aws-sdk-kms 1.62.0 → 1.64.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-kms/client.rb +812 -334
- data/lib/aws-sdk-kms/client_api.rb +15 -0
- data/lib/aws-sdk-kms/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-kms/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-kms/types.rb +515 -142
- data/lib/aws-sdk-kms.rb +1 -1
- metadata +2 -2
|
@@ -20,6 +20,7 @@ module Aws::KMS
|
|
|
20
20
|
AliasNameType = Shapes::StringShape.new(name: 'AliasNameType')
|
|
21
21
|
AlreadyExistsException = Shapes::StructureShape.new(name: 'AlreadyExistsException')
|
|
22
22
|
ArnType = Shapes::StringShape.new(name: 'ArnType')
|
|
23
|
+
AttestationDocumentType = Shapes::BlobShape.new(name: 'AttestationDocumentType')
|
|
23
24
|
BooleanType = Shapes::BooleanShape.new(name: 'BooleanType')
|
|
24
25
|
CancelKeyDeletionRequest = Shapes::StructureShape.new(name: 'CancelKeyDeletionRequest')
|
|
25
26
|
CancelKeyDeletionResponse = Shapes::StructureShape.new(name: 'CancelKeyDeletionResponse')
|
|
@@ -129,6 +130,7 @@ module Aws::KMS
|
|
|
129
130
|
KMSInvalidMacException = Shapes::StructureShape.new(name: 'KMSInvalidMacException')
|
|
130
131
|
KMSInvalidSignatureException = Shapes::StructureShape.new(name: 'KMSInvalidSignatureException')
|
|
131
132
|
KMSInvalidStateException = Shapes::StructureShape.new(name: 'KMSInvalidStateException')
|
|
133
|
+
KeyEncryptionMechanism = Shapes::StringShape.new(name: 'KeyEncryptionMechanism')
|
|
132
134
|
KeyIdType = Shapes::StringShape.new(name: 'KeyIdType')
|
|
133
135
|
KeyList = Shapes::ListShape.new(name: 'KeyList')
|
|
134
136
|
KeyListEntry = Shapes::StructureShape.new(name: 'KeyListEntry')
|
|
@@ -175,6 +177,7 @@ module Aws::KMS
|
|
|
175
177
|
PutKeyPolicyRequest = Shapes::StructureShape.new(name: 'PutKeyPolicyRequest')
|
|
176
178
|
ReEncryptRequest = Shapes::StructureShape.new(name: 'ReEncryptRequest')
|
|
177
179
|
ReEncryptResponse = Shapes::StructureShape.new(name: 'ReEncryptResponse')
|
|
180
|
+
RecipientInfo = Shapes::StructureShape.new(name: 'RecipientInfo')
|
|
178
181
|
RegionType = Shapes::StringShape.new(name: 'RegionType')
|
|
179
182
|
ReplicateKeyRequest = Shapes::StructureShape.new(name: 'ReplicateKeyRequest')
|
|
180
183
|
ReplicateKeyResponse = Shapes::StructureShape.new(name: 'ReplicateKeyResponse')
|
|
@@ -345,11 +348,13 @@ module Aws::KMS
|
|
|
345
348
|
DecryptRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
|
346
349
|
DecryptRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
|
347
350
|
DecryptRequest.add_member(:encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "EncryptionAlgorithm"))
|
|
351
|
+
DecryptRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
|
348
352
|
DecryptRequest.struct_class = Types::DecryptRequest
|
|
349
353
|
|
|
350
354
|
DecryptResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
|
351
355
|
DecryptResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
|
352
356
|
DecryptResponse.add_member(:encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "EncryptionAlgorithm"))
|
|
357
|
+
DecryptResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
|
353
358
|
DecryptResponse.struct_class = Types::DecryptResponse
|
|
354
359
|
|
|
355
360
|
DeleteAliasRequest.add_member(:alias_name, Shapes::ShapeRef.new(shape: AliasNameType, required: true, location_name: "AliasName"))
|
|
@@ -428,6 +433,7 @@ module Aws::KMS
|
|
|
428
433
|
GenerateDataKeyPairRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
|
429
434
|
GenerateDataKeyPairRequest.add_member(:key_pair_spec, Shapes::ShapeRef.new(shape: DataKeyPairSpec, required: true, location_name: "KeyPairSpec"))
|
|
430
435
|
GenerateDataKeyPairRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
|
436
|
+
GenerateDataKeyPairRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
|
431
437
|
GenerateDataKeyPairRequest.struct_class = Types::GenerateDataKeyPairRequest
|
|
432
438
|
|
|
433
439
|
GenerateDataKeyPairResponse.add_member(:private_key_ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "PrivateKeyCiphertextBlob"))
|
|
@@ -435,6 +441,7 @@ module Aws::KMS
|
|
|
435
441
|
GenerateDataKeyPairResponse.add_member(:public_key, Shapes::ShapeRef.new(shape: PublicKeyType, location_name: "PublicKey"))
|
|
436
442
|
GenerateDataKeyPairResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
|
437
443
|
GenerateDataKeyPairResponse.add_member(:key_pair_spec, Shapes::ShapeRef.new(shape: DataKeyPairSpec, location_name: "KeyPairSpec"))
|
|
444
|
+
GenerateDataKeyPairResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
|
438
445
|
GenerateDataKeyPairResponse.struct_class = Types::GenerateDataKeyPairResponse
|
|
439
446
|
|
|
440
447
|
GenerateDataKeyPairWithoutPlaintextRequest.add_member(:encryption_context, Shapes::ShapeRef.new(shape: EncryptionContextType, location_name: "EncryptionContext"))
|
|
@@ -454,11 +461,13 @@ module Aws::KMS
|
|
|
454
461
|
GenerateDataKeyRequest.add_member(:number_of_bytes, Shapes::ShapeRef.new(shape: NumberOfBytesType, location_name: "NumberOfBytes"))
|
|
455
462
|
GenerateDataKeyRequest.add_member(:key_spec, Shapes::ShapeRef.new(shape: DataKeySpec, location_name: "KeySpec"))
|
|
456
463
|
GenerateDataKeyRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
|
464
|
+
GenerateDataKeyRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
|
457
465
|
GenerateDataKeyRequest.struct_class = Types::GenerateDataKeyRequest
|
|
458
466
|
|
|
459
467
|
GenerateDataKeyResponse.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextBlob"))
|
|
460
468
|
GenerateDataKeyResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
|
461
469
|
GenerateDataKeyResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
|
470
|
+
GenerateDataKeyResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
|
462
471
|
GenerateDataKeyResponse.struct_class = Types::GenerateDataKeyResponse
|
|
463
472
|
|
|
464
473
|
GenerateDataKeyWithoutPlaintextRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
|
@@ -485,9 +494,11 @@ module Aws::KMS
|
|
|
485
494
|
|
|
486
495
|
GenerateRandomRequest.add_member(:number_of_bytes, Shapes::ShapeRef.new(shape: NumberOfBytesType, location_name: "NumberOfBytes"))
|
|
487
496
|
GenerateRandomRequest.add_member(:custom_key_store_id, Shapes::ShapeRef.new(shape: CustomKeyStoreIdType, location_name: "CustomKeyStoreId"))
|
|
497
|
+
GenerateRandomRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
|
488
498
|
GenerateRandomRequest.struct_class = Types::GenerateRandomRequest
|
|
489
499
|
|
|
490
500
|
GenerateRandomResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
|
501
|
+
GenerateRandomResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
|
491
502
|
GenerateRandomResponse.struct_class = Types::GenerateRandomResponse
|
|
492
503
|
|
|
493
504
|
GetKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
|
@@ -740,6 +751,10 @@ module Aws::KMS
|
|
|
740
751
|
ReEncryptResponse.add_member(:destination_encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "DestinationEncryptionAlgorithm"))
|
|
741
752
|
ReEncryptResponse.struct_class = Types::ReEncryptResponse
|
|
742
753
|
|
|
754
|
+
RecipientInfo.add_member(:key_encryption_algorithm, Shapes::ShapeRef.new(shape: KeyEncryptionMechanism, location_name: "KeyEncryptionAlgorithm"))
|
|
755
|
+
RecipientInfo.add_member(:attestation_document, Shapes::ShapeRef.new(shape: AttestationDocumentType, location_name: "AttestationDocument"))
|
|
756
|
+
RecipientInfo.struct_class = Types::RecipientInfo
|
|
757
|
+
|
|
743
758
|
ReplicateKeyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
|
744
759
|
ReplicateKeyRequest.add_member(:replica_region, Shapes::ShapeRef.new(shape: RegionType, required: true, location_name: "ReplicaRegion"))
|
|
745
760
|
ReplicateKeyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, location_name: "Policy"))
|
|
@@ -50,9 +50,6 @@ module Aws::KMS
|
|
|
50
50
|
|
|
51
51
|
def initialize(options = {})
|
|
52
52
|
self[:region] = options[:region]
|
|
53
|
-
if self[:region].nil?
|
|
54
|
-
raise ArgumentError, "Missing required EndpointParameter: :region"
|
|
55
|
-
end
|
|
56
53
|
self[:use_dual_stack] = options[:use_dual_stack]
|
|
57
54
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
|
58
55
|
if self[:use_dual_stack].nil?
|
|
@@ -14,36 +14,39 @@ module Aws::KMS
|
|
|
14
14
|
use_dual_stack = parameters.use_dual_stack
|
|
15
15
|
use_fips = parameters.use_fips
|
|
16
16
|
endpoint = parameters.endpoint
|
|
17
|
-
if
|
|
18
|
-
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
19
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
20
|
-
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
21
|
-
end
|
|
22
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
23
|
-
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
24
|
-
end
|
|
25
|
-
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
26
|
-
end
|
|
27
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
28
|
-
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
29
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
30
|
-
end
|
|
31
|
-
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
32
|
-
end
|
|
17
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
|
33
18
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
34
|
-
|
|
35
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
36
|
-
end
|
|
37
|
-
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
19
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
|
38
20
|
end
|
|
39
21
|
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
40
|
-
|
|
41
|
-
|
|
22
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
|
23
|
+
end
|
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
|
25
|
+
end
|
|
26
|
+
if Aws::Endpoints::Matchers.set?(region)
|
|
27
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
29
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
31
|
+
end
|
|
32
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
|
33
|
+
end
|
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
37
|
+
end
|
|
38
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
|
39
|
+
end
|
|
40
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
|
41
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
|
43
|
+
end
|
|
44
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
|
42
45
|
end
|
|
43
|
-
|
|
46
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
44
47
|
end
|
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
|
46
48
|
end
|
|
49
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
|
47
50
|
raise ArgumentError, 'No endpoint could be resolved'
|
|
48
51
|
|
|
49
52
|
end
|