aws-sdk-kms 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 1323a792a461b787f57782b61ab58f59dcfea366
4
- data.tar.gz: 2c847be562eddb58bddd7412381b2025d8ac54db
3
+ metadata.gz: 02b4c1a040a3b1632123afdee50ccb74154d6257
4
+ data.tar.gz: 879cf2a11b299d42c2c9dc5a9b3c8de43b204e2b
5
5
  SHA512:
6
- metadata.gz: 5b5e46d54f47e6bd3913d3c66009ea7ac645cf45c650466816df5252df0ec9e83a81a0c3a2fa92625bd397eb4e8aacce5af30540981d8ce6e9ab0132872be04a
7
- data.tar.gz: 7ba21bdc35c38f2115c4a16f2a8710c2d8dd219a58a3698460df1c1305d2f7a442c3b4a036fbf10cfbdc05d1e2dee48d47966e494759a022e2b92e150e99c03d
6
+ metadata.gz: 217a4c15d6457790ff8fa99b7284cea7efe7d6955ec0f045b1ec94e7a9a32fd976da9566ecbe95ac0141407e67ce86180077c81672e92784df8a8b88b65d4363
7
+ data.tar.gz: a78b35a29899e6ee1586d371605850c85d19b5fe7048939ef06f68ecd1b6a480d4b2500fca1f0ae05dab25718ceadab35da34232c943eab1d23a1e64649f341f
@@ -42,6 +42,6 @@ require_relative 'aws-sdk-kms/customizations'
42
42
  # @service
43
43
  module Aws::KMS
44
44
 
45
- GEM_VERSION = '1.6.0'
45
+ GEM_VERSION = '1.7.0'
46
46
 
47
47
  end
@@ -175,9 +175,14 @@ module Aws::KMS
175
175
  # see [Deleting Customer Master Keys][1] in the *AWS Key Management
176
176
  # Service Developer Guide*.
177
177
  #
178
+ # The result of this operation varies with the key state of the CMK. For
179
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
180
+ # in the *AWS Key Management Service Developer Guide*.
181
+ #
178
182
  #
179
183
  #
180
184
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html
185
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
181
186
  #
182
187
  # @option params [required, String] :key_id
183
188
  # The unique identifier for the customer master key (CMK) for which to
@@ -231,9 +236,9 @@ module Aws::KMS
231
236
  req.send_request(options)
232
237
  end
233
238
 
234
- # Creates a display name for a customer master key (CMK). You can use an
235
- # alias to identify a CMK in selected operations, such as Encrypt and
236
- # GenerateDataKey.
239
+ # Creates a display name for a customer-managed customer master key
240
+ # (CMK). You can use an alias to identify a CMK in selected operations,
241
+ # such as Encrypt and GenerateDataKey.
237
242
  #
238
243
  # Each CMK can have multiple aliases, but each alias points to only one
239
244
  # CMK. The alias name must be unique in the AWS account and region. To
@@ -245,11 +250,10 @@ module Aws::KMS
245
250
  # appear in the response from the DescribeKey operation. To get the
246
251
  # aliases of all CMKs, use the ListAliases operation.
247
252
  #
248
- # An alias must start with the word `alias` followed by a forward slash
249
- # (`alias/`). The alias name can contain only alphanumeric characters,
250
- # forward slashes (/), underscores (\_), and dashes (-). Alias names
251
- # cannot begin with `aws`; that alias name prefix is reserved by Amazon
252
- # Web Services (AWS).
253
+ # The alias name can contain only alphanumeric characters, forward
254
+ # slashes (/), underscores (\_), and dashes (-). Alias names cannot
255
+ # begin with **aws/**. That alias name prefix is reserved for AWS
256
+ # managed CMKs.
253
257
  #
254
258
  # The alias and the CMK it is mapped to must be in the same AWS account
255
259
  # and the same region. You cannot perform this operation on an alias in
@@ -257,10 +261,19 @@ module Aws::KMS
257
261
  #
258
262
  # To map an existing alias to a different CMK, call UpdateAlias.
259
263
  #
264
+ # The result of this operation varies with the key state of the CMK. For
265
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
266
+ # in the *AWS Key Management Service Developer Guide*.
267
+ #
268
+ #
269
+ #
270
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
271
+ #
260
272
  # @option params [required, String] :alias_name
261
- # String that contains the display name. The name must start with the
262
- # word "alias" followed by a forward slash (alias/). Aliases that
263
- # begin with "alias/AWS" are reserved.
273
+ # Specifies the alias name. This value must begin with `alias/` followed
274
+ # by the alias name, such as `alias/ExampleAlias`. The alias name cannot
275
+ # begin with `aws/`. The `alias/aws/` prefix is reserved for AWS managed
276
+ # CMKs.
264
277
  #
265
278
  # @option params [required, String] :target_key_id
266
279
  # Identifies the CMK for which you are creating the alias. This value
@@ -310,13 +323,18 @@ module Aws::KMS
310
323
  # grants are an alternative to key policies.
311
324
  #
312
325
  # To perform this operation on a CMK in a different AWS account, specify
313
- # the key ARN in the value of the KeyId parameter. For more information
314
- # about grants, see [Grants][1] in the *AWS Key Management Service
315
- # Developer Guide*.
326
+ # the key ARN in the value of the `KeyId` parameter. For more
327
+ # information about grants, see [Grants][1] in the *AWS Key Management
328
+ # Service Developer Guide*.
329
+ #
330
+ # The result of this operation varies with the key state of the CMK. For
331
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
332
+ # in the *AWS Key Management Service Developer Guide*.
316
333
  #
317
334
  #
318
335
  #
319
336
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/grants.html
337
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
320
338
  #
321
339
  # @option params [required, String] :key_id
322
340
  # The unique identifier for the customer master key (CMK) that the grant
@@ -391,7 +409,8 @@ module Aws::KMS
391
409
  #
392
410
  # @option params [String] :name
393
411
  # A friendly name for identifying the grant. Use this value to prevent
394
- # unintended creation of duplicate grants when retrying this request.
412
+ # the unintended creation of duplicate grants when retrying this
413
+ # request.
395
414
  #
396
415
  # When this value is absent, all `CreateGrant` requests result in a new
397
416
  # grant with a unique `GrantId` even if all the supplied parameters are
@@ -467,7 +486,7 @@ module Aws::KMS
467
486
  # Creates a customer master key (CMK) in the caller's AWS account.
468
487
  #
469
488
  # You can use a CMK to encrypt small amounts of data (4 KiB or less)
470
- # directly, but CMKs are more commonly used to encrypt data encryption
489
+ # directly. But CMKs are more commonly used to encrypt data encryption
471
490
  # keys (DEKs), which are used to encrypt raw data. For more information
472
491
  # about DEKs and the difference between CMKs and DEKs, see the
473
492
  # following:
@@ -500,10 +519,11 @@ module Aws::KMS
500
519
  # principals. The principals in the key policy must exist and be
501
520
  # visible to AWS KMS. When you create a new AWS principal (for
502
521
  # example, an IAM user or role), you might need to enforce a delay
503
- # before including the new principal in a key policy because the new
504
- # principal might not be immediately visible to AWS KMS. For more
505
- # information, see [Changes that I make are not always immediately
506
- # visible][2] in the *AWS Identity and Access Management User Guide*.
522
+ # before including the new principal in a key policy. The reason for
523
+ # this is that the new principal might not be immediately visible to
524
+ # AWS KMS. For more information, see [Changes that I make are not
525
+ # always immediately visible][2] in the *AWS Identity and Access
526
+ # Management User Guide*.
507
527
  #
508
528
  # If you do not provide a key policy, AWS KMS attaches a default key
509
529
  # policy to the CMK. For more information, see [Default Key Policy][3]
@@ -658,15 +678,22 @@ module Aws::KMS
658
678
  #
659
679
  # * Encrypt
660
680
  #
661
- # Note that if a caller has been granted access permissions to all keys
662
- # (through, for example, IAM user policies that grant `Decrypt`
663
- # permission on all resources), then ciphertext encrypted by using keys
664
- # in other accounts where the key grants access to the caller can be
665
- # decrypted. To remedy this, we recommend that you do not grant
666
- # `Decrypt` access in an IAM user policy. Instead grant `Decrypt` access
667
- # only in key policies. If you must grant `Decrypt` access in an IAM
668
- # user policy, you should scope the resource to specific keys or to
669
- # specific trusted accounts.
681
+ # Whenever possible, use key policies to give users permission to call
682
+ # the Decrypt operation on the CMK, instead of IAM policies. Otherwise,
683
+ # you might create an IAM user policy that gives the user Decrypt
684
+ # permission on all CMKs. This user could decrypt ciphertext that was
685
+ # encrypted by CMKs in other accounts if the key policy for the
686
+ # cross-account CMK permits it. If you must use an IAM policy for
687
+ # `Decrypt` permissions, limit the user to particular CMKs or particular
688
+ # trusted accounts.
689
+ #
690
+ # The result of this operation varies with the key state of the CMK. For
691
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
692
+ # in the *AWS Key Management Service Developer Guide*.
693
+ #
694
+ #
695
+ #
696
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
670
697
  #
671
698
  # @option params [required, String, IO] :ciphertext_blob
672
699
  # Ciphertext to be decrypted. The blob includes metadata.
@@ -791,9 +818,14 @@ module Aws::KMS
791
818
  # After you delete key material, you can use ImportKeyMaterial to
792
819
  # reimport the same key material into the CMK.
793
820
  #
821
+ # The result of this operation varies with the key state of the CMK. For
822
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
823
+ # in the *AWS Key Management Service Developer Guide*.
824
+ #
794
825
  #
795
826
  #
796
827
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
828
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
797
829
  #
798
830
  # @option params [required, String] :key_id
799
831
  # The identifier of the CMK whose key material to delete. The CMK's
@@ -839,15 +871,28 @@ module Aws::KMS
839
871
  # Provides detailed information about the specified customer master key
840
872
  # (CMK).
841
873
  #
874
+ # You can use `DescribeKey` on a predefined AWS alias, that is, an AWS
875
+ # alias with no key ID. When you do, AWS KMS associates the alias with
876
+ # an [AWS managed CMK][1] and returns its `KeyId` and `Arn` in the
877
+ # response.
878
+ #
842
879
  # To perform this operation on a CMK in a different AWS account, specify
843
880
  # the key ARN or alias ARN in the value of the KeyId parameter.
844
881
  #
882
+ #
883
+ #
884
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys
885
+ #
845
886
  # @option params [required, String] :key_id
846
- # A unique identifier for the customer master key (CMK).
887
+ # Describes the specified customer master key (CMK).
888
+ #
889
+ # If you specify a predefined AWS alias (an AWS alias with no key ID),
890
+ # KMS associates the alias with an [AWS managed CMK][1] and returns its
891
+ # `KeyId` and `Arn` in the response.
847
892
  #
848
893
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
849
894
  # name, or alias ARN. When using an alias name, prefix it with
850
- # "alias/". To specify a CMK in a different AWS account, you must use
895
+ # `"alias/"`. To specify a CMK in a different AWS account, you must use
851
896
  # the key ARN or alias ARN.
852
897
  #
853
898
  # For example:
@@ -864,6 +909,10 @@ module Aws::KMS
864
909
  # To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
865
910
  # To get the alias name and alias ARN, use ListAliases.
866
911
  #
912
+ #
913
+ #
914
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys
915
+ #
867
916
  # @option params [Array<String>] :grant_tokens
868
917
  # A list of grant tokens.
869
918
  #
@@ -943,6 +992,10 @@ module Aws::KMS
943
992
  # [How Key State Affects the Use of a Customer Master Key][1] in the
944
993
  # *AWS Key Management Service Developer Guide*.
945
994
  #
995
+ # The result of this operation varies with the key state of the CMK. For
996
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
997
+ # in the *AWS Key Management Service Developer Guide*.
998
+ #
946
999
  #
947
1000
  #
948
1001
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
@@ -987,10 +1040,19 @@ module Aws::KMS
987
1040
  req.send_request(options)
988
1041
  end
989
1042
 
990
- # Disables automatic rotation of the key material for the specified
1043
+ # Disables [automatic rotation of the key material][1] for the specified
991
1044
  # customer master key (CMK). You cannot perform this operation on a CMK
992
1045
  # in a different AWS account.
993
1046
  #
1047
+ # The result of this operation varies with the key state of the CMK. For
1048
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1049
+ # in the *AWS Key Management Service Developer Guide*.
1050
+ #
1051
+ #
1052
+ #
1053
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
1054
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1055
+ #
994
1056
  # @option params [required, String] :key_id
995
1057
  # A unique identifier for the customer master key (CMK).
996
1058
  #
@@ -1035,6 +1097,14 @@ module Aws::KMS
1035
1097
  # permitting its use for cryptographic operations. You cannot perform
1036
1098
  # this operation on a CMK in a different AWS account.
1037
1099
  #
1100
+ # The result of this operation varies with the key state of the CMK. For
1101
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
1102
+ # in the *AWS Key Management Service Developer Guide*.
1103
+ #
1104
+ #
1105
+ #
1106
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1107
+ #
1038
1108
  # @option params [required, String] :key_id
1039
1109
  # A unique identifier for the customer master key (CMK).
1040
1110
  #
@@ -1075,10 +1145,19 @@ module Aws::KMS
1075
1145
  req.send_request(options)
1076
1146
  end
1077
1147
 
1078
- # Enables automatic rotation of the key material for the specified
1148
+ # Enables [automatic rotation of the key material][1] for the specified
1079
1149
  # customer master key (CMK). You cannot perform this operation on a CMK
1080
1150
  # in a different AWS account.
1081
1151
  #
1152
+ # The result of this operation varies with the key state of the CMK. For
1153
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1154
+ # in the *AWS Key Management Service Developer Guide*.
1155
+ #
1156
+ #
1157
+ #
1158
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
1159
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1160
+ #
1082
1161
  # @option params [required, String] :key_id
1083
1162
  # A unique identifier for the customer master key (CMK).
1084
1163
  #
@@ -1126,32 +1205,38 @@ module Aws::KMS
1126
1205
  # such as an RSA key, a database password, or other sensitive
1127
1206
  # information.
1128
1207
  #
1129
- # * To move encrypted data from one AWS region to another, you can use
1130
- # this operation to encrypt in the new region the plaintext data key
1131
- # that was used to encrypt the data in the original region. This
1132
- # provides you with an encrypted copy of the data key that can be
1133
- # decrypted in the new region and used there to decrypt the encrypted
1134
- # data.
1208
+ # * You can use the `Encrypt` operation to move encrypted data from one
1209
+ # AWS region to another. In the first region, generate a data key and
1210
+ # use the plaintext key to encrypt the data. Then, in the new region,
1211
+ # call the `Encrypt` method on same plaintext data key. Now, you can
1212
+ # safely move the encrypted data and encrypted data key to the new
1213
+ # region, and decrypt in the new region when necessary.
1214
+ #
1215
+ # You don't need use this operation to encrypt a data key within a
1216
+ # region. The GenerateDataKey and GenerateDataKeyWithoutPlaintext
1217
+ # operations return an encrypted data key.
1218
+ #
1219
+ # Also, you don't need to use this operation to encrypt data in your
1220
+ # application. You can use the plaintext and encrypted data keys that
1221
+ # the `GenerateDataKey` operation returns.
1222
+ #
1223
+ # The result of this operation varies with the key state of the CMK. For
1224
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
1225
+ # in the *AWS Key Management Service Developer Guide*.
1135
1226
  #
1136
1227
  # To perform this operation on a CMK in a different AWS account, specify
1137
1228
  # the key ARN or alias ARN in the value of the KeyId parameter.
1138
1229
  #
1139
- # Unless you are moving encrypted data from one region to another, you
1140
- # don't use this operation to encrypt a generated data key within a
1141
- # region. To get data keys that are already encrypted, call the
1142
- # GenerateDataKey or GenerateDataKeyWithoutPlaintext operation. Data
1143
- # keys don't need to be encrypted again by calling `Encrypt`.
1144
1230
  #
1145
- # To encrypt data locally in your application, use the GenerateDataKey
1146
- # operation to return a plaintext data encryption key and a copy of the
1147
- # key encrypted under the CMK of your choosing.
1231
+ #
1232
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1148
1233
  #
1149
1234
  # @option params [required, String] :key_id
1150
1235
  # A unique identifier for the customer master key (CMK).
1151
1236
  #
1152
1237
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
1153
1238
  # name, or alias ARN. When using an alias name, prefix it with
1154
- # "alias/". To specify a CMK in a different AWS account, you must use
1239
+ # `"alias/"`. To specify a CMK in a different AWS account, you must use
1155
1240
  # the key ARN or alias ARN.
1156
1241
  #
1157
1242
  # For example:
@@ -1286,9 +1371,14 @@ module Aws::KMS
1286
1371
  # information, see [Encryption Context][1] in the *AWS Key Management
1287
1372
  # Service Developer Guide*.
1288
1373
  #
1374
+ # The result of this operation varies with the key state of the CMK. For
1375
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1376
+ # in the *AWS Key Management Service Developer Guide*.
1377
+ #
1289
1378
  #
1290
1379
  #
1291
1380
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/encryption-context.html
1381
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1292
1382
  #
1293
1383
  # @option params [required, String] :key_id
1294
1384
  # The identifier of the CMK under which to generate and encrypt the data
@@ -1296,7 +1386,7 @@ module Aws::KMS
1296
1386
  #
1297
1387
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
1298
1388
  # name, or alias ARN. When using an alias name, prefix it with
1299
- # "alias/". To specify a CMK in a different AWS account, you must use
1389
+ # `"alias/"`. To specify a CMK in a different AWS account, you must use
1300
1390
  # the key ARN or alias ARN.
1301
1391
  #
1302
1392
  # For example:
@@ -1413,17 +1503,25 @@ module Aws::KMS
1413
1503
  # then stores it in the container. Later, a different component of the
1414
1504
  # system, called the *data plane*, puts encrypted data into the
1415
1505
  # containers. To do this, it passes the encrypted data key to the
1416
- # Decrypt operation, then uses the returned plaintext data key to
1417
- # encrypt data, and finally stores the encrypted data in the container.
1506
+ # Decrypt operation. It then uses the returned plaintext data key to
1507
+ # encrypt data and finally stores the encrypted data in the container.
1418
1508
  # In this system, the control plane never sees the plaintext data key.
1419
1509
  #
1510
+ # The result of this operation varies with the key state of the CMK. For
1511
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
1512
+ # in the *AWS Key Management Service Developer Guide*.
1513
+ #
1514
+ #
1515
+ #
1516
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1517
+ #
1420
1518
  # @option params [required, String] :key_id
1421
1519
  # The identifier of the customer master key (CMK) under which to
1422
1520
  # generate and encrypt the data encryption key.
1423
1521
  #
1424
1522
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
1425
1523
  # name, or alias ARN. When using an alias name, prefix it with
1426
- # "alias/". To specify a CMK in a different AWS account, you must use
1524
+ # `"alias/"`. To specify a CMK in a different AWS account, you must use
1427
1525
  # the key ARN or alias ARN.
1428
1526
  #
1429
1527
  # For example:
@@ -1629,11 +1727,30 @@ module Aws::KMS
1629
1727
  req.send_request(options)
1630
1728
  end
1631
1729
 
1632
- # Gets a Boolean value that indicates whether automatic rotation of the
1633
- # key material is enabled for the specified customer master key (CMK).
1730
+ # Gets a Boolean value that indicates whether [automatic rotation of the
1731
+ # key material][1] is enabled for the specified customer master key
1732
+ # (CMK).
1733
+ #
1734
+ # The result of this operation varies with the key state of the CMK. For
1735
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1736
+ # in the *AWS Key Management Service Developer Guide*.
1737
+ #
1738
+ # * Disabled: The key rotation status does not change when you disable a
1739
+ # CMK. However, while the CMK is disabled, AWS KMS does not rotate the
1740
+ # backing key.
1741
+ #
1742
+ # * Pending deletion: While a CMK is pending deletion, its key rotation
1743
+ # status is `false` and AWS KMS does not rotate the backing key. If
1744
+ # you cancel the deletion, the original key rotation status is
1745
+ # restored.
1634
1746
  #
1635
1747
  # To perform this operation on a CMK in a different AWS account, specify
1636
- # the key ARN in the value of the KeyId parameter.
1748
+ # the key ARN in the value of the `KeyId` parameter.
1749
+ #
1750
+ #
1751
+ #
1752
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html
1753
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1637
1754
  #
1638
1755
  # @option params [required, String] :key_id
1639
1756
  # A unique identifier for the customer master key (CMK).
@@ -1707,9 +1824,14 @@ module Aws::KMS
1707
1824
  # subsequent ImportKeyMaterial request. To get new ones, send another
1708
1825
  # `GetParametersForImport` request.
1709
1826
  #
1827
+ # The result of this operation varies with the key state of the CMK. For
1828
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1829
+ # in the *AWS Key Management Service Developer Guide*.
1830
+ #
1710
1831
  #
1711
1832
  #
1712
1833
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
1834
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1713
1835
  #
1714
1836
  # @option params [required, String] :key_id
1715
1837
  # The identifier of the CMK into which you will import key material. The
@@ -1727,10 +1849,9 @@ module Aws::KMS
1727
1849
  # To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
1728
1850
  #
1729
1851
  # @option params [required, String] :wrapping_algorithm
1730
- # The algorithm you will use to encrypt the key material before
1731
- # importing it with ImportKeyMaterial. For more information, see
1732
- # [Encrypt the Key Material][1] in the *AWS Key Management Service
1733
- # Developer Guide*.
1852
+ # The algorithm you use to encrypt the key material before importing it
1853
+ # with ImportKeyMaterial. For more information, see [Encrypt the Key
1854
+ # Material][1] in the *AWS Key Management Service Developer Guide*.
1734
1855
  #
1735
1856
  #
1736
1857
  #
@@ -1831,9 +1952,14 @@ module Aws::KMS
1831
1952
  # key material into that CMK, but you cannot import different key
1832
1953
  # material.
1833
1954
  #
1955
+ # The result of this operation varies with the key state of the CMK. For
1956
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
1957
+ # in the *AWS Key Management Service Developer Guide*.
1958
+ #
1834
1959
  #
1835
1960
  #
1836
1961
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
1962
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
1837
1963
  #
1838
1964
  # @option params [required, String] :key_id
1839
1965
  # The identifier of the CMK to import the key material into. The CMK's
@@ -1907,20 +2033,39 @@ module Aws::KMS
1907
2033
  req.send_request(options)
1908
2034
  end
1909
2035
 
1910
- # Gets a list of all aliases in the caller's AWS account and region.
1911
- # You cannot list aliases in other accounts. For more information about
2036
+ # Gets a list of aliases in the caller's AWS account and region. You
2037
+ # cannot list aliases in other accounts. For more information about
1912
2038
  # aliases, see CreateAlias.
1913
2039
  #
1914
- # The response might include several aliases that do not have a
1915
- # `TargetKeyId` field because they are not associated with a CMK. These
1916
- # are predefined aliases that are reserved for CMKs managed by AWS
1917
- # services. If an alias is not associated with a CMK, the alias does not
1918
- # count against the [alias limit][1] for your account.
2040
+ # By default, the ListAliases command returns all aliases in the account
2041
+ # and region. To get only the aliases that point to a particular
2042
+ # customer master key (CMK), use the `KeyId` parameter.
2043
+ #
2044
+ # The `ListAliases` response can include aliases that you created and
2045
+ # associated with your customer managed CMKs, and aliases that AWS
2046
+ # created and associated with AWS managed CMKs in your account. You can
2047
+ # recognize AWS aliases because their names have the format
2048
+ # `aws/<service-name>`, such as `aws/dynamodb`.
2049
+ #
2050
+ # The response might also include aliases that have no `TargetKeyId`
2051
+ # field. These are predefined aliases that AWS has created but has not
2052
+ # yet associated with a CMK. Aliases that AWS creates in your account,
2053
+ # including predefined aliases, do not count against your [AWS KMS
2054
+ # aliases limit][1].
1919
2055
  #
1920
2056
  #
1921
2057
  #
1922
2058
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit
1923
2059
  #
2060
+ # @option params [String] :key_id
2061
+ # Lists only aliases that refer to the specified CMK. The value of this
2062
+ # parameter can be the ID or Amazon Resource Name (ARN) of a CMK in the
2063
+ # caller's account and region. You cannot use an alias name or alias
2064
+ # ARN in this value.
2065
+ #
2066
+ # This parameter is optional. If you omit it, `ListAliases` returns all
2067
+ # aliases in the account and region.
2068
+ #
1924
2069
  # @option params [Integer] :limit
1925
2070
  # Use this parameter to specify the maximum number of items to return.
1926
2071
  # When this value is present, AWS KMS does not return more than the
@@ -1998,6 +2143,7 @@ module Aws::KMS
1998
2143
  # @example Request syntax with placeholder values
1999
2144
  #
2000
2145
  # resp = client.list_aliases({
2146
+ # key_id: "KeyIdType",
2001
2147
  # limit: 1,
2002
2148
  # marker: "MarkerType",
2003
2149
  # })
@@ -2023,7 +2169,7 @@ module Aws::KMS
2023
2169
  # Gets a list of all grants for the specified customer master key (CMK).
2024
2170
  #
2025
2171
  # To perform this operation on a CMK in a different AWS account, specify
2026
- # the key ARN in the value of the KeyId parameter.
2172
+ # the key ARN in the value of the `KeyId` parameter.
2027
2173
  #
2028
2174
  # @option params [Integer] :limit
2029
2175
  # Use this parameter to specify the maximum number of items to return.
@@ -2576,10 +2722,11 @@ module Aws::KMS
2576
2722
  # principals. The principals in the key policy must exist and be
2577
2723
  # visible to AWS KMS. When you create a new AWS principal (for
2578
2724
  # example, an IAM user or role), you might need to enforce a delay
2579
- # before including the new principal in a key policy because the new
2580
- # principal might not be immediately visible to AWS KMS. For more
2581
- # information, see [Changes that I make are not always immediately
2582
- # visible][2] in the *AWS Identity and Access Management User Guide*.
2725
+ # before including the new principal in a key policy. The reason for
2726
+ # this is that the new principal might not be immediately visible to
2727
+ # AWS KMS. For more information, see [Changes that I make are not
2728
+ # always immediately visible][2] in the *AWS Identity and Access
2729
+ # Management User Guide*.
2583
2730
  #
2584
2731
  # The key policy size limit is 32 kilobytes (32768 bytes).
2585
2732
  #
@@ -2652,13 +2799,18 @@ module Aws::KMS
2652
2799
  # destination CMK. We recommend that you include the `"kms:ReEncrypt*"`
2653
2800
  # permission in your [key policies][1] to permit reencryption from or to
2654
2801
  # the CMK. This permission is automatically included in the key policy
2655
- # when you create a CMK through the console, but you must include it
2802
+ # when you create a CMK through the console. But you must include it
2656
2803
  # manually when you create a CMK programmatically or when you set a key
2657
2804
  # policy with the PutKeyPolicy operation.
2658
2805
  #
2806
+ # The result of this operation varies with the key state of the CMK. For
2807
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
2808
+ # in the *AWS Key Management Service Developer Guide*.
2809
+ #
2659
2810
  #
2660
2811
  #
2661
2812
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html
2813
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
2662
2814
  #
2663
2815
  # @option params [required, String, IO] :ciphertext_blob
2664
2816
  # Ciphertext of the data to reencrypt.
@@ -2672,7 +2824,7 @@ module Aws::KMS
2672
2824
  #
2673
2825
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
2674
2826
  # name, or alias ARN. When using an alias name, prefix it with
2675
- # "alias/". To specify a CMK in a different AWS account, you must use
2827
+ # `"alias/"`. To specify a CMK in a different AWS account, you must use
2676
2828
  # the key ARN or alias ARN.
2677
2829
  #
2678
2830
  # For example:
@@ -2824,7 +2976,7 @@ module Aws::KMS
2824
2976
  # on it.
2825
2977
  #
2826
2978
  # To perform this operation on a CMK in a different AWS account, specify
2827
- # the key ARN in the value of the KeyId parameter.
2979
+ # the key ARN in the value of the `KeyId` parameter.
2828
2980
  #
2829
2981
  # @option params [required, String] :key_id
2830
2982
  # A unique identifier for the customer master key associated with the
@@ -2893,9 +3045,14 @@ module Aws::KMS
2893
3045
  # [Deleting Customer Master Keys][1] in the *AWS Key Management Service
2894
3046
  # Developer Guide*.
2895
3047
  #
3048
+ # The result of this operation varies with the key state of the CMK. For
3049
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
3050
+ # in the *AWS Key Management Service Developer Guide*.
3051
+ #
2896
3052
  #
2897
3053
  #
2898
3054
  # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html
3055
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
2899
3056
  #
2900
3057
  # @option params [required, String] :key_id
2901
3058
  # The unique identifier of the customer master key (CMK) to delete.
@@ -2960,27 +3117,28 @@ module Aws::KMS
2960
3117
  req.send_request(options)
2961
3118
  end
2962
3119
 
2963
- # Adds or overwrites one or more tags for the specified customer master
2964
- # key (CMK). You cannot perform this operation on a CMK in a different
2965
- # AWS account.
3120
+ # Adds or edits tags for a customer master key (CMK). You cannot perform
3121
+ # this operation on a CMK in a different AWS account.
2966
3122
  #
2967
3123
  # Each tag consists of a tag key and a tag value. Tag keys and tag
2968
3124
  # values are both required, but tag values can be empty (null) strings.
2969
3125
  #
2970
- # You cannot use the same tag key more than once per CMK. For example,
2971
- # consider a CMK with one tag whose tag key is `Purpose` and tag value
2972
- # is `Test`. If you send a `TagResource` request for this CMK with a tag
2973
- # key of `Purpose` and a tag value of `Prod`, it does not create a
2974
- # second tag. Instead, the original tag is overwritten with the new tag
3126
+ # You can only use a tag key once for each CMK. If you use the tag key
3127
+ # again, AWS KMS replaces the current tag value with the specified
2975
3128
  # value.
2976
3129
  #
2977
3130
  # For information about the rules that apply to tag keys and tag values,
2978
3131
  # see [User-Defined Tag Restrictions][1] in the *AWS Billing and Cost
2979
3132
  # Management User Guide*.
2980
3133
  #
3134
+ # The result of this operation varies with the key state of the CMK. For
3135
+ # details, see [How Key State Affects Use of a Customer Master Key][2]
3136
+ # in the *AWS Key Management Service Developer Guide*.
3137
+ #
2981
3138
  #
2982
3139
  #
2983
3140
  # [1]: http://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html
3141
+ # [2]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
2984
3142
  #
2985
3143
  # @option params [required, String] :key_id
2986
3144
  # A unique identifier for the CMK you are tagging.
@@ -3037,13 +3195,20 @@ module Aws::KMS
3037
3195
  req.send_request(options)
3038
3196
  end
3039
3197
 
3040
- # Removes the specified tag or tags from the specified customer master
3041
- # key (CMK). You cannot perform this operation on a CMK in a different
3042
- # AWS account.
3198
+ # Removes the specified tags from the specified customer master key
3199
+ # (CMK). You cannot perform this operation on a CMK in a different AWS
3200
+ # account.
3201
+ #
3202
+ # To remove a tag, specify the tag key. To change the tag value of an
3203
+ # existing tag key, use TagResource.
3204
+ #
3205
+ # The result of this operation varies with the key state of the CMK. For
3206
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
3207
+ # in the *AWS Key Management Service Developer Guide*.
3208
+ #
3209
+ #
3043
3210
  #
3044
- # To remove a tag, you specify the tag key for each tag to remove. You
3045
- # do not specify the tag value. To overwrite the tag value for an
3046
- # existing tag, use TagResource.
3211
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
3047
3212
  #
3048
3213
  # @option params [required, String] :key_id
3049
3214
  # A unique identifier for the CMK from which you are removing tags.
@@ -3116,6 +3281,14 @@ module Aws::KMS
3116
3281
  # `aws`; that alias name prefix is reserved by Amazon Web Services
3117
3282
  # (AWS).
3118
3283
  #
3284
+ # The result of this operation varies with the key state of the CMK. For
3285
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
3286
+ # in the *AWS Key Management Service Developer Guide*.
3287
+ #
3288
+ #
3289
+ #
3290
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
3291
+ #
3119
3292
  # @option params [required, String] :alias_name
3120
3293
  # String that contains the name of the alias to be modified. The name
3121
3294
  # must start with the word "alias" followed by a forward slash
@@ -3168,10 +3341,18 @@ module Aws::KMS
3168
3341
  end
3169
3342
 
3170
3343
  # Updates the description of a customer master key (CMK). To see the
3171
- # decription of a CMK, use DescribeKey.
3344
+ # description of a CMK, use DescribeKey.
3172
3345
  #
3173
3346
  # You cannot perform this operation on a CMK in a different AWS account.
3174
3347
  #
3348
+ # The result of this operation varies with the key state of the CMK. For
3349
+ # details, see [How Key State Affects Use of a Customer Master Key][1]
3350
+ # in the *AWS Key Management Service Developer Guide*.
3351
+ #
3352
+ #
3353
+ #
3354
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/key-state.html
3355
+ #
3175
3356
  # @option params [required, String] :key_id
3176
3357
  # A unique identifier for the customer master key (CMK).
3177
3358
  #
@@ -3230,7 +3411,7 @@ module Aws::KMS
3230
3411
  params: params,
3231
3412
  config: config)
3232
3413
  context[:gem_name] = 'aws-sdk-kms'
3233
- context[:gem_version] = '1.6.0'
3414
+ context[:gem_version] = '1.7.0'
3234
3415
  Seahorse::Client::Request.new(handlers, context)
3235
3416
  end
3236
3417
 
@@ -328,6 +328,7 @@ module Aws::KMS
328
328
  KeyMetadata.add_member(:key_manager, Shapes::ShapeRef.new(shape: KeyManagerType, location_name: "KeyManager"))
329
329
  KeyMetadata.struct_class = Types::KeyMetadata
330
330
 
331
+ ListAliasesRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
331
332
  ListAliasesRequest.add_member(:limit, Shapes::ShapeRef.new(shape: LimitType, location_name: "Limit"))
332
333
  ListAliasesRequest.add_member(:marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "Marker"))
333
334
  ListAliasesRequest.struct_class = Types::ListAliasesRequest
@@ -83,9 +83,10 @@ module Aws::KMS
83
83
  # }
84
84
  #
85
85
  # @!attribute [rw] alias_name
86
- # String that contains the display name. The name must start with the
87
- # word "alias" followed by a forward slash (alias/). Aliases that
88
- # begin with "alias/AWS" are reserved.
86
+ # Specifies the alias name. This value must begin with `alias/`
87
+ # followed by the alias name, such as `alias/ExampleAlias`. The alias
88
+ # name cannot begin with `aws/`. The `alias/aws/` prefix is reserved
89
+ # for AWS managed CMKs.
89
90
  # @return [String]
90
91
  #
91
92
  # @!attribute [rw] target_key_id
@@ -213,7 +214,8 @@ module Aws::KMS
213
214
  #
214
215
  # @!attribute [rw] name
215
216
  # A friendly name for identifying the grant. Use this value to prevent
216
- # unintended creation of duplicate grants when retrying this request.
217
+ # the unintended creation of duplicate grants when retrying this
218
+ # request.
217
219
  #
218
220
  # When this value is absent, all `CreateGrant` requests result in a
219
221
  # new grant with a unique `GrantId` even if all the supplied
@@ -300,11 +302,11 @@ module Aws::KMS
300
302
  # principals. The principals in the key policy must exist and be
301
303
  # visible to AWS KMS. When you create a new AWS principal (for
302
304
  # example, an IAM user or role), you might need to enforce a delay
303
- # before including the new principal in a key policy because the new
304
- # principal might not be immediately visible to AWS KMS. For more
305
- # information, see [Changes that I make are not always immediately
306
- # visible][2] in the *AWS Identity and Access Management User
307
- # Guide*.
305
+ # before including the new principal in a key policy. The reason for
306
+ # this is that the new principal might not be immediately visible to
307
+ # AWS KMS. For more information, see [Changes that I make are not
308
+ # always immediately visible][2] in the *AWS Identity and Access
309
+ # Management User Guide*.
308
310
  #
309
311
  # If you do not provide a key policy, AWS KMS attaches a default key
310
312
  # policy to the CMK. For more information, see [Default Key Policy][3]
@@ -528,11 +530,15 @@ module Aws::KMS
528
530
  # }
529
531
  #
530
532
  # @!attribute [rw] key_id
531
- # A unique identifier for the customer master key (CMK).
533
+ # Describes the specified customer master key (CMK).
534
+ #
535
+ # If you specify a predefined AWS alias (an AWS alias with no key ID),
536
+ # KMS associates the alias with an [AWS managed CMK][1] and returns
537
+ # its `KeyId` and `Arn` in the response.
532
538
  #
533
539
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
534
540
  # name, or alias ARN. When using an alias name, prefix it with
535
- # "alias/". To specify a CMK in a different AWS account, you must
541
+ # `"alias/"`. To specify a CMK in a different AWS account, you must
536
542
  # use the key ARN or alias ARN.
537
543
  #
538
544
  # For example:
@@ -548,6 +554,10 @@ module Aws::KMS
548
554
  #
549
555
  # To get the key ID and key ARN for a CMK, use ListKeys or
550
556
  # DescribeKey. To get the alias name and alias ARN, use ListAliases.
557
+ #
558
+ #
559
+ #
560
+ # [1]: http://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys
551
561
  # @return [String]
552
562
  #
553
563
  # @!attribute [rw] grant_tokens
@@ -717,7 +727,7 @@ module Aws::KMS
717
727
  #
718
728
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
719
729
  # name, or alias ARN. When using an alias name, prefix it with
720
- # "alias/". To specify a CMK in a different AWS account, you must
730
+ # `"alias/"`. To specify a CMK in a different AWS account, you must
721
731
  # use the key ARN or alias ARN.
722
732
  #
723
733
  # For example:
@@ -807,7 +817,7 @@ module Aws::KMS
807
817
  #
808
818
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
809
819
  # name, or alias ARN. When using an alias name, prefix it with
810
- # "alias/". To specify a CMK in a different AWS account, you must
820
+ # `"alias/"`. To specify a CMK in a different AWS account, you must
811
821
  # use the key ARN or alias ARN.
812
822
  #
813
823
  # For example:
@@ -917,7 +927,7 @@ module Aws::KMS
917
927
  #
918
928
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
919
929
  # name, or alias ARN. When using an alias name, prefix it with
920
- # "alias/". To specify a CMK in a different AWS account, you must
930
+ # `"alias/"`. To specify a CMK in a different AWS account, you must
921
931
  # use the key ARN or alias ARN.
922
932
  #
923
933
  # For example:
@@ -1147,10 +1157,10 @@ module Aws::KMS
1147
1157
  # @return [String]
1148
1158
  #
1149
1159
  # @!attribute [rw] wrapping_algorithm
1150
- # The algorithm you will use to encrypt the key material before
1151
- # importing it with ImportKeyMaterial. For more information, see
1152
- # [Encrypt the Key Material][1] in the *AWS Key Management Service
1153
- # Developer Guide*.
1160
+ # The algorithm you use to encrypt the key material before importing
1161
+ # it with ImportKeyMaterial. For more information, see [Encrypt the
1162
+ # Key Material][1] in the *AWS Key Management Service Developer
1163
+ # Guide*.
1154
1164
  #
1155
1165
  #
1156
1166
  #
@@ -1204,7 +1214,7 @@ module Aws::KMS
1204
1214
  end
1205
1215
 
1206
1216
  # A structure that you can use to allow certain operations in the grant
1207
- # only when the desired encryption context is present. For more
1217
+ # only when the preferred encryption context is present. For more
1208
1218
  # information about encryption context, see [Encryption Context][1] in
1209
1219
  # the *AWS Key Management Service Developer Guide*.
1210
1220
  #
@@ -1212,7 +1222,7 @@ module Aws::KMS
1212
1222
  # context as input. For example, the ` DescribeKey ` operation does not
1213
1223
  # accept encryption context as input. A grant that allows the
1214
1224
  # `DescribeKey` operation does so regardless of the grant constraints.
1215
- # In constrast, the ` Encrypt ` operation accepts encryption context as
1225
+ # In contrast, the ` Encrypt ` operation accepts encryption context as
1216
1226
  # input. A grant that allows the `Encrypt` operation does so only when
1217
1227
  # the encryption context of the `Encrypt` operation satisfies the grant
1218
1228
  # constraints.
@@ -1488,7 +1498,7 @@ module Aws::KMS
1488
1498
  # @return [String]
1489
1499
  #
1490
1500
  # @!attribute [rw] key_manager
1491
- # The CMK's manager. CMKs are either customer-managed or AWS-managed.
1501
+ # The CMK's manager. CMKs are either customer managed or AWS managed.
1492
1502
  # For more information about the difference, see [Customer Master
1493
1503
  # Keys][1] in the *AWS Key Management Service Developer Guide*.
1494
1504
  #
@@ -1520,10 +1530,21 @@ module Aws::KMS
1520
1530
  # data as a hash:
1521
1531
  #
1522
1532
  # {
1533
+ # key_id: "KeyIdType",
1523
1534
  # limit: 1,
1524
1535
  # marker: "MarkerType",
1525
1536
  # }
1526
1537
  #
1538
+ # @!attribute [rw] key_id
1539
+ # Lists only aliases that refer to the specified CMK. The value of
1540
+ # this parameter can be the ID or Amazon Resource Name (ARN) of a CMK
1541
+ # in the caller's account and region. You cannot use an alias name or
1542
+ # alias ARN in this value.
1543
+ #
1544
+ # This parameter is optional. If you omit it, `ListAliases` returns
1545
+ # all aliases in the account and region.
1546
+ # @return [String]
1547
+ #
1527
1548
  # @!attribute [rw] limit
1528
1549
  # Use this parameter to specify the maximum number of items to return.
1529
1550
  # When this value is present, AWS KMS does not return more than the
@@ -1543,6 +1564,7 @@ module Aws::KMS
1543
1564
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListAliasesRequest AWS API Documentation
1544
1565
  #
1545
1566
  class ListAliasesRequest < Struct.new(
1567
+ :key_id,
1546
1568
  :limit,
1547
1569
  :marker)
1548
1570
  include Aws::Structure
@@ -1960,11 +1982,11 @@ module Aws::KMS
1960
1982
  # principals. The principals in the key policy must exist and be
1961
1983
  # visible to AWS KMS. When you create a new AWS principal (for
1962
1984
  # example, an IAM user or role), you might need to enforce a delay
1963
- # before including the new principal in a key policy because the new
1964
- # principal might not be immediately visible to AWS KMS. For more
1965
- # information, see [Changes that I make are not always immediately
1966
- # visible][2] in the *AWS Identity and Access Management User
1967
- # Guide*.
1985
+ # before including the new principal in a key policy. The reason for
1986
+ # this is that the new principal might not be immediately visible to
1987
+ # AWS KMS. For more information, see [Changes that I make are not
1988
+ # always immediately visible][2] in the *AWS Identity and Access
1989
+ # Management User Guide*.
1968
1990
  #
1969
1991
  # The key policy size limit is 32 kilobytes (32768 bytes).
1970
1992
  #
@@ -2035,7 +2057,7 @@ module Aws::KMS
2035
2057
  #
2036
2058
  # To specify a CMK, use its key ID, Amazon Resource Name (ARN), alias
2037
2059
  # name, or alias ARN. When using an alias name, prefix it with
2038
- # "alias/". To specify a CMK in a different AWS account, you must
2060
+ # `"alias/"`. To specify a CMK in a different AWS account, you must
2039
2061
  # use the key ARN or alias ARN.
2040
2062
  #
2041
2063
  # For example:
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-kms
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.6.0
4
+ version: 1.7.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-06-26 00:00:00.000000000 Z
11
+ date: 2018-07-31 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core