"documentation":"<p>Creates a gateway route.</p> <p>A gateway route is attached to a virtual gateway and routes traffic to an existing virtual service. If a route matches a request, it can distribute traffic to a target virtual service.</p> <p>For more information about gateway routes, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/gateway-routes.html\">Gateway routes</a>.</p>",
"idempotent":true
},
"CreateMesh":{
"name":"CreateMesh",
"http":{
"method":"PUT",
"requestUri":"/v20190125/meshes",
"responseCode":200
},
"input":{"shape":"CreateMeshInput"},
"output":{"shape":"CreateMeshOutput"},
"errors":[
{"shape":"NotFoundException"},
{"shape":"BadRequestException"},
{"shape":"ConflictException"},
{"shape":"TooManyRequestsException"},
{"shape":"ForbiddenException"},
{"shape":"ServiceUnavailableException"},
{"shape":"InternalServerErrorException"},
{"shape":"LimitExceededException"}
],
"documentation":"<p>Creates a service mesh.</p> <p> A service mesh is a logical boundary for network traffic between services that are represented by resources within the mesh. After you create your service mesh, you can create virtual services, virtual nodes, virtual routers, and routes to distribute traffic between the applications in your mesh.</p> <p>For more information about service meshes, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/meshes.html\">Service meshes</a>.</p>",
"documentation":"<p>Creates a route that is associated with a virtual router.</p> <p> You can route several different protocols and define a retry policy for a route. Traffic can be routed to one or more virtual nodes.</p> <p>For more information about routes, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/routes.html\">Routes</a>.</p>",
"documentation":"<p>Creates a virtual gateway.</p> <p>A virtual gateway allows resources outside your mesh to communicate to resources that are inside your mesh. The virtual gateway represents an Envoy proxy running in an Amazon ECS task, in a Kubernetes service, or on an Amazon EC2 instance. Unlike a virtual node, which represents an Envoy running with an application, a virtual gateway represents Envoy deployed by itself.</p> <p>For more information about virtual gateways, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_gateways.html\">Virtual gateways</a>. </p>",
"documentation":"<p>Creates a virtual node within a service mesh.</p> <p> A virtual node acts as a logical pointer to a particular task group, such as an Amazon ECS service or a Kubernetes deployment. When you create a virtual node, you can specify the service discovery information for your task group, and whether the proxy running in a task group will communicate with other proxies using Transport Layer Security (TLS).</p> <p>You define a <code>listener</code> for any inbound traffic that your virtual node expects. Any virtual service that your virtual node expects to communicate to is specified as a <code>backend</code>.</p> <p>The response metadata for your new virtual node contains the <code>arn</code> that is associated with the virtual node. Set this value to the full ARN; for example, <code>arn:aws:appmesh:us-west-2:123456789012:myMesh/default/virtualNode/myApp</code>) as the <code>APPMESH_RESOURCE_ARN</code> environment variable for your task group's Envoy proxy container in your task definition or pod spec. This is then mapped to the <code>node.id</code> and <code>node.cluster</code> Envoy parameters.</p> <note> <p>By default, App Mesh uses the name of the resource you specified in <code>APPMESH_RESOURCE_ARN</code> when Envoy is referring to itself in metrics and traces. You can override this behavior by setting the <code>APPMESH_RESOURCE_CLUSTER</code> environment variable with your own name.</p> <p>AWS Cloud Map is not available in the eu-south-1 Region.</p> </note> <p>For more information about virtual nodes, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_nodes.html\">Virtual nodes</a>. You must be using <code>1.15.0</code> or later of the Envoy image when setting these variables. For more information about App Mesh Envoy variables, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/envoy.html\">Envoy image</a> in the AWS App Mesh User Guide.</p>",
"documentation":"<p>Creates a virtual router within a service mesh.</p> <p>Specify a <code>listener</code> for any inbound traffic that your virtual router receives. Create a virtual router for each protocol and port that you need to route. Virtual routers handle traffic for one or more virtual services within your mesh. After you create your virtual router, create and associate routes for your virtual router that direct incoming requests to different virtual nodes.</p> <p>For more information about virtual routers, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_routers.html\">Virtual routers</a>.</p>",
"documentation":"<p>Creates a virtual service within a service mesh.</p> <p>A virtual service is an abstraction of a real service that is provided by a virtual node directly or indirectly by means of a virtual router. Dependent services call your virtual service by its <code>virtualServiceName</code>, and those requests are routed to the virtual node or virtual router that is specified as the provider for the virtual service.</p> <p>For more information about virtual services, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/virtual_services.html\">Virtual services</a>.</p>",
"documentation":"<p>Deletes an existing gateway route.</p>",
"idempotent":true
},
"DeleteMesh":{
"name":"DeleteMesh",
"http":{
"method":"DELETE",
"requestUri":"/v20190125/meshes/{meshName}",
"responseCode":200
},
"input":{"shape":"DeleteMeshInput"},
"output":{"shape":"DeleteMeshOutput"},
"errors":[
{"shape":"NotFoundException"},
{"shape":"BadRequestException"},
{"shape":"TooManyRequestsException"},
{"shape":"ForbiddenException"},
{"shape":"ResourceInUseException"},
{"shape":"ServiceUnavailableException"},
{"shape":"InternalServerErrorException"}
],
"documentation":"<p>Deletes an existing service mesh.</p> <p>You must delete all resources (virtual services, routes, virtual routers, and virtual nodes) in the service mesh before you can delete the mesh itself.</p>",
"documentation":"<p>Deletes an existing virtual node.</p> <p>You must delete any virtual services that list a virtual node as a service provider before you can delete the virtual node itself.</p>",
"documentation":"<p>Deletes an existing virtual router.</p> <p>You must delete any routes associated with the virtual router before you can delete the router itself.</p>",
"documentation":"<p>Returns a list of existing virtual services in a service mesh.</p>"
},
"TagResource":{
"name":"TagResource",
"http":{
"method":"PUT",
"requestUri":"/v20190125/tag",
"responseCode":200
},
"input":{"shape":"TagResourceInput"},
"output":{"shape":"TagResourceOutput"},
"errors":[
{"shape":"NotFoundException"},
{"shape":"BadRequestException"},
{"shape":"TooManyTagsException"},
{"shape":"TooManyRequestsException"},
{"shape":"ForbiddenException"},
{"shape":"ServiceUnavailableException"},
{"shape":"InternalServerErrorException"}
],
"documentation":"<p>Associates the specified tags to a resource with the specified <code>resourceArn</code>. If existing tags on a resource aren't specified in the request parameters, they aren't changed. When a resource is deleted, the tags associated with that resource are also deleted.</p>",
"idempotent":true
},
"UntagResource":{
"name":"UntagResource",
"http":{
"method":"PUT",
"requestUri":"/v20190125/untag",
"responseCode":200
},
"input":{"shape":"UntagResourceInput"},
"output":{"shape":"UntagResourceOutput"},
"errors":[
{"shape":"NotFoundException"},
{"shape":"BadRequestException"},
{"shape":"TooManyRequestsException"},
{"shape":"ForbiddenException"},
{"shape":"ServiceUnavailableException"},
{"shape":"InternalServerErrorException"}
],
"documentation":"<p>Deletes specified tags from a resource.</p>",
"documentation":"<p>The name of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.</p>"
"documentation":"<p>The value of an AWS Cloud Map service instance attribute key. Any AWS Cloud Map service instance that contains the specified key and value is returned.</p>"
"documentation":"<p>An object that represents the AWS Cloud Map attribute information for your virtual node.</p> <note> <p>AWS Cloud Map is not available in the eu-south-1 Region.</p> </note>"
"documentation":"<p>A string map that contains attributes with values that you can use to filter instances by any custom attribute that you specified when you registered the instance. Only instances that match all of the specified key/value pairs will be returned.</p>"
"documentation":"<p>An object that represents the AWS Cloud Map service discovery information for your virtual node.</p> <note> <p>AWS Cloud Map is not available in the eu-south-1 Region.</p> </note>"
},
"Backend":{
"type":"structure",
"members":{
"virtualService":{
"shape":"VirtualServiceBackend",
"documentation":"<p>Specifies a virtual service to use as a backend. </p>"
"documentation":"<p>The request contains a client token that was used for a previous update resource call with different specifications. Try the request again with a new client token.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"idempotencyToken":true
},
"gatewayRouteName":{
"shape":"ResourceName",
"documentation":"<p>The name to use for the gateway route.</p>"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to create the gateway route in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"spec":{
"shape":"GatewayRouteSpec",
"documentation":"<p>The gateway route specification to apply.</p>"
},
"tags":{
"shape":"TagList",
"documentation":"<p>Optional metadata that you can apply to the gateway route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to associate the gateway route with. If the virtual gateway is in a shared mesh, then you must be the owner of the virtual gateway resource.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>Optional metadata that you can apply to the service mesh to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Optional metadata that you can apply to the route to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>The name of the virtual router in which to create the route. If the virtual router is in a shared mesh, then you must be the owner of the virtual router resource.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Optional metadata that you can apply to the virtual gateway to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Optional metadata that you can apply to the virtual node to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Optional metadata that you can apply to the virtual router to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then the account that you specify must share the mesh with your account before you can create the resource in the service mesh. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Optional metadata that you can apply to the virtual service to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>The name of the gateway route to delete.</p>",
"location":"uri",
"locationName":"gatewayRouteName"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to delete the gateway route from.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to delete the route from.</p>",
"documentation":"<p>The name of the service mesh to delete the route in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"routeName":{
"shape":"ResourceName",
"documentation":"<p>The name of the route to delete.</p>",
"location":"uri",
"locationName":"routeName"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router to delete the route in.</p>",
"documentation":"<p>The name of the service mesh to delete the virtual gateway from.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to delete.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>The name of the service mesh to delete the virtual router in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router to delete.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualServiceName":{
"shape":"ServiceName",
"documentation":"<p>The name of the virtual service to delete.</p>",
"documentation":"<p>The name of the gateway route to describe.</p>",
"location":"uri",
"locationName":"gatewayRouteName"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh that the gateway route resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway that the gateway route is associated with.</p>",
"documentation":"<p>The name of the service mesh to describe.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>The name of the service mesh that the route resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"routeName":{
"shape":"ResourceName",
"documentation":"<p>The name of the route to describe.</p>",
"location":"uri",
"locationName":"routeName"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router that the route is associated with.</p>",
"documentation":"<p>The name of the service mesh that the gateway route resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to describe.</p>",
"location":"uri",
"locationName":"virtualGatewayName"
}
}
},
"DescribeVirtualGatewayOutput":{
"type":"structure",
"required":["virtualGateway"],
"members":{
"virtualGateway":{
"shape":"VirtualGatewayData",
"documentation":"<p>The full description of your virtual gateway.</p>"
"documentation":"<p>The name of the service mesh that the virtual node resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>The name of the service mesh that the virtual router resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router to describe.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>The egress filter type. By default, the type is <code>DROP_ALL</code>, which allows egress only from virtual nodes to other defined resources in the service mesh (and any traffic to <code>*.amazonaws.com</code> for AWS API calls). You can set the egress filter type to <code>ALLOW_ALL</code> to allow egress to any endpoint inside or outside of the service mesh.</p>"
"documentation":"<p>The file path to write access logs to. You can use <code>/dev/stdout</code> to send access logs to standard out and configure your Envoy container to use a log driver, such as <code>awslogs</code>, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.</p> <note> <p>The Envoy process must have write permissions to the path that you specify here. Otherwise, Envoy fails to bootstrap properly.</p> </note>"
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"version":{
"shape":"Long",
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The virtual gateway that the gateway route is associated with.</p>"
"documentation":"<p>Specify at least one of the following values.</p> <ul> <li> <p> <b>server-error</b> – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511</p> </li> <li> <p> <b>gateway-error</b> – HTTP status codes 502, 503, and 504</p> </li> <li> <p> <b>client-error</b> – HTTP status code 409</p> </li> <li> <p> <b>stream-error</b> – Retry on refused stream</p> </li> </ul>"
"documentation":"<p>Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.</p>"
"documentation":"<p>An object that represents a retry policy. Specify at least one value for at least one of the types of <code>RetryEvents</code>, a value for <code>maxRetries</code>, and a value for <code>perRetryTimeout</code>.</p>"
"documentation":"<p>An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.</p>"
},
"perRequest":{
"shape":"Duration",
"documentation":"<p>An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.</p>"
}
},
"documentation":"<p>An object that represents types of timeouts. </p>"
},
"HeaderMatch":{
"type":"string",
"max":255,
"min":1
},
"HeaderMatchMethod":{
"type":"structure",
"members":{
"exact":{
"shape":"HeaderMatch",
"documentation":"<p>The value sent by the client must match the specified value exactly.</p>"
},
"prefix":{
"shape":"HeaderMatch",
"documentation":"<p>The value sent by the client must begin with the specified characters.</p>"
},
"range":{
"shape":"MatchRange",
"documentation":"<p>An object that represents the range of values to match on.</p>"
"documentation":"<p>The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.</p>"
"documentation":"<p>The destination port for the health check request. This port must match the port defined in the <a>PortMapping</a> for the listener.</p>"
"documentation":"<p>The protocol for the health check request. If you specify <code>grpc</code>, then your service must conform to the <a href=\"https://github.com/grpc/grpc/blob/master/doc/health-checking.md\">GRPC Health Checking Protocol</a>.</p>"
"documentation":"<p>Specifies the path to match requests with. This parameter must always start with <code>/</code>, which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is <code>my-service.local</code> and you want the route to match requests to <code>my-service.local/metrics</code>, your prefix should be <code>/metrics</code>.</p>"
"documentation":"<p>Specify at least one of the following values.</p> <ul> <li> <p> <b>server-error</b> – HTTP status codes 500, 501, 502, 503, 504, 505, 506, 507, 508, 510, and 511</p> </li> <li> <p> <b>gateway-error</b> – HTTP status codes 502, 503, and 504</p> </li> <li> <p> <b>client-error</b> – HTTP status code 409</p> </li> <li> <p> <b>stream-error</b> – Retry on refused stream</p> </li> </ul>"
"documentation":"<p>Specify a valid value. The event occurs before any processing of a request has started and is encountered when the upstream is temporarily or permanently unavailable.</p>"
"documentation":"<p>An object that represents a retry policy. Specify at least one value for at least one of the types of <code>RetryEvents</code>, a value for <code>maxRetries</code>, and a value for <code>perRetryTimeout</code>.</p>"
"documentation":"<p>An object that represents the client request headers to match on.</p>"
},
"method":{
"shape":"HttpMethod",
"documentation":"<p>The client request method to match on. Specify only one.</p>"
},
"prefix":{
"shape":"String",
"documentation":"<p>Specifies the path to match requests with. This parameter must always start with <code>/</code>, which by itself matches all requests to the virtual service name. You can also match for path-based routing of requests. For example, if your virtual service name is <code>my-service.local</code> and you want the route to match requests to <code>my-service.local/metrics</code>, your prefix should be <code>/metrics</code>.</p>"
},
"scheme":{
"shape":"HttpScheme",
"documentation":"<p>The client request scheme to match on. Specify only one.</p>"
"documentation":"<p>An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.</p>"
"documentation":"<p>An object that represents a per request timeout. The default value is 15 seconds. If you set a higher timeout, then make sure that the higher value is set for each App Mesh resource in a conversation. For example, if a virtual node backend uses a virtual router provider to route to another virtual node, then the timeout should be greater than 15 seconds for the source and destination virtual node and the route.</p>"
"documentation":"<p>You have exceeded a service limit for your account. For more information, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/service-quotas.html\">Service Limits</a> in the <i>AWS App Mesh User Guide</i>.</p>",
"documentation":"<p>The maximum number of results returned by <code>ListGatewayRoutes</code> in paginated output. When you use this parameter, <code>ListGatewayRoutes</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListGatewayRoutes</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListGatewayRoutes</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list gateway routes in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListGatewayRoutes</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"location":"querystring",
"locationName":"nextToken"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to list gateway routes in.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListGatewayRoutes</code> request. When the results of a <code>ListGatewayRoutes</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListMeshes</code> in paginated output. When you use this parameter, <code>ListMeshes</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListMeshes</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListMeshes</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListMeshes</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p> <note> <p>This token should be treated as an opaque identifier that is used only to retrieve the next items in a list and not for other programmatic purposes.</p> </note>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListMeshes</code> request. When the results of a <code>ListMeshes</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListRoutes</code> in paginated output. When you use this parameter, <code>ListRoutes</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListRoutes</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListRoutes</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list routes in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListRoutes</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"location":"querystring",
"locationName":"nextToken"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router to list routes in.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListRoutes</code> request. When the results of a <code>ListRoutes</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
},
"routes":{
"shape":"RouteList",
"documentation":"<p>The list of existing routes for the specified service mesh and virtual router.</p>"
"documentation":"<p>The maximum number of tag results returned by <code>ListTagsForResource</code> in paginated output. When this parameter is used, <code>ListTagsForResource</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListTagsForResource</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListTagsForResource</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListTagsForResource</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"location":"querystring",
"locationName":"nextToken"
},
"resourceArn":{
"shape":"Arn",
"documentation":"<p>The Amazon Resource Name (ARN) that identifies the resource to list the tags for.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListTagsForResource</code> request. When the results of a <code>ListTagsForResource</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
},
"tags":{
"shape":"TagList",
"documentation":"<p>The tags for the resource.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListVirtualGateways</code> in paginated output. When you use this parameter, <code>ListVirtualGateways</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListVirtualGateways</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListVirtualGateways</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list virtual gateways in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListVirtualGateways</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListVirtualGateways</code> request. When the results of a <code>ListVirtualGateways</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListVirtualNodes</code> in paginated output. When you use this parameter, <code>ListVirtualNodes</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListVirtualNodes</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListVirtualNodes</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list virtual nodes in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListVirtualNodes</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListVirtualNodes</code> request. When the results of a <code>ListVirtualNodes</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
},
"virtualNodes":{
"shape":"VirtualNodeList",
"documentation":"<p>The list of existing virtual nodes for the specified service mesh.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListVirtualRouters</code> in paginated output. When you use this parameter, <code>ListVirtualRouters</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListVirtualRouters</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListVirtualRouters</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list virtual routers in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListVirtualRouters</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListVirtualRouters</code> request. When the results of a <code>ListVirtualRouters</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
},
"virtualRouters":{
"shape":"VirtualRouterList",
"documentation":"<p>The list of existing virtual routers for the specified service mesh.</p>"
"documentation":"<p>The maximum number of results returned by <code>ListVirtualServices</code> in paginated output. When you use this parameter, <code>ListVirtualServices</code> returns only <code>limit</code> results in a single page along with a <code>nextToken</code> response element. You can see the remaining results of the initial request by sending another <code>ListVirtualServices</code> request with the returned <code>nextToken</code> value. This value can be between 1 and 100. If you don't use this parameter, <code>ListVirtualServices</code> returns up to 100 results and a <code>nextToken</code> value if applicable.</p>",
"location":"querystring",
"locationName":"limit"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to list virtual services in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"nextToken":{
"shape":"String",
"documentation":"<p>The <code>nextToken</code> value returned from a previous paginated <code>ListVirtualServices</code> request where <code>limit</code> was used and the results exceeded the value of that parameter. Pagination continues from the end of the previous results that returned the <code>nextToken</code> value.</p>",
"documentation":"<p>The <code>nextToken</code> value to include in a future <code>ListVirtualServices</code> request. When the results of a <code>ListVirtualServices</code> request exceed <code>limit</code>, you can use this value to retrieve the next page of results. This value is <code>null</code> when there are no more results to return.</p>"
},
"virtualServices":{
"shape":"VirtualServiceList",
"documentation":"<p>The list of existing virtual services for the specified service mesh.</p>"
"documentation":"<p>Specify one of the following modes.</p> <ul> <li> <p> <b/>STRICT – Listener only accepts connections with TLS enabled. </p> </li> <li> <p> <b/>PERMISSIVE – Listener accepts connections with or without TLS enabled.</p> </li> <li> <p> <b/>DISABLED – Listener only accepts connections without TLS. </p> </li> </ul>"
"documentation":"<p>The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites\">Transport Layer Security (TLS)</a>.</p>"
"documentation":"<p>An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites\">Transport Layer Security (TLS)</a>.</p>"
"documentation":"<p>A reference to an object that represents the name of the secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.</p>"
}
},
"documentation":"<p>An object that represents the listener's Secret Discovery Service certificate. The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html\">TLS documentation</a> for more info.</p>"
},
"ListenerTlsValidationContext":{
"type":"structure",
"required":["trust"],
"members":{
"subjectAlternativeNames":{
"shape":"SubjectAlternativeNames",
"documentation":"<p>A reference to an object that represents the SANs for a listener's Transport Layer Security (TLS) validation context.</p>"
},
"trust":{
"shape":"ListenerTlsValidationContextTrust",
"documentation":"<p>A reference to where to retrieve the trust chain when validating a peer’s Transport Layer Security (TLS) certificate.</p>"
}
},
"documentation":"<p>An object that represents a listener's Transport Layer Security (TLS) validation context.</p>"
},
"ListenerTlsValidationContextTrust":{
"type":"structure",
"members":{
"file":{"shape":"TlsValidationContextFileTrust"},
"sds":{
"shape":"TlsValidationContextSdsTrust",
"documentation":"<p>A reference to an object that represents a listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.</p>"
}
},
"documentation":"<p>An object that represents a listener's Transport Layer Security (TLS) validation context trust.</p>",
"documentation":"<p>An object that represents the range of values to match on. The first character of the range is included in the range, though the last character is not. For example, if the range specified were 1-100, only values 1-99 would be matched.</p>"
"documentation":"<p>The Unix epoch timestamp in seconds for when the resource was last updated.</p>"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh.</p>"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"resourceOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"version":{
"shape":"Long",
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
"documentation":"<p>The specified resource doesn't exist. Check your request syntax and try again.</p>",
"error":{
"httpStatusCode":404,
"senderFault":true
},
"exception":true
},
"OutlierDetection":{
"type":"structure",
"required":[
"baseEjectionDuration",
"interval",
"maxEjectionPercent",
"maxServerErrors"
],
"members":{
"baseEjectionDuration":{
"shape":"Duration",
"documentation":"<p>The base amount of time for which a host is ejected.</p>"
},
"interval":{
"shape":"Duration",
"documentation":"<p>The time interval between ejection sweep analysis.</p>"
},
"maxEjectionPercent":{
"shape":"OutlierDetectionMaxEjectionPercent",
"documentation":"<p>Maximum percentage of hosts in load balancing pool for upstream service that can be ejected. Will eject at least one host regardless of the value.</p>"
},
"maxServerErrors":{
"shape":"OutlierDetectionMaxServerErrors",
"documentation":"<p>Number of consecutive <code>5xx</code> errors required for ejection. </p>"
}
},
"documentation":"<p>An object that represents the outlier detection for a virtual node's listener.</p>"
},
"OutlierDetectionMaxEjectionPercent":{
"type":"integer",
"box":true,
"max":100,
"min":0
},
"OutlierDetectionMaxServerErrors":{
"type":"long",
"box":true,
"min":1
},
"PercentInt":{
"type":"integer",
"max":100,
"min":0
},
"PortMapping":{
"type":"structure",
"required":[
"port",
"protocol"
],
"members":{
"port":{
"shape":"PortNumber",
"documentation":"<p>The port used for the port mapping.</p>"
"documentation":"<p>The Unix epoch timestamp in seconds for when the resource was last updated.</p>"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"resourceOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"uid":{
"shape":"String",
"documentation":"<p>The unique identifier for the resource.</p>"
},
"version":{
"shape":"Long",
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
"documentation":"<p>The values sent must match the specified values exactly.</p>"
}
},
"documentation":"<p>An object that represents the methods by which a subject alternative name on a peer Transport Layer Security (TLS) certificate can be matched.</p>"
},
"SubjectAlternativeNames":{
"type":"structure",
"required":["match"],
"members":{
"match":{
"shape":"SubjectAlternativeNameMatchers",
"documentation":"<p>An object that represents the criteria for determining a SANs match.</p>"
}
},
"documentation":"<p>An object that represents the subject alternative names secured by the certificate.</p>"
"documentation":"<p>One part of a key-value pair that make up a tag. A <code>key</code> is a general label that acts like a category for more specific tag values.</p>"
},
"value":{
"shape":"TagValue",
"documentation":"<p>The optional part of a key-value pair that make up a tag. A <code>value</code> acts as a descriptor within a tag category (key).</p>"
"documentation":"<p>Optional metadata that you apply to a resource to assist with categorization and organization. Each tag consists of a key and an optional value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>The Amazon Resource Name (ARN) of the resource to add tags to.</p>",
"location":"querystring",
"locationName":"resourceArn"
},
"tags":{
"shape":"TagList",
"documentation":"<p>The tags to add to the resource. A tag is an array of key-value pairs. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters.</p>"
"documentation":"<p>An object that represents an idle timeout. An idle timeout bounds the amount of time that a connection may be idle. The default value is none.</p>"
"documentation":"<p>An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certicate Manager (ACM) certificate.</p>"
"documentation":"<p>A reference to an object that represents the name of the secret for a Transport Layer Security (TLS) Secret Discovery Service validation context trust.</p>"
}
},
"documentation":"<p>An object that represents a Transport Layer Security (TLS) Secret Discovery Service validation context trust. The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html\">TLS documentation</a> for more info.</p>"
"documentation":"<p>A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certicate Manager (ACM) certificate.</p>"
"documentation":"<p>The maximum request rate permitted by the App Mesh APIs has been exceeded for your account. For best results, use an increasing or variable sleep interval between requests.</p>",
"documentation":"<p>The request exceeds the maximum allowed number of tags allowed per resource. The current limit is 50 user tags per resource. You must reduce the number of tags in the request. None of the tags in this request were applied.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"idempotencyToken":true
},
"gatewayRouteName":{
"shape":"ResourceName",
"documentation":"<p>The name of the gateway route to update.</p>",
"location":"uri",
"locationName":"gatewayRouteName"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh that the gateway route resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"spec":{
"shape":"GatewayRouteSpec",
"documentation":"<p>The new gateway route specification to apply. This overwrites the existing data.</p>"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway that the gateway route is associated with.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"idempotencyToken":true
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh to update.</p>",
"location":"uri",
"locationName":"meshName"
},
"spec":{
"shape":"MeshSpec",
"documentation":"<p>The service mesh specification to apply.</p>"
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"idempotencyToken":true
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh that the route resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"routeName":{
"shape":"ResourceName",
"documentation":"<p>The name of the route to update.</p>",
"location":"uri",
"locationName":"routeName"
},
"spec":{
"shape":"RouteSpec",
"documentation":"<p>The new route specification to apply. This overwrites the existing data.</p>"
},
"virtualRouterName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual router that the route is associated with.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"idempotencyToken":true
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh that the virtual gateway resides in.</p>",
"location":"uri",
"locationName":"meshName"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"location":"querystring",
"locationName":"meshOwner"
},
"spec":{
"shape":"VirtualGatewaySpec",
"documentation":"<p>The new virtual gateway specification to apply. This overwrites the existing data.</p>"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the virtual gateway to update.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. Up to 36 letters, numbers, hyphens, and underscores are allowed.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>",
"documentation":"<p>An object that represents the type of virtual gateway connection pool.</p> <p>Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.</p> <p>If not present the default value for <code>maxPendingRequests</code> is <code>2147483647</code>.</p>",
"documentation":"<p>The file path to write access logs to. You can use <code>/dev/stdout</code> to send access logs to standard out and configure your Envoy container to use a log driver, such as <code>awslogs</code>, to export the access logs to a log storage service such as Amazon CloudWatch Logs. You can also specify a path in the Envoy container's file system to write the files to disk.</p>"
"documentation":"<p>The time period in milliseconds between each health check execution.</p>"
},
"path":{
"shape":"String",
"documentation":"<p>The destination path for the health check request. This value is only used if the specified protocol is HTTP or HTTP/2. For any other protocol, this value is ignored.</p>"
},
"port":{
"shape":"PortNumber",
"documentation":"<p>The destination port for the health check request. This port must match the port defined in the <a>PortMapping</a> for the listener.</p>"
},
"protocol":{
"shape":"VirtualGatewayPortProtocol",
"documentation":"<p>The protocol for the health check request. If you specify <code>grpc</code>, then your service must conform to the <a href=\"https://github.com/grpc/grpc/blob/master/doc/health-checking.md\">GRPC Health Checking Protocol</a>.</p>"
},
"timeoutMillis":{
"shape":"VirtualGatewayHealthCheckTimeoutMillis",
"documentation":"<p>The amount of time to wait when receiving a response from the health check, in milliseconds.</p>"
},
"unhealthyThreshold":{
"shape":"VirtualGatewayHealthCheckThreshold",
"documentation":"<p>The number of consecutive failed health checks that must occur before declaring a virtual gateway unhealthy.</p>"
"documentation":"<p>An object that represents a Transport Layer Security (TLS) certificate.</p>"
},
"mode":{
"shape":"VirtualGatewayListenerTlsMode",
"documentation":"<p>Specify one of the following modes.</p> <ul> <li> <p> <b/>STRICT – Listener only accepts connections with TLS enabled. </p> </li> <li> <p> <b/>PERMISSIVE – Listener accepts connections with or without TLS enabled.</p> </li> <li> <p> <b/>DISABLED – Listener only accepts connections without TLS. </p> </li> </ul>"
"documentation":"<p>The Amazon Resource Name (ARN) for the certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites\">Transport Layer Security (TLS)</a>.</p>"
"documentation":"<p>An object that represents a local file certificate. The certificate must meet specific requirements and you must have proxy authorization enabled. For more information, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html#virtual-node-tls-prerequisites\">Transport Layer Security (TLS)</a>.</p>"
"documentation":"<p>A reference to an object that represents the name of the secret secret requested from the Secret Discovery Service provider representing Transport Layer Security (TLS) materials like a certificate or certificate chain.</p>"
}
},
"documentation":"<p>An object that represents the virtual gateway's listener's Secret Discovery Service certificate.The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html\">TLS documentation</a> for more info. </p>"
},
"VirtualGatewayListenerTlsValidationContext":{
"type":"structure",
"required":["trust"],
"members":{
"subjectAlternativeNames":{
"shape":"SubjectAlternativeNames",
"documentation":"<p>A reference to an object that represents the SANs for a virtual gateway listener's Transport Layer Security (TLS) validation context.</p>"
"documentation":"<p>A reference to an object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust.</p>"
}
},
"documentation":"<p>An object that represents a virtual gateway's listener's Transport Layer Security (TLS) validation context trust.</p>",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
},
"virtualGatewayName":{
"shape":"ResourceName",
"documentation":"<p>The name of the resource.</p>"
"documentation":"<p>A reference to an object that represents the SANs for a virtual gateway's listener's Transport Layer Security (TLS) validation context.</p>"
"documentation":"<p>An object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certicate Manager (ACM) certificate.</p>"
"documentation":"<p>A reference to an object that represents the name of the secret for a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.</p>"
}
},
"documentation":"<p>An object that represents a virtual gateway's listener's Transport Layer Security (TLS) Secret Discovery Service validation context trust. The proxy must be configured with a local SDS provider via a Unix Domain Socket. See App Mesh <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/tls.html\">TLS documentation</a> for more info.</p>"
"documentation":"<p>A reference to an object that represents a Transport Layer Security (TLS) validation context trust for an AWS Certicate Manager (ACM) certificate.</p>"
"documentation":"<p>A reference to an object that represents a virtual gateway's Transport Layer Security (TLS) Secret Discovery Service validation context trust.</p>"
"documentation":"<p>An object that represents the type of virtual node connection pool.</p> <p>Only one protocol is used at a time and should be the same protocol as the one chosen under port mapping.</p> <p>If not present the default value for <code>maxPendingRequests</code> is <code>2147483647</code>.</p> <p/>",
"documentation":"<p>The Unix epoch timestamp in seconds for when the resource was created.</p>"
},
"lastUpdatedAt":{
"shape":"Timestamp",
"documentation":"<p>The Unix epoch timestamp in seconds for when the resource was last updated.</p>"
},
"meshName":{
"shape":"ResourceName",
"documentation":"<p>The name of the service mesh that the virtual node resides in.</p>"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
"documentation":"<p>A reference to an object that represents the defaults for backends.</p>"
},
"backends":{
"shape":"Backends",
"documentation":"<p>The backends that the virtual node is expected to send outbound traffic to.</p>"
},
"listeners":{
"shape":"Listeners",
"documentation":"<p>The listener that the virtual node is expected to receive inbound traffic from. You can specify one listener.</p>"
},
"logging":{
"shape":"Logging",
"documentation":"<p>The inbound and outbound access logging information for the virtual node.</p>"
},
"serviceDiscovery":{
"shape":"ServiceDiscovery",
"documentation":"<p>The service discovery information for the virtual node. If your virtual node does not expect ingress traffic, you can omit this parameter. If you specify a <code>listener</code>, then you must specify service discovery information.</p>"
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
"documentation":"<p>The name of the service mesh that the virtual service resides in.</p>"
},
"meshOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the service mesh owner. If the account ID is not your own, then it's the ID of the account that shared the mesh with your account. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"resourceOwner":{
"shape":"AccountId",
"documentation":"<p>The AWS IAM account ID of the resource owner. If the account ID is not your own, then it's the ID of the mesh owner or of another account that the mesh is shared with. For more information about mesh sharing, see <a href=\"https://docs.aws.amazon.com/app-mesh/latest/userguide/sharing.html\">Working with shared meshes</a>.</p>"
},
"version":{
"shape":"Long",
"documentation":"<p>The version of the resource. Resources are created at version 1, and this version is incremented each time that they're updated.</p>"
},
"virtualServiceName":{
"shape":"ServiceName",
"documentation":"<p>The name of the virtual service.</p>"
"documentation":"<p>The App Mesh object that is acting as the provider for a virtual service. You can specify a single virtual node or virtual router.</p>"
"documentation":"<p>The virtual node to associate with the weighted target.</p>"
},
"weight":{
"shape":"PercentInt",
"documentation":"<p>The relative weight of the weighted target.</p>"
}
},
"documentation":"<p>An object that represents a target and its relative weight. Traffic is distributed across targets according to their relative weight. For example, a weighted target with a relative weight of 50 receives five times as much traffic as one with a relative weight of 10. The total weight for all targets combined must be less than or equal to 100.</p>"
"documentation":"<p>AWS App Mesh is a service mesh based on the Envoy proxy that makes it easy to monitor and control microservices. App Mesh standardizes how your microservices communicate, giving you end-to-end visibility and helping to ensure high availability for your applications.</p> <p>App Mesh gives you consistent visibility and network traffic controls for every microservice in an application. You can use App Mesh with AWS Fargate, Amazon ECS, Amazon EKS, Kubernetes on AWS, and Amazon EC2.</p> <note> <p>App Mesh supports microservice applications that use service discovery naming for their components. For more information about service discovery on Amazon ECS, see <a href=\"https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-discovery.html\">Service Discovery</a> in the <i>Amazon Elastic Container Service Developer Guide</i>. Kubernetes <code>kube-dns</code> and <code>coredns</code> are supported. For more information, see <a href=\"https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/\">DNS for Services and Pods</a> in the Kubernetes documentation.</p> </note>"