aws-sdk-kms 1.60.0 → 1.61.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2a70cf632c89bfa1f16881b26bade8894c7be5c33ccdb9e7f94917715c2213b5
4
- data.tar.gz: 5f7bc75ae55a3caea477ad5f4f597f8363edd10c9215378120fd622ada2ddacc
3
+ metadata.gz: 37803670df6645481169af7272bfdb1a7b79df8c38a19f61d623a146e1a69371
4
+ data.tar.gz: 0e434bd2fd43ccc3f589074ce02e8edab2c131ab249b786042d8f824f932d00f
5
5
  SHA512:
6
- metadata.gz: eac193813d2397a07d3862b60863cc54eb2805ffdb3a6515a77fef1ccb5af523a35b83d1663b6bef90a5add6bc82324541a6dcb71f586a3caa3bbb751d370e3b
7
- data.tar.gz: 318757c3e984329a68bb292547463c12029f2fca8ec95d57285f929445d61da1944c3fbd01d1c38d2bb1713c2d9e881f51dcea40bb2e6a317eac964263b1f043
6
+ metadata.gz: 4d0cd59ef7c3f8c4765ac112ef9b8b7110325dca5b10e46158a8a8404276d4614c3f42481a4231a5a0612c6e7f32c044250cb8fa032f39d953bf8fe48e667bcd
7
+ data.tar.gz: 99ca7b6607828a5124c2e9257310ffe563dcced28e66b4beff019e0873ff8cb8596e26bc055d6655fc8737202e5980547b98246bce393b5463e40607e1293b78
data/CHANGELOG.md CHANGED
@@ -1,6 +1,11 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.61.0 (2022-12-07)
5
+ ------------------
6
+
7
+ * Feature - Updated examples and exceptions for External Key Store (XKS).
8
+
4
9
  1.60.0 (2022-11-29)
5
10
  ------------------
6
11
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.60.0
1
+ 1.61.0
@@ -836,8 +836,6 @@ module Aws::KMS
836
836
  # [1]: https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html
837
837
  #
838
838
  # @option params [String] :trust_anchor_certificate
839
- # * CreateCustom
840
- #
841
839
  # Specifies the certificate for an CloudHSM key store. This parameter is
842
840
  # required for custom key stores with a `CustomKeyStoreType` of
843
841
  # `AWS_CLOUDHSM`.
@@ -1014,6 +1012,66 @@ module Aws::KMS
1014
1012
  #
1015
1013
  # * {Types::CreateCustomKeyStoreResponse#custom_key_store_id #custom_key_store_id} => String
1016
1014
  #
1015
+ #
1016
+ # @example Example: To create an AWS CloudHSM key store
1017
+ #
1018
+ # # This example creates a custom key store that is associated with an AWS CloudHSM cluster.
1019
+ #
1020
+ # resp = client.create_custom_key_store({
1021
+ # cloud_hsm_cluster_id: "cluster-1a23b4cdefg", # The ID of the CloudHSM cluster.
1022
+ # custom_key_store_name: "ExampleKeyStore", # A friendly name for the custom key store.
1023
+ # key_store_password: "kmsPswd", # The password for the kmsuser CU account in the specified cluster.
1024
+ # trust_anchor_certificate: "<certificate-goes-here>", # The content of the customerCA.crt file that you created when you initialized the cluster.
1025
+ # })
1026
+ #
1027
+ # resp.to_h outputs the following:
1028
+ # {
1029
+ # custom_key_store_id: "cks-1234567890abcdef0", # The ID of the new custom key store.
1030
+ # }
1031
+ #
1032
+ # @example Example: To create an external key store with VPC endpoint service connectivity
1033
+ #
1034
+ # # This example creates an external key store that uses an Amazon VPC endpoint service to communicate with AWS KMS.
1035
+ #
1036
+ # resp = client.create_custom_key_store({
1037
+ # custom_key_store_name: "ExampleVPCEndpointKeyStore", # A friendly name for the custom key store
1038
+ # custom_key_store_type: "EXTERNAL_KEY_STORE", # For external key stores, the value must be EXTERNAL_KEY_STORE
1039
+ # xks_proxy_authentication_credential: {
1040
+ # access_key_id: "ABCDE12345670EXAMPLE",
1041
+ # raw_secret_access_key: "DXjSUawnel2fr6SKC7G25CNxTyWKE5PF9XX6H/u9pSo=",
1042
+ # }, # The access key ID and secret access key that KMS uses to authenticate to your external key store proxy
1043
+ # xks_proxy_connectivity: "VPC_ENDPOINT_SERVICE", # Indicates how AWS KMS communicates with the external key store proxy
1044
+ # xks_proxy_uri_endpoint: "https://myproxy-private.xks.example.com", # The URI that AWS KMS uses to connect to the external key store proxy
1045
+ # xks_proxy_uri_path: "/example-prefix/kms/xks/v1", # The URI path to the external key store proxy APIs
1046
+ # xks_proxy_vpc_endpoint_service_name: "com.amazonaws.vpce.us-east-1.vpce-svc-example1", # The VPC endpoint service that KMS uses to communicate with the external key store proxy
1047
+ # })
1048
+ #
1049
+ # resp.to_h outputs the following:
1050
+ # {
1051
+ # custom_key_store_id: "cks-1234567890abcdef0", # The ID of the new custom key store.
1052
+ # }
1053
+ #
1054
+ # @example Example: To create an external key store with public endpoint connectivity
1055
+ #
1056
+ # # This example creates an external key store with public endpoint connectivity.
1057
+ #
1058
+ # resp = client.create_custom_key_store({
1059
+ # custom_key_store_name: "ExamplePublicEndpointKeyStore", # A friendly name for the custom key store
1060
+ # custom_key_store_type: "EXTERNAL_KEY_STORE", # For external key stores, the value must be EXTERNAL_KEY_STORE
1061
+ # xks_proxy_authentication_credential: {
1062
+ # access_key_id: "ABCDE12345670EXAMPLE",
1063
+ # raw_secret_access_key: "DXjSUawnel2fr6SKC7G25CNxTyWKE5PF9XX6H/u9pSo=",
1064
+ # }, # The access key ID and secret access key that KMS uses to authenticate to your external key store proxy
1065
+ # xks_proxy_connectivity: "PUBLIC_ENDPOINT", # Indicates how AWS KMS communicates with the external key store proxy
1066
+ # xks_proxy_uri_endpoint: "https://myproxy.xks.example.com", # The URI that AWS KMS uses to connect to the external key store proxy
1067
+ # xks_proxy_uri_path: "/kms/xks/v1", # The URI path to your external key store proxy API
1068
+ # })
1069
+ #
1070
+ # resp.to_h outputs the following:
1071
+ # {
1072
+ # custom_key_store_id: "cks-987654321abcdef0", # The ID of the new custom key store.
1073
+ # }
1074
+ #
1017
1075
  # @example Request syntax with placeholder values
1018
1076
  #
1019
1077
  # resp = client.create_custom_key_store({
@@ -2905,17 +2963,17 @@ module Aws::KMS
2905
2963
  # expiration date (if any) of the key material. It includes fields, like
2906
2964
  # `KeySpec`, that help you distinguish different types of KMS keys. It
2907
2965
  # also displays the key usage (encryption, signing, or generating and
2908
- # verifying MACs) and the algorithms that the KMS key supports. For
2909
- # [multi-Region
2910
- # keys](kms/latest/developerguide/multi-region-keys-overview.html), it
2911
- # displays the primary key and all related replica keys. For KMS keys in
2912
- # [CloudHSM key
2966
+ # verifying MACs) and the algorithms that the KMS key supports.
2967
+ #
2968
+ # For [multi-Region
2969
+ # keys](kms/latest/developerguide/multi-region-keys-overview.html),
2970
+ # `DescribeKey` displays the primary key and all related replica keys.
2971
+ # For KMS keys in [CloudHSM key
2913
2972
  # stores](kms/latest/developerguide/keystore-cloudhsm.html), it includes
2914
- # information about the custom key store, such as the key store ID and
2915
- # the CloudHSM cluster ID. For KMS key in [external key
2973
+ # information about the key store, such as the key store ID and the
2974
+ # CloudHSM cluster ID. For KMS keys in [external key
2916
2975
  # stores](kms/latest/developerguide/keystore-external.html), it includes
2917
- # the custom key store ID and the ID and status of the associated
2918
- # external key.
2976
+ # the custom key store ID and the ID of the external key.
2919
2977
  #
2920
2978
  # `DescribeKey` does not return the following information:
2921
2979
  #
@@ -8331,29 +8389,29 @@ module Aws::KMS
8331
8389
  # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
8332
8390
  #
8333
8391
  #
8334
- # @example Example: To edit the password of an AWS CloudHSM key store
8392
+ # @example Example: To edit the friendly name of a custom key store
8335
8393
  #
8336
- # # This example tells AWS KMS the password for the kmsuser crypto user in the AWS CloudHSM cluster that is associated with
8337
- # # the AWS KMS custom key store. (It does not change the password in the CloudHSM cluster.) This operation does not return
8338
- # # any data.
8394
+ # # This example changes the friendly name of the AWS KMS custom key store to the name that you specify. This operation does
8395
+ # # not return any data. To verify that the operation worked, use the DescribeCustomKeyStores operation.
8339
8396
  #
8340
8397
  # resp = client.update_custom_key_store({
8341
8398
  # custom_key_store_id: "cks-1234567890abcdef0", # The ID of the custom key store that you are updating.
8342
- # key_store_password: "ExamplePassword", # The password for the kmsuser crypto user in the CloudHSM cluster.
8399
+ # new_custom_key_store_name: "DevelopmentKeys", # A new friendly name for the custom key store.
8343
8400
  # })
8344
8401
  #
8345
8402
  # resp.to_h outputs the following:
8346
8403
  # {
8347
8404
  # }
8348
8405
  #
8349
- # @example Example: To edit the friendly name of a custom key store
8406
+ # @example Example: To edit the password of an AWS CloudHSM key store
8350
8407
  #
8351
- # # This example changes the friendly name of the AWS KMS custom key store to the name that you specify. This operation does
8352
- # # not return any data. To verify that the operation worked, use the DescribeCustomKeyStores operation.
8408
+ # # This example tells AWS KMS the password for the kmsuser crypto user in the AWS CloudHSM cluster that is associated with
8409
+ # # the AWS KMS custom key store. (It does not change the password in the CloudHSM cluster.) This operation does not return
8410
+ # # any data.
8353
8411
  #
8354
8412
  # resp = client.update_custom_key_store({
8355
8413
  # custom_key_store_id: "cks-1234567890abcdef0", # The ID of the custom key store that you are updating.
8356
- # new_custom_key_store_name: "DevelopmentKeys", # A new friendly name for the custom key store.
8414
+ # key_store_password: "ExamplePassword", # The password for the kmsuser crypto user in the CloudHSM cluster.
8357
8415
  # })
8358
8416
  #
8359
8417
  # resp.to_h outputs the following:
@@ -8375,6 +8433,25 @@ module Aws::KMS
8375
8433
  # {
8376
8434
  # }
8377
8435
  #
8436
+ # @example Example: To update the proxy authentication credential of an external key store
8437
+ #
8438
+ # # To update the proxy authentication credential for your external key store, specify both the
8439
+ # # <code>RawSecretAccessKey</code> and the <code>AccessKeyId</code>, even if you are changing only one of the values. You
8440
+ # # can use this feature to fix an invalid credential or to change the credential when the external key store proxy rotates
8441
+ # # it.
8442
+ #
8443
+ # resp = client.update_custom_key_store({
8444
+ # custom_key_store_id: "cks-1234567890abcdef0", # Identifies the custom key store
8445
+ # xks_proxy_authentication_credential: {
8446
+ # access_key_id: "ABCDE12345670EXAMPLE",
8447
+ # raw_secret_access_key: "DXjSUawnel2fr6SKC7G25CNxTyWKE5PF9XX6H/u9pSo=",
8448
+ # }, # Specifies the values in the proxy authentication credential
8449
+ # })
8450
+ #
8451
+ # resp.to_h outputs the following:
8452
+ # {
8453
+ # }
8454
+ #
8378
8455
  # @example Example: To edit the proxy URI path of an external key store.
8379
8456
  #
8380
8457
  # # This example updates the proxy URI path for an external key store
@@ -8949,7 +9026,7 @@ module Aws::KMS
8949
9026
  params: params,
8950
9027
  config: config)
8951
9028
  context[:gem_name] = 'aws-sdk-kms'
8952
- context[:gem_version] = '1.60.0'
9029
+ context[:gem_version] = '1.61.0'
8953
9030
  Seahorse::Client::Request.new(handlers, context)
8954
9031
  end
8955
9032
 
@@ -50,61 +50,60 @@ IHRoaXMgcmVxdWVzdCIsInR5cGUiOiJTdHJpbmcifX0sInJ1bGVzIjpbeyJj
50
50
  b25kaXRpb25zIjpbeyJmbiI6ImF3cy5wYXJ0aXRpb24iLCJhcmd2IjpbeyJy
51
51
  ZWYiOiJSZWdpb24ifV0sImFzc2lnbiI6IlBhcnRpdGlvblJlc3VsdCJ9XSwi
52
52
  dHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W3siZm4iOiJp
53
- c1NldCIsImFyZ3YiOlt7InJlZiI6IkVuZHBvaW50In1dfSx7ImZuIjoicGFy
54
- c2VVUkwiLCJhcmd2IjpbeyJyZWYiOiJFbmRwb2ludCJ9XSwiYXNzaWduIjoi
55
- dXJsIn1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpb
56
- eyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VGSVBT
57
- In0sdHJ1ZV19XSwiZXJyb3IiOiJJbnZhbGlkIENvbmZpZ3VyYXRpb246IEZJ
58
- UFMgYW5kIGN1c3RvbSBlbmRwb2ludCBhcmUgbm90IHN1cHBvcnRlZCIsInR5
59
- cGUiOiJlcnJvciJ9LHsiY29uZGl0aW9ucyI6W10sInR5cGUiOiJ0cmVlIiwi
60
- cnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIs
61
- ImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9LHRydWVdfV0sImVycm9y
62
- IjoiSW52YWxpZCBDb25maWd1cmF0aW9uOiBEdWFsc3RhY2sgYW5kIGN1c3Rv
63
- bSBlbmRwb2ludCBhcmUgbm90IHN1cHBvcnRlZCIsInR5cGUiOiJlcnJvciJ9
64
- LHsiY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7InVybCI6eyJyZWYiOiJF
65
- bmRwb2ludCJ9LCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBl
66
- IjoiZW5kcG9pbnQifV19XX0seyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xl
67
- YW5FcXVhbHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VGSVBTIn0sdHJ1ZV19LHsi
68
- Zm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRHVhbFN0
69
- YWNrIn0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
70
- aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3RydWUseyJm
71
- biI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRpb25SZXN1bHQi
72
- fSwic3VwcG9ydHNGSVBTIl19XX0seyJmbiI6ImJvb2xlYW5FcXVhbHMiLCJh
73
- cmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIsImFyZ3YiOlt7InJlZiI6IlBh
74
- cnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0R1YWxTdGFjayJdfV19XSwidHlw
75
- ZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W10sImVuZHBvaW50
76
- Ijp7InVybCI6Imh0dHBzOi8va21zLWZpcHMue1JlZ2lvbn0ue1BhcnRpdGlv
77
- blJlc3VsdCNkdWFsU3RhY2tEbnNTdWZmaXh9IiwicHJvcGVydGllcyI6e30s
78
- ImhlYWRlcnMiOnt9fSwidHlwZSI6ImVuZHBvaW50In1dfSx7ImNvbmRpdGlv
79
- bnMiOltdLCJlcnJvciI6IkZJUFMgYW5kIER1YWxTdGFjayBhcmUgZW5hYmxl
80
- ZCwgYnV0IHRoaXMgcGFydGl0aW9uIGRvZXMgbm90IHN1cHBvcnQgb25lIG9y
81
- IGJvdGgiLCJ0eXBlIjoiZXJyb3IifV19LHsiY29uZGl0aW9ucyI6W3siZm4i
82
- OiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoiVXNlRklQUyJ9LHRy
83
- dWVdfV0sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7
84
- ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJnZXRB
85
- dHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1cHBv
86
- cnRzRklQUyJdfV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
87
- aW9ucyI6W10sInR5cGUiOiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMi
88
- OltdLCJlbmRwb2ludCI6eyJ1cmwiOiJodHRwczovL2ttcy1maXBzLntSZWdp
89
- b259LntQYXJ0aXRpb25SZXN1bHQjZG5zU3VmZml4fSIsInByb3BlcnRpZXMi
90
- Ont9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1dfSx7ImNv
91
- bmRpdGlvbnMiOltdLCJlcnJvciI6IkZJUFMgaXMgZW5hYmxlZCBidXQgdGhp
92
- cyBwYXJ0aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBGSVBTIiwidHlwZSI6ImVy
93
- cm9yIn1dfSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIs
94
- ImFyZ3YiOlt7InJlZiI6IlVzZUR1YWxTdGFjayJ9LHRydWVdfV0sInR5cGUi
95
- OiJ0cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVh
96
- bkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4iOiJnZXRBdHRyIiwiYXJndiI6
97
- W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0sInN1cHBvcnRzRHVhbFN0YWNr
98
- Il19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpb
99
- XSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6Ly9rbXMue1JlZ2lvbn0ue1Bh
100
- cnRpdGlvblJlc3VsdCNkdWFsU3RhY2tEbnNTdWZmaXh9IiwicHJvcGVydGll
101
- cyI6e30sImhlYWRlcnMiOnt9fSwidHlwZSI6ImVuZHBvaW50In1dfSx7ImNv
102
- bmRpdGlvbnMiOltdLCJlcnJvciI6IkR1YWxTdGFjayBpcyBlbmFibGVkIGJ1
103
- dCB0aGlzIHBhcnRpdGlvbiBkb2VzIG5vdCBzdXBwb3J0IER1YWxTdGFjayIs
104
- InR5cGUiOiJlcnJvciJ9XX0seyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQi
105
- OnsidXJsIjoiaHR0cHM6Ly9rbXMue1JlZ2lvbn0ue1BhcnRpdGlvblJlc3Vs
106
- dCNkbnNTdWZmaXh9IiwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9fSwi
107
- dHlwZSI6ImVuZHBvaW50In1dfV19
53
+ c1NldCIsImFyZ3YiOlt7InJlZiI6IkVuZHBvaW50In1dfV0sInR5cGUiOiJ0
54
+ cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVx
55
+ dWFscyIsImFyZ3YiOlt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX1dLCJlcnJv
56
+ ciI6IkludmFsaWQgQ29uZmlndXJhdGlvbjogRklQUyBhbmQgY3VzdG9tIGVu
57
+ ZHBvaW50IGFyZSBub3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJj
58
+ b25kaXRpb25zIjpbXSwidHlwZSI6InRyZWUiLCJydWxlcyI6W3siY29uZGl0
59
+ aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoi
60
+ VXNlRHVhbFN0YWNrIn0sdHJ1ZV19XSwiZXJyb3IiOiJJbnZhbGlkIENvbmZp
61
+ Z3VyYXRpb246IER1YWxzdGFjayBhbmQgY3VzdG9tIGVuZHBvaW50IGFyZSBu
62
+ b3Qgc3VwcG9ydGVkIiwidHlwZSI6ImVycm9yIn0seyJjb25kaXRpb25zIjpb
63
+ XSwiZW5kcG9pbnQiOnsidXJsIjp7InJlZiI6IkVuZHBvaW50In0sInByb3Bl
64
+ cnRpZXMiOnt9LCJoZWFkZXJzIjp7fX0sInR5cGUiOiJlbmRwb2ludCJ9XX1d
65
+ fSx7ImNvbmRpdGlvbnMiOlt7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3Yi
66
+ Olt7InJlZiI6IlVzZUZJUFMifSx0cnVlXX0seyJmbiI6ImJvb2xlYW5FcXVh
67
+ bHMiLCJhcmd2IjpbeyJyZWYiOiJVc2VEdWFsU3RhY2sifSx0cnVlXX1dLCJ0
68
+ eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbeyJmbiI6ImJv
69
+ b2xlYW5FcXVhbHMiLCJhcmd2IjpbdHJ1ZSx7ImZuIjoiZ2V0QXR0ciIsImFy
70
+ Z3YiOlt7InJlZiI6IlBhcnRpdGlvblJlc3VsdCJ9LCJzdXBwb3J0c0ZJUFMi
71
+ XX1dfSx7ImZuIjoiYm9vbGVhbkVxdWFscyIsImFyZ3YiOlt0cnVlLHsiZm4i
72
+ OiJnZXRBdHRyIiwiYXJndiI6W3sicmVmIjoiUGFydGl0aW9uUmVzdWx0In0s
73
+ InN1cHBvcnRzRHVhbFN0YWNrIl19XX1dLCJ0eXBlIjoidHJlZSIsInJ1bGVz
74
+ IjpbeyJjb25kaXRpb25zIjpbXSwiZW5kcG9pbnQiOnsidXJsIjoiaHR0cHM6
75
+ Ly9rbXMtZmlwcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2R1YWxTdGFj
76
+ a0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0
77
+ eXBlIjoiZW5kcG9pbnQifV19LHsiY29uZGl0aW9ucyI6W10sImVycm9yIjoi
78
+ RklQUyBhbmQgRHVhbFN0YWNrIGFyZSBlbmFibGVkLCBidXQgdGhpcyBwYXJ0
79
+ aXRpb24gZG9lcyBub3Qgc3VwcG9ydCBvbmUgb3IgYm90aCIsInR5cGUiOiJl
80
+ cnJvciJ9XX0seyJjb25kaXRpb25zIjpbeyJmbiI6ImJvb2xlYW5FcXVhbHMi
81
+ LCJhcmd2IjpbeyJyZWYiOiJVc2VGSVBTIn0sdHJ1ZV19XSwidHlwZSI6InRy
82
+ ZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W3siZm4iOiJib29sZWFuRXF1
83
+ YWxzIiwiYXJndiI6W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJy
84
+ ZWYiOiJQYXJ0aXRpb25SZXN1bHQifSwic3VwcG9ydHNGSVBTIl19XX1dLCJ0
85
+ eXBlIjoidHJlZSIsInJ1bGVzIjpbeyJjb25kaXRpb25zIjpbXSwidHlwZSI6
86
+ InRyZWUiLCJydWxlcyI6W3siY29uZGl0aW9ucyI6W10sImVuZHBvaW50Ijp7
87
+ InVybCI6Imh0dHBzOi8va21zLWZpcHMue1JlZ2lvbn0ue1BhcnRpdGlvblJl
88
+ c3VsdCNkbnNTdWZmaXh9IiwicHJvcGVydGllcyI6e30sImhlYWRlcnMiOnt9
89
+ fSwidHlwZSI6ImVuZHBvaW50In1dfV19LHsiY29uZGl0aW9ucyI6W10sImVy
90
+ cm9yIjoiRklQUyBpcyBlbmFibGVkIGJ1dCB0aGlzIHBhcnRpdGlvbiBkb2Vz
91
+ IG5vdCBzdXBwb3J0IEZJUFMiLCJ0eXBlIjoiZXJyb3IifV19LHsiY29uZGl0
92
+ aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6W3sicmVmIjoi
93
+ VXNlRHVhbFN0YWNrIn0sdHJ1ZV19XSwidHlwZSI6InRyZWUiLCJydWxlcyI6
94
+ W3siY29uZGl0aW9ucyI6W3siZm4iOiJib29sZWFuRXF1YWxzIiwiYXJndiI6
95
+ W3RydWUseyJmbiI6ImdldEF0dHIiLCJhcmd2IjpbeyJyZWYiOiJQYXJ0aXRp
96
+ b25SZXN1bHQifSwic3VwcG9ydHNEdWFsU3RhY2siXX1dfV0sInR5cGUiOiJ0
97
+ cmVlIiwicnVsZXMiOlt7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1
98
+ cmwiOiJodHRwczovL2ttcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2R1
99
+ YWxTdGFja0Ruc1N1ZmZpeH0iLCJwcm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6
100
+ e319LCJ0eXBlIjoiZW5kcG9pbnQifV19LHsiY29uZGl0aW9ucyI6W10sImVy
101
+ cm9yIjoiRHVhbFN0YWNrIGlzIGVuYWJsZWQgYnV0IHRoaXMgcGFydGl0aW9u
102
+ IGRvZXMgbm90IHN1cHBvcnQgRHVhbFN0YWNrIiwidHlwZSI6ImVycm9yIn1d
103
+ fSx7ImNvbmRpdGlvbnMiOltdLCJlbmRwb2ludCI6eyJ1cmwiOiJodHRwczov
104
+ L2ttcy57UmVnaW9ufS57UGFydGl0aW9uUmVzdWx0I2Ruc1N1ZmZpeH0iLCJw
105
+ cm9wZXJ0aWVzIjp7fSwiaGVhZGVycyI6e319LCJ0eXBlIjoiZW5kcG9pbnQi
106
+ fV19XX0=
108
107
 
109
108
  JSON
110
109
  end
@@ -61,13 +61,6 @@ module Aws::KMS
61
61
  include Aws::Structure
62
62
  end
63
63
 
64
- # @note When making an API call, you may pass CancelKeyDeletionRequest
65
- # data as a hash:
66
- #
67
- # {
68
- # key_id: "KeyIdType", # required
69
- # }
70
- #
71
64
  # @!attribute [rw] key_id
72
65
  # Identifies the KMS key whose deletion is being canceled.
73
66
  #
@@ -249,13 +242,6 @@ module Aws::KMS
249
242
  include Aws::Structure
250
243
  end
251
244
 
252
- # @note When making an API call, you may pass ConnectCustomKeyStoreRequest
253
- # data as a hash:
254
- #
255
- # {
256
- # custom_key_store_id: "CustomKeyStoreIdType", # required
257
- # }
258
- #
259
245
  # @!attribute [rw] custom_key_store_id
260
246
  # Enter the key store ID of the custom key store that you want to
261
247
  # connect. To find the ID of a custom key store, use the
@@ -274,14 +260,6 @@ module Aws::KMS
274
260
  #
275
261
  class ConnectCustomKeyStoreResponse < Aws::EmptyStructure; end
276
262
 
277
- # @note When making an API call, you may pass CreateAliasRequest
278
- # data as a hash:
279
- #
280
- # {
281
- # alias_name: "AliasNameType", # required
282
- # target_key_id: "KeyIdType", # required
283
- # }
284
- #
285
263
  # @!attribute [rw] alias_name
286
264
  # Specifies the alias name. This value must begin with `alias/`
287
265
  # followed by a name, such as `alias/ExampleAlias`.
@@ -335,25 +313,6 @@ module Aws::KMS
335
313
  include Aws::Structure
336
314
  end
337
315
 
338
- # @note When making an API call, you may pass CreateCustomKeyStoreRequest
339
- # data as a hash:
340
- #
341
- # {
342
- # custom_key_store_name: "CustomKeyStoreNameType", # required
343
- # cloud_hsm_cluster_id: "CloudHsmClusterIdType",
344
- # trust_anchor_certificate: "TrustAnchorCertificateType",
345
- # key_store_password: "KeyStorePasswordType",
346
- # custom_key_store_type: "AWS_CLOUDHSM", # accepts AWS_CLOUDHSM, EXTERNAL_KEY_STORE
347
- # xks_proxy_uri_endpoint: "XksProxyUriEndpointType",
348
- # xks_proxy_uri_path: "XksProxyUriPathType",
349
- # xks_proxy_vpc_endpoint_service_name: "XksProxyVpcEndpointServiceNameType",
350
- # xks_proxy_authentication_credential: {
351
- # access_key_id: "XksProxyAuthenticationAccessKeyIdType", # required
352
- # raw_secret_access_key: "XksProxyAuthenticationRawSecretAccessKeyType", # required
353
- # },
354
- # xks_proxy_connectivity: "PUBLIC_ENDPOINT", # accepts PUBLIC_ENDPOINT, VPC_ENDPOINT_SERVICE
355
- # }
356
- #
357
316
  # @!attribute [rw] custom_key_store_name
358
317
  # Specifies a friendly name for the custom key store. The name must be
359
318
  # unique in your Amazon Web Services account and Region. This
@@ -375,8 +334,6 @@ module Aws::KMS
375
334
  # @return [String]
376
335
  #
377
336
  # @!attribute [rw] trust_anchor_certificate
378
- # * CreateCustom
379
- #
380
337
  # Specifies the certificate for an CloudHSM key store. This parameter
381
338
  # is required for custom key stores with a `CustomKeyStoreType` of
382
339
  # `AWS_CLOUDHSM`.
@@ -587,26 +544,6 @@ module Aws::KMS
587
544
  include Aws::Structure
588
545
  end
589
546
 
590
- # @note When making an API call, you may pass CreateGrantRequest
591
- # data as a hash:
592
- #
593
- # {
594
- # key_id: "KeyIdType", # required
595
- # grantee_principal: "PrincipalIdType", # required
596
- # retiring_principal: "PrincipalIdType",
597
- # operations: ["Decrypt"], # required, accepts Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, Sign, Verify, GetPublicKey, CreateGrant, RetireGrant, DescribeKey, GenerateDataKeyPair, GenerateDataKeyPairWithoutPlaintext, GenerateMac, VerifyMac
598
- # constraints: {
599
- # encryption_context_subset: {
600
- # "EncryptionContextKey" => "EncryptionContextValue",
601
- # },
602
- # encryption_context_equals: {
603
- # "EncryptionContextKey" => "EncryptionContextValue",
604
- # },
605
- # },
606
- # grant_tokens: ["GrantTokenType"],
607
- # name: "GrantNameType",
608
- # }
609
- #
610
547
  # @!attribute [rw] key_id
611
548
  # Identifies the KMS key for the grant. The grant gives principals
612
549
  # permission to use this KMS key.
@@ -799,28 +736,6 @@ module Aws::KMS
799
736
  include Aws::Structure
800
737
  end
801
738
 
802
- # @note When making an API call, you may pass CreateKeyRequest
803
- # data as a hash:
804
- #
805
- # {
806
- # policy: "PolicyType",
807
- # description: "DescriptionType",
808
- # key_usage: "SIGN_VERIFY", # accepts SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
809
- # customer_master_key_spec: "RSA_2048", # accepts RSA_2048, RSA_3072, RSA_4096, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1, SYMMETRIC_DEFAULT, HMAC_224, HMAC_256, HMAC_384, HMAC_512, SM2
810
- # key_spec: "RSA_2048", # accepts RSA_2048, RSA_3072, RSA_4096, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1, SYMMETRIC_DEFAULT, HMAC_224, HMAC_256, HMAC_384, HMAC_512, SM2
811
- # origin: "AWS_KMS", # accepts AWS_KMS, EXTERNAL, AWS_CLOUDHSM, EXTERNAL_KEY_STORE
812
- # custom_key_store_id: "CustomKeyStoreIdType",
813
- # bypass_policy_lockout_safety_check: false,
814
- # tags: [
815
- # {
816
- # tag_key: "TagKeyType", # required
817
- # tag_value: "TagValueType", # required
818
- # },
819
- # ],
820
- # multi_region: false,
821
- # xks_key_id: "XksKeyIdType",
822
- # }
823
- #
824
739
  # @!attribute [rw] policy
825
740
  # The key policy to attach to the KMS key.
826
741
  #
@@ -1544,19 +1459,6 @@ module Aws::KMS
1544
1459
  include Aws::Structure
1545
1460
  end
1546
1461
 
1547
- # @note When making an API call, you may pass DecryptRequest
1548
- # data as a hash:
1549
- #
1550
- # {
1551
- # ciphertext_blob: "data", # required
1552
- # encryption_context: {
1553
- # "EncryptionContextKey" => "EncryptionContextValue",
1554
- # },
1555
- # grant_tokens: ["GrantTokenType"],
1556
- # key_id: "KeyIdType",
1557
- # encryption_algorithm: "SYMMETRIC_DEFAULT", # accepts SYMMETRIC_DEFAULT, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, SM2PKE
1558
- # }
1559
- #
1560
1462
  # @!attribute [rw] ciphertext_blob
1561
1463
  # Ciphertext to be decrypted. The blob includes metadata.
1562
1464
  # @return [String]
@@ -1687,13 +1589,6 @@ module Aws::KMS
1687
1589
  include Aws::Structure
1688
1590
  end
1689
1591
 
1690
- # @note When making an API call, you may pass DeleteAliasRequest
1691
- # data as a hash:
1692
- #
1693
- # {
1694
- # alias_name: "AliasNameType", # required
1695
- # }
1696
- #
1697
1592
  # @!attribute [rw] alias_name
1698
1593
  # The alias to be deleted. The alias name must begin with `alias/`
1699
1594
  # followed by the alias name, such as `alias/ExampleAlias`.
@@ -1707,13 +1602,6 @@ module Aws::KMS
1707
1602
  include Aws::Structure
1708
1603
  end
1709
1604
 
1710
- # @note When making an API call, you may pass DeleteCustomKeyStoreRequest
1711
- # data as a hash:
1712
- #
1713
- # {
1714
- # custom_key_store_id: "CustomKeyStoreIdType", # required
1715
- # }
1716
- #
1717
1605
  # @!attribute [rw] custom_key_store_id
1718
1606
  # Enter the ID of the custom key store you want to delete. To find the
1719
1607
  # ID of a custom key store, use the DescribeCustomKeyStores operation.
@@ -1731,13 +1619,6 @@ module Aws::KMS
1731
1619
  #
1732
1620
  class DeleteCustomKeyStoreResponse < Aws::EmptyStructure; end
1733
1621
 
1734
- # @note When making an API call, you may pass DeleteImportedKeyMaterialRequest
1735
- # data as a hash:
1736
- #
1737
- # {
1738
- # key_id: "KeyIdType", # required
1739
- # }
1740
- #
1741
1622
  # @!attribute [rw] key_id
1742
1623
  # Identifies the KMS key from which you are deleting imported key
1743
1624
  # material. The `Origin` of the KMS key must be `EXTERNAL`.
@@ -1777,16 +1658,6 @@ module Aws::KMS
1777
1658
  include Aws::Structure
1778
1659
  end
1779
1660
 
1780
- # @note When making an API call, you may pass DescribeCustomKeyStoresRequest
1781
- # data as a hash:
1782
- #
1783
- # {
1784
- # custom_key_store_id: "CustomKeyStoreIdType",
1785
- # custom_key_store_name: "CustomKeyStoreNameType",
1786
- # limit: 1,
1787
- # marker: "MarkerType",
1788
- # }
1789
- #
1790
1661
  # @!attribute [rw] custom_key_store_id
1791
1662
  # Gets only information about the specified custom key store. Enter
1792
1663
  # the key store ID.
@@ -1856,14 +1727,6 @@ module Aws::KMS
1856
1727
  include Aws::Structure
1857
1728
  end
1858
1729
 
1859
- # @note When making an API call, you may pass DescribeKeyRequest
1860
- # data as a hash:
1861
- #
1862
- # {
1863
- # key_id: "KeyIdType", # required
1864
- # grant_tokens: ["GrantTokenType"],
1865
- # }
1866
- #
1867
1730
  # @!attribute [rw] key_id
1868
1731
  # Describes the specified KMS key.
1869
1732
  #
@@ -1931,13 +1794,6 @@ module Aws::KMS
1931
1794
  include Aws::Structure
1932
1795
  end
1933
1796
 
1934
- # @note When making an API call, you may pass DisableKeyRequest
1935
- # data as a hash:
1936
- #
1937
- # {
1938
- # key_id: "KeyIdType", # required
1939
- # }
1940
- #
1941
1797
  # @!attribute [rw] key_id
1942
1798
  # Identifies the KMS key to disable.
1943
1799
  #
@@ -1962,13 +1818,6 @@ module Aws::KMS
1962
1818
  include Aws::Structure
1963
1819
  end
1964
1820
 
1965
- # @note When making an API call, you may pass DisableKeyRotationRequest
1966
- # data as a hash:
1967
- #
1968
- # {
1969
- # key_id: "KeyIdType", # required
1970
- # }
1971
- #
1972
1821
  # @!attribute [rw] key_id
1973
1822
  # Identifies a symmetric encryption KMS key. You cannot enable or
1974
1823
  # disable automatic rotation of [asymmetric KMS keys][1], [HMAC KMS
@@ -2016,13 +1865,6 @@ module Aws::KMS
2016
1865
  include Aws::Structure
2017
1866
  end
2018
1867
 
2019
- # @note When making an API call, you may pass DisconnectCustomKeyStoreRequest
2020
- # data as a hash:
2021
- #
2022
- # {
2023
- # custom_key_store_id: "CustomKeyStoreIdType", # required
2024
- # }
2025
- #
2026
1868
  # @!attribute [rw] custom_key_store_id
2027
1869
  # Enter the ID of the custom key store you want to disconnect. To find
2028
1870
  # the ID of a custom key store, use the DescribeCustomKeyStores
@@ -2041,13 +1883,6 @@ module Aws::KMS
2041
1883
  #
2042
1884
  class DisconnectCustomKeyStoreResponse < Aws::EmptyStructure; end
2043
1885
 
2044
- # @note When making an API call, you may pass EnableKeyRequest
2045
- # data as a hash:
2046
- #
2047
- # {
2048
- # key_id: "KeyIdType", # required
2049
- # }
2050
- #
2051
1886
  # @!attribute [rw] key_id
2052
1887
  # Identifies the KMS key to enable.
2053
1888
  #
@@ -2072,13 +1907,6 @@ module Aws::KMS
2072
1907
  include Aws::Structure
2073
1908
  end
2074
1909
 
2075
- # @note When making an API call, you may pass EnableKeyRotationRequest
2076
- # data as a hash:
2077
- #
2078
- # {
2079
- # key_id: "KeyIdType", # required
2080
- # }
2081
- #
2082
1910
  # @!attribute [rw] key_id
2083
1911
  # Identifies a symmetric encryption KMS key. You cannot enable
2084
1912
  # automatic rotation of [asymmetric KMS keys][1], [HMAC KMS keys][2],
@@ -2115,19 +1943,6 @@ module Aws::KMS
2115
1943
  include Aws::Structure
2116
1944
  end
2117
1945
 
2118
- # @note When making an API call, you may pass EncryptRequest
2119
- # data as a hash:
2120
- #
2121
- # {
2122
- # key_id: "KeyIdType", # required
2123
- # plaintext: "data", # required
2124
- # encryption_context: {
2125
- # "EncryptionContextKey" => "EncryptionContextValue",
2126
- # },
2127
- # grant_tokens: ["GrantTokenType"],
2128
- # encryption_algorithm: "SYMMETRIC_DEFAULT", # accepts SYMMETRIC_DEFAULT, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, SM2PKE
2129
- # }
2130
- #
2131
1946
  # @!attribute [rw] key_id
2132
1947
  # Identifies the KMS key to use in the encryption operation. The KMS
2133
1948
  # key must have a `KeyUsage` of `ENCRYPT_DECRYPT`. To find the
@@ -2266,18 +2081,6 @@ module Aws::KMS
2266
2081
  include Aws::Structure
2267
2082
  end
2268
2083
 
2269
- # @note When making an API call, you may pass GenerateDataKeyPairRequest
2270
- # data as a hash:
2271
- #
2272
- # {
2273
- # encryption_context: {
2274
- # "EncryptionContextKey" => "EncryptionContextValue",
2275
- # },
2276
- # key_id: "KeyIdType", # required
2277
- # key_pair_spec: "RSA_2048", # required, accepts RSA_2048, RSA_3072, RSA_4096, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1, SM2
2278
- # grant_tokens: ["GrantTokenType"],
2279
- # }
2280
- #
2281
2084
  # @!attribute [rw] encryption_context
2282
2085
  # Specifies the encryption context that will be used when encrypting
2283
2086
  # the private key in the data key pair.
@@ -2403,18 +2206,6 @@ module Aws::KMS
2403
2206
  include Aws::Structure
2404
2207
  end
2405
2208
 
2406
- # @note When making an API call, you may pass GenerateDataKeyPairWithoutPlaintextRequest
2407
- # data as a hash:
2408
- #
2409
- # {
2410
- # encryption_context: {
2411
- # "EncryptionContextKey" => "EncryptionContextValue",
2412
- # },
2413
- # key_id: "KeyIdType", # required
2414
- # key_pair_spec: "RSA_2048", # required, accepts RSA_2048, RSA_3072, RSA_4096, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, ECC_SECG_P256K1, SM2
2415
- # grant_tokens: ["GrantTokenType"],
2416
- # }
2417
- #
2418
2209
  # @!attribute [rw] encryption_context
2419
2210
  # Specifies the encryption context that will be used when encrypting
2420
2211
  # the private key in the data key pair.
@@ -2533,19 +2324,6 @@ module Aws::KMS
2533
2324
  include Aws::Structure
2534
2325
  end
2535
2326
 
2536
- # @note When making an API call, you may pass GenerateDataKeyRequest
2537
- # data as a hash:
2538
- #
2539
- # {
2540
- # key_id: "KeyIdType", # required
2541
- # encryption_context: {
2542
- # "EncryptionContextKey" => "EncryptionContextValue",
2543
- # },
2544
- # number_of_bytes: 1,
2545
- # key_spec: "AES_256", # accepts AES_256, AES_128
2546
- # grant_tokens: ["GrantTokenType"],
2547
- # }
2548
- #
2549
2327
  # @!attribute [rw] key_id
2550
2328
  # Specifies the symmetric encryption KMS key that encrypts the data
2551
2329
  # key. You cannot specify an asymmetric KMS key or a KMS key in a
@@ -2670,19 +2448,6 @@ module Aws::KMS
2670
2448
  include Aws::Structure
2671
2449
  end
2672
2450
 
2673
- # @note When making an API call, you may pass GenerateDataKeyWithoutPlaintextRequest
2674
- # data as a hash:
2675
- #
2676
- # {
2677
- # key_id: "KeyIdType", # required
2678
- # encryption_context: {
2679
- # "EncryptionContextKey" => "EncryptionContextValue",
2680
- # },
2681
- # key_spec: "AES_256", # accepts AES_256, AES_128
2682
- # number_of_bytes: 1,
2683
- # grant_tokens: ["GrantTokenType"],
2684
- # }
2685
- #
2686
2451
  # @!attribute [rw] key_id
2687
2452
  # Specifies the symmetric encryption KMS key that encrypts the data
2688
2453
  # key. You cannot specify an asymmetric KMS key or a KMS key in a
@@ -2792,16 +2557,6 @@ module Aws::KMS
2792
2557
  include Aws::Structure
2793
2558
  end
2794
2559
 
2795
- # @note When making an API call, you may pass GenerateMacRequest
2796
- # data as a hash:
2797
- #
2798
- # {
2799
- # message: "data", # required
2800
- # key_id: "KeyIdType", # required
2801
- # mac_algorithm: "HMAC_SHA_224", # required, accepts HMAC_SHA_224, HMAC_SHA_256, HMAC_SHA_384, HMAC_SHA_512
2802
- # grant_tokens: ["GrantTokenType"],
2803
- # }
2804
- #
2805
2560
  # @!attribute [rw] message
2806
2561
  # The message to be hashed. Specify a message of up to 4,096 bytes.
2807
2562
  #
@@ -2885,14 +2640,6 @@ module Aws::KMS
2885
2640
  include Aws::Structure
2886
2641
  end
2887
2642
 
2888
- # @note When making an API call, you may pass GenerateRandomRequest
2889
- # data as a hash:
2890
- #
2891
- # {
2892
- # number_of_bytes: 1,
2893
- # custom_key_store_id: "CustomKeyStoreIdType",
2894
- # }
2895
- #
2896
2643
  # @!attribute [rw] number_of_bytes
2897
2644
  # The length of the random byte string. This parameter is required.
2898
2645
  # @return [Integer]
@@ -2930,14 +2677,6 @@ module Aws::KMS
2930
2677
  include Aws::Structure
2931
2678
  end
2932
2679
 
2933
- # @note When making an API call, you may pass GetKeyPolicyRequest
2934
- # data as a hash:
2935
- #
2936
- # {
2937
- # key_id: "KeyIdType", # required
2938
- # policy_name: "PolicyNameType", # required
2939
- # }
2940
- #
2941
2680
  # @!attribute [rw] key_id
2942
2681
  # Gets the key policy for the specified KMS key.
2943
2682
  #
@@ -2980,13 +2719,6 @@ module Aws::KMS
2980
2719
  include Aws::Structure
2981
2720
  end
2982
2721
 
2983
- # @note When making an API call, you may pass GetKeyRotationStatusRequest
2984
- # data as a hash:
2985
- #
2986
- # {
2987
- # key_id: "KeyIdType", # required
2988
- # }
2989
- #
2990
2722
  # @!attribute [rw] key_id
2991
2723
  # Gets the rotation status for the specified KMS key.
2992
2724
  #
@@ -3025,15 +2757,6 @@ module Aws::KMS
3025
2757
  include Aws::Structure
3026
2758
  end
3027
2759
 
3028
- # @note When making an API call, you may pass GetParametersForImportRequest
3029
- # data as a hash:
3030
- #
3031
- # {
3032
- # key_id: "KeyIdType", # required
3033
- # wrapping_algorithm: "RSAES_PKCS1_V1_5", # required, accepts RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256
3034
- # wrapping_key_spec: "RSA_2048", # required, accepts RSA_2048
3035
- # }
3036
- #
3037
2760
  # @!attribute [rw] key_id
3038
2761
  # The identifier of the symmetric encryption KMS key into which you
3039
2762
  # will import key material. The `Origin` of the KMS key must be
@@ -3115,14 +2838,6 @@ module Aws::KMS
3115
2838
  include Aws::Structure
3116
2839
  end
3117
2840
 
3118
- # @note When making an API call, you may pass GetPublicKeyRequest
3119
- # data as a hash:
3120
- #
3121
- # {
3122
- # key_id: "KeyIdType", # required
3123
- # grant_tokens: ["GrantTokenType"],
3124
- # }
3125
- #
3126
2841
  # @!attribute [rw] key_id
3127
2842
  # Identifies the asymmetric KMS key that includes the public key.
3128
2843
  #
@@ -3279,18 +2994,6 @@ module Aws::KMS
3279
2994
  # [3]: https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#symmetric-cmks
3280
2995
  # [4]: https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-context
3281
2996
  #
3282
- # @note When making an API call, you may pass GrantConstraints
3283
- # data as a hash:
3284
- #
3285
- # {
3286
- # encryption_context_subset: {
3287
- # "EncryptionContextKey" => "EncryptionContextValue",
3288
- # },
3289
- # encryption_context_equals: {
3290
- # "EncryptionContextKey" => "EncryptionContextValue",
3291
- # },
3292
- # }
3293
- #
3294
2997
  # @!attribute [rw] encryption_context_subset
3295
2998
  # A list of key-value pairs that must be included in the encryption
3296
2999
  # context of the [cryptographic operation][1] request. The grant
@@ -3391,17 +3094,6 @@ module Aws::KMS
3391
3094
  include Aws::Structure
3392
3095
  end
3393
3096
 
3394
- # @note When making an API call, you may pass ImportKeyMaterialRequest
3395
- # data as a hash:
3396
- #
3397
- # {
3398
- # key_id: "KeyIdType", # required
3399
- # import_token: "data", # required
3400
- # encrypted_key_material: "data", # required
3401
- # valid_to: Time.now,
3402
- # expiration_model: "KEY_MATERIAL_EXPIRES", # accepts KEY_MATERIAL_EXPIRES, KEY_MATERIAL_DOES_NOT_EXPIRE
3403
- # }
3404
- #
3405
3097
  # @!attribute [rw] key_id
3406
3098
  # The identifier of the symmetric encryption KMS key that receives the
3407
3099
  # imported key material. This must be the same KMS key specified in
@@ -4057,15 +3749,6 @@ module Aws::KMS
4057
3749
  include Aws::Structure
4058
3750
  end
4059
3751
 
4060
- # @note When making an API call, you may pass ListAliasesRequest
4061
- # data as a hash:
4062
- #
4063
- # {
4064
- # key_id: "KeyIdType",
4065
- # limit: 1,
4066
- # marker: "MarkerType",
4067
- # }
4068
- #
4069
3752
  # @!attribute [rw] key_id
4070
3753
  # Lists only aliases that are associated with the specified KMS key.
4071
3754
  # Enter a KMS key in your Amazon Web Services account.
@@ -4138,17 +3821,6 @@ module Aws::KMS
4138
3821
  include Aws::Structure
4139
3822
  end
4140
3823
 
4141
- # @note When making an API call, you may pass ListGrantsRequest
4142
- # data as a hash:
4143
- #
4144
- # {
4145
- # limit: 1,
4146
- # marker: "MarkerType",
4147
- # key_id: "KeyIdType", # required
4148
- # grant_id: "GrantIdType",
4149
- # grantee_principal: "PrincipalIdType",
4150
- # }
4151
- #
4152
3824
  # @!attribute [rw] limit
4153
3825
  # Use this parameter to specify the maximum number of items to return.
4154
3826
  # When this value is present, KMS does not return more than the
@@ -4232,15 +3904,6 @@ module Aws::KMS
4232
3904
  include Aws::Structure
4233
3905
  end
4234
3906
 
4235
- # @note When making an API call, you may pass ListKeyPoliciesRequest
4236
- # data as a hash:
4237
- #
4238
- # {
4239
- # key_id: "KeyIdType", # required
4240
- # limit: 1,
4241
- # marker: "MarkerType",
4242
- # }
4243
- #
4244
3907
  # @!attribute [rw] key_id
4245
3908
  # Gets the names of key policies for the specified KMS key.
4246
3909
  #
@@ -4311,14 +3974,6 @@ module Aws::KMS
4311
3974
  include Aws::Structure
4312
3975
  end
4313
3976
 
4314
- # @note When making an API call, you may pass ListKeysRequest
4315
- # data as a hash:
4316
- #
4317
- # {
4318
- # limit: 1,
4319
- # marker: "MarkerType",
4320
- # }
4321
- #
4322
3977
  # @!attribute [rw] limit
4323
3978
  # Use this parameter to specify the maximum number of items to return.
4324
3979
  # When this value is present, KMS does not return more than the
@@ -4370,15 +4025,6 @@ module Aws::KMS
4370
4025
  include Aws::Structure
4371
4026
  end
4372
4027
 
4373
- # @note When making an API call, you may pass ListResourceTagsRequest
4374
- # data as a hash:
4375
- #
4376
- # {
4377
- # key_id: "KeyIdType", # required
4378
- # limit: 1,
4379
- # marker: "MarkerType",
4380
- # }
4381
- #
4382
4028
  # @!attribute [rw] key_id
4383
4029
  # Gets tags on the specified KMS key.
4384
4030
  #
@@ -4461,15 +4107,6 @@ module Aws::KMS
4461
4107
  include Aws::Structure
4462
4108
  end
4463
4109
 
4464
- # @note When making an API call, you may pass ListRetirableGrantsRequest
4465
- # data as a hash:
4466
- #
4467
- # {
4468
- # limit: 1,
4469
- # marker: "MarkerType",
4470
- # retiring_principal: "PrincipalIdType", # required
4471
- # }
4472
- #
4473
4110
  # @!attribute [rw] limit
4474
4111
  # Use this parameter to specify the maximum number of items to return.
4475
4112
  # When this value is present, KMS does not return more than the
@@ -4594,16 +4231,6 @@ module Aws::KMS
4594
4231
  include Aws::Structure
4595
4232
  end
4596
4233
 
4597
- # @note When making an API call, you may pass PutKeyPolicyRequest
4598
- # data as a hash:
4599
- #
4600
- # {
4601
- # key_id: "KeyIdType", # required
4602
- # policy_name: "PolicyNameType", # required
4603
- # policy: "PolicyType", # required
4604
- # bypass_policy_lockout_safety_check: false,
4605
- # }
4606
- #
4607
4234
  # @!attribute [rw] key_id
4608
4235
  # Sets the key policy on the specified KMS key.
4609
4236
  #
@@ -4705,24 +4332,6 @@ module Aws::KMS
4705
4332
  include Aws::Structure
4706
4333
  end
4707
4334
 
4708
- # @note When making an API call, you may pass ReEncryptRequest
4709
- # data as a hash:
4710
- #
4711
- # {
4712
- # ciphertext_blob: "data", # required
4713
- # source_encryption_context: {
4714
- # "EncryptionContextKey" => "EncryptionContextValue",
4715
- # },
4716
- # source_key_id: "KeyIdType",
4717
- # destination_key_id: "KeyIdType", # required
4718
- # destination_encryption_context: {
4719
- # "EncryptionContextKey" => "EncryptionContextValue",
4720
- # },
4721
- # source_encryption_algorithm: "SYMMETRIC_DEFAULT", # accepts SYMMETRIC_DEFAULT, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, SM2PKE
4722
- # destination_encryption_algorithm: "SYMMETRIC_DEFAULT", # accepts SYMMETRIC_DEFAULT, RSAES_OAEP_SHA_1, RSAES_OAEP_SHA_256, SM2PKE
4723
- # grant_tokens: ["GrantTokenType"],
4724
- # }
4725
- #
4726
4335
  # @!attribute [rw] ciphertext_blob
4727
4336
  # Ciphertext of the data to reencrypt.
4728
4337
  # @return [String]
@@ -4928,23 +4537,6 @@ module Aws::KMS
4928
4537
  include Aws::Structure
4929
4538
  end
4930
4539
 
4931
- # @note When making an API call, you may pass ReplicateKeyRequest
4932
- # data as a hash:
4933
- #
4934
- # {
4935
- # key_id: "KeyIdType", # required
4936
- # replica_region: "RegionType", # required
4937
- # policy: "PolicyType",
4938
- # bypass_policy_lockout_safety_check: false,
4939
- # description: "DescriptionType",
4940
- # tags: [
4941
- # {
4942
- # tag_key: "TagKeyType", # required
4943
- # tag_value: "TagValueType", # required
4944
- # },
4945
- # ],
4946
- # }
4947
- #
4948
4540
  # @!attribute [rw] key_id
4949
4541
  # Identifies the multi-Region primary key that is being replicated. To
4950
4542
  # determine whether a KMS key is a multi-Region primary key, use the
@@ -5170,15 +4762,6 @@ module Aws::KMS
5170
4762
  include Aws::Structure
5171
4763
  end
5172
4764
 
5173
- # @note When making an API call, you may pass RetireGrantRequest
5174
- # data as a hash:
5175
- #
5176
- # {
5177
- # grant_token: "GrantTokenType",
5178
- # key_id: "KeyIdType",
5179
- # grant_id: "GrantIdType",
5180
- # }
5181
- #
5182
4765
  # @!attribute [rw] grant_token
5183
4766
  # Identifies the grant to be retired. You can use a grant token to
5184
4767
  # identify a new grant even before it has achieved eventual
@@ -5222,14 +4805,6 @@ module Aws::KMS
5222
4805
  include Aws::Structure
5223
4806
  end
5224
4807
 
5225
- # @note When making an API call, you may pass RevokeGrantRequest
5226
- # data as a hash:
5227
- #
5228
- # {
5229
- # key_id: "KeyIdType", # required
5230
- # grant_id: "GrantIdType", # required
5231
- # }
5232
- #
5233
4808
  # @!attribute [rw] key_id
5234
4809
  # A unique identifier for the KMS key associated with the grant. To
5235
4810
  # get the key ID and key ARN for a KMS key, use ListKeys or
@@ -5264,14 +4839,6 @@ module Aws::KMS
5264
4839
  include Aws::Structure
5265
4840
  end
5266
4841
 
5267
- # @note When making an API call, you may pass ScheduleKeyDeletionRequest
5268
- # data as a hash:
5269
- #
5270
- # {
5271
- # key_id: "KeyIdType", # required
5272
- # pending_window_in_days: 1,
5273
- # }
5274
- #
5275
4842
  # @!attribute [rw] key_id
5276
4843
  # The unique identifier of the KMS key to delete.
5277
4844
  #
@@ -5357,17 +4924,6 @@ module Aws::KMS
5357
4924
  include Aws::Structure
5358
4925
  end
5359
4926
 
5360
- # @note When making an API call, you may pass SignRequest
5361
- # data as a hash:
5362
- #
5363
- # {
5364
- # key_id: "KeyIdType", # required
5365
- # message: "data", # required
5366
- # message_type: "RAW", # accepts RAW, DIGEST
5367
- # grant_tokens: ["GrantTokenType"],
5368
- # signing_algorithm: "RSASSA_PSS_SHA_256", # required, accepts RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, SM2DSA
5369
- # }
5370
- #
5371
4927
  # @!attribute [rw] key_id
5372
4928
  # Identifies an asymmetric KMS key. KMS uses the private key in the
5373
4929
  # asymmetric KMS key to sign the message. The `KeyUsage` type of the
@@ -5497,14 +5053,6 @@ module Aws::KMS
5497
5053
  #
5498
5054
  # [1]: https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html
5499
5055
  #
5500
- # @note When making an API call, you may pass Tag
5501
- # data as a hash:
5502
- #
5503
- # {
5504
- # tag_key: "TagKeyType", # required
5505
- # tag_value: "TagValueType", # required
5506
- # }
5507
- #
5508
5056
  # @!attribute [rw] tag_key
5509
5057
  # The key of the tag.
5510
5058
  # @return [String]
@@ -5535,19 +5083,6 @@ module Aws::KMS
5535
5083
  include Aws::Structure
5536
5084
  end
5537
5085
 
5538
- # @note When making an API call, you may pass TagResourceRequest
5539
- # data as a hash:
5540
- #
5541
- # {
5542
- # key_id: "KeyIdType", # required
5543
- # tags: [ # required
5544
- # {
5545
- # tag_key: "TagKeyType", # required
5546
- # tag_value: "TagValueType", # required
5547
- # },
5548
- # ],
5549
- # }
5550
- #
5551
5086
  # @!attribute [rw] key_id
5552
5087
  # Identifies a customer managed key in the account and Region.
5553
5088
  #
@@ -5598,14 +5133,6 @@ module Aws::KMS
5598
5133
  include Aws::Structure
5599
5134
  end
5600
5135
 
5601
- # @note When making an API call, you may pass UntagResourceRequest
5602
- # data as a hash:
5603
- #
5604
- # {
5605
- # key_id: "KeyIdType", # required
5606
- # tag_keys: ["TagKeyType"], # required
5607
- # }
5608
- #
5609
5136
  # @!attribute [rw] key_id
5610
5137
  # Identifies the KMS key from which you are removing tags.
5611
5138
  #
@@ -5635,14 +5162,6 @@ module Aws::KMS
5635
5162
  include Aws::Structure
5636
5163
  end
5637
5164
 
5638
- # @note When making an API call, you may pass UpdateAliasRequest
5639
- # data as a hash:
5640
- #
5641
- # {
5642
- # alias_name: "AliasNameType", # required
5643
- # target_key_id: "KeyIdType", # required
5644
- # }
5645
- #
5646
5165
  # @!attribute [rw] alias_name
5647
5166
  # Identifies the alias that is changing its KMS key. This value must
5648
5167
  # begin with `alias/` followed by the alias name, such as
@@ -5690,24 +5209,6 @@ module Aws::KMS
5690
5209
  include Aws::Structure
5691
5210
  end
5692
5211
 
5693
- # @note When making an API call, you may pass UpdateCustomKeyStoreRequest
5694
- # data as a hash:
5695
- #
5696
- # {
5697
- # custom_key_store_id: "CustomKeyStoreIdType", # required
5698
- # new_custom_key_store_name: "CustomKeyStoreNameType",
5699
- # key_store_password: "KeyStorePasswordType",
5700
- # cloud_hsm_cluster_id: "CloudHsmClusterIdType",
5701
- # xks_proxy_uri_endpoint: "XksProxyUriEndpointType",
5702
- # xks_proxy_uri_path: "XksProxyUriPathType",
5703
- # xks_proxy_vpc_endpoint_service_name: "XksProxyVpcEndpointServiceNameType",
5704
- # xks_proxy_authentication_credential: {
5705
- # access_key_id: "XksProxyAuthenticationAccessKeyIdType", # required
5706
- # raw_secret_access_key: "XksProxyAuthenticationRawSecretAccessKeyType", # required
5707
- # },
5708
- # xks_proxy_connectivity: "PUBLIC_ENDPOINT", # accepts PUBLIC_ENDPOINT, VPC_ENDPOINT_SERVICE
5709
- # }
5710
- #
5711
5212
  # @!attribute [rw] custom_key_store_id
5712
5213
  # Identifies the custom key store that you want to update. Enter the
5713
5214
  # ID of the custom key store. To find the ID of a custom key store,
@@ -5863,14 +5364,6 @@ module Aws::KMS
5863
5364
  #
5864
5365
  class UpdateCustomKeyStoreResponse < Aws::EmptyStructure; end
5865
5366
 
5866
- # @note When making an API call, you may pass UpdateKeyDescriptionRequest
5867
- # data as a hash:
5868
- #
5869
- # {
5870
- # key_id: "KeyIdType", # required
5871
- # description: "DescriptionType", # required
5872
- # }
5873
- #
5874
5367
  # @!attribute [rw] key_id
5875
5368
  # Updates the description of the specified KMS key.
5876
5369
  #
@@ -5900,14 +5393,6 @@ module Aws::KMS
5900
5393
  include Aws::Structure
5901
5394
  end
5902
5395
 
5903
- # @note When making an API call, you may pass UpdatePrimaryRegionRequest
5904
- # data as a hash:
5905
- #
5906
- # {
5907
- # key_id: "KeyIdType", # required
5908
- # primary_region: "RegionType", # required
5909
- # }
5910
- #
5911
5396
  # @!attribute [rw] key_id
5912
5397
  # Identifies the current primary key. When the operation completes,
5913
5398
  # this KMS key will be a replica key.
@@ -5943,17 +5428,6 @@ module Aws::KMS
5943
5428
  include Aws::Structure
5944
5429
  end
5945
5430
 
5946
- # @note When making an API call, you may pass VerifyMacRequest
5947
- # data as a hash:
5948
- #
5949
- # {
5950
- # message: "data", # required
5951
- # key_id: "KeyIdType", # required
5952
- # mac_algorithm: "HMAC_SHA_224", # required, accepts HMAC_SHA_224, HMAC_SHA_256, HMAC_SHA_384, HMAC_SHA_512
5953
- # mac: "data", # required
5954
- # grant_tokens: ["GrantTokenType"],
5955
- # }
5956
- #
5957
5431
  # @!attribute [rw] message
5958
5432
  # The message that will be used in the verification. Enter the same
5959
5433
  # message that was used to generate the HMAC.
@@ -6037,18 +5511,6 @@ module Aws::KMS
6037
5511
  include Aws::Structure
6038
5512
  end
6039
5513
 
6040
- # @note When making an API call, you may pass VerifyRequest
6041
- # data as a hash:
6042
- #
6043
- # {
6044
- # key_id: "KeyIdType", # required
6045
- # message: "data", # required
6046
- # message_type: "RAW", # accepts RAW, DIGEST
6047
- # signature: "data", # required
6048
- # signing_algorithm: "RSASSA_PSS_SHA_256", # required, accepts RSASSA_PSS_SHA_256, RSASSA_PSS_SHA_384, RSASSA_PSS_SHA_512, RSASSA_PKCS1_V1_5_SHA_256, RSASSA_PKCS1_V1_5_SHA_384, RSASSA_PKCS1_V1_5_SHA_512, ECDSA_SHA_256, ECDSA_SHA_384, ECDSA_SHA_512, SM2DSA
6049
- # grant_tokens: ["GrantTokenType"],
6050
- # }
6051
- #
6052
5514
  # @!attribute [rw] key_id
6053
5515
  # Identifies the asymmetric KMS key that will be used to verify the
6054
5516
  # signature. This must be the same KMS key that was used to generate
@@ -6182,7 +5644,7 @@ module Aws::KMS
6182
5644
  # Information about the [external key ][1]that is associated with a KMS
6183
5645
  # key in an external key store.
6184
5646
  #
6185
- # These fields appear in a CreateKey or DescribeKey response only for a
5647
+ # This element appears in a CreateKey or DescribeKey response only for a
6186
5648
  # KMS key in an external key store.
6187
5649
  #
6188
5650
  # The *external key* is a symmetric encryption key that is hosted by an
@@ -6256,14 +5718,6 @@ module Aws::KMS
6256
5718
  #
6257
5719
  # The `XksProxyAuthenticationCredential` includes two required elements.
6258
5720
  #
6259
- # @note When making an API call, you may pass XksProxyAuthenticationCredentialType
6260
- # data as a hash:
6261
- #
6262
- # {
6263
- # access_key_id: "XksProxyAuthenticationAccessKeyIdType", # required
6264
- # raw_secret_access_key: "XksProxyAuthenticationRawSecretAccessKeyType", # required
6265
- # }
6266
- #
6267
5721
  # @!attribute [rw] access_key_id
6268
5722
  # A unique identifier for the raw secret access key.
6269
5723
  # @return [String]
data/lib/aws-sdk-kms.rb CHANGED
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-kms/customizations'
52
52
  # @!group service
53
53
  module Aws::KMS
54
54
 
55
- GEM_VERSION = '1.60.0'
55
+ GEM_VERSION = '1.61.0'
56
56
 
57
57
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-kms
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.60.0
4
+ version: 1.61.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2022-11-29 00:00:00.000000000 Z
11
+ date: 2022-12-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core