aws-sdk-kms 1.3.0 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: ccbfd96a2bbd42fa8033c0813d07dfb7081aa59c
4
- data.tar.gz: c880a357714e7a9d132d2a2ed3065e97deedf991
3
+ metadata.gz: 895eb50d5f2eb95892a3f4a91deaac264d30cf3d
4
+ data.tar.gz: b4e6d8058e2cbb69f6065fb5701c26f154e9c50d
5
5
  SHA512:
6
- metadata.gz: 6d9dd353274e67852e1e154abd08ed67d3aeb9870567a5b0806da5d7c39574e2000d659f47e0e5efa341a2575719fbf6209206f42d9127fe5d33a473276f00b6
7
- data.tar.gz: 1461631a9f78a18a44938c72e794f33b14a4539712bbaaf028ca8cb9563ab271441b2548a1844924ccc6c3ba535f3124ae6f8ac4f4fc38fe70c2d46c09781d10
6
+ metadata.gz: 4ada9c81d8850c2a1a2d6eed00e3398a6e6a736ba482808d3f26928b73b8b8c433c90ad0d735f349156d2f409619005ce39cb1665087051ddb700b29a4905f80
7
+ data.tar.gz: 315ff31679a785d1c94c951e0e93f1e3a5b311c59c376be1d3ea5c9a59f2b5512991478d08e1057bb66553dc2c71757c6865eb97238c110444239a16e803fcf9
@@ -42,6 +42,6 @@ require_relative 'aws-sdk-kms/customizations'
42
42
  # @service
43
43
  module Aws::KMS
44
44
 
45
- GEM_VERSION = '1.3.0'
45
+ GEM_VERSION = '1.4.0'
46
46
 
47
47
  end
@@ -476,29 +476,29 @@ module Aws::KMS
476
476
  # @option params [String] :policy
477
477
  # The key policy to attach to the CMK.
478
478
  #
479
- # If you specify a policy and do not set
480
- # `BypassPolicyLockoutSafetyCheck` to true, the policy must meet the
481
- # following criteria:
479
+ # If you provide a key policy, it must meet the following criteria:
482
480
  #
483
- # * It must allow the principal that is making the `CreateKey` request
484
- # to make a subsequent PutKeyPolicy request on the CMK. This reduces
485
- # the likelihood that the CMK becomes unmanageable. For more
481
+ # * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the key
482
+ # policy must allow the principal that is making the `CreateKey`
483
+ # request to make a subsequent PutKeyPolicy request on the CMK. This
484
+ # reduces the risk that the CMK becomes unmanageable. For more
486
485
  # information, refer to the scenario in the [Default Key Policy][1]
487
- # section in the *AWS Key Management Service Developer Guide*.
486
+ # section of the *AWS Key Management Service Developer Guide*.
488
487
  #
489
- # * The principals that are specified in the key policy must exist and
490
- # be visible to AWS KMS. When you create a new AWS principal (for
488
+ # * Each statement in the key policy must contain one or more
489
+ # principals. The principals in the key policy must exist and be
490
+ # visible to AWS KMS. When you create a new AWS principal (for
491
491
  # example, an IAM user or role), you might need to enforce a delay
492
- # before specifying the new principal in a key policy because the new
493
- # principal might not immediately be visible to AWS KMS. For more
492
+ # before including the new principal in a key policy because the new
493
+ # principal might not be immediately visible to AWS KMS. For more
494
494
  # information, see [Changes that I make are not always immediately
495
- # visible][2] in the *IAM User Guide*.
495
+ # visible][2] in the *AWS Identity and Access Management User Guide*.
496
496
  #
497
- # If you do not specify a policy, AWS KMS attaches a default key policy
498
- # to the CMK. For more information, see [Default Key Policy][3] in the
499
- # *AWS Key Management Service Developer Guide*.
497
+ # If you do not provide a key policy, AWS KMS attaches a default key
498
+ # policy to the CMK. For more information, see [Default Key Policy][3]
499
+ # in the *AWS Key Management Service Developer Guide*.
500
500
  #
501
- # The policy size limit is 32 kilobytes (32768 bytes).
501
+ # The key policy size limit is 32 kilobytes (32768 bytes).
502
502
  #
503
503
  #
504
504
  #
@@ -537,8 +537,8 @@ module Aws::KMS
537
537
  # A flag to indicate whether to bypass the key policy lockout safety
538
538
  # check.
539
539
  #
540
- # Setting this value to true increases the likelihood that the CMK
541
- # becomes unmanageable. Do not set this value to true indiscriminately.
540
+ # Setting this value to true increases the risk that the CMK becomes
541
+ # unmanageable. Do not set this value to true indiscriminately.
542
542
  #
543
543
  # For more information, refer to the scenario in the [Default Key
544
544
  # Policy][1] section in the *AWS Key Management Service Developer
@@ -1576,8 +1576,8 @@ module Aws::KMS
1576
1576
  # To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
1577
1577
  #
1578
1578
  # @option params [required, String] :policy_name
1579
- # Specifies the name of the policy. The only valid name is `default`. To
1580
- # get the names of key policies, use ListKeyPolicies.
1579
+ # Specifies the name of the key policy. The only valid name is
1580
+ # `default`. To get the names of key policies, use ListKeyPolicies.
1581
1581
  #
1582
1582
  # @return [Types::GetKeyPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
1583
1583
  #
@@ -2552,24 +2552,25 @@ module Aws::KMS
2552
2552
  # @option params [required, String] :policy
2553
2553
  # The key policy to attach to the CMK.
2554
2554
  #
2555
- # If you do not set `BypassPolicyLockoutSafetyCheck` to true, the policy
2556
- # must meet the following criteria:
2555
+ # The key policy must meet the following criteria:
2557
2556
  #
2558
- # * It must allow the principal that is making the `PutKeyPolicy`
2557
+ # * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the key
2558
+ # policy must allow the principal that is making the `PutKeyPolicy`
2559
2559
  # request to make a subsequent `PutKeyPolicy` request on the CMK. This
2560
- # reduces the likelihood that the CMK becomes unmanageable. For more
2560
+ # reduces the risk that the CMK becomes unmanageable. For more
2561
2561
  # information, refer to the scenario in the [Default Key Policy][1]
2562
- # section in the *AWS Key Management Service Developer Guide*.
2562
+ # section of the *AWS Key Management Service Developer Guide*.
2563
2563
  #
2564
- # * The principals that are specified in the key policy must exist and
2565
- # be visible to AWS KMS. When you create a new AWS principal (for
2564
+ # * Each statement in the key policy must contain one or more
2565
+ # principals. The principals in the key policy must exist and be
2566
+ # visible to AWS KMS. When you create a new AWS principal (for
2566
2567
  # example, an IAM user or role), you might need to enforce a delay
2567
- # before specifying the new principal in a key policy because the new
2568
- # principal might not immediately be visible to AWS KMS. For more
2568
+ # before including the new principal in a key policy because the new
2569
+ # principal might not be immediately visible to AWS KMS. For more
2569
2570
  # information, see [Changes that I make are not always immediately
2570
- # visible][2] in the *IAM User Guide*.
2571
+ # visible][2] in the *AWS Identity and Access Management User Guide*.
2571
2572
  #
2572
- # The policy size limit is 32 kilobytes (32768 bytes).
2573
+ # The key policy size limit is 32 kilobytes (32768 bytes).
2573
2574
  #
2574
2575
  #
2575
2576
  #
@@ -2580,8 +2581,8 @@ module Aws::KMS
2580
2581
  # A flag to indicate whether to bypass the key policy lockout safety
2581
2582
  # check.
2582
2583
  #
2583
- # Setting this value to true increases the likelihood that the CMK
2584
- # becomes unmanageable. Do not set this value to true indiscriminately.
2584
+ # Setting this value to true increases the risk that the CMK becomes
2585
+ # unmanageable. Do not set this value to true indiscriminately.
2585
2586
  #
2586
2587
  # For more information, refer to the scenario in the [Default Key
2587
2588
  # Policy][1] section in the *AWS Key Management Service Developer
@@ -3218,7 +3219,7 @@ module Aws::KMS
3218
3219
  params: params,
3219
3220
  config: config)
3220
3221
  context[:gem_name] = 'aws-sdk-kms'
3221
- context[:gem_version] = '1.3.0'
3222
+ context[:gem_version] = '1.4.0'
3222
3223
  Seahorse::Client::Request.new(handlers, context)
3223
3224
  end
3224
3225
 
@@ -287,29 +287,30 @@ module Aws::KMS
287
287
  # @!attribute [rw] policy
288
288
  # The key policy to attach to the CMK.
289
289
  #
290
- # If you specify a policy and do not set
291
- # `BypassPolicyLockoutSafetyCheck` to true, the policy must meet the
292
- # following criteria:
290
+ # If you provide a key policy, it must meet the following criteria:
293
291
  #
294
- # * It must allow the principal that is making the `CreateKey` request
295
- # to make a subsequent PutKeyPolicy request on the CMK. This reduces
296
- # the likelihood that the CMK becomes unmanageable. For more
292
+ # * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the
293
+ # key policy must allow the principal that is making the `CreateKey`
294
+ # request to make a subsequent PutKeyPolicy request on the CMK. This
295
+ # reduces the risk that the CMK becomes unmanageable. For more
297
296
  # information, refer to the scenario in the [Default Key Policy][1]
298
- # section in the *AWS Key Management Service Developer Guide*.
297
+ # section of the *AWS Key Management Service Developer Guide*.
299
298
  #
300
- # * The principals that are specified in the key policy must exist and
301
- # be visible to AWS KMS. When you create a new AWS principal (for
299
+ # * Each statement in the key policy must contain one or more
300
+ # principals. The principals in the key policy must exist and be
301
+ # visible to AWS KMS. When you create a new AWS principal (for
302
302
  # example, an IAM user or role), you might need to enforce a delay
303
- # before specifying the new principal in a key policy because the
304
- # new principal might not immediately be visible to AWS KMS. For
305
- # more information, see [Changes that I make are not always
306
- # immediately visible][2] in the *IAM User Guide*.
303
+ # before including the new principal in a key policy because the new
304
+ # principal might not be immediately visible to AWS KMS. For more
305
+ # information, see [Changes that I make are not always immediately
306
+ # visible][2] in the *AWS Identity and Access Management User
307
+ # Guide*.
307
308
  #
308
- # If you do not specify a policy, AWS KMS attaches a default key
309
+ # If you do not provide a key policy, AWS KMS attaches a default key
309
310
  # policy to the CMK. For more information, see [Default Key Policy][3]
310
311
  # in the *AWS Key Management Service Developer Guide*.
311
312
  #
312
- # The policy size limit is 32 kilobytes (32768 bytes).
313
+ # The key policy size limit is 32 kilobytes (32768 bytes).
313
314
  #
314
315
  #
315
316
  #
@@ -353,9 +354,8 @@ module Aws::KMS
353
354
  # A flag to indicate whether to bypass the key policy lockout safety
354
355
  # check.
355
356
  #
356
- # Setting this value to true increases the likelihood that the CMK
357
- # becomes unmanageable. Do not set this value to true
358
- # indiscriminately.
357
+ # Setting this value to true increases the risk that the CMK becomes
358
+ # unmanageable. Do not set this value to true indiscriminately.
359
359
  #
360
360
  # For more information, refer to the scenario in the [Default Key
361
361
  # Policy][1] section in the *AWS Key Management Service Developer
@@ -1055,8 +1055,8 @@ module Aws::KMS
1055
1055
  # @return [String]
1056
1056
  #
1057
1057
  # @!attribute [rw] policy_name
1058
- # Specifies the name of the policy. The only valid name is `default`.
1059
- # To get the names of key policies, use ListKeyPolicies.
1058
+ # Specifies the name of the key policy. The only valid name is
1059
+ # `default`. To get the names of key policies, use ListKeyPolicies.
1060
1060
  # @return [String]
1061
1061
  #
1062
1062
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyRequest AWS API Documentation
@@ -1068,7 +1068,7 @@ module Aws::KMS
1068
1068
  end
1069
1069
 
1070
1070
  # @!attribute [rw] policy
1071
- # A policy document in JSON format.
1071
+ # A key policy document in JSON format.
1072
1072
  # @return [String]
1073
1073
  #
1074
1074
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyResponse AWS API Documentation
@@ -1702,8 +1702,8 @@ module Aws::KMS
1702
1702
  end
1703
1703
 
1704
1704
  # @!attribute [rw] policy_names
1705
- # A list of policy names. Currently, there is only one policy and it
1706
- # is named "Default".
1705
+ # A list of key policy names. Currently, there is only one key policy
1706
+ # per CMK and it is always named `default`.
1707
1707
  # @return [Array<String>]
1708
1708
  #
1709
1709
  # @!attribute [rw] next_marker
@@ -1946,25 +1946,27 @@ module Aws::KMS
1946
1946
  # @!attribute [rw] policy
1947
1947
  # The key policy to attach to the CMK.
1948
1948
  #
1949
- # If you do not set `BypassPolicyLockoutSafetyCheck` to true, the
1950
- # policy must meet the following criteria:
1949
+ # The key policy must meet the following criteria:
1951
1950
  #
1952
- # * It must allow the principal that is making the `PutKeyPolicy`
1953
- # request to make a subsequent `PutKeyPolicy` request on the CMK.
1954
- # This reduces the likelihood that the CMK becomes unmanageable. For
1955
- # more information, refer to the scenario in the [Default Key
1956
- # Policy][1] section in the *AWS Key Management Service Developer
1957
- # Guide*.
1951
+ # * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the
1952
+ # key policy must allow the principal that is making the
1953
+ # `PutKeyPolicy` request to make a subsequent `PutKeyPolicy` request
1954
+ # on the CMK. This reduces the risk that the CMK becomes
1955
+ # unmanageable. For more information, refer to the scenario in the
1956
+ # [Default Key Policy][1] section of the *AWS Key Management Service
1957
+ # Developer Guide*.
1958
1958
  #
1959
- # * The principals that are specified in the key policy must exist and
1960
- # be visible to AWS KMS. When you create a new AWS principal (for
1959
+ # * Each statement in the key policy must contain one or more
1960
+ # principals. The principals in the key policy must exist and be
1961
+ # visible to AWS KMS. When you create a new AWS principal (for
1961
1962
  # example, an IAM user or role), you might need to enforce a delay
1962
- # before specifying the new principal in a key policy because the
1963
- # new principal might not immediately be visible to AWS KMS. For
1964
- # more information, see [Changes that I make are not always
1965
- # immediately visible][2] in the *IAM User Guide*.
1963
+ # before including the new principal in a key policy because the new
1964
+ # principal might not be immediately visible to AWS KMS. For more
1965
+ # information, see [Changes that I make are not always immediately
1966
+ # visible][2] in the *AWS Identity and Access Management User
1967
+ # Guide*.
1966
1968
  #
1967
- # The policy size limit is 32 kilobytes (32768 bytes).
1969
+ # The key policy size limit is 32 kilobytes (32768 bytes).
1968
1970
  #
1969
1971
  #
1970
1972
  #
@@ -1976,9 +1978,8 @@ module Aws::KMS
1976
1978
  # A flag to indicate whether to bypass the key policy lockout safety
1977
1979
  # check.
1978
1980
  #
1979
- # Setting this value to true increases the likelihood that the CMK
1980
- # becomes unmanageable. Do not set this value to true
1981
- # indiscriminately.
1981
+ # Setting this value to true increases the risk that the CMK becomes
1982
+ # unmanageable. Do not set this value to true indiscriminately.
1982
1983
  #
1983
1984
  # For more information, refer to the scenario in the [Default Key
1984
1985
  # Policy][1] section in the *AWS Key Management Service Developer
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-kms
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.3.0
4
+ version: 1.4.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2017-11-07 00:00:00.000000000 Z
11
+ date: 2018-01-09 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core