aws-sdk-kms 1.62.0 → 1.64.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +10 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-kms/client.rb +812 -334
- data/lib/aws-sdk-kms/client_api.rb +15 -0
- data/lib/aws-sdk-kms/endpoint_parameters.rb +0 -3
- data/lib/aws-sdk-kms/endpoint_provider.rb +27 -24
- data/lib/aws-sdk-kms/types.rb +515 -142
- data/lib/aws-sdk-kms.rb +1 -1
- metadata +2 -2
@@ -20,6 +20,7 @@ module Aws::KMS
|
|
20
20
|
AliasNameType = Shapes::StringShape.new(name: 'AliasNameType')
|
21
21
|
AlreadyExistsException = Shapes::StructureShape.new(name: 'AlreadyExistsException')
|
22
22
|
ArnType = Shapes::StringShape.new(name: 'ArnType')
|
23
|
+
AttestationDocumentType = Shapes::BlobShape.new(name: 'AttestationDocumentType')
|
23
24
|
BooleanType = Shapes::BooleanShape.new(name: 'BooleanType')
|
24
25
|
CancelKeyDeletionRequest = Shapes::StructureShape.new(name: 'CancelKeyDeletionRequest')
|
25
26
|
CancelKeyDeletionResponse = Shapes::StructureShape.new(name: 'CancelKeyDeletionResponse')
|
@@ -129,6 +130,7 @@ module Aws::KMS
|
|
129
130
|
KMSInvalidMacException = Shapes::StructureShape.new(name: 'KMSInvalidMacException')
|
130
131
|
KMSInvalidSignatureException = Shapes::StructureShape.new(name: 'KMSInvalidSignatureException')
|
131
132
|
KMSInvalidStateException = Shapes::StructureShape.new(name: 'KMSInvalidStateException')
|
133
|
+
KeyEncryptionMechanism = Shapes::StringShape.new(name: 'KeyEncryptionMechanism')
|
132
134
|
KeyIdType = Shapes::StringShape.new(name: 'KeyIdType')
|
133
135
|
KeyList = Shapes::ListShape.new(name: 'KeyList')
|
134
136
|
KeyListEntry = Shapes::StructureShape.new(name: 'KeyListEntry')
|
@@ -175,6 +177,7 @@ module Aws::KMS
|
|
175
177
|
PutKeyPolicyRequest = Shapes::StructureShape.new(name: 'PutKeyPolicyRequest')
|
176
178
|
ReEncryptRequest = Shapes::StructureShape.new(name: 'ReEncryptRequest')
|
177
179
|
ReEncryptResponse = Shapes::StructureShape.new(name: 'ReEncryptResponse')
|
180
|
+
RecipientInfo = Shapes::StructureShape.new(name: 'RecipientInfo')
|
178
181
|
RegionType = Shapes::StringShape.new(name: 'RegionType')
|
179
182
|
ReplicateKeyRequest = Shapes::StructureShape.new(name: 'ReplicateKeyRequest')
|
180
183
|
ReplicateKeyResponse = Shapes::StructureShape.new(name: 'ReplicateKeyResponse')
|
@@ -345,11 +348,13 @@ module Aws::KMS
|
|
345
348
|
DecryptRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
346
349
|
DecryptRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
347
350
|
DecryptRequest.add_member(:encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "EncryptionAlgorithm"))
|
351
|
+
DecryptRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
348
352
|
DecryptRequest.struct_class = Types::DecryptRequest
|
349
353
|
|
350
354
|
DecryptResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
351
355
|
DecryptResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
352
356
|
DecryptResponse.add_member(:encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "EncryptionAlgorithm"))
|
357
|
+
DecryptResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
353
358
|
DecryptResponse.struct_class = Types::DecryptResponse
|
354
359
|
|
355
360
|
DeleteAliasRequest.add_member(:alias_name, Shapes::ShapeRef.new(shape: AliasNameType, required: true, location_name: "AliasName"))
|
@@ -428,6 +433,7 @@ module Aws::KMS
|
|
428
433
|
GenerateDataKeyPairRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
429
434
|
GenerateDataKeyPairRequest.add_member(:key_pair_spec, Shapes::ShapeRef.new(shape: DataKeyPairSpec, required: true, location_name: "KeyPairSpec"))
|
430
435
|
GenerateDataKeyPairRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
436
|
+
GenerateDataKeyPairRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
431
437
|
GenerateDataKeyPairRequest.struct_class = Types::GenerateDataKeyPairRequest
|
432
438
|
|
433
439
|
GenerateDataKeyPairResponse.add_member(:private_key_ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "PrivateKeyCiphertextBlob"))
|
@@ -435,6 +441,7 @@ module Aws::KMS
|
|
435
441
|
GenerateDataKeyPairResponse.add_member(:public_key, Shapes::ShapeRef.new(shape: PublicKeyType, location_name: "PublicKey"))
|
436
442
|
GenerateDataKeyPairResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
437
443
|
GenerateDataKeyPairResponse.add_member(:key_pair_spec, Shapes::ShapeRef.new(shape: DataKeyPairSpec, location_name: "KeyPairSpec"))
|
444
|
+
GenerateDataKeyPairResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
438
445
|
GenerateDataKeyPairResponse.struct_class = Types::GenerateDataKeyPairResponse
|
439
446
|
|
440
447
|
GenerateDataKeyPairWithoutPlaintextRequest.add_member(:encryption_context, Shapes::ShapeRef.new(shape: EncryptionContextType, location_name: "EncryptionContext"))
|
@@ -454,11 +461,13 @@ module Aws::KMS
|
|
454
461
|
GenerateDataKeyRequest.add_member(:number_of_bytes, Shapes::ShapeRef.new(shape: NumberOfBytesType, location_name: "NumberOfBytes"))
|
455
462
|
GenerateDataKeyRequest.add_member(:key_spec, Shapes::ShapeRef.new(shape: DataKeySpec, location_name: "KeySpec"))
|
456
463
|
GenerateDataKeyRequest.add_member(:grant_tokens, Shapes::ShapeRef.new(shape: GrantTokenList, location_name: "GrantTokens"))
|
464
|
+
GenerateDataKeyRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
457
465
|
GenerateDataKeyRequest.struct_class = Types::GenerateDataKeyRequest
|
458
466
|
|
459
467
|
GenerateDataKeyResponse.add_member(:ciphertext_blob, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextBlob"))
|
460
468
|
GenerateDataKeyResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
461
469
|
GenerateDataKeyResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
|
470
|
+
GenerateDataKeyResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
462
471
|
GenerateDataKeyResponse.struct_class = Types::GenerateDataKeyResponse
|
463
472
|
|
464
473
|
GenerateDataKeyWithoutPlaintextRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
@@ -485,9 +494,11 @@ module Aws::KMS
|
|
485
494
|
|
486
495
|
GenerateRandomRequest.add_member(:number_of_bytes, Shapes::ShapeRef.new(shape: NumberOfBytesType, location_name: "NumberOfBytes"))
|
487
496
|
GenerateRandomRequest.add_member(:custom_key_store_id, Shapes::ShapeRef.new(shape: CustomKeyStoreIdType, location_name: "CustomKeyStoreId"))
|
497
|
+
GenerateRandomRequest.add_member(:recipient, Shapes::ShapeRef.new(shape: RecipientInfo, location_name: "Recipient"))
|
488
498
|
GenerateRandomRequest.struct_class = Types::GenerateRandomRequest
|
489
499
|
|
490
500
|
GenerateRandomResponse.add_member(:plaintext, Shapes::ShapeRef.new(shape: PlaintextType, location_name: "Plaintext"))
|
501
|
+
GenerateRandomResponse.add_member(:ciphertext_for_recipient, Shapes::ShapeRef.new(shape: CiphertextType, location_name: "CiphertextForRecipient"))
|
491
502
|
GenerateRandomResponse.struct_class = Types::GenerateRandomResponse
|
492
503
|
|
493
504
|
GetKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
@@ -740,6 +751,10 @@ module Aws::KMS
|
|
740
751
|
ReEncryptResponse.add_member(:destination_encryption_algorithm, Shapes::ShapeRef.new(shape: EncryptionAlgorithmSpec, location_name: "DestinationEncryptionAlgorithm"))
|
741
752
|
ReEncryptResponse.struct_class = Types::ReEncryptResponse
|
742
753
|
|
754
|
+
RecipientInfo.add_member(:key_encryption_algorithm, Shapes::ShapeRef.new(shape: KeyEncryptionMechanism, location_name: "KeyEncryptionAlgorithm"))
|
755
|
+
RecipientInfo.add_member(:attestation_document, Shapes::ShapeRef.new(shape: AttestationDocumentType, location_name: "AttestationDocument"))
|
756
|
+
RecipientInfo.struct_class = Types::RecipientInfo
|
757
|
+
|
743
758
|
ReplicateKeyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
|
744
759
|
ReplicateKeyRequest.add_member(:replica_region, Shapes::ShapeRef.new(shape: RegionType, required: true, location_name: "ReplicaRegion"))
|
745
760
|
ReplicateKeyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, location_name: "Policy"))
|
@@ -50,9 +50,6 @@ module Aws::KMS
|
|
50
50
|
|
51
51
|
def initialize(options = {})
|
52
52
|
self[:region] = options[:region]
|
53
|
-
if self[:region].nil?
|
54
|
-
raise ArgumentError, "Missing required EndpointParameter: :region"
|
55
|
-
end
|
56
53
|
self[:use_dual_stack] = options[:use_dual_stack]
|
57
54
|
self[:use_dual_stack] = false if self[:use_dual_stack].nil?
|
58
55
|
if self[:use_dual_stack].nil?
|
@@ -14,36 +14,39 @@ module Aws::KMS
|
|
14
14
|
use_dual_stack = parameters.use_dual_stack
|
15
15
|
use_fips = parameters.use_fips
|
16
16
|
endpoint = parameters.endpoint
|
17
|
-
if
|
18
|
-
if Aws::Endpoints::Matchers.set?(endpoint)
|
19
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
20
|
-
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
21
|
-
end
|
22
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
23
|
-
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
24
|
-
end
|
25
|
-
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
26
|
-
end
|
27
|
-
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
28
|
-
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
29
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
30
|
-
end
|
31
|
-
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
32
|
-
end
|
17
|
+
if Aws::Endpoints::Matchers.set?(endpoint)
|
33
18
|
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
34
|
-
|
35
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
36
|
-
end
|
37
|
-
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
19
|
+
raise ArgumentError, "Invalid Configuration: FIPS and custom endpoint are not supported"
|
38
20
|
end
|
39
21
|
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
40
|
-
|
41
|
-
|
22
|
+
raise ArgumentError, "Invalid Configuration: Dualstack and custom endpoint are not supported"
|
23
|
+
end
|
24
|
+
return Aws::Endpoints::Endpoint.new(url: endpoint, headers: {}, properties: {})
|
25
|
+
end
|
26
|
+
if Aws::Endpoints::Matchers.set?(region)
|
27
|
+
if (partition_result = Aws::Endpoints::Matchers.aws_partition(region))
|
28
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true) && Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
29
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS")) && Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
30
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
31
|
+
end
|
32
|
+
raise ArgumentError, "FIPS and DualStack are enabled, but this partition does not support one or both"
|
33
|
+
end
|
34
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_fips, true)
|
35
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsFIPS"))
|
36
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms-fips.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
37
|
+
end
|
38
|
+
raise ArgumentError, "FIPS is enabled but this partition does not support FIPS"
|
39
|
+
end
|
40
|
+
if Aws::Endpoints::Matchers.boolean_equals?(use_dual_stack, true)
|
41
|
+
if Aws::Endpoints::Matchers.boolean_equals?(true, Aws::Endpoints::Matchers.attr(partition_result, "supportsDualStack"))
|
42
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dualStackDnsSuffix']}", headers: {}, properties: {})
|
43
|
+
end
|
44
|
+
raise ArgumentError, "DualStack is enabled but this partition does not support DualStack"
|
42
45
|
end
|
43
|
-
|
46
|
+
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
44
47
|
end
|
45
|
-
return Aws::Endpoints::Endpoint.new(url: "https://kms.#{region}.#{partition_result['dnsSuffix']}", headers: {}, properties: {})
|
46
48
|
end
|
49
|
+
raise ArgumentError, "Invalid Configuration: Missing Region"
|
47
50
|
raise ArgumentError, 'No endpoint could be resolved'
|
48
51
|
|
49
52
|
end
|