code>Principal</code> elements. Those are both filled in by RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The <code>Resource</code> comes from the ARN of the specific resource that you are sharing. The <code>Principal</code> comes from the list of identities added to the resource share.</p>","type":"string"},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"},"tags":{"description":"Specifies a list of one or more tag key and value pairs to attach to the permission.","type":"array","items":{"$ref":"#/components/schemas/Tag"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/createpermissionversion":{"post":{"operationId":"CreatePermissionVersion","description":"<p>Creates a new version of the specified customer managed permission. The new version is automatically set as the default version of the customer managed permission. New resource shares automatically use the default permission. Existing resource shares continue to use their original permission versions, but you can use <a>ReplacePermissionAssociations</a> to update them.</p> <p>If the specified customer managed permission already has the maximum of 5 versions, then you must delete one of the existing versions before you can create a new one.</p>","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreatePermissionVersionResponse"}}}},"480":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"481":{"description":"InvalidPolicyException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidPolicyException"}}}},"482":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"483":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"484":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"485":{"description":"MalformedPolicyTemplateException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedPolicyTemplateException"}}}},"486":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"487":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"488":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}},"489":{"description":"PermissionVersionsLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/PermissionVersionsLimitExceededException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["permissionArn","policyTemplate"],"properties":{"permissionArn":{"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the customer managed permission you're creating a new version for.","type":"string"},"policyTemplate":{"description":"<p>A string in JSON format string that contains the following elements of a resource-based policy:</p> <ul> <li> <p> <b>Effect</b>: must be set to <code>ALLOW</code>.</p> </li> <li> <p> <b>Action</b>: specifies the actions that are allowed by this customer managed permission. The list must contain only actions that are supported by the specified resource type. For a list of all actions supported by each resource type, see <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/reference_policies_actions-resources-contextkeys.html\">Actions, resources, and condition keys for Amazon Web Services services</a> in the <i>Identity and Access Management User Guide</i>.</p> </li> <li> <p> <b>Condition</b>: (optional) specifies conditional parameters that must evaluate to true when a user attempts an action for that action to be allowed. For more information about the Condition element, see <a href=\"https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_condition.html\">IAM policies: Condition element</a> in the <i>Identity and Access Management User Guide</i>.</p> </li> </ul> <p>This template can't include either the <code>Resource</code> or <code>Principal</code> elements. Those are both filled in by RAM when it instantiates the resource-based policy on each resource shared using this managed permission. The <code>Resource</code> comes from the ARN of the specific resource that you are sharing. The <code>Principal</code> comes from the list of identities added to the resource share.</p>","type":"string"},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/createresourceshare":{"post":{"operationId":"CreateResourceShare","description":"<p>Creates a resource share. You can provide a list of the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names (ARNs)</a> for the resources that you want to share, a list of principals you want to share the resources with, and the permissions to grant those principals.</p> <note> <p>Sharing a resource makes it available for use by principals outside of the Amazon Web Services account that created the resource. Sharing doesn't change any permissions or quotas that apply to the resource in the account that created it.</p> </note>","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/CreateResourceShareResponse"}}}},"480":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}},"481":{"description":"InvalidStateTransitionException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidStateTransitionException"}}}},"482":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"483":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"484":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"485":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"486":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"487":{"description":"ResourceShareLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareLimitExceededException"}}}},"488":{"description":"TagPolicyViolationException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TagPolicyViolationException"}}}},"489":{"description":"TagLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/TagLimitExceededException"}}}},"490":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"491":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["name"],"properties":{"name":{"description":"Specifies the name of the resource share.","type":"string"},"resourceArns":{"description":"Specifies a list of one or more ARNs of the resources to associate with the resource share.","type":"array","items":{"$ref":"#/components/schemas/String"}},"principals":{"description":"<p>Specifies a list of one or more principals to associate with the resource share.</p> <p>You can include the following values:</p> <ul> <li> <p>An Amazon Web Services account ID, for example: <code>123456789012</code> </p> </li> <li> <p>An <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of an organization in Organizations, for example: <code>organizations::123456789012:organization/o-exampleorgid</code> </p> </li> <li> <p>An ARN of an organizational unit (OU) in Organizations, for example: <code>organizations::123456789012:ou/o-exampleorgid/ou-examplerootid-exampleouid123</code> </p> </li> <li> <p>An ARN of an IAM role, for example: <code>iam::123456789012:role/rolename</code> </p> </li> <li> <p>An ARN of an IAM user, for example: <code>iam::123456789012user/username</code> </p> </li> </ul> <note> <p>Not all resource types can be shared with IAM roles and users. For more information, see <a href=\"https://docs.aws.amazon.com/ram/latest/userguide/permissions.html#permissions-rbp-supported-resource-types\">Sharing with IAM roles and users</a> in the <i>Resource Access Manager User Guide</i>.</p> </note>","type":"array","items":{"$ref":"#/components/schemas/String"}},"tags":{"description":"Specifies one or more tags to attach to the resource share itself. It doesn't attach the tags to the resources associated with the resource share.","type":"array","items":{"$ref":"#/components/schemas/Tag"}},"allowExternalPrincipals":{"description":"Specifies whether principals outside your organization in Organizations can be associated with a resource share. A value of <code>true</code> lets you share with individual Amazon Web Services accounts that are <i>not</i> in your organization. A value of <code>false</code> only has meaning if your account is a member of an Amazon Web Services Organization. The default value is <code>true</code>.","type":"boolean"},"clientToken":{"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","type":"string"},"permissionArns":{"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names (ARNs)</a> of the RAM permission to associate with the resource share. If you do not specify an ARN for the permission, RAM automatically attaches the default version of the permission for each resource type. You can associate only one permission with each resource type included in the resource share.","type":"array","items":{"$ref":"#/components/schemas/String"}},"sources":{"description":"Specifies from which source accounts the service principal has access to the resources in this resource share.","type":"array","items":{"$ref":"#/components/schemas/String"}}}}}}}},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/deletepermission#permissionArn":{"delete":{"operationId":"DeletePermission","description":"Deletes the specified customer managed permission in the Amazon Web Services Region in which you call this operation. You can delete a customer managed permission only if it isn't attached to any resource share. The operation deletes all versions associated with the customer managed permission.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeletePermissionResponse"}}}},"480":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"481":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"482":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"483":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"484":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"485":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"486":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}}},"parameters":[{"name":"permissionArn","in":"query","required":true,"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the customer managed permission that you want to delete.","schema":{"type":"string"}},{"name":"clientToken","in":"query","required":false,"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","schema":{"type":"string"}}]},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/deletepermissionversion#permissionArn&permissionVersion":{"delete":{"operationId":"DeletePermissionVersion","description":"<p>Deletes one version of a customer managed permission. The version you specify must not be attached to any resource share and must not be the default version for the permission.</p> <p>If a customer managed permission has the maximum of 5 versions, then you must delete at least one version before you can create another.</p>","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeletePermissionVersionResponse"}}}},"480":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"481":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"482":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"483":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"484":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"485":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"486":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"487":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}}},"parameters":[{"name":"permissionArn","in":"query","required":true,"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the permission with the version you want to delete.","schema":{"type":"string"}},{"name":"permissionVersion","in":"query","required":true,"description":"<p>Specifies the version number to delete.</p> <p>You can't delete the default version for a customer managed permission.</p> <p>You can't delete a version if it's the only version of the permission. You must either first create another version, or delete the permission completely.</p> <p>You can't delete a version if it is attached to any resource shares. If the version is the default, you must first use <a>SetDefaultPermissionVersion</a> to set a different version as the default for the customer managed permission, and then use <a>AssociateResourceSharePermission</a> to update your resource shares to use the new default version.</p>","schema":{"type":"integer"}},{"name":"clientToken","in":"query","required":false,"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","schema":{"type":"string"}}]},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/deleteresourceshare#resourceShareArn":{"delete":{"operationId":"DeleteResourceShare","description":"<p>Deletes the specified resource share.</p> <important> <p>This doesn't delete any of the resources that were associated with the resource share; it only stops the sharing of those resources through this resource share.</p> </important>","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DeleteResourceShareResponse"}}}},"480":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"481":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}},"482":{"description":"InvalidStateTransitionException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidStateTransitionException"}}}},"483":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}},"484":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"485":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"486":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"487":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"488":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}}},"parameters":[{"name":"resourceShareArn","in":"query","required":true,"description":"Specifies the <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the resource share to delete.","schema":{"type":"string"}},{"name":"clientToken","in":"query","required":false,"description":"<p>Specifies a unique, case-sensitive identifier that you provide to ensure the idempotency of the request. This lets you safely retry the request without accidentally performing the same operation a second time. Passing the same value to a later call to an operation requires that you also pass the same value for all other parameters. We recommend that you use a <a href=\"https://wikipedia.org/wiki/Universally_unique_identifier\">UUID type of value.</a>.</p> <p>If you don't provide this value, then Amazon Web Services generates a random one for you.</p> <p>If you retry the operation with the same <code>ClientToken</code>, but with different parameters, the retry fails with an <code>IdempotentParameterMismatch</code> error.</p>","schema":{"type":"string"}}]},"parameters":[{"$ref":"#/components/parameters/X-Amz-Content-Sha256"},{"$ref":"#/components/parameters/X-Amz-Date"},{"$ref":"#/components/parameters/X-Amz-Algorithm"},{"$ref":"#/components/parameters/X-Amz-Credential"},{"$ref":"#/components/parameters/X-Amz-Security-Token"},{"$ref":"#/components/parameters/X-Amz-Signature"},{"$ref":"#/components/parameters/X-Amz-SignedHeaders"}]},"/disassociateresourceshare":{"post":{"operationId":"DisassociateResourceShare","description":"Removes the specified principals or resources from participating in the specified resource share.","responses":{"200":{"description":"Success","content":{"application/json":{"schema":{"$ref":"#/components/schemas/DisassociateResourceShareResponse"}}}},"480":{"description":"IdempotentParameterMismatchException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/IdempotentParameterMismatchException"}}}},"481":{"description":"ResourceShareLimitExceededException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ResourceShareLimitExceededException"}}}},"482":{"description":"MalformedArnException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/MalformedArnException"}}}},"483":{"description":"InvalidStateTransitionException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidStateTransitionException"}}}},"484":{"description":"InvalidClientTokenException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidClientTokenException"}}}},"485":{"description":"InvalidParameterException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/InvalidParameterException"}}}},"486":{"description":"OperationNotPermittedException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/OperationNotPermittedException"}}}},"487":{"description":"ServerInternalException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServerInternalException"}}}},"488":{"description":"ServiceUnavailableException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/ServiceUnavailableException"}}}},"489":{"description":"UnknownResourceException","content":{"application/json":{"schema":{"$ref":"#/components/schemas/UnknownResourceException"}}}}},"parameters":[],"requestBody":{"required":true,"content":{"application/json":{"schema":{"type":"object","required":["resourceShareArn"],"properties":{"resourceShareArn":{"description":"Specifies <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Name (ARN)</a> of the resource share that you want to remove resources or principals from.","type":"string"},"resourceArns":{"description":"Specifies a list of <a href=\"https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html\">Amazon Resource Names (ARNs)</a> for one or more resources that you want to remove from the resource share. After the operation runs, these resources are no longer s