aws-sdk-kms 1.121.0 → 1.123.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3ae2b156e814456bf263415ae6fb942e7d3d882f2815c7d9b2d5359f5ec421bd
-  data.tar.gz: 6f6058c73084be1246138a7eac25e524eae04f7baf2bb0b39bbdd7fbfe390fec
+  metadata.gz: 81e60e410223f2b2cbb99309fbad50439886f9e7db3e7f1f7cbe1f76725742f6
+  data.tar.gz: c6a2b9ed15729a65d456aba409399830d4d86bb5a7b2767441829b7c09e56cbf
 SHA512:
-  metadata.gz: 6cda75f103a5ef0150e5a3b77818c09e5f439df084321769b6c373a58357ad5def3409dea5ccbdbd14a6c0fe79852b37bb24034628688e35d528ddfe8dd407fe
-  data.tar.gz: b1db8f4b429d71ad05d1ef8243128a703c4525b421c461cd5ff189372b0ebfd64ba938baf439d379c4d3303ef569187d7e1a2e0e230b6271a271ac5d063907c2
+  metadata.gz: 92ccf453c5e58f7d7284ab5b358ef9aa55587ee3b0fbbc63d7d86cffef4ef6daad83b9d9442a60d3fc024684e2cf50327e615b137ceb073d37524bc5ee6a57c0
+  data.tar.gz: a84b166adb6ced12a7695b79938361c2774dbd18b14c3c23b52972fc1de0a7c9eddc902845310281f7dec8068c9e66ae6b4daa60caed5924cd34b75e19de6c5b

data/CHANGELOG.md

@@ -1,6 +1,16 @@
 Unreleased Changes
 ------------------
 
+1.123.0 (2026-03-18)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.122.0 (2026-02-16)
+------------------
+
+* Feature - Added support for Decrypt and ReEncrypt API's to use dry run feature without ciphertext for authorization validation
+
 1.121.0 (2026-01-16)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.121.0
+1.123.0

data/lib/aws-sdk-kms/client.rb

@@ -1604,7 +1604,6 @@ module Aws::KMS
     #
     #
     # Multi-Region primary keys
-    # Imported key material
     #
     # : To create a multi-Region *primary key* in the local Amazon Web
     #   Services Region, use the `MultiRegion` parameter with a value of
@@ -1632,6 +1631,8 @@ module Aws::KMS
     #
     #
     #
+    # Imported key material
+    #
     # : To import your own key material into a KMS key, begin by creating a
     #   KMS key with no key material. To do this, use the `Origin` parameter
     #   of `CreateKey` with a value of `EXTERNAL`. Next, use
@@ -2591,9 +2592,12 @@ module Aws::KMS
     # [9]: https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html
     # [10]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
     #
-    # @option params [required, String, StringIO, File] :ciphertext_blob
+    # @option params [String, StringIO, File] :ciphertext_blob
     #   Ciphertext to be decrypted. The blob includes metadata.
     #
+    #   This parameter is required in all cases except when `DryRun` is `true`
+    #   and `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`.
+    #
     # @option params [Hash<String,String>] :encryption_context
     #   Specifies the encryption context to use when decrypting the data. An
     #   encryption context is valid only for [cryptographic operations][1]
@@ -2638,11 +2642,12 @@ module Aws::KMS
     #   `IncorrectKeyException`.
     #
     #   This parameter is required only when the ciphertext was encrypted
-    #   under an asymmetric KMS key. If you used a symmetric encryption KMS
-    #   key, KMS can get the KMS key from metadata that it adds to the
-    #   symmetric ciphertext blob. However, it is always recommended as a best
-    #   practice. This practice ensures that you use the KMS key that you
-    #   intend.
+    #   under an asymmetric KMS key or when `DryRun` is `true` and
+    #   `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`. If you used a
+    #   symmetric encryption KMS key, KMS can get the KMS key from metadata
+    #   that it adds to the symmetric ciphertext blob. However, it is always
+    #   recommended as a best practice. This practice ensures that you use the
+    #   KMS key that you intend.
     #
     #   To specify a KMS key, use its key ID, key ARN, alias name, or alias
     #   ARN. When using an alias name, prefix it with `"alias/"`. To specify a
@@ -2714,6 +2719,22 @@ module Aws::KMS
     #
     #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
     #
+    # @option params [Array<String>] :dry_run_modifiers
+    #   Specifies the modifiers to apply to the dry run operation.
+    #   `DryRunModifiers` is an optional parameter that only applies when
+    #   `DryRun` is set to `true`.
+    #
+    #   When set to `IGNORE_CIPHERTEXT`, KMS performs only authorization
+    #   validation without ciphertext validation. This allows you to test
+    #   permissions without requiring a valid ciphertext blob.
+    #
+    #   To learn more about how to use this parameter, see [Testing your
+    #   permissions][1] in the *Key Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
+    #
     # @return [Types::DecryptResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::DecryptResponse#key_id #key_id} => String
@@ -2784,7 +2805,7 @@ module Aws::KMS
     # @example Request syntax with placeholder values
     #
     #   resp = client.decrypt({
-    #     ciphertext_blob: "data", # required
+    #     ciphertext_blob: "data",
     #     encryption_context: {
     #       "EncryptionContextKey" => "EncryptionContextValue",
     #     },
@@ -2796,6 +2817,7 @@ module Aws::KMS
     #       attestation_document: "data",
     #     },
     #     dry_run: false,
+    #     dry_run_modifiers: ["IGNORE_CIPHERTEXT"], # accepts IGNORE_CIPHERTEXT
     #   })
     #
     # @example Response structure
@@ -8398,9 +8420,12 @@ module Aws::KMS
     # [8]: https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
     # [9]: https://docs.aws.amazon.com/kms/latest/developerguide/accessing-kms.html#programming-eventual-consistency
     #
-    # @option params [required, String, StringIO, File] :ciphertext_blob
+    # @option params [String, StringIO, File] :ciphertext_blob
     #   Ciphertext of the data to reencrypt.
     #
+    #   This parameter is required in all cases except when `DryRun` is `true`
+    #   and `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`.
+    #
     # @option params [Hash<String,String>] :source_encryption_context
     #   Specifies the encryption context to use to decrypt the ciphertext.
     #   Enter the same encryption context that was used to encrypt the
@@ -8430,11 +8455,12 @@ module Aws::KMS
     #   an `IncorrectKeyException`.
     #
     #   This parameter is required only when the ciphertext was encrypted
-    #   under an asymmetric KMS key. If you used a symmetric encryption KMS
-    #   key, KMS can get the KMS key from metadata that it adds to the
-    #   symmetric ciphertext blob. However, it is always recommended as a best
-    #   practice. This practice ensures that you use the KMS key that you
-    #   intend.
+    #   under an asymmetric KMS key or when `DryRun` is `true` and
+    #   `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`. If you used a
+    #   symmetric encryption KMS key, KMS can get the KMS key from metadata
+    #   that it adds to the symmetric ciphertext blob. However, it is always
+    #   recommended as a best practice. This practice ensures that you use the
+    #   KMS key that you intend.
     #
     #   To specify a KMS key, use its key ID, key ARN, alias name, or alias
     #   ARN. When using an alias name, prefix it with `"alias/"`. To specify a
@@ -8552,6 +8578,22 @@ module Aws::KMS
     #
     #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
     #
+    # @option params [Array<String>] :dry_run_modifiers
+    #   Specifies the modifiers to apply to the dry run operation.
+    #   `DryRunModifiers` is an optional parameter that only applies when
+    #   `DryRun` is set to `true`.
+    #
+    #   When set to `IGNORE_CIPHERTEXT`, KMS performs only authorization
+    #   validation without ciphertext validation. This allows you to test
+    #   permissions without requiring a valid ciphertext blob.
+    #
+    #   To learn more about how to use this parameter, see [Testing your
+    #   permissions][1] in the *Key Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
+    #
     # @return [Types::ReEncryptResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::ReEncryptResponse#ciphertext_blob #ciphertext_blob} => String
@@ -8586,7 +8628,7 @@ module Aws::KMS
     # @example Request syntax with placeholder values
     #
     #   resp = client.re_encrypt({
-    #     ciphertext_blob: "data", # required
+    #     ciphertext_blob: "data",
     #     source_encryption_context: {
     #       "EncryptionContextKey" => "EncryptionContextValue",
     #     },
@@ -8599,6 +8641,7 @@ module Aws::KMS
     #     destination_encryption_algorithm: "SYMMETRIC_DEFAULT", # accepts SYMMETRIC_DEFAULT, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, SM2PKE
     #     grant_tokens: ["GrantTokenType"],
     #     dry_run: false,
+    #     dry_run_modifiers: ["IGNORE_CIPHERTEXT"], # accepts IGNORE_CIPHERTEXT
     #   })
     #
     # @example Response structure
@@ -9239,7 +9282,7 @@ module Aws::KMS
     # automatically rotate, as scheduled, on April 14, 2024 and every 730
     # days thereafter.
     #
-    # <note markdown="1"> You can perform on-demand key rotation a **maximum of 10 times** per
+    # <note markdown="1"> You can perform on-demand key rotation a **maximum of 25 times** per
     # KMS key. You can use the KMS console to view the number of remaining
     # on-demand rotations available for a KMS key.
     #
@@ -11157,7 +11200,7 @@ module Aws::KMS
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-kms'
-      context[:gem_version] = '1.121.0'
+      context[:gem_version] = '1.123.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-kms/client_api.rb

@@ -80,6 +80,8 @@ module Aws::KMS
     DisabledException = Shapes::StructureShape.new(name: 'DisabledException')
     DisconnectCustomKeyStoreRequest = Shapes::StructureShape.new(name: 'DisconnectCustomKeyStoreRequest')
     DisconnectCustomKeyStoreResponse = Shapes::StructureShape.new(name: 'DisconnectCustomKeyStoreResponse')
+    DryRunModifierList = Shapes::ListShape.new(name: 'DryRunModifierList')
+    DryRunModifierType = Shapes::StringShape.new(name: 'DryRunModifierType')
     DryRunOperationException = Shapes::StructureShape.new(name: 'DryRunOperationException')
     EnableKeyRequest = Shapes::StructureShape.new(name: 'EnableKeyRequest')
     EnableKeyRotationRequest = Shapes::StructureShape.new(name: 'EnableKeyRotationRequest')
@@ -372,13 +374,14 @@ module Aws::KMS
     CustomKeyStoresListEntry.add_member(:xks_proxy_configuration, Shapes::ShapeRef.new(shape: XksProxyConfigurationType, location_name: "XksProxyConfiguration"))
     CustomKeyStoresListEntry.struct_class = Types::CustomKeyStoresListEntry
 
-    DecryptRequest.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, required: true, location_name: "CiphertextBlob"))
+    DecryptRequest.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextBlob"))
     DecryptRequest.add_member(:encryption_context, Shapes::ShapeRef.new(shape: EncryptionContextType, location_name: "EncryptionContext"))
     DecryptRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
     DecryptRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
     DecryptRequest.add_member(:encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "EncryptionAlgorithm"))
     DecryptRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
     DecryptRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: NullableBooleanType, location_name: "DryRun"))
+    DecryptRequest.add_member(:dry_run_modifiers, Shapes::ShapeRef.new(shape: DryRunModifierList, location_name: "DryRunModifiers"))
     DecryptRequest.struct_class = Types::DecryptRequest
 
     DecryptResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
@@ -454,6 +457,8 @@ module Aws::KMS
 
     DisconnectCustomKeyStoreResponse.struct_class = Types::DisconnectCustomKeyStoreResponse
 
+    DryRunModifierList.member = Shapes::ShapeRef.new(shape: DryRunModifierType)
+
     DryRunOperationException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessageType, location_name: "message"))
     DryRunOperationException.struct_class = Types::DryRunOperationException
 
@@ -825,7 +830,7 @@ module Aws::KMS
     PutKeyPolicyRequest.add_member(:bypass_policy_lockout_safety_check, Shapes::ShapeRef.new(shape: BooleanType, location_name: "BypassPolicyLockoutSafetyCheck"))
     PutKeyPolicyRequest.struct_class = Types::PutKeyPolicyRequest
 
-    ReEncryptRequest.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, required: true, location_name: "CiphertextBlob"))
+    ReEncryptRequest.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextBlob"))
     ReEncryptRequest.add_member(:source_encryption_context, Shapes::ShapeRef.new(shape: EncryptionContextType, location_name: "SourceEncryptionContext"))
     ReEncryptRequest.add_member(:source_key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "SourceKeyId"))
     ReEncryptRequest.add_member(:destination_key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "DestinationKeyId"))
@@ -834,6 +839,7 @@ module Aws::KMS
     ReEncryptRequest.add_member(:destination_encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "DestinationEncryptionAlgorithm"))
     ReEncryptRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
     ReEncryptRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: NullableBooleanType, location_name: "DryRun"))
+    ReEncryptRequest.add_member(:dry_run_modifiers, Shapes::ShapeRef.new(shape: DryRunModifierList, location_name: "DryRunModifiers"))
     ReEncryptRequest.struct_class = Types::ReEncryptRequest
 
     ReEncryptResponse.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextBlob"))

data/lib/aws-sdk-kms/types.rb

@@ -1558,6 +1558,9 @@ module Aws::KMS
 
     # @!attribute [rw] ciphertext_blob
     #   Ciphertext to be decrypted. The blob includes metadata.
+    #
+    #   This parameter is required in all cases except when `DryRun` is
+    #   `true` and `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`.
     #   @return [String]
     #
     # @!attribute [rw] encryption_context
@@ -1607,11 +1610,12 @@ module Aws::KMS
     #   operation throws an `IncorrectKeyException`.
     #
     #   This parameter is required only when the ciphertext was encrypted
-    #   under an asymmetric KMS key. If you used a symmetric encryption KMS
-    #   key, KMS can get the KMS key from metadata that it adds to the
-    #   symmetric ciphertext blob. However, it is always recommended as a
-    #   best practice. This practice ensures that you use the KMS key that
-    #   you intend.
+    #   under an asymmetric KMS key or when `DryRun` is `true` and
+    #   `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`. If you used a
+    #   symmetric encryption KMS key, KMS can get the KMS key from metadata
+    #   that it adds to the symmetric ciphertext blob. However, it is always
+    #   recommended as a best practice. This practice ensures that you use
+    #   the KMS key that you intend.
     #
     #   To specify a KMS key, use its key ID, key ARN, alias name, or alias
     #   ARN. When using an alias name, prefix it with `"alias/"`. To specify
@@ -1687,6 +1691,23 @@ module Aws::KMS
     #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
     #   @return [Boolean]
     #
+    # @!attribute [rw] dry_run_modifiers
+    #   Specifies the modifiers to apply to the dry run operation.
+    #   `DryRunModifiers` is an optional parameter that only applies when
+    #   `DryRun` is set to `true`.
+    #
+    #   When set to `IGNORE_CIPHERTEXT`, KMS performs only authorization
+    #   validation without ciphertext validation. This allows you to test
+    #   permissions without requiring a valid ciphertext blob.
+    #
+    #   To learn more about how to use this parameter, see [Testing your
+    #   permissions][1] in the *Key Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DecryptRequest AWS API Documentation
     #
     class DecryptRequest < Struct.new(
@@ -1696,7 +1717,8 @@ module Aws::KMS
       :key_id,
       :encryption_algorithm,
       :recipient,
-      :dry_run)
+      :dry_run,
+      :dry_run_modifiers)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -5340,6 +5362,9 @@ module Aws::KMS
 
     # @!attribute [rw] ciphertext_blob
     #   Ciphertext of the data to reencrypt.
+    #
+    #   This parameter is required in all cases except when `DryRun` is
+    #   `true` and `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`.
     #   @return [String]
     #
     # @!attribute [rw] source_encryption_context
@@ -5373,11 +5398,12 @@ module Aws::KMS
     #   operation throws an `IncorrectKeyException`.
     #
     #   This parameter is required only when the ciphertext was encrypted
-    #   under an asymmetric KMS key. If you used a symmetric encryption KMS
-    #   key, KMS can get the KMS key from metadata that it adds to the
-    #   symmetric ciphertext blob. However, it is always recommended as a
-    #   best practice. This practice ensures that you use the KMS key that
-    #   you intend.
+    #   under an asymmetric KMS key or when `DryRun` is `true` and
+    #   `DryRunModifiers` is set to `IGNORE_CIPHERTEXT`. If you used a
+    #   symmetric encryption KMS key, KMS can get the KMS key from metadata
+    #   that it adds to the symmetric ciphertext blob. However, it is always
+    #   recommended as a best practice. This practice ensures that you use
+    #   the KMS key that you intend.
     #
     #   To specify a KMS key, use its key ID, key ARN, alias name, or alias
     #   ARN. When using an alias name, prefix it with `"alias/"`. To specify
@@ -5503,6 +5529,23 @@ module Aws::KMS
     #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
     #   @return [Boolean]
     #
+    # @!attribute [rw] dry_run_modifiers
+    #   Specifies the modifiers to apply to the dry run operation.
+    #   `DryRunModifiers` is an optional parameter that only applies when
+    #   `DryRun` is set to `true`.
+    #
+    #   When set to `IGNORE_CIPHERTEXT`, KMS performs only authorization
+    #   validation without ciphertext validation. This allows you to test
+    #   permissions without requiring a valid ciphertext blob.
+    #
+    #   To learn more about how to use this parameter, see [Testing your
+    #   permissions][1] in the *Key Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/testing-permissions.html
+    #   @return [Array<String>]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ReEncryptRequest AWS API Documentation
     #
     class ReEncryptRequest < Struct.new(
@@ -5514,7 +5557,8 @@ module Aws::KMS
       :source_encryption_algorithm,
       :destination_encryption_algorithm,
       :grant_tokens,
-      :dry_run)
+      :dry_run,
+      :dry_run_modifiers)
       SENSITIVE = []
       include Aws::Structure
     end

data/lib/aws-sdk-kms.rb

@@ -54,7 +54,7 @@ module Aws::KMS
   autoload :EndpointProvider, 'aws-sdk-kms/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-kms/endpoints'
 
-  GEM_VERSION = '1.121.0'
+  GEM_VERSION = '1.123.0'
 
 end
 

data/sig/client.rbs

@@ -184,7 +184,7 @@ module Aws
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#decrypt-instance_method
       def decrypt: (
-                     ciphertext_blob: ::String,
+                     ?ciphertext_blob: ::String,
                      ?encryption_context: Hash[::String, ::String],
                      ?grant_tokens: Array[::String],
                      ?key_id: ::String,
@@ -193,9 +193,10 @@ module Aws
                        key_encryption_algorithm: ("RSAES_OAEP_SHA_256")?,
                        attestation_document: ::String?
                      },
-                     ?dry_run: bool
+                     ?dry_run: bool,
+                     ?dry_run_modifiers: Array[("IGNORE_CIPHERTEXT")]
                    ) -> _DecryptResponseSuccess
-                 | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DecryptResponseSuccess
+                 | (?Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DecryptResponseSuccess
 
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#delete_alias-instance_method
       def delete_alias: (
@@ -635,7 +636,7 @@ module Aws
       end
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/KMS/Client.html#re_encrypt-instance_method
       def re_encrypt: (
-                        ciphertext_blob: ::String,
+                        ?ciphertext_blob: ::String,
                         ?source_encryption_context: Hash[::String, ::String],
                         ?source_key_id: ::String,
                         destination_key_id: ::String,
@@ -643,7 +644,8 @@ module Aws
                         ?source_encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE"),
                         ?destination_encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE"),
                         ?grant_tokens: Array[::String],
-                        ?dry_run: bool
+                        ?dry_run: bool,
+                        ?dry_run_modifiers: Array[("IGNORE_CIPHERTEXT")]
                       ) -> _ReEncryptResponseSuccess
                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ReEncryptResponseSuccess
 

data/sig/types.rbs

@@ -175,6 +175,7 @@ module Aws::KMS
       attr_accessor encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
       attr_accessor recipient: Types::RecipientInfo
       attr_accessor dry_run: bool
+      attr_accessor dry_run_modifiers: ::Array[("IGNORE_CIPHERTEXT")]
       SENSITIVE: []
     end
 
@@ -779,6 +780,7 @@ module Aws::KMS
       attr_accessor destination_encryption_algorithm: ("SYMMETRIC_DEFAULT" | "RSAES_OAEP_SHA_1" | "RSAES_OAEP_SHA_256" | "SM2PKE")
       attr_accessor grant_tokens: ::Array[::String]
       attr_accessor dry_run: bool
+      attr_accessor dry_run_modifiers: ::Array[("IGNORE_CIPHERTEXT")]
       SENSITIVE: []
     end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-kms
 version: !ruby/object:Gem::Version
-  version: 1.121.0
+  version: 1.123.0
 platform: ruby
 authors:
 - Amazon Web Services
@@ -18,7 +18,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.241.4
+        version: 3.244.0
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
@@ -28,7 +28,7 @@ dependencies:
         version: '3'
     - - ">="
       - !ruby/object:Gem::Version
-        version: 3.241.4
+        version: 3.244.0
 - !ruby/object:Gem::Dependency
   name: aws-sigv4
   requirement: !ruby/object:Gem::Requirement