@@ -84,31 +84,33 @@ namespace DSQL
8484 virtual ~DSQLClient ();
8585
8686 /* *
87- * <p>This operation creates a cluster in Amazon Aurora DSQL. You need the
88- * following permissions to use this operation.</p> <p>Permission to create a
89- * cluster.</p> <dl> <dt>dsql:CreateCluster</dt> <dd> <p>Resources:
90- * arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/ *</p> </dd> </dl> <p>
91- * Permission to add tags to a resource.</p> <dl> <dt>dsql:TagResource</dt> <dd>
92- * <p>Resources: arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/ *</p> </dd>
93- * </dl> <p>Permission to configure multi-region properties for a cluster.</p> <dl>
94- * <dt>dsql:PutMultiRegionProperties</dt> <dd> <p>Resources:
95- * arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/ *</p> </dd> </dl> <p>When
96- * specifying multiRegionProperties.clusters.</p> <dl> <dt>dsql:AddPeerCluster</dt>
97- * <dd> <p>Permission to add peer clusters.</p> <p>Resources:</p> <ul> <li>
98- * <p>Local cluster: arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/ *</p>
99- * </li> <li> <p>Each peer cluster: exact ARN of each specified peer cluster</p>
100- * </li> </ul> </dd> </dl> <p>When specifying
101- * multiRegionProperties.witnessRegion.</p> <dl> <dt>dsql:PutWitnessRegion</dt>
102- * <dd> <p>Permission to set a witness region.</p> <p>Resources:
103- * arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/ *</p> <p>Condition Keys:
104- * <code>dsql:WitnessRegion</code> (matching the specified witness region)</p>
105- * <p>This permission is checked both in the cluster Region and in the
106- * witness Region.</p> </dd> </dl> <p> <b>Important Notes for
107- * Multi-Region Operations</b> </p> <ul> <li> <p>The witness region specified in
108- * <code>multiRegionProperties.witnessRegion</code> cannot be the same as the
109- * cluster's Region.</p> </li> <li> <p>When updating clusters with peer
110- * relationships, permissions are checked for both adding and removing peers.</p>
111- * </li> </ul> <p><h3>See Also:</h3> <a
87+ * <p>The CreateCluster API allows you to create both single-region clusters and
88+ * multi-Region clusters. With the addition of the <i>multiRegionProperties</i>
89+ * parameter, you can create a cluster with witness Region support and establish
90+ * peer relationships with clusters in other Regions during creation.</p>
91+ * <p>Creating multi-Region clusters requires additional IAM permissions beyond
92+ * those needed for single-Region clusters, as detailed in the <b>Required
93+ * permissions</b> section below.</p> <p> <b>Required permissions</b> </p>
94+ * <dl> <dt>dsql:CreateCluster</dt> <dd> <p>Required to create a cluster.</p>
95+ * <p>Resources: <code>arn:aws:dsql:region:account-id:cluster/ *</code> </p> </dd>
96+ * <dt>dsql:TagResource</dt> <dd> <p>Permission to add tags to a resource.</p>
97+ * <p>Resources: <code>arn:aws:dsql:region:account-id:cluster/ *</code> </p> </dd>
98+ * <dt>dsql:PutMultiRegionProperties</dt> <dd> <p>Permission to configure
99+ * multi-region properties for a cluster.</p> <p>Resources:
100+ * <code>arn:aws:dsql:region:account-id:cluster/ *</code> </p> </dd>
101+ * <dt>dsql:AddPeerCluster</dt> <dd> <p>When specifying
102+ * <code>multiRegionProperties.clusters</code>, permission to add peer
103+ * clusters.</p> <p>Resources:</p> <ul> <li> <p>Local cluster:
104+ * <code>arn:aws:dsql:region:account-id:cluster/ *</code> </p> </li> <li> <p>Each
105+ * peer cluster: exact ARN of each specified peer cluster</p> </li> </ul> </dd>
106+ * <dt>dsql:PutWitnessRegion</dt> <dd> <p>When specifying
107+ * <code>multiRegionProperties.witnessRegion</code>, permission to set a witness
108+ * Region. This permission is checked both in the cluster Region and in the witness
109+ * Region.</p> <p>Resources: <code>arn:aws:dsql:region:account-id:cluster/ *</code>
110+ * </p> <p>Condition Keys: <code>dsql:WitnessRegion</code> (matching the specified
111+ * witness region)</p> </dd> </dl> <ul> <li> <p>The witness Region
112+ * specified in <code>multiRegionProperties.witnessRegion</code> cannot be the same
113+ * as the cluster's Region.</p> </li> </ul> <p><h3>See Also:</h3> <a
112114 * href="http://docs.aws.amazon.com/goto/WebAPI/dsql-2018-05-10/CreateCluster">AWS
113115 * API Reference</a></p>
114116 */
@@ -308,18 +310,42 @@ namespace DSQL
308310 }
309311
310312 /* *
311- * <p>Updates a cluster.</p> <p> <b>Example IAM Policy for Multi-Region
312- * Operations</b> </p> <p>The following IAM policy grants permissions for
313- * multi-Region operations.</p> <p>The <code>dsql:RemovePeerCluster</code>
313+ * <p>The <i>UpdateCluster</i> API allows you to modify both single-Region and
314+ * multi-Region cluster configurations. With the <i>multiRegionProperties</i>
315+ * parameter, you can add or modify witness Region support and manage peer
316+ * relationships with clusters in other Regions.</p> <p>Note that updating
317+ * multi-region clusters requires additional IAM permissions beyond those needed
318+ * for standard cluster updates, as detailed in the Permissions section.</p>
319+ * <p> <b>Required permissions</b> </p> <dl> <dt>dsql:UpdateCluster</dt>
320+ * <dd> <p>Permission to update a DSQL cluster.</p> <p>Resources:
321+ * <code>arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/<i>cluster-id</i>
322+ * </code> </p> </dd> </dl> <dl> <dt>dsql:PutMultiRegionProperties</dt> <dd>
323+ * <p>Permission to configure multi-Region properties for a cluster.</p>
324+ * <p>Resources:
325+ * <code>arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/<i>cluster-id</i>
326+ * </code> </p> </dd> </dl> <dl> <dt>dsql:GetCluster</dt> <dd> <p>Permission to
327+ * retrieve cluster information.</p> <p>Resources:
328+ * <code>arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/<i>cluster-id</i>
329+ * </code> </p> </dd> <dt>dsql:AddPeerCluster</dt> <dd> <p>Permission to add peer
330+ * clusters.</p> <p>Resources:</p> <ul> <li> <p>Local cluster:
331+ * <code>arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/<i>cluster-id</i>
332+ * </code> </p> </li> <li> <p>Each peer cluster: exact ARN of each specified peer
333+ * cluster</p> </li> </ul> </dd> <dt>dsql:RemovePeerCluster</dt> <dd> <p>Permission
334+ * to remove peer clusters. The <i>dsql:RemovePeerCluster</i> permission uses a
335+ * wildcard ARN pattern to simplify permission management during updates.</p>
336+ * <p>Resources: <code>arn:aws:dsql:*:<i>account-id</i>:cluster/ *</code> </p> </dd>
337+ * </dl> <dl> <dt>dsql:PutWitnessRegion</dt> <dd> <p>Permission to set a witness
338+ * Region.</p> <p>Resources:
339+ * <code>arn:aws:dsql:<i>region</i>:<i>account-id</i>:cluster/<i>cluster-id</i>
340+ * </code> </p> <p>Condition Keys: dsql:WitnessRegion (matching the specified
341+ * witness Region)</p> <p> <b>This permission is checked both in the cluster Region
342+ * and in the witness Region.</b> </p> </dd> </dl> <ul> <li> <p>The
343+ * witness region specified in <code>multiRegionProperties.witnessRegion</code>
344+ * cannot be the same as the cluster's Region.</p> </li> <li> <p>When updating
345+ * clusters with peer relationships, permissions are checked for both adding and
346+ * removing peers.</p> </li> <li> <p>The <code>dsql:RemovePeerCluster</code>
314347 * permission uses a wildcard ARN pattern to simplify permission management during
315- * updates.</p> <p> <b>Important Notes for Multi-Region Operations</b>
316- * </p> <ul> <li> <p>The witness region specified in
317- * <code>multiRegionProperties.witnessRegion</code> cannot be the same as the
318- * cluster's Region.</p> </li> <li> <p>When updating clusters with peer
319- * relationships, permissions are checked for both adding and removing peers.</p>
320- * </li> <li> <p>The <code>dsql:RemovePeerCluster</code> permission uses a wildcard
321- * ARN pattern to simplify permission management during updates.</p> </li> </ul>
322- * <p><h3>See Also:</h3> <a
348+ * updates.</p> </li> </ul> <p><h3>See Also:</h3> <a
323349 * href="http://docs.aws.amazon.com/goto/WebAPI/dsql-2018-05-10/UpdateCluster">AWS
324350 * API Reference</a></p>
325351 */
0 commit comments