aws-sdk-kms 1.101.0 → 1.118.0

data/lib/aws-sdk-kms.rb

@@ -54,7 +54,7 @@ module Aws::KMS
   autoload :EndpointProvider, 'aws-sdk-kms/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-kms/endpoints'
 
-  GEM_VERSION = '1.101.0'
+  GEM_VERSION = '1.118.0'
 
 end
 

data/sig/client.rbs

@@ -18,6 +18,7 @@ module Aws
                       ?account_id: String,
                       ?active_endpoint_cache: bool,
                       ?adaptive_retry_wait_to_fill: bool,
+                      ?auth_scheme_preference: Array[String],
                       ?client_side_monitoring: bool,
                       ?client_side_monitoring_client_id: String,
                       ?client_side_monitoring_host: String,
@@ -118,6 +119,7 @@ module Aws
                                      ?xks_proxy_uri_endpoint: ::String,
                                      ?xks_proxy_uri_path: ::String,
                                      ?xks_proxy_vpc_endpoint_service_name: ::String,
+                                     ?xks_proxy_vpc_endpoint_service_owner: ::String,
                                      ?xks_proxy_authentication_credential: {
                                        access_key_id: ::String,
                                        raw_secret_access_key: ::String
@@ -157,7 +159,7 @@ module Aws
                         ?description: ::String,
                         ?key_usage: ("SIGN_VERIFY" | "ENCRYPT_DECRYPT" | "GENERATE_VERIFY_MAC" | "KEY_AGREEMENT"),
                         ?customer_master_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2"),
-                        ?key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2"),
+                        ?key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2" | "ML_DSA_44" | "ML_DSA_65" | "ML_DSA_87" | "ECC_NIST_EDWARDS25519"),
                         ?origin: ("AWS_KMS" | "EXTERNAL" | "AWS_CLOUDHSM" | "EXTERNAL_KEY_STORE"),
                         ?custom_key_store_id: ::String,
                         ?bypass_policy_lockout_safety_check: bool,
@@ -178,6 +180,7 @@ module Aws
         def plaintext: () -> ::String
         def encryption_algorithm: () -> ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
         def ciphertext_for_recipient: () -> ::String
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#decrypt-instance_method
       def decrypt: (
@@ -209,11 +212,17 @@ module Aws
                                    ) -> _DeleteCustomKeyStoreResponseSuccess
                                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteCustomKeyStoreResponseSuccess
 
+      interface _DeleteImportedKeyMaterialResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::DeleteImportedKeyMaterialResponse]
+        def key_id: () -> ::String
+        def key_material_id: () -> ::String
+      end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#delete_imported_key_material-instance_method
       def delete_imported_key_material: (
-                                          key_id: ::String
-                                        ) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
-                                      | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> ::Seahorse::Client::_ResponseSuccess[::Aws::EmptyStructure]
+                                          key_id: ::String,
+                                          ?key_material_id: ::String
+                                        ) -> _DeleteImportedKeyMaterialResponseSuccess
+                                      | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteImportedKeyMaterialResponseSuccess
 
       interface _DeriveSharedSecretResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::DeriveSharedSecretResponse]
@@ -320,6 +329,7 @@ module Aws
         def plaintext: () -> ::String
         def key_id: () -> ::String
         def ciphertext_for_recipient: () -> ::String
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#generate_data_key-instance_method
       def generate_data_key: (
@@ -342,14 +352,15 @@ module Aws
         def private_key_plaintext: () -> ::String
         def public_key: () -> ::String
         def key_id: () -> ::String
-        def key_pair_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+        def key_pair_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
         def ciphertext_for_recipient: () -> ::String
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#generate_data_key_pair-instance_method
       def generate_data_key_pair: (
                                     ?encryption_context: Hash[::String, ::String],
                                     key_id: ::String,
-                                    key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2"),
+                                    key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519"),
                                     ?grant_tokens: Array[::String],
                                     ?recipient: {
                                       key_encryption_algorithm: ("RSAES_OAEP_SHA_256")?,
@@ -364,13 +375,14 @@ module Aws
         def private_key_ciphertext_blob: () -> ::String
         def public_key: () -> ::String
         def key_id: () -> ::String
-        def key_pair_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+        def key_pair_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#generate_data_key_pair_without_plaintext-instance_method
       def generate_data_key_pair_without_plaintext: (
                                                       ?encryption_context: Hash[::String, ::String],
                                                       key_id: ::String,
-                                                      key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2"),
+                                                      key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519"),
                                                       ?grant_tokens: Array[::String],
                                                       ?dry_run: bool
                                                     ) -> _GenerateDataKeyPairWithoutPlaintextResponseSuccess
@@ -380,6 +392,7 @@ module Aws
         include ::Seahorse::Client::_ResponseSuccess[Types::GenerateDataKeyWithoutPlaintextResponse]
         def ciphertext_blob: () -> ::String
         def key_id: () -> ::String
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#generate_data_key_without_plaintext-instance_method
       def generate_data_key_without_plaintext: (
@@ -470,10 +483,10 @@ module Aws
         def key_id: () -> ::String
         def public_key: () -> ::String
         def customer_master_key_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
-        def key_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
+        def key_spec: () -> ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2" | "ML_DSA_44" | "ML_DSA_65" | "ML_DSA_87" | "ECC_NIST_EDWARDS25519")
         def key_usage: () -> ("SIGN_VERIFY" | "ENCRYPT_DECRYPT" | "GENERATE_VERIFY_MAC" | "KEY_AGREEMENT")
         def encryption_algorithms: () -> ::Array[("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")]
-        def signing_algorithms: () -> ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")]
+        def signing_algorithms: () -> ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")]
         def key_agreement_algorithms: () -> ::Array[("ECDH")]
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#get_public_key-instance_method
@@ -485,6 +498,8 @@ module Aws
 
       interface _ImportKeyMaterialResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::ImportKeyMaterialResponse]
+        def key_id: () -> ::String
+        def key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#import_key_material-instance_method
       def import_key_material: (
@@ -492,7 +507,10 @@ module Aws
                                  import_token: ::String,
                                  encrypted_key_material: ::String,
                                  ?valid_to: ::Time,
-                                 ?expiration_model: ("KEY_MATERIAL_EXPIRES" | "KEY_MATERIAL_DOES_NOT_EXPIRE")
+                                 ?expiration_model: ("KEY_MATERIAL_EXPIRES" | "KEY_MATERIAL_DOES_NOT_EXPIRE"),
+                                 ?import_type: ("NEW_KEY_MATERIAL" | "EXISTING_KEY_MATERIAL"),
+                                 ?key_material_description: ::String,
+                                 ?key_material_id: ::String
                                ) -> _ImportKeyMaterialResponseSuccess
                              | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ImportKeyMaterialResponseSuccess
 
@@ -549,6 +567,7 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#list_key_rotations-instance_method
       def list_key_rotations: (
                                 key_id: ::String,
+                                ?include_key_material: ("ALL_KEY_MATERIAL" | "ROTATIONS_ONLY"),
                                 ?limit: ::Integer,
                                 ?marker: ::String
                               ) -> _ListKeyRotationsResponseSuccess
@@ -611,6 +630,8 @@ module Aws
         def key_id: () -> ::String
         def source_encryption_algorithm: () -> ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
         def destination_encryption_algorithm: () -> ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
+        def source_key_material_id: () -> ::String
+        def destination_key_material_id: () -> ::String
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#re_encrypt-instance_method
       def re_encrypt: (
@@ -693,15 +714,15 @@ module Aws
         include ::Seahorse::Client::_ResponseSuccess[Types::SignResponse]
         def key_id: () -> ::String
         def signature: () -> ::String
-        def signing_algorithm: () -> ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+        def signing_algorithm: () -> ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#sign-instance_method
       def sign: (
                   key_id: ::String,
                   message: ::String,
-                  ?message_type: ("RAW" | "DIGEST"),
+                  ?message_type: ("RAW" | "DIGEST" | "EXTERNAL_MU"),
                   ?grant_tokens: Array[::String],
-                  signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA"),
+                  signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512"),
                   ?dry_run: bool
                 ) -> _SignResponseSuccess
               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _SignResponseSuccess
@@ -744,6 +765,7 @@ module Aws
                                      ?xks_proxy_uri_endpoint: ::String,
                                      ?xks_proxy_uri_path: ::String,
                                      ?xks_proxy_vpc_endpoint_service_name: ::String,
+                                     ?xks_proxy_vpc_endpoint_service_owner: ::String,
                                      ?xks_proxy_authentication_credential: {
                                        access_key_id: ::String,
                                        raw_secret_access_key: ::String
@@ -770,15 +792,15 @@ module Aws
         include ::Seahorse::Client::_ResponseSuccess[Types::VerifyResponse]
         def key_id: () -> ::String
         def signature_valid: () -> bool
-        def signing_algorithm: () -> ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+        def signing_algorithm: () -> ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#verify-instance_method
       def verify: (
                     key_id: ::String,
                     message: ::String,
-                    ?message_type: ("RAW" | "DIGEST"),
+                    ?message_type: ("RAW" | "DIGEST" | "EXTERNAL_MU"),
                     signature: ::String,
-                    signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA"),
+                    signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512"),
                     ?grant_tokens: Array[::String],
                     ?dry_run: bool
                   ) -> _VerifyResponseSuccess

data/sig/resource.rbs

@@ -18,6 +18,7 @@ module Aws
                         ?account_id: String,
                         ?active_endpoint_cache: bool,
                         ?adaptive_retry_wait_to_fill: bool,
+                        ?auth_scheme_preference: Array[String],
                         ?client_side_monitoring: bool,
                         ?client_side_monitoring_client_id: String,
                         ?client_side_monitoring_host: String,

data/sig/types.rbs

@@ -85,6 +85,7 @@ module Aws::KMS
       attr_accessor xks_proxy_uri_endpoint: ::String
       attr_accessor xks_proxy_uri_path: ::String
       attr_accessor xks_proxy_vpc_endpoint_service_name: ::String
+      attr_accessor xks_proxy_vpc_endpoint_service_owner: ::String
       attr_accessor xks_proxy_authentication_credential: Types::XksProxyAuthenticationCredentialType
       attr_accessor xks_proxy_connectivity: ("PUBLIC_ENDPOINT" | "VPC_ENDPOINT_SERVICE")
       SENSITIVE: [:key_store_password]
@@ -118,7 +119,7 @@ module Aws::KMS
       attr_accessor description: ::String
       attr_accessor key_usage: ("SIGN_VERIFY" | "ENCRYPT_DECRYPT" | "GENERATE_VERIFY_MAC" | "KEY_AGREEMENT")
       attr_accessor customer_master_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
-      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
+      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2" | "ML_DSA_44" | "ML_DSA_65" | "ML_DSA_87" | "ECC_NIST_EDWARDS25519")
       attr_accessor origin: ("AWS_KMS" | "EXTERNAL" | "AWS_CLOUDHSM" | "EXTERNAL_KEY_STORE")
       attr_accessor custom_key_store_id: ::String
       attr_accessor bypass_policy_lockout_safety_check: bool
@@ -182,6 +183,7 @@ module Aws::KMS
       attr_accessor plaintext: ::String
       attr_accessor encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
       attr_accessor ciphertext_for_recipient: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: [:plaintext]
     end
 
@@ -200,6 +202,13 @@ module Aws::KMS
 
     class DeleteImportedKeyMaterialRequest
       attr_accessor key_id: ::String
+      attr_accessor key_material_id: ::String
+      SENSITIVE: []
+    end
+
+    class DeleteImportedKeyMaterialResponse
+      attr_accessor key_id: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: []
     end
 
@@ -317,7 +326,7 @@ module Aws::KMS
     class GenerateDataKeyPairRequest
       attr_accessor encryption_context: ::Hash[::String, ::String]
       attr_accessor key_id: ::String
-      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
       attr_accessor grant_tokens: ::Array[::String]
       attr_accessor recipient: Types::RecipientInfo
       attr_accessor dry_run: bool
@@ -329,15 +338,16 @@ module Aws::KMS
       attr_accessor private_key_plaintext: ::String
       attr_accessor public_key: ::String
       attr_accessor key_id: ::String
-      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
       attr_accessor ciphertext_for_recipient: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: [:private_key_plaintext]
     end
 
     class GenerateDataKeyPairWithoutPlaintextRequest
       attr_accessor encryption_context: ::Hash[::String, ::String]
       attr_accessor key_id: ::String
-      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
       attr_accessor grant_tokens: ::Array[::String]
       attr_accessor dry_run: bool
       SENSITIVE: []
@@ -347,7 +357,8 @@ module Aws::KMS
       attr_accessor private_key_ciphertext_blob: ::String
       attr_accessor public_key: ::String
       attr_accessor key_id: ::String
-      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2")
+      attr_accessor key_pair_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SM2" | "ECC_NIST_EDWARDS25519")
+      attr_accessor key_material_id: ::String
       SENSITIVE: []
     end
 
@@ -367,6 +378,7 @@ module Aws::KMS
       attr_accessor plaintext: ::String
       attr_accessor key_id: ::String
       attr_accessor ciphertext_for_recipient: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: [:plaintext]
     end
 
@@ -383,6 +395,7 @@ module Aws::KMS
     class GenerateDataKeyWithoutPlaintextResponse
       attr_accessor ciphertext_blob: ::String
       attr_accessor key_id: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: []
     end
 
@@ -466,10 +479,10 @@ module Aws::KMS
       attr_accessor key_id: ::String
       attr_accessor public_key: ::String
       attr_accessor customer_master_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
-      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
+      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2" | "ML_DSA_44" | "ML_DSA_65" | "ML_DSA_87" | "ECC_NIST_EDWARDS25519")
       attr_accessor key_usage: ("SIGN_VERIFY" | "ENCRYPT_DECRYPT" | "GENERATE_VERIFY_MAC" | "KEY_AGREEMENT")
       attr_accessor encryption_algorithms: ::Array[("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")]
-      attr_accessor signing_algorithms: ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")]
+      attr_accessor signing_algorithms: ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")]
       attr_accessor key_agreement_algorithms: ::Array[("ECDH")]
       SENSITIVE: []
     end
@@ -499,10 +512,16 @@ module Aws::KMS
       attr_accessor encrypted_key_material: ::String
       attr_accessor valid_to: ::Time
       attr_accessor expiration_model: ("KEY_MATERIAL_EXPIRES" | "KEY_MATERIAL_DOES_NOT_EXPIRE")
+      attr_accessor import_type: ("NEW_KEY_MATERIAL" | "EXISTING_KEY_MATERIAL")
+      attr_accessor key_material_description: ::String
+      attr_accessor key_material_id: ::String
       SENSITIVE: []
     end
 
-    class ImportKeyMaterialResponse < Aws::EmptyStructure
+    class ImportKeyMaterialResponse
+      attr_accessor key_id: ::String
+      attr_accessor key_material_id: ::String
+      SENSITIVE: []
     end
 
     class IncorrectKeyException
@@ -603,15 +622,16 @@ module Aws::KMS
       attr_accessor expiration_model: ("KEY_MATERIAL_EXPIRES" | "KEY_MATERIAL_DOES_NOT_EXPIRE")
       attr_accessor key_manager: ("AWS" | "CUSTOMER")
       attr_accessor customer_master_key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
-      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2")
+      attr_accessor key_spec: ("RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521" | "ECC_SECG_P256K1" | "SYMMETRIC_DEFAULT" | "HMAC_224" | "HMAC_256" | "HMAC_384" | "HMAC_512" | "SM2" | "ML_DSA_44" | "ML_DSA_65" | "ML_DSA_87" | "ECC_NIST_EDWARDS25519")
       attr_accessor encryption_algorithms: ::Array[("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")]
-      attr_accessor signing_algorithms: ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")]
+      attr_accessor signing_algorithms: ::Array[("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")]
       attr_accessor key_agreement_algorithms: ::Array[("ECDH")]
       attr_accessor multi_region: bool
       attr_accessor multi_region_configuration: Types::MultiRegionConfiguration
       attr_accessor pending_deletion_window_in_days: ::Integer
       attr_accessor mac_algorithms: ::Array[("HMAC_SHA_224" | "HMAC_SHA_256" | "HMAC_SHA_384" | "HMAC_SHA_512")]
       attr_accessor xks_key_configuration: Types::XksKeyConfigurationType
+      attr_accessor current_key_material_id: ::String
       SENSITIVE: []
     end
 
@@ -671,6 +691,7 @@ module Aws::KMS
 
     class ListKeyRotationsRequest
       attr_accessor key_id: ::String
+      attr_accessor include_key_material: ("ALL_KEY_MATERIAL" | "ROTATIONS_ONLY")
       attr_accessor limit: ::Integer
       attr_accessor marker: ::String
       SENSITIVE: []
@@ -767,6 +788,8 @@ module Aws::KMS
       attr_accessor key_id: ::String
       attr_accessor source_encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
       attr_accessor destination_encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
+      attr_accessor source_key_material_id: ::String
+      attr_accessor destination_key_material_id: ::String
       SENSITIVE: []
     end
 
@@ -820,6 +843,12 @@ module Aws::KMS
 
     class RotationsListEntry
       attr_accessor key_id: ::String
+      attr_accessor key_material_id: ::String
+      attr_accessor key_material_description: ::String
+      attr_accessor import_state: ("IMPORTED" | "PENDING_IMPORT")
+      attr_accessor key_material_state: ("NON_CURRENT" | "CURRENT" | "PENDING_ROTATION" | "PENDING_MULTI_REGION_IMPORT_AND_ROTATION")
+      attr_accessor expiration_model: ("KEY_MATERIAL_EXPIRES" | "KEY_MATERIAL_DOES_NOT_EXPIRE")
+      attr_accessor valid_to: ::Time
       attr_accessor rotation_date: ::Time
       attr_accessor rotation_type: ("AUTOMATIC" | "ON_DEMAND")
       SENSITIVE: []
@@ -842,9 +871,9 @@ module Aws::KMS
     class SignRequest
       attr_accessor key_id: ::String
       attr_accessor message: ::String
-      attr_accessor message_type: ("RAW" | "DIGEST")
+      attr_accessor message_type: ("RAW" | "DIGEST" | "EXTERNAL_MU")
       attr_accessor grant_tokens: ::Array[::String]
-      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       attr_accessor dry_run: bool
       SENSITIVE: [:message]
     end
@@ -852,7 +881,7 @@ module Aws::KMS
     class SignResponse
       attr_accessor key_id: ::String
       attr_accessor signature: ::String
-      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       SENSITIVE: []
     end
 
@@ -898,6 +927,7 @@ module Aws::KMS
       attr_accessor xks_proxy_uri_endpoint: ::String
       attr_accessor xks_proxy_uri_path: ::String
       attr_accessor xks_proxy_vpc_endpoint_service_name: ::String
+      attr_accessor xks_proxy_vpc_endpoint_service_owner: ::String
       attr_accessor xks_proxy_authentication_credential: Types::XksProxyAuthenticationCredentialType
       attr_accessor xks_proxy_connectivity: ("PUBLIC_ENDPOINT" | "VPC_ENDPOINT_SERVICE")
       SENSITIVE: [:key_store_password]
@@ -938,9 +968,9 @@ module Aws::KMS
     class VerifyRequest
       attr_accessor key_id: ::String
       attr_accessor message: ::String
-      attr_accessor message_type: ("RAW" | "DIGEST")
+      attr_accessor message_type: ("RAW" | "DIGEST" | "EXTERNAL_MU")
       attr_accessor signature: ::String
-      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       attr_accessor grant_tokens: ::Array[::String]
       attr_accessor dry_run: bool
       SENSITIVE: [:message]
@@ -949,7 +979,7 @@ module Aws::KMS
     class VerifyResponse
       attr_accessor key_id: ::String
       attr_accessor signature_valid: bool
-      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA")
+      attr_accessor signing_algorithm: ("RSASSA_PSS_SHA_256" | "RSASSA_PSS_SHA_384" | "RSASSA_PSS_SHA_512" | "RSASSA_PKCS1_V1_5_SHA_256" | "RSASSA_PKCS1_V1_5_SHA_384" | "RSASSA_PKCS1_V1_5_SHA_512" | "ECDSA_SHA_256" | "ECDSA_SHA_384" | "ECDSA_SHA_512" | "SM2DSA" | "ML_DSA_SHAKE_256" | "ED25519_SHA_512" | "ED25519_PH_SHA_512")
       SENSITIVE: []
     end
 
@@ -985,6 +1015,7 @@ module Aws::KMS
       attr_accessor uri_endpoint: ::String
       attr_accessor uri_path: ::String
       attr_accessor vpc_endpoint_service_name: ::String
+      attr_accessor vpc_endpoint_service_owner: ::String
       SENSITIVE: [:access_key_id]
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-kms
 version: !ruby/object:Gem::Version
-  version: 1.101.0
+  version: 1.118.0
 platform: ruby
 authors:
 - Amazon Web Services
@@ -18,7 +18,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.216.0
+        version: 3.239.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -28,7 +28,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.216.0
+        version: 3.239.1
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement
@@ -83,7 +83,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '2.5'
+      version: '2.7'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="