aws-sdk-core 2.6.41 → 2.6.42

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +4 -4
  2. data/apis/apigateway/2015-07-09/api-2.json +92 -0
  3. data/apis/elasticbeanstalk/2010-12-01/api-2.json +70 -2
  4. data/apis/iam/2010-05-08/api-2.json +209 -1
  5. data/apis/kms/2014-11-01/api-2.json +2 -2
  6. data/apis/kms/2014-11-01/examples-1.json +810 -0
  7. data/lib/aws-sdk-core/version.rb +1 -1
  8. data/lib/seahorse/client/net_http/handler.rb +5 -2
  9. metadata +2 -2
data/apis/kms/2014-11-01/api-2.json CHANGED
@@ -1,7 +1,6 @@
1
1
  {
2
2
  "version":"2.0",
3
3
  "metadata":{
4
- "uid":"kms-2014-11-01",
5
4
  "apiVersion":"2014-11-01",
6
5
  "endpointPrefix":"kms",
7
6
  "jsonVersion":"1.1",
@@ -9,7 +8,8 @@
9
8
  "serviceAbbreviation":"KMS",
10
9
  "serviceFullName":"AWS Key Management Service",
11
10
  "signatureVersion":"v4",
12
- "targetPrefix":"TrentService"
11
+ "targetPrefix":"TrentService",
12
+ "uid":"kms-2014-11-01"
13
13
  },
14
14
  "operations":{
15
15
  "CancelKeyDeletion":{
data/apis/kms/2014-11-01/examples-1.json CHANGED
@@ -1,5 +1,815 @@
1
1
  {
2
2
  "version": "1.0",
3
3
  "examples": {
4
+ "CancelKeyDeletion": [
5
+ {
6
+ "input": {
7
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
8
+ },
9
+ "output": {
10
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
11
+ },
12
+ "comments": {
13
+ "input": {
14
+ "KeyId": "The identifier of the CMK whose deletion you are canceling. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
15
+ },
16
+ "output": {
17
+ "KeyId": "The ARN of the CMK whose deletion you canceled."
18
+ }
19
+ },
20
+ "description": "The following example cancels deletion of the specified CMK.",
21
+ "id": "to-cancel-deletion-of-a-cmk-1477428535102",
22
+ "title": "To cancel deletion of a customer master key (CMK)"
23
+ }
24
+ ],
25
+ "CreateAlias": [
26
+ {
27
+ "input": {
28
+ "AliasName": "alias/ExampleAlias",
29
+ "TargetKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
30
+ },
31
+ "comments": {
32
+ "input": {
33
+ "AliasName": "The alias to create. Aliases must begin with 'alias/'. Do not use aliases that begin with 'alias/aws' because they are reserved for use by AWS.",
34
+ "TargetKeyId": "The identifier of the CMK whose alias you are creating. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
35
+ }
36
+ },
37
+ "description": "The following example creates an alias for the specified customer master key (CMK).",
38
+ "id": "to-create-an-alias-1477505685119",
39
+ "title": "To create an alias"
40
+ }
41
+ ],
42
+ "CreateGrant": [
43
+ {
44
+ "input": {
45
+ "GranteePrincipal": "arn:aws:iam::111122223333:role/ExampleRole",
46
+ "KeyId": "arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab",
47
+ "Operations": [
48
+ "Encrypt",
49
+ "Decrypt"
50
+ ]
51
+ },
52
+ "output": {
53
+ "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
54
+ "GrantToken": "AQpAM2RhZTk1MGMyNTk2ZmZmMzEyYWVhOWViN2I1MWM4Mzc0MWFiYjc0ZDE1ODkyNGFlNTIzODZhMzgyZjBlNGY3NiKIAgEBAgB4Pa6VDCWW__MSrqnre1HIN0Grt00ViSSuUjhqOC8OT3YAAADfMIHcBgkqhkiG9w0BBwaggc4wgcsCAQAwgcUGCSqGSIb3DQEHATAeBglghkgBZQMEAS4wEQQMmqLyBTAegIn9XlK5AgEQgIGXZQjkBcl1dykDdqZBUQ6L1OfUivQy7JVYO2-ZJP7m6f1g8GzV47HX5phdtONAP7K_HQIflcgpkoCqd_fUnE114mSmiagWkbQ5sqAVV3ov-VeqgrvMe5ZFEWLMSluvBAqdjHEdMIkHMlhlj4ENZbzBfo9Wxk8b8SnwP4kc4gGivedzFXo-dwN8fxjjq_ZZ9JFOj2ijIbj5FyogDCN0drOfi8RORSEuCEmPvjFRMFAwcmwFkN2NPp89amA"
55
+ },
56
+ "comments": {
57
+ "input": {
58
+ "GranteePrincipal": "The identity that is given permission to perform the operations specified in the grant.",
59
+ "KeyId": "The identifier of the CMK to which the grant applies. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.",
60
+ "Operations": "A list of operations that the grant allows."
61
+ },
62
+ "output": {
63
+ "GrantId": "The unique identifier of the grant.",
64
+ "GrantToken": "The grant token."
65
+ }
66
+ },
67
+ "description": "The following example creates a grant that allows the specified IAM role to encrypt data with the specified customer master key (CMK).",
68
+ "id": "to-create-a-grant-1477972226782",
69
+ "title": "To create a grant"
70
+ }
71
+ ],
72
+ "CreateKey": [
73
+ {
74
+ "output": {
75
+ "KeyMetadata": {
76
+ "AWSAccountId": "111122223333",
77
+ "Arn": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
78
+ "CreationDate": "2016-11-01T10:15:42-07:00",
79
+ "Description": "",
80
+ "Enabled": true,
81
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
82
+ "KeyState": "Enabled",
83
+ "KeyUsage": "ENCRYPT_DECRYPT",
84
+ "Origin": "AWS_KMS"
85
+ }
86
+ },
87
+ "comments": {
88
+ "output": {
89
+ "KeyMetadata": "An object that contains information about the CMK created by this operation."
90
+ }
91
+ },
92
+ "description": "The following example creates a CMK.",
93
+ "id": "to-create-a-cmk-1478028992966",
94
+ "title": "To create a customer master key (CMK)"
95
+ }
96
+ ],
97
+ "Decrypt": [
98
+ {
99
+ "input": {
100
+ "CiphertextBlob": "<binary data>"
101
+ },
102
+ "output": {
103
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
104
+ "Plaintext": "<binary data>"
105
+ },
106
+ "comments": {
107
+ "input": {
108
+ "CiphertextBlob": "The encrypted data (ciphertext)."
109
+ },
110
+ "output": {
111
+ "KeyId": "The Amazon Resource Name (ARN) of the CMK that was used to decrypt the data.",
112
+ "Plaintext": "The decrypted (plaintext) data."
113
+ }
114
+ },
115
+ "description": "The following example decrypts data that was encrypted with a customer master key (CMK) in AWS KMS.",
116
+ "id": "to-decrypt-data-1478281622886",
117
+ "title": "To decrypt data"
118
+ }
119
+ ],
120
+ "DeleteAlias": [
121
+ {
122
+ "input": {
123
+ "AliasName": "alias/ExampleAlias"
124
+ },
125
+ "comments": {
126
+ "input": {
127
+ "AliasName": "The alias to delete."
128
+ }
129
+ },
130
+ "description": "The following example deletes the specified alias.",
131
+ "id": "to-delete-an-alias-1478285209338",
132
+ "title": "To delete an alias"
133
+ }
134
+ ],
135
+ "DeleteImportedKeyMaterial": [
136
+ {
137
+ "input": {
138
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
139
+ },
140
+ "comments": {
141
+ "input": {
142
+ "KeyId": "The identifier of the CMK whose imported key material you are deleting. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
143
+ }
144
+ },
145
+ "description": "The following example deletes the imported key material from the specified customer master key (CMK).",
146
+ "id": "to-delete-imported-key-material-1478561674507",
147
+ "title": "To delete imported key material"
148
+ }
149
+ ],
150
+ "DescribeKey": [
151
+ {
152
+ "input": {
153
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
154
+ },
155
+ "output": {
156
+ "KeyMetadata": {
157
+ "AWSAccountId": "111122223333",
158
+ "Arn": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
159
+ "CreationDate": "2015-10-12T11:45:07-07:00",
160
+ "Description": "",
161
+ "Enabled": true,
162
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
163
+ "KeyState": "Enabled",
164
+ "KeyUsage": "ENCRYPT_DECRYPT",
165
+ "Origin": "AWS_KMS"
166
+ }
167
+ },
168
+ "comments": {
169
+ "input": {
170
+ "KeyId": "The identifier of the CMK that you want information about. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
171
+ },
172
+ "output": {
173
+ "KeyMetadata": "An object that contains information about the specified CMK."
174
+ }
175
+ },
176
+ "description": "The following example returns information (metadata) about the specified CMK.",
177
+ "id": "to-obtain-information-about-a-cmk-1478565820907",
178
+ "title": "To obtain information about a customer master key (CMK)"
179
+ }
180
+ ],
181
+ "DisableKey": [
182
+ {
183
+ "input": {
184
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
185
+ },
186
+ "comments": {
187
+ "input": {
188
+ "KeyId": "The identifier of the CMK to disable. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
189
+ }
190
+ },
191
+ "description": "The following example disables the specified CMK.",
192
+ "id": "to-disable-a-cmk-1478566583659",
193
+ "title": "To disable a customer master key (CMK)"
194
+ }
195
+ ],
196
+ "DisableKeyRotation": [
197
+ {
198
+ "input": {
199
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
200
+ },
201
+ "comments": {
202
+ "input": {
203
+ "KeyId": "The identifier of the CMK whose key material will no longer be rotated. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
204
+ }
205
+ },
206
+ "description": "The following example disables automatic annual rotation of the key material for the specified CMK.",
207
+ "id": "to-disable-automatic-rotation-of-key-material-1478624396092",
208
+ "title": "To disable automatic rotation of key material"
209
+ }
210
+ ],
211
+ "EnableKey": [
212
+ {
213
+ "input": {
214
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
215
+ },
216
+ "comments": {
217
+ "input": {
218
+ "KeyId": "The identifier of the CMK to enable. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
219
+ }
220
+ },
221
+ "description": "The following example enables the specified CMK.",
222
+ "id": "to-enable-a-cmk-1478627501129",
223
+ "title": "To enable a customer master key (CMK)"
224
+ }
225
+ ],
226
+ "EnableKeyRotation": [
227
+ {
228
+ "input": {
229
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
230
+ },
231
+ "comments": {
232
+ "input": {
233
+ "KeyId": "The identifier of the CMK whose key material will be rotated annually. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
234
+ }
235
+ },
236
+ "description": "The following example enables automatic annual rotation of the key material for the specified CMK.",
237
+ "id": "to-enable-automatic-rotation-of-key-material-1478629109677",
238
+ "title": "To enable automatic rotation of key material"
239
+ }
240
+ ],
241
+ "Encrypt": [
242
+ {
243
+ "input": {
244
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
245
+ "Plaintext": "<binary data>"
246
+ },
247
+ "output": {
248
+ "CiphertextBlob": "<binary data>",
249
+ "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
250
+ },
251
+ "comments": {
252
+ "input": {
253
+ "KeyId": "The identifier of the CMK to use for encryption. You can use the key ID or Amazon Resource Name (ARN) of the CMK, or the name or ARN of an alias that refers to the CMK.",
254
+ "Plaintext": "The data to encrypt."
255
+ },
256
+ "output": {
257
+ "CiphertextBlob": "The encrypted data (ciphertext).",
258
+ "KeyId": "The ARN of the CMK that was used to encrypt the data."
259
+ }
260
+ },
261
+ "description": "The following example encrypts data with the specified customer master key (CMK).",
262
+ "id": "to-encrypt-data-1478906026012",
263
+ "title": "To encrypt data"
264
+ }
265
+ ],
266
+ "GenerateDataKey": [
267
+ {
268
+ "input": {
269
+ "KeyId": "alias/ExampleAlias",
270
+ "KeySpec": "AES_256"
271
+ },
272
+ "output": {
273
+ "CiphertextBlob": "<binary data>",
274
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
275
+ "Plaintext": "<binary data>"
276
+ },
277
+ "comments": {
278
+ "input": {
279
+ "KeyId": "The identifier of the CMK to use to encrypt the data key. You can use the key ID or Amazon Resource Name (ARN) of the CMK, or the name or ARN of an alias that refers to the CMK.",
280
+ "KeySpec": "Specifies the type of data key to return."
281
+ },
282
+ "output": {
283
+ "CiphertextBlob": "The encrypted data key.",
284
+ "KeyId": "The ARN of the CMK that was used to encrypt the data key.",
285
+ "Plaintext": "The unencrypted (plaintext) data key."
286
+ }
287
+ },
288
+ "description": "The following example generates a 256-bit symmetric data encryption key (data key) in two formats. One is the unencrypted (plainext) data key, and the other is the data key encrypted with the specified customer master key (CMK).",
289
+ "id": "to-generate-a-data-key-1478912956062",
290
+ "title": "To generate a data key"
291
+ }
292
+ ],
293
+ "GenerateDataKeyWithoutPlaintext": [
294
+ {
295
+ "input": {
296
+ "KeyId": "alias/ExampleAlias",
297
+ "KeySpec": "AES_256"
298
+ },
299
+ "output": {
300
+ "CiphertextBlob": "<binary data>",
301
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
302
+ },
303
+ "comments": {
304
+ "input": {
305
+ "KeyId": "The identifier of the CMK to use to encrypt the data key. You can use the key ID or Amazon Resource Name (ARN) of the CMK, or the name or ARN of an alias that refers to the CMK.",
306
+ "KeySpec": "Specifies the type of data key to return."
307
+ },
308
+ "output": {
309
+ "CiphertextBlob": "The encrypted data key.",
310
+ "KeyId": "The ARN of the CMK that was used to encrypt the data key."
311
+ }
312
+ },
313
+ "description": "The following example generates an encrypted copy of a 256-bit symmetric data encryption key (data key). The data key is encrypted with the specified customer master key (CMK).",
314
+ "id": "to-generate-an-encrypted-data-key-1478914121134",
315
+ "title": "To generate an encrypted data key"
316
+ }
317
+ ],
318
+ "GenerateRandom": [
319
+ {
320
+ "input": {
321
+ "NumberOfBytes": 32
322
+ },
323
+ "output": {
324
+ "Plaintext": "<binary data>"
325
+ },
326
+ "comments": {
327
+ "input": {
328
+ "NumberOfBytes": "The length of the random data, specified in number of bytes."
329
+ },
330
+ "output": {
331
+ "Plaintext": "The random data."
332
+ }
333
+ },
334
+ "description": "The following example uses AWS KMS to generate 32 bytes of random data.",
335
+ "id": "to-generate-random-data-1479163645600",
336
+ "title": "To generate random data"
337
+ }
338
+ ],
339
+ "GetKeyPolicy": [
340
+ {
341
+ "input": {
342
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
343
+ "PolicyName": "default"
344
+ },
345
+ "output": {
346
+ "Policy": "{\n \"Version\" : \"2012-10-17\",\n \"Id\" : \"key-default-1\",\n \"Statement\" : [ {\n \"Sid\" : \"Enable IAM User Permissions\",\n \"Effect\" : \"Allow\",\n \"Principal\" : {\n \"AWS\" : \"arn:aws:iam::111122223333:root\"\n },\n \"Action\" : \"kms:*\",\n \"Resource\" : \"*\"\n } ]\n}"
347
+ },
348
+ "comments": {
349
+ "input": {
350
+ "KeyId": "The identifier of the CMK whose key policy you want to retrieve. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.",
351
+ "PolicyName": "The name of the key policy to retrieve."
352
+ },
353
+ "output": {
354
+ "Policy": "The key policy document."
355
+ }
356
+ },
357
+ "description": "The following example retrieves the key policy for the specified customer master key (CMK).",
358
+ "id": "to-retrieve-a-key-policy-1479170128325",
359
+ "title": "To retrieve a key policy"
360
+ }
361
+ ],
362
+ "GetKeyRotationStatus": [
363
+ {
364
+ "input": {
365
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
366
+ },
367
+ "output": {
368
+ "KeyRotationEnabled": true
369
+ },
370
+ "comments": {
371
+ "input": {
372
+ "KeyId": "The identifier of the CMK whose key material rotation status you want to retrieve. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
373
+ },
374
+ "output": {
375
+ "KeyRotationEnabled": "A boolean that indicates the key material rotation status. Returns true when automatic annual rotation of the key material is enabled, or false when it is not."
376
+ }
377
+ },
378
+ "description": "The following example retrieves the status of automatic annual rotation of the key material for the specified CMK.",
379
+ "id": "to-retrieve-the-rotation-status-for-a-cmk-1479172287408",
380
+ "title": "To retrieve the rotation status for a customer master key (CMK)"
381
+ }
382
+ ],
383
+ "GetParametersForImport": [
384
+ {
385
+ "input": {
386
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
387
+ "WrappingAlgorithm": "RSAES_OAEP_SHA_1",
388
+ "WrappingKeySpec": "RSA_2048"
389
+ },
390
+ "output": {
391
+ "ImportToken": "<binary data>",
392
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
393
+ "ParametersValidTo": "2016-12-01T14:52:17-08:00",
394
+ "PublicKey": "<binary data>"
395
+ },
396
+ "comments": {
397
+ "input": {
398
+ "KeyId": "The identifier of the CMK for which to retrieve the public key and import token. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.",
399
+ "WrappingAlgorithm": "The algorithm that you will use to encrypt the key material before importing it.",
400
+ "WrappingKeySpec": "The type of wrapping key (public key) to return in the response."
401
+ },
402
+ "output": {
403
+ "ImportToken": "The import token to send with a subsequent ImportKeyMaterial request.",
404
+ "KeyId": "The ARN of the CMK for which you are retrieving the public key and import token. This is the same CMK specified in the request.",
405
+ "ParametersValidTo": "The time at which the import token and public key are no longer valid.",
406
+ "PublicKey": "The public key to use to encrypt the key material before importing it."
407
+ }
408
+ },
409
+ "description": "The following example retrieves the public key and import token for the specified CMK.",
410
+ "id": "to-retrieve-the-public-key-and-import-token-for-a-cmk-1480626483211",
411
+ "title": "To retrieve the public key and import token for a customer master key (CMK)"
412
+ }
413
+ ],
414
+ "ImportKeyMaterial": [
415
+ {
416
+ "input": {
417
+ "EncryptedKeyMaterial": "<binary data>",
418
+ "ExpirationModel": "KEY_MATERIAL_DOES_NOT_EXPIRE",
419
+ "ImportToken": "<binary data>",
420
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
421
+ },
422
+ "comments": {
423
+ "input": {
424
+ "EncryptedKeyMaterial": "The encrypted key material to import.",
425
+ "ExpirationModel": "A value that specifies whether the key material expires.",
426
+ "ImportToken": "The import token that you received in the response to a previous GetParametersForImport request.",
427
+ "KeyId": "The identifier of the CMK to import the key material into. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
428
+ }
429
+ },
430
+ "description": "The following example imports key material into the specified CMK.",
431
+ "id": "to-import-key-material-into-a-cmk-1480630551969",
432
+ "title": "To import key material into a customer master key (CMK)"
433
+ }
434
+ ],
435
+ "ListAliases": [
436
+ {
437
+ "output": {
438
+ "Aliases": [
439
+ {
440
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/acm",
441
+ "AliasName": "alias/aws/acm",
442
+ "TargetKeyId": "da03f6f7-d279-427a-9cae-de48d07e5b66"
443
+ },
444
+ {
445
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/ebs",
446
+ "AliasName": "alias/aws/ebs",
447
+ "TargetKeyId": "25a217e7-7170-4b8c-8bf6-045ea5f70e5b"
448
+ },
449
+ {
450
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/rds",
451
+ "AliasName": "alias/aws/rds",
452
+ "TargetKeyId": "7ec3104e-c3f2-4b5c-bf42-bfc4772c6685"
453
+ },
454
+ {
455
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/redshift",
456
+ "AliasName": "alias/aws/redshift",
457
+ "TargetKeyId": "08f7a25a-69e2-4fb5-8f10-393db27326fa"
458
+ },
459
+ {
460
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/s3",
461
+ "AliasName": "alias/aws/s3",
462
+ "TargetKeyId": "d2b0f1a3-580d-4f79-b836-bc983be8cfa5"
463
+ },
464
+ {
465
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example1",
466
+ "AliasName": "alias/example1",
467
+ "TargetKeyId": "4da1e216-62d0-46c5-a7c0-5f3a3d2f8046"
468
+ },
469
+ {
470
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example2",
471
+ "AliasName": "alias/example2",
472
+ "TargetKeyId": "f32fef59-2cc2-445b-8573-2d73328acbee"
473
+ },
474
+ {
475
+ "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example3",
476
+ "AliasName": "alias/example3",
477
+ "TargetKeyId": "1374ef38-d34e-4d5f-b2c9-4e0daee38855"
478
+ }
479
+ ],
480
+ "Truncated": false
481
+ },
482
+ "comments": {
483
+ "output": {
484
+ "Aliases": "A list of aliases, including the key ID of the customer master key (CMK) that each alias refers to.",
485
+ "Truncated": "A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not."
486
+ }
487
+ },
488
+ "description": "The following example lists aliases.",
489
+ "id": "to-list-aliases-1480729693349",
490
+ "title": "To list aliases"
491
+ }
492
+ ],
493
+ "ListGrants": [
494
+ {
495
+ "input": {
496
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
497
+ },
498
+ "output": {
499
+ "Grants": [
500
+ {
501
+ "CreationDate": "2016-10-25T14:37:41-07:00",
502
+ "GrantId": "91ad875e49b04a9d1f3bdeb84d821f9db6ea95e1098813f6d47f0c65fbe2a172",
503
+ "GranteePrincipal": "acm.us-east-2.amazonaws.com",
504
+ "IssuingAccount": "arn:aws:iam::111122223333:root",
505
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
506
+ "Operations": [
507
+ "Encrypt",
508
+ "ReEncryptFrom",
509
+ "ReEncryptTo"
510
+ ],
511
+ "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
512
+ },
513
+ {
514
+ "CreationDate": "2016-10-25T14:37:41-07:00",
515
+ "GrantId": "a5d67d3e207a8fc1f4928749ee3e52eb0440493a8b9cf05bbfad91655b056200",
516
+ "GranteePrincipal": "acm.us-east-2.amazonaws.com",
517
+ "IssuingAccount": "arn:aws:iam::111122223333:root",
518
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
519
+ "Operations": [
520
+ "ReEncryptFrom",
521
+ "ReEncryptTo"
522
+ ],
523
+ "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
524
+ },
525
+ {
526
+ "CreationDate": "2016-10-25T14:37:41-07:00",
527
+ "GrantId": "c541aaf05d90cb78846a73b346fc43e65be28b7163129488c738e0c9e0628f4f",
528
+ "GranteePrincipal": "acm.us-east-2.amazonaws.com",
529
+ "IssuingAccount": "arn:aws:iam::111122223333:root",
530
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
531
+ "Operations": [
532
+ "Encrypt",
533
+ "ReEncryptFrom",
534
+ "ReEncryptTo"
535
+ ],
536
+ "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
537
+ },
538
+ {
539
+ "CreationDate": "2016-10-25T14:37:41-07:00",
540
+ "GrantId": "dd2052c67b4c76ee45caf1dc6a1e2d24e8dc744a51b36ae2f067dc540ce0105c",
541
+ "GranteePrincipal": "acm.us-east-2.amazonaws.com",
542
+ "IssuingAccount": "arn:aws:iam::111122223333:root",
543
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
544
+ "Operations": [
545
+ "Encrypt",
546
+ "ReEncryptFrom",
547
+ "ReEncryptTo"
548
+ ],
549
+ "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
550
+ }
551
+ ],
552
+ "Truncated": true
553
+ },
554
+ "comments": {
555
+ "input": {
556
+ "KeyId": "The identifier of the CMK whose grants you want to list. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
557
+ },
558
+ "output": {
559
+ "Grants": "A list of grants.",
560
+ "Truncated": "A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not."
561
+ }
562
+ },
563
+ "description": "The following example lists grants for the specified CMK.",
564
+ "id": "to-list-grants-for-a-cmk-1481067365389",
565
+ "title": "To list grants for a customer master key (CMK)"
566
+ }
567
+ ],
568
+ "ListKeyPolicies": [
569
+ {
570
+ "input": {
571
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
572
+ },
573
+ "output": {
574
+ "PolicyNames": [
575
+ "default"
576
+ ],
577
+ "Truncated": false
578
+ },
579
+ "comments": {
580
+ "input": {
581
+ "KeyId": "The identifier of the CMK whose key policies you want to list. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
582
+ },
583
+ "output": {
584
+ "PolicyNames": "A list of key policy names.",
585
+ "Truncated": "A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not."
586
+ }
587
+ },
588
+ "description": "The following example lists key policies for the specified CMK.",
589
+ "id": "to-list-key-policies-for-a-cmk-1481069780998",
590
+ "title": "To list key policies for a customer master key (CMK)"
591
+ }
592
+ ],
593
+ "ListKeys": [
594
+ {
595
+ "output": {
596
+ "Keys": [
597
+ {
598
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/0d990263-018e-4e65-a703-eff731de951e",
599
+ "KeyId": "0d990263-018e-4e65-a703-eff731de951e"
600
+ },
601
+ {
602
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/144be297-0ae1-44ac-9c8f-93cd8c82f841",
603
+ "KeyId": "144be297-0ae1-44ac-9c8f-93cd8c82f841"
604
+ },
605
+ {
606
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/21184251-b765-428e-b852-2c7353e72571",
607
+ "KeyId": "21184251-b765-428e-b852-2c7353e72571"
608
+ },
609
+ {
610
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/214fe92f-5b03-4ae1-b350-db2a45dbe10c",
611
+ "KeyId": "214fe92f-5b03-4ae1-b350-db2a45dbe10c"
612
+ },
613
+ {
614
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/339963f2-e523-49d3-af24-a0fe752aa458",
615
+ "KeyId": "339963f2-e523-49d3-af24-a0fe752aa458"
616
+ },
617
+ {
618
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/b776a44b-df37-4438-9be4-a27494e4271a",
619
+ "KeyId": "b776a44b-df37-4438-9be4-a27494e4271a"
620
+ },
621
+ {
622
+ "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/deaf6c9e-cf2c-46a6-bf6d-0b6d487cffbb",
623
+ "KeyId": "deaf6c9e-cf2c-46a6-bf6d-0b6d487cffbb"
624
+ }
625
+ ],
626
+ "Truncated": false
627
+ },
628
+ "comments": {
629
+ "output": {
630
+ "Keys": "A list of CMKs, including the key ID and Amazon Resource Name (ARN) of each one.",
631
+ "Truncated": "A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not."
632
+ }
633
+ },
634
+ "description": "The following example lists CMKs.",
635
+ "id": "to-list-cmks-1481071643069",
636
+ "title": "To list customer master keys (CMKs)"
637
+ }
638
+ ],
639
+ "ListRetirableGrants": [
640
+ {
641
+ "input": {
642
+ "RetiringPrincipal": "arn:aws:iam::111122223333:role/ExampleRole"
643
+ },
644
+ "output": {
645
+ "Grants": [
646
+ {
647
+ "CreationDate": "2016-12-07T11:09:35-08:00",
648
+ "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
649
+ "GranteePrincipal": "arn:aws:iam::111122223333:role/ExampleRole",
650
+ "IssuingAccount": "arn:aws:iam::444455556666:root",
651
+ "KeyId": "arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab",
652
+ "Operations": [
653
+ "Decrypt",
654
+ "Encrypt"
655
+ ],
656
+ "RetiringPrincipal": "arn:aws:iam::111122223333:role/ExampleRole"
657
+ }
658
+ ],
659
+ "Truncated": false
660
+ },
661
+ "comments": {
662
+ "input": {
663
+ "RetiringPrincipal": "The retiring principal whose grants you want to list. Use the Amazon Resource Name (ARN) of an AWS principal such as an AWS account (root), IAM user, federated user, or assumed role user."
664
+ },
665
+ "output": {
666
+ "Grants": "A list of grants that the specified principal can retire.",
667
+ "Truncated": "A boolean that indicates whether there are more items in the list. Returns true when there are more items, or false when there are not."
668
+ }
669
+ },
670
+ "description": "The following example lists the grants that the specified principal (identity) can retire.",
671
+ "id": "to-list-grants-that-the-specified-principal-can-retire-1481140499620",
672
+ "title": "To list grants that the specified principal can retire"
673
+ }
674
+ ],
675
+ "PutKeyPolicy": [
676
+ {
677
+ "input": {
678
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
679
+ "Policy": "{\n \"Version\": \"2012-10-17\",\n \"Id\": \"custom-policy-2016-12-07\",\n \"Statement\": [\n {\n \"Sid\": \"Enable IAM User Permissions\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:root\"\n },\n \"Action\": \"kms:*\",\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow access for Key Administrators\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": [\n \"arn:aws:iam::111122223333:user/ExampleAdminUser\",\n \"arn:aws:iam::111122223333:role/ExampleAdminRole\"\n ]\n },\n \"Action\": [\n \"kms:Create*\",\n \"kms:Describe*\",\n \"kms:Enable*\",\n \"kms:List*\",\n \"kms:Put*\",\n \"kms:Update*\",\n \"kms:Revoke*\",\n \"kms:Disable*\",\n \"kms:Get*\",\n \"kms:Delete*\",\n \"kms:ScheduleKeyDeletion\",\n \"kms:CancelKeyDeletion\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow use of the key\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:Encrypt\",\n \"kms:Decrypt\",\n \"kms:ReEncrypt*\",\n \"kms:GenerateDataKey*\",\n \"kms:DescribeKey\"\n ],\n \"Resource\": \"*\"\n },\n {\n \"Sid\": \"Allow attachment of persistent resources\",\n \"Effect\": \"Allow\",\n \"Principal\": {\n \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n },\n \"Action\": [\n \"kms:CreateGrant\",\n \"kms:ListGrants\",\n \"kms:RevokeGrant\"\n ],\n \"Resource\": \"*\",\n \"Condition\": {\n \"Bool\": {\n \"kms:GrantIsForAWSResource\": \"true\"\n }\n }\n }\n ]\n}\n",
680
+ "PolicyName": "default"
681
+ },
682
+ "comments": {
683
+ "input": {
684
+ "KeyId": "The identifier of the CMK to attach the key policy to. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.",
685
+ "Policy": "The key policy document.",
686
+ "PolicyName": "The name of the key policy."
687
+ }
688
+ },
689
+ "description": "The following example attaches a key policy to the specified CMK.",
690
+ "id": "to-attach-a-key-policy-to-a-cmk-1481147345018",
691
+ "title": "To attach a key policy to a customer master key (CMK)"
692
+ }
693
+ ],
694
+ "ReEncrypt": [
695
+ {
696
+ "input": {
697
+ "CiphertextBlob": "<binary data>",
698
+ "DestinationKeyId": "0987dcba-09fe-87dc-65ba-ab0987654321"
699
+ },
700
+ "output": {
701
+ "CiphertextBlob": "<binary data>",
702
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
703
+ "SourceKeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
704
+ },
705
+ "comments": {
706
+ "input": {
707
+ "CiphertextBlob": "The data to reencrypt.",
708
+ "DestinationKeyId": "The identifier of the CMK to use to reencrypt the data. You can use the key ID or Amazon Resource Name (ARN) of the CMK, or the name or ARN of an alias that refers to the CMK."
709
+ },
710
+ "output": {
711
+ "CiphertextBlob": "The reencrypted data.",
712
+ "KeyId": "The ARN of the CMK that was used to reencrypt the data.",
713
+ "SourceKeyId": "The ARN of the CMK that was used to originally encrypt the data."
714
+ }
715
+ },
716
+ "description": "The following example reencrypts data with the specified CMK.",
717
+ "id": "to-reencrypt-data-1481230358001",
718
+ "title": "To reencrypt data"
719
+ }
720
+ ],
721
+ "RetireGrant": [
722
+ {
723
+ "input": {
724
+ "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
725
+ "KeyId": "arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"
726
+ },
727
+ "comments": {
728
+ "input": {
729
+ "GrantId": "The identifier of the grant to retire.",
730
+ "KeyId": "The Amazon Resource Name (ARN) of the customer master key (CMK) associated with the grant."
731
+ }
732
+ },
733
+ "description": "The following example retires a grant.",
734
+ "id": "to-retire-a-grant-1481327028297",
735
+ "title": "To retire a grant"
736
+ }
737
+ ],
738
+ "RevokeGrant": [
739
+ {
740
+ "input": {
741
+ "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
742
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
743
+ },
744
+ "comments": {
745
+ "input": {
746
+ "GrantId": "The identifier of the grant to revoke.",
747
+ "KeyId": "The identifier of the customer master key (CMK) associated with the grant. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
748
+ }
749
+ },
750
+ "description": "The following example revokes a grant.",
751
+ "id": "to-revoke-a-grant-1481329549302",
752
+ "title": "To revoke a grant"
753
+ }
754
+ ],
755
+ "ScheduleKeyDeletion": [
756
+ {
757
+ "input": {
758
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
759
+ "PendingWindowInDays": 7
760
+ },
761
+ "output": {
762
+ "DeletionDate": "2016-12-17T16:00:00-08:00",
763
+ "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
764
+ },
765
+ "comments": {
766
+ "input": {
767
+ "KeyId": "The identifier of the CMK to schedule for deletion. You can use the key ID or the Amazon Resource Name (ARN) of the CMK.",
768
+ "PendingWindowInDays": "The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the CMK."
769
+ },
770
+ "output": {
771
+ "DeletionDate": "The date and time after which AWS KMS deletes the CMK.",
772
+ "KeyId": "The ARN of the CMK that is scheduled for deletion."
773
+ }
774
+ },
775
+ "description": "The following example schedules the specified CMK for deletion.",
776
+ "id": "to-schedule-a-cmk-for-deletion-1481331111094",
777
+ "title": "To schedule a customer master key (CMK) for deletion"
778
+ }
779
+ ],
780
+ "UpdateAlias": [
781
+ {
782
+ "input": {
783
+ "AliasName": "alias/ExampleAlias",
784
+ "TargetKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
785
+ },
786
+ "comments": {
787
+ "input": {
788
+ "AliasName": "The alias to update.",
789
+ "TargetKeyId": "The identifier of the CMK that the alias will refer to after this operation succeeds. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
790
+ }
791
+ },
792
+ "description": "The following example updates the specified alias to refer to the specified customer master key (CMK).",
793
+ "id": "to-update-an-alias-1481572726920",
794
+ "title": "To update an alias"
795
+ }
796
+ ],
797
+ "UpdateKeyDescription": [
798
+ {
799
+ "input": {
800
+ "Description": "Example description that indicates the intended use of this CMK.",
801
+ "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
802
+ },
803
+ "comments": {
804
+ "input": {
805
+ "Description": "The updated description.",
806
+ "KeyId": "The identifier of the CMK whose description you are updating. You can use the key ID or the Amazon Resource Name (ARN) of the CMK."
807
+ }
808
+ },
809
+ "description": "The following example updates the description of the specified CMK.",
810
+ "id": "to-update-the-description-of-a-cmk-1481574808619",
811
+ "title": "To update the description of a customer master key (CMK)"
812
+ }
813
+ ]
4
814
  }
5
815
  }