1{ 2 "version":"2.0", 3 "metadata":{ 4 "apiVersion":"2018-10-05", 5 "endpointPrefix":"api.tunneling.iot", 6 "jsonVersion":"1.1", 7 "protocol":"json", 8 "serviceFullName":"AWS IoT Secure Tunneling", 9 "serviceId":"IoTSecureTunneling", 10 "signatureVersion":"v4", 11 "signingName":"IoTSecuredTunneling", 12 "targetPrefix":"IoTSecuredTunneling", 13 "uid":"iotsecuretunneling-2018-10-05" 14 }, 15 "operations":{ 16 "CloseTunnel":{ 17 "name":"CloseTunnel", 18 "http":{ 19 "method":"POST", 20 "requestUri":"/" 21 }, 22 "input":{"shape":"CloseTunnelRequest"}, 23 "output":{"shape":"CloseTunnelResponse"}, 24 "errors":[ 25 {"shape":"ResourceNotFoundException"} 26 ], 27 "documentation":"<p>Closes a tunnel identified by the unique tunnel id. When a <code>CloseTunnel</code> request is received, we close the WebSocket connections between the client and proxy server so no data can be transmitted.</p> <p>Requires permission to access the <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions\">CloseTunnel</a> action.</p>" 28 }, 29 "DescribeTunnel":{ 30 "name":"DescribeTunnel", 31 "http":{ 32 "method":"POST", 33 "requestUri":"/" 34 }, 35 "input":{"shape":"DescribeTunnelRequest"}, 36 "output":{"shape":"DescribeTunnelResponse"}, 37 "errors":[ 38 {"shape":"ResourceNotFoundException"} 39 ], 40 "documentation":"<p>Gets information about a tunnel identified by the unique tunnel id.</p> <p>Requires permission to access the <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions\">DescribeTunnel</a> action.</p>" 41 }, 42 "ListTagsForResource":{ 43 "name":"ListTagsForResource", 44 "http":{ 45 "method":"POST", 46 "requestUri":"/" 47 }, 48 "input":{"shape":"ListTagsForResourceRequest"}, 49 "output":{"shape":"ListTagsForResourceResponse"}, 50 "errors":[ 51 {"shape":"ResourceNotFoundException"} 52 ], 53 "documentation":"<p>Lists the tags for the specified resource.</p>" 54 }, 55 "ListTunnels":{ 56 "name":"ListTunnels", 57 "http":{ 58 "method":"POST", 59 "requestUri":"/" 60 }, 61 "input":{"shape":"ListTunnelsRequest"}, 62 "output":{"shape":"ListTunnelsResponse"}, 63 "documentation":"<p>List all tunnels for an Amazon Web Services account. Tunnels are listed by creation time in descending order, newer tunnels will be listed before older tunnels.</p> <p>Requires permission to access the <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions\">ListTunnels</a> action.</p>" 64 }, 65 "OpenTunnel":{ 66 "name":"OpenTunnel", 67 "http":{ 68 "method":"POST", 69 "requestUri":"/" 70 }, 71 "input":{"shape":"OpenTunnelRequest"}, 72 "output":{"shape":"OpenTunnelResponse"}, 73 "errors":[ 74 {"shape":"LimitExceededException"} 75 ], 76 "documentation":"<p>Creates a new tunnel, and returns two client access tokens for clients to use to connect to the IoT Secure Tunneling proxy server.</p> <p>Requires permission to access the <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions\">OpenTunnel</a> action.</p>" 77 }, 78 "RotateTunnelAccessToken":{ 79 "name":"RotateTunnelAccessToken", 80 "http":{ 81 "method":"POST", 82 "requestUri":"/" 83 }, 84 "input":{"shape":"RotateTunnelAccessTokenRequest"}, 85 "output":{"shape":"RotateTunnelAccessTokenResponse"}, 86 "errors":[ 87 {"shape":"ResourceNotFoundException"} 88 ], 89 "documentation":"<p>Revokes the current client access token (CAT) and returns new CAT for clients to use when reconnecting to secure tunneling to access the same tunnel.</p> <p>Requires permission to access the <a href=\"https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions\">RotateTunnelAccessToken</a> action.</p> <note> <p>Rotating the CAT doesn't extend the tunnel duration. For example, say the tunnel duration is 12 hours and the tunnel has already been open for 4 hours. When you rotate the access tokens, the new tokens that are generated can only be used for the remaining 8 hours.</p> </note>" 90 }, 91 "TagResource":{ 92 "name":"TagResource", 93 "http":{ 94 "method":"POST", 95 "requestUri":"/" 96 }, 97 "input":{"shape":"TagResourceRequest"}, 98 "output":{"shape":"TagResourceResponse"}, 99 "errors":[ 100 {"shape":"ResourceNotFoundException"} 101 ], 102 "documentation":"<p>A resource tag.</p>" 103 }, 104 "UntagResource":{ 105 "name":"UntagResource", 106 "http":{ 107 "method":"POST", 108 "requestUri":"/" 109 }, 110 "input":{"shape":"UntagResourceRequest"}, 111 "output":{"shape":"UntagResourceResponse"}, 112 "errors":[ 113 {"shape":"ResourceNotFoundException"} 114 ], 115 "documentation":"<p>Removes a tag from a resource.</p>" 116 } 117 }, 118 "shapes":{ 119 "AmazonResourceName":{ 120 "type":"string", 121 "max":1011, 122 "min":1 123 }, 124 "ClientAccessToken":{ 125 "type":"string", 126 "sensitive":true 127 }, 128 "ClientMode":{ 129 "type":"string", 130 "enum":[ 131 "SOURCE", 132 "DESTINATION", 133 "ALL" 134 ] 135 }, 136 "CloseTunnelRequest":{ 137 "type":"structure", 138 "required":["tunnelId"], 139 "members":{ 140 "tunnelId":{ 141 "shape":"TunnelId", 142 "documentation":"<p>The ID of the tunnel to close.</p>" 143 }, 144 "delete":{ 145 "shape":"DeleteFlag", 146 "documentation":"<p>When set to true, IoT Secure Tunneling deletes the tunnel data immediately.</p>", 147 "box":true 148 } 149 } 150 }, 151 "CloseTunnelResponse":{ 152 "type":"structure", 153 "members":{ 154 } 155 }, 156 "ConnectionState":{ 157 "type":"structure", 158 "members":{ 159 "status":{ 160 "shape":"ConnectionStatus", 161 "documentation":"<p>The connection status of the tunnel. Valid values are <code>CONNECTED</code> and <code>DISCONNECTED</code>.</p>" 162 }, 163 "lastUpdatedAt":{ 164 "shape":"DateType", 165 "documentation":"<p>The last time the connection status was updated.</p>" 166 } 167 }, 168 "documentation":"<p>The state of a connection.</p>" 169 }, 170 "ConnectionStatus":{ 171 "type":"string", 172 "enum":[ 173 "CONNECTED", 174 "DISCONNECTED" 175 ] 176 }, 177 "DateType":{"type":"timestamp"}, 178 "DeleteFlag":{"type":"boolean"}, 179 "DescribeTunnelRequest":{ 180 "type":"structure", 181 "required":["tunnelId"], 182 "members":{ 183 "tunnelId":{ 184 "shape":"TunnelId", 185 "documentation":"<p>The tunnel to describe.</p>" 186 } 187 } 188 }, 189 "DescribeTunnelResponse":{ 190 "type":"structure", 191 "members":{ 192 "tunnel":{ 193 "shape":"Tunnel", 194 "documentation":"<p>The tunnel being described.</p>" 195 } 196 } 197 }, 198 "Description":{ 199 "type":"string", 200 "pattern":"[^\\p{C}]{1,2048}" 201 }, 202 "DestinationConfig":{ 203 "type":"structure", 204 "required":["services"], 205 "members":{ 206 "thingName":{ 207 "shape":"ThingName", 208 "documentation":"<p>The name of the IoT thing to which you want to connect.</p>" 209 }, 210 "services":{ 211 "shape":"ServiceList", 212 "documentation":"<p>A list of service names that identify the target application. The IoT client running on the destination device reads this value and uses it to look up a port or an IP address and a port. The IoT client instantiates the local proxy, which uses this information to connect to the destination application.</p>" 213 } 214 }, 215 "documentation":"<p>The destination configuration.</p>" 216 }, 217 "ErrorMessage":{"type":"string"}, 218 "LimitExceededException":{ 219 "type":"structure", 220 "members":{ 221 "message":{"shape":"ErrorMessage"} 222 }, 223 "documentation":"<p>Thrown when a tunnel limit is exceeded.</p>", 224 "exception":true 225 }, 226 "ListTagsForResourceRequest":{ 227 "type":"structure", 228 "required":["resourceArn"], 229 "members":{ 230 "resourceArn":{ 231 "shape":"AmazonResourceName", 232 "documentation":"<p>The resource ARN.</p>" 233 } 234 } 235 }, 236 "ListTagsForResourceResponse":{ 237 "type":"structure", 238 "members":{ 239 "tags":{ 240 "shape":"TagList", 241 "documentation":"<p>The tags for the specified resource.</p>" 242 } 243 } 244 }, 245 "ListTunnelsRequest":{ 246 "type":"structure", 247 "members":{ 248 "thingName":{ 249 "shape":"ThingName", 250 "documentation":"<p>The name of the IoT thing associated with the destination device.</p>" 251 }, 252 "maxResults":{ 253 "shape":"MaxResults", 254 "documentation":"<p>The maximum number of results to return at once.</p>", 255 "box":true 256 }, 257 "nextToken":{ 258 "shape":"NextToken", 259 "documentation":"<p>To retrieve the next set of results, the nextToken value from a previous response; otherwise null to receive the first set of results.</p>" 260 } 261 } 262 }, 263 "ListTunnelsResponse":{ 264 "type":"structure", 265 "members":{ 266 "tunnelSummaries":{ 267 "shape":"TunnelSummaryList", 268 "documentation":"<p>A short description of the tunnels in an Amazon Web Services account.</p>" 269 }, 270 "nextToken":{ 271 "shape":"NextToken", 272 "documentation":"<p>The token to use to get the next set of results, or null if there are no additional results.</p>" 273 } 274 } 275 }, 276 "MaxResults":{ 277 "type":"integer", 278 "max":100, 279 "min":1 280 }, 281 "NextToken":{ 282 "type":"string", 283 "pattern":"[a-zA-Z0-9_=-]{1,4096}" 284 }, 285 "OpenTunnelRequest":{ 286 "type":"structure", 287 "members":{ 288 "description":{ 289 "shape":"Description", 290 "documentation":"<p>A short text description of the tunnel. </p>" 291 }, 292 "tags":{ 293 "shape":"TagList", 294 "documentation":"<p>A collection of tag metadata.</p>" 295 }, 296 "destinationConfig":{ 297 "shape":"DestinationConfig", 298 "documentation":"<p>The destination configuration for the OpenTunnel request.</p>" 299 }, 300 "timeoutConfig":{ 301 "shape":"TimeoutConfig", 302 "documentation":"<p>Timeout configuration for a tunnel.</p>" 303 } 304 } 305 }, 306 "OpenTunnelResponse":{ 307 "type":"structure", 308 "members":{ 309 "tunnelId":{ 310 "shape":"TunnelId", 311 "documentation":"<p>A unique alpha-numeric tunnel ID.</p>" 312 }, 313 "tunnelArn":{ 314 "shape":"TunnelArn", 315 "documentation":"<p>The Amazon Resource Name for the tunnel.</p>" 316 }, 317 "sourceAccessToken":{ 318 "shape":"ClientAccessToken", 319 "documentation":"<p>The access token the source local proxy uses to connect to IoT Secure Tunneling.</p>" 320 }, 321 "destinationAccessToken":{ 322 "shape":"ClientAccessToken", 323 "documentation":"<p>The access token the destination local proxy uses to connect to IoT Secure Tunneling.</p>" 324 } 325 } 326 }, 327 "ResourceNotFoundException":{ 328 "type":"structure", 329 "members":{ 330 "message":{"shape":"ErrorMessage"} 331 }, 332 "documentation":"<p>Thrown when an operation is attempted on a resource that does not exist.</p>", 333 "exception":true 334 }, 335 "RotateTunnelAccessTokenRequest":{ 336 "type":"structure", 337 "required":[ 338 "tunnelId", 339 "clientMode" 340 ], 341 "members":{ 342 "tunnelId":{ 343 "shape":"TunnelId", 344 "documentation":"<p>The tunnel for which you want to rotate the access tokens.</p>" 345 }, 346 "clientMode":{ 347 "shape":"ClientMode", 348 "documentation":"<p>The mode of the client that will use the client token, which can be either the source or destination, or both source and destination.</p>" 349 }, 350 "destinationConfig":{"shape":"DestinationConfig"} 351 } 352 }, 353 "RotateTunnelAccessTokenResponse":{ 354 "type":"structure", 355 "members":{ 356 "tunnelArn":{ 357 "shape":"TunnelArn", 358 "documentation":"<p>The Amazon Resource Name for the tunnel.</p>" 359 }, 360 "sourceAccessToken":{ 361 "shape":"ClientAccessToken", 362 "documentation":"<p>The client access token that the source local proxy uses to connect to IoT Secure Tunneling.</p>" 363 }, 364 "destinationAccessToken":{ 365 "shape":"ClientAccessToken", 366 "documentation":"<p>The client access token that the destination local proxy uses to connect to IoT Secure Tunneling.</p>" 367 } 368 } 369 }, 370 "Service":{ 371 "type":"string", 372 "max":128, 373 "min":1, 374 "pattern":"[a-zA-Z0-9:_-]+" 375 }, 376 "ServiceList":{ 377 "type":"list", 378 "member":{"shape":"Service"}, 379 "min":1 380 }, 381 "Tag":{ 382 "type":"structure", 383 "required":[ 384 "key", 385 "value" 386 ], 387 "members":{ 388 "key":{ 389 "shape":"TagKey", 390 "documentation":"<p>The key of the tag.</p>" 391 }, 392 "value":{ 393 "shape":"TagValue", 394 "documentation":"<p>The value of the tag.</p>" 395 } 396 }, 397 "documentation":"<p>An arbitary key/value pair used to add searchable metadata to secure tunnel resources.</p>" 398 }, 399 "TagKey":{ 400 "type":"string", 401 "max":128, 402 "min":1, 403 "pattern":"^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$" 404 }, 405 "TagKeyList":{ 406 "type":"list", 407 "member":{"shape":"TagKey"}, 408 "max":200, 409 "min":0 410 }, 411 "TagList":{ 412 "type":"list", 413 "member":{"shape":"Tag"}, 414 "max":200, 415 "min":1 416 }, 417 "TagResourceRequest":{ 418 "type":"structure", 419 "required":[ 420 "resourceArn", 421 "tags" 422 ], 423 "members":{ 424 "resourceArn":{ 425 "shape":"AmazonResourceName", 426 "documentation":"<p>The ARN of the resource.</p>" 427 }, 428 "tags":{ 429 "shape":"TagList", 430 "documentation":"<p>The tags for the resource.</p>" 431 } 432 } 433 }, 434 "TagResourceResponse":{ 435 "type":"structure", 436 "members":{ 437 } 438 }, 439 "TagValue":{ 440 "type":"string", 441 "max":256, 442 "min":0, 443 "pattern":"^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-@]*)$" 444 }, 445 "ThingName":{ 446 "type":"string", 447 "max":128, 448 "min":1, 449 "pattern":"[a-zA-Z0-9:_-]+" 450 }, 451 "TimeoutConfig":{ 452 "type":"structure", 453 "members":{ 454 "maxLifetimeTimeoutMinutes":{ 455 "shape":"TimeoutInMin", 456 "documentation":"<p>The maximum amount of time (in minutes) a tunnel can remain open. If not specified, maxLifetimeTimeoutMinutes defaults to 720 minutes. Valid values are from 1 minute to 12 hours (720 minutes) </p>", 457 "box":true 458 } 459 }, 460 "documentation":"<p>Tunnel timeout configuration.</p>" 461 }, 462 "TimeoutInMin":{ 463 "type":"integer", 464 "max":720, 465 "min":1 466 }, 467 "Tunnel":{ 468 "type":"structure", 469 "members":{ 470 "tunnelId":{ 471 "shape":"TunnelId", 472 "documentation":"<p>A unique alpha-numeric ID that identifies a tunnel.</p>" 473 }, 474 "tunnelArn":{ 475 "shape":"TunnelArn", 476 "documentation":"<p>The Amazon Resource Name (ARN) of a tunnel.</p>" 477 }, 478 "status":{ 479 "shape":"TunnelStatus", 480 "documentation":"<p>The status of a tunnel. Valid values are: Open and Closed.</p>" 481 }, 482 "sourceConnectionState":{ 483 "shape":"ConnectionState", 484 "documentation":"<p>The connection state of the source application.</p>" 485 }, 486 "destinationConnectionState":{ 487 "shape":"ConnectionState", 488 "documentation":"<p>The connection state of the destination application.</p>" 489 }, 490 "description":{ 491 "shape":"Description", 492 "documentation":"<p>A description of the tunnel.</p>" 493 }, 494 "destinationConfig":{ 495 "shape":"DestinationConfig", 496 "documentation":"<p>The destination configuration that specifies the thing name of the destination device and a service name that the local proxy uses to connect to the destination application.</p>" 497 }, 498 "timeoutConfig":{ 499 "shape":"TimeoutConfig", 500 "documentation":"<p>Timeout configuration for the tunnel.</p>" 501 }, 502 "tags":{ 503 "shape":"TagList", 504 "documentation":"<p>A list of tag metadata associated with the secure tunnel.</p>" 505 }, 506 "createdAt":{ 507 "shape":"DateType", 508 "documentation":"<p>The time when the tunnel was created.</p>" 509 }, 510 "lastUpdatedAt":{ 511 "shape":"DateType", 512 "documentation":"<p>The last time the tunnel was updated.</p>" 513 } 514 }, 515 "documentation":"<p>A connection between a source computer and a destination device.</p>" 516 }, 517 "TunnelArn":{ 518 "type":"string", 519 "max":1600, 520 "min":1 521 }, 522 "TunnelId":{ 523 "type":"string", 524 "pattern":"[a-zA-Z0-9_\\-+=:]{1,128}" 525 }, 526 "TunnelStatus":{ 527 "type":"string", 528 "enum":[ 529 "OPEN", 530 "CLOSED" 531 ] 532 }, 533 "TunnelSummary":{ 534 "type":"structure", 535 "members":{ 536 "tunnelId":{ 537 "shape":"TunnelId", 538 "documentation":"<p>The unique alpha-numeric identifier for the tunnel.</p>" 539 }, 540 "tunnelArn":{ 541 "shape":"TunnelArn", 542 "documentation":"<p>The Amazon Resource Name of the tunnel. </p>" 543 }, 544 "status":{ 545 "shape":"TunnelStatus", 546 "documentation":"<p>The status of a tunnel. Valid values are: Open and Closed.</p>" 547 }, 548 "description":{ 549 "shape":"Description", 550 "documentation":"<p>A description of the tunnel.</p>" 551 }, 552 "createdAt":{ 553 "shape":"DateType", 554 "documentation":"<p>The time the tunnel was created.</p>" 555 }, 556 "lastUpdatedAt":{ 557 "shape":"DateType", 558 "documentation":"<p>The time the tunnel was last updated.</p>" 559 } 560 }, 561 "documentation":"<p>Information about the tunnel.</p>" 562 }, 563 "TunnelSummaryList":{ 564 "type":"list", 565 "member":{"shape":"TunnelSummary"} 566 }, 567 "UntagResourceRequest":{ 568 "type":"structure", 569 "required":[ 570 "resourceArn", 571 "tagKeys" 572 ], 573 "members":{ 574 "resourceArn":{ 575 "shape":"AmazonResourceName", 576 "documentation":"<p>The resource ARN.</p>" 577 }, 578 "tagKeys":{ 579 "shape":"TagKeyList", 580 "documentation":"<p>The keys of the tags to remove.</p>" 581 } 582 } 583 }, 584 "UntagResourceResponse":{ 585 "type":"structure", 586 "members":{ 587 } 588 } 589 }, 590 "documentation":"<fullname>IoT Secure Tunneling</fullname> <p>IoT Secure Tunneling creates remote connections to devices deployed in the field.</p> <p>For more information about how IoT Secure Tunneling works, see <a href=\"https://docs.aws.amazon.com/iot/latest/developerguide/secure-tunneling.html\">IoT Secure Tunneling</a>.</p>" 591} 592