aws-sdk-kms 1.77.0 → 1.79.0

data/lib/aws-sdk-kms/client_api.rb

@@ -31,6 +31,7 @@ module Aws::KMS
     CloudHsmClusterNotActiveException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotActiveException')
     CloudHsmClusterNotFoundException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotFoundException')
     CloudHsmClusterNotRelatedException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotRelatedException')
+    ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
     ConnectCustomKeyStoreRequest = Shapes::StructureShape.new(name: 'ConnectCustomKeyStoreRequest')
     ConnectCustomKeyStoreResponse = Shapes::StructureShape.new(name: 'ConnectCustomKeyStoreResponse')
     ConnectionErrorCodeType = Shapes::StringShape.new(name: 'ConnectionErrorCodeType')
@@ -150,6 +151,8 @@ module Aws::KMS
     ListGrantsResponse = Shapes::StructureShape.new(name: 'ListGrantsResponse')
     ListKeyPoliciesRequest = Shapes::StructureShape.new(name: 'ListKeyPoliciesRequest')
     ListKeyPoliciesResponse = Shapes::StructureShape.new(name: 'ListKeyPoliciesResponse')
+    ListKeyRotationsRequest = Shapes::StructureShape.new(name: 'ListKeyRotationsRequest')
+    ListKeyRotationsResponse = Shapes::StructureShape.new(name: 'ListKeyRotationsResponse')
     ListKeysRequest = Shapes::StructureShape.new(name: 'ListKeysRequest')
     ListKeysResponse = Shapes::StructureShape.new(name: 'ListKeysResponse')
     ListResourceTagsRequest = Shapes::StructureShape.new(name: 'ListResourceTagsRequest')
@@ -184,6 +187,12 @@ module Aws::KMS
     ReplicateKeyResponse = Shapes::StructureShape.new(name: 'ReplicateKeyResponse')
     RetireGrantRequest = Shapes::StructureShape.new(name: 'RetireGrantRequest')
     RevokeGrantRequest = Shapes::StructureShape.new(name: 'RevokeGrantRequest')
+    RotateKeyOnDemandRequest = Shapes::StructureShape.new(name: 'RotateKeyOnDemandRequest')
+    RotateKeyOnDemandResponse = Shapes::StructureShape.new(name: 'RotateKeyOnDemandResponse')
+    RotationPeriodInDaysType = Shapes::IntegerShape.new(name: 'RotationPeriodInDaysType')
+    RotationType = Shapes::StringShape.new(name: 'RotationType')
+    RotationsList = Shapes::ListShape.new(name: 'RotationsList')
+    RotationsListEntry = Shapes::StructureShape.new(name: 'RotationsListEntry')
     ScheduleKeyDeletionRequest = Shapes::StructureShape.new(name: 'ScheduleKeyDeletionRequest')
     ScheduleKeyDeletionResponse = Shapes::StructureShape.new(name: 'ScheduleKeyDeletionResponse')
     SignRequest = Shapes::StructureShape.new(name: 'SignRequest')
@@ -266,6 +275,9 @@ module Aws::KMS
     CloudHsmClusterNotRelatedException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessageType, location_name: "message"))
     CloudHsmClusterNotRelatedException.struct_class = Types::CloudHsmClusterNotRelatedException
 
+    ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessageType, location_name: "message"))
+    ConflictException.struct_class = Types::ConflictException
+
     ConnectCustomKeyStoreRequest.add_member(:custom_key_store_id, Shapes::ShapeRef.new(shape: CustomKeyStoreIdType, required: true, location_name: "CustomKeyStoreId"))
     ConnectCustomKeyStoreRequest.struct_class = Types::ConnectCustomKeyStoreRequest
 
@@ -413,6 +425,7 @@ module Aws::KMS
     EnableKeyRequest.struct_class = Types::EnableKeyRequest
 
     EnableKeyRotationRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
+    EnableKeyRotationRequest.add_member(:rotation_period_in_days, Shapes::ShapeRef.new(shape: RotationPeriodInDaysType, location_name: "RotationPeriodInDays"))
     EnableKeyRotationRequest.struct_class = Types::EnableKeyRotationRequest
 
     EncryptRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
@@ -514,16 +527,21 @@ module Aws::KMS
     GenerateRandomResponse.struct_class = Types::GenerateRandomResponse
 
     GetKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
-    GetKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, required: true, location_name: "PolicyName"))
+    GetKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
     GetKeyPolicyRequest.struct_class = Types::GetKeyPolicyRequest
 
     GetKeyPolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, location_name: "Policy"))
+    GetKeyPolicyResponse.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
     GetKeyPolicyResponse.struct_class = Types::GetKeyPolicyResponse
 
     GetKeyRotationStatusRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
     GetKeyRotationStatusRequest.struct_class = Types::GetKeyRotationStatusRequest
 
     GetKeyRotationStatusResponse.add_member(:key_rotation_enabled, Shapes::ShapeRef.new(shape: BooleanType, location_name: "KeyRotationEnabled"))
+    GetKeyRotationStatusResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
+    GetKeyRotationStatusResponse.add_member(:rotation_period_in_days, Shapes::ShapeRef.new(shape: RotationPeriodInDaysType, location_name: "RotationPeriodInDays"))
+    GetKeyRotationStatusResponse.add_member(:next_rotation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "NextRotationDate"))
+    GetKeyRotationStatusResponse.add_member(:on_demand_rotation_start_date, Shapes::ShapeRef.new(shape: DateType, location_name: "OnDemandRotationStartDate"))
     GetKeyRotationStatusResponse.struct_class = Types::GetKeyRotationStatusResponse
 
     GetParametersForImportRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
@@ -695,6 +713,16 @@ module Aws::KMS
     ListKeyPoliciesResponse.add_member(:truncated, Shapes::ShapeRef.new(shape: BooleanType, location_name: "Truncated"))
     ListKeyPoliciesResponse.struct_class = Types::ListKeyPoliciesResponse
 
+    ListKeyRotationsRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
+    ListKeyRotationsRequest.add_member(:limit, Shapes::ShapeRef.new(shape: LimitType, location_name: "Limit"))
+    ListKeyRotationsRequest.add_member(:marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "Marker"))
+    ListKeyRotationsRequest.struct_class = Types::ListKeyRotationsRequest
+
+    ListKeyRotationsResponse.add_member(:rotations, Shapes::ShapeRef.new(shape: RotationsList, location_name: "Rotations"))
+    ListKeyRotationsResponse.add_member(:next_marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "NextMarker"))
+    ListKeyRotationsResponse.add_member(:truncated, Shapes::ShapeRef.new(shape: BooleanType, location_name: "Truncated"))
+    ListKeyRotationsResponse.struct_class = Types::ListKeyRotationsResponse
+
     ListKeysRequest.add_member(:limit, Shapes::ShapeRef.new(shape: LimitType, location_name: "Limit"))
     ListKeysRequest.add_member(:marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "Marker"))
     ListKeysRequest.struct_class = Types::ListKeysRequest
@@ -741,7 +769,7 @@ module Aws::KMS
     PolicyNameList.member = Shapes::ShapeRef.new(shape: PolicyNameType)
 
     PutKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
-    PutKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, required: true, location_name: "PolicyName"))
+    PutKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
     PutKeyPolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, required: true, location_name: "Policy"))
     PutKeyPolicyRequest.add_member(:bypass_policy_lockout_safety_check, Shapes::ShapeRef.new(shape: BooleanType, location_name: "BypassPolicyLockoutSafetyCheck"))
     PutKeyPolicyRequest.struct_class = Types::PutKeyPolicyRequest
@@ -792,6 +820,19 @@ module Aws::KMS
     RevokeGrantRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: NullableBooleanType, location_name: "DryRun"))
     RevokeGrantRequest.struct_class = Types::RevokeGrantRequest
 
+    RotateKeyOnDemandRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
+    RotateKeyOnDemandRequest.struct_class = Types::RotateKeyOnDemandRequest
+
+    RotateKeyOnDemandResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
+    RotateKeyOnDemandResponse.struct_class = Types::RotateKeyOnDemandResponse
+
+    RotationsList.member = Shapes::ShapeRef.new(shape: RotationsListEntry)
+
+    RotationsListEntry.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
+    RotationsListEntry.add_member(:rotation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "RotationDate"))
+    RotationsListEntry.add_member(:rotation_type, Shapes::ShapeRef.new(shape: RotationType, location_name: "RotationType"))
+    RotationsListEntry.struct_class = Types::RotationsListEntry
+
     ScheduleKeyDeletionRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
     ScheduleKeyDeletionRequest.add_member(:pending_window_in_days, Shapes::ShapeRef.new(shape: PendingWindowInDaysType, location_name: "PendingWindowInDays"))
     ScheduleKeyDeletionRequest.struct_class = Types::ScheduleKeyDeletionRequest
@@ -1131,6 +1172,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
         o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1423,6 +1465,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1444,6 +1487,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
         o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1463,6 +1507,28 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
         o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
+          limit_key: "limit",
+          tokens: {
+            "next_marker" => "marker"
+          }
+        )
+      end)
+
+      api.add_operation(:list_key_rotations, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "ListKeyRotations"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: ListKeyRotationsRequest)
+        o.output = Shapes::ShapeRef.new(shape: ListKeyRotationsResponse)
+        o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
+        o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
+        o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1480,6 +1546,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1498,6 +1565,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
         o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1517,6 +1585,7 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
         o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
         o[:pager] = Aws::Pager.new(
+          more_results: "truncated",
           limit_key: "limit",
           tokens: {
             "next_marker" => "marker"
@@ -1608,6 +1677,23 @@ module Aws::KMS
         o.errors << Shapes::ShapeRef.new(shape: DryRunOperationException)
       end)
 
+      api.add_operation(:rotate_key_on_demand, Seahorse::Model::Operation.new.tap do |o|
+        o.name = "RotateKeyOnDemand"
+        o.http_method = "POST"
+        o.http_request_uri = "/"
+        o.input = Shapes::ShapeRef.new(shape: RotateKeyOnDemandRequest)
+        o.output = Shapes::ShapeRef.new(shape: RotateKeyOnDemandResponse)
+        o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
+        o.errors << Shapes::ShapeRef.new(shape: DisabledException)
+        o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
+        o.errors << Shapes::ShapeRef.new(shape: DependencyTimeoutException)
+        o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
+        o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
+        o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
+        o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
+        o.errors << Shapes::ShapeRef.new(shape: ConflictException)
+      end)
+
       api.add_operation(:schedule_key_deletion, Seahorse::Model::Operation.new.tap do |o|
         o.name = "ScheduleKeyDeletion"
         o.http_method = "POST"

data/lib/aws-sdk-kms/endpoints.rb

@@ -460,6 +460,20 @@ module Aws::KMS
       end
     end
 
+    class ListKeyRotations
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::KMS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class ListKeys
       def self.build(context)
         unless context.config.regional_endpoint
@@ -572,6 +586,20 @@ module Aws::KMS
       end
     end
 
+    class RotateKeyOnDemand
+      def self.build(context)
+        unless context.config.regional_endpoint
+          endpoint = context.config.endpoint.to_s
+        end
+        Aws::KMS::EndpointParameters.new(
+          region: context.config.region,
+          use_dual_stack: context.config.use_dualstack_endpoint,
+          use_fips: context.config.use_fips_endpoint,
+          endpoint: endpoint,
+        )
+      end
+    end
+
     class ScheduleKeyDeletion
       def self.build(context)
         unless context.config.regional_endpoint

data/lib/aws-sdk-kms/errors.rb

@@ -33,6 +33,7 @@ module Aws::KMS
   # * {CloudHsmClusterNotActiveException}
   # * {CloudHsmClusterNotFoundException}
   # * {CloudHsmClusterNotRelatedException}
+  # * {ConflictException}
   # * {CustomKeyStoreHasCMKsException}
   # * {CustomKeyStoreInvalidStateException}
   # * {CustomKeyStoreNameInUseException}
@@ -171,6 +172,21 @@ module Aws::KMS
       end
     end
 
+    class ConflictException < ServiceError
+
+      # @param [Seahorse::Client::RequestContext] context
+      # @param [String] message
+      # @param [Aws::KMS::Types::ConflictException] data
+      def initialize(context, message, data = Aws::EmptyStructure.new)
+        super(context, message, data)
+      end
+
+      # @return [String]
+      def message
+        @message || @data[:message]
+      end
+    end
+
     class CustomKeyStoreHasCMKsException < ServiceError
 
       # @param [Seahorse::Client::RequestContext] context

data/lib/aws-sdk-kms/plugins/endpoints.rb

@@ -122,6 +122,8 @@ module Aws::KMS
             Aws::KMS::Endpoints::ListGrants.build(context)
           when :list_key_policies
             Aws::KMS::Endpoints::ListKeyPolicies.build(context)
+          when :list_key_rotations
+            Aws::KMS::Endpoints::ListKeyRotations.build(context)
           when :list_keys
             Aws::KMS::Endpoints::ListKeys.build(context)
           when :list_resource_tags
@@ -138,6 +140,8 @@ module Aws::KMS
             Aws::KMS::Endpoints::RetireGrant.build(context)
           when :revoke_grant
             Aws::KMS::Endpoints::RevokeGrant.build(context)
+          when :rotate_key_on_demand
+            Aws::KMS::Endpoints::RotateKeyOnDemand.build(context)
           when :schedule_key_deletion
             Aws::KMS::Endpoints::ScheduleKeyDeletion.build(context)
           when :sign

data/lib/aws-sdk-kms/types.rb

@@ -242,6 +242,21 @@ module Aws::KMS
       include Aws::Structure
     end
 
+    # The request was rejected because an automatic rotation of this key is
+    # currently in progress or scheduled to begin within the next 20
+    # minutes.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ConflictException AWS API Documentation
+    #
+    class ConflictException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] custom_key_store_id
     #   Enter the key store ID of the custom key store that you want to
     #   connect. To find the ID of a custom key store, use the
@@ -1801,8 +1816,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DescribeCustomKeyStoresResponse AWS API Documentation
@@ -2036,10 +2051,31 @@ module Aws::KMS
     #   [5]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
     #   @return [String]
     #
+    # @!attribute [rw] rotation_period_in_days
+    #   Use this parameter to specify a custom period of time between each
+    #   rotation date. If no value is specified, the default value is 365
+    #   days.
+    #
+    #   The rotation period defines the number of days after you enable
+    #   automatic key rotation that KMS will rotate your key material, and
+    #   the number of days between each automatic rotation thereafter.
+    #
+    #   You can use the [ `kms:RotationPeriodInDays` ][1] condition key to
+    #   further constrain the values that principals can specify in the
+    #   `RotationPeriodInDays` parameter.
+    #
+    #
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days
+    #   @return [Integer]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKeyRotationRequest AWS API Documentation
     #
     class EnableKeyRotationRequest < Struct.new(
-      :key_id)
+      :key_id,
+      :rotation_period_in_days)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3048,7 +3084,8 @@ module Aws::KMS
     #   @return [String]
     #
     # @!attribute [rw] policy_name
-    #   Specifies the name of the key policy. The only valid name is
+    #   Specifies the name of the key policy. If no policy name is
+    #   specified, the default value is `default`. The only valid name is
     #   `default`. To get the names of key policies, use ListKeyPolicies.
     #   @return [String]
     #
@@ -3065,10 +3102,15 @@ module Aws::KMS
     #   A key policy document in JSON format.
     #   @return [String]
     #
+    # @!attribute [rw] policy_name
+    #   The name of the key policy. The only valid value is `default`.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyResponse AWS API Documentation
     #
     class GetKeyPolicyResponse < Struct.new(
-      :policy)
+      :policy,
+      :policy_name)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -3103,10 +3145,42 @@ module Aws::KMS
     #   A Boolean value that specifies whether key rotation is enabled.
     #   @return [Boolean]
     #
+    # @!attribute [rw] key_id
+    #   Identifies the specified symmetric encryption KMS key.
+    #   @return [String]
+    #
+    # @!attribute [rw] rotation_period_in_days
+    #   The number of days between each automatic rotation. The default
+    #   value is 365 days.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] next_rotation_date
+    #   The next date that KMS will automatically rotate the key material.
+    #   @return [Time]
+    #
+    # @!attribute [rw] on_demand_rotation_start_date
+    #   Identifies the date and time that an in progress on-demand rotation
+    #   was initiated.
+    #
+    #   The KMS API follows an [eventual consistency][1] model due to the
+    #   distributed nature of the system. As a result, there might be a
+    #   slight delay between initiating on-demand key rotation and the
+    #   rotation's completion. Once the on-demand rotation is complete, use
+    #   ListKeyRotations to view the details of the on-demand rotation.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
+    #   @return [Time]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyRotationStatusResponse AWS API Documentation
     #
     class GetKeyRotationStatusResponse < Struct.new(
-      :key_rotation_enabled)
+      :key_rotation_enabled,
+      :key_id,
+      :rotation_period_in_days,
+      :next_rotation_date,
+      :on_demand_rotation_start_date)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -4210,8 +4284,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListAliasesResponse AWS API Documentation
@@ -4293,8 +4367,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListGrantsResponse AWS API Documentation
@@ -4363,8 +4437,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyPoliciesResponse AWS API Documentation
@@ -4377,6 +4451,74 @@ module Aws::KMS
       include Aws::Structure
     end
 
+    # @!attribute [rw] key_id
+    #   Gets the key rotations for the specified KMS key.
+    #
+    #   Specify the key ID or key ARN of the KMS key.
+    #
+    #   For example:
+    #
+    #   * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Key ARN:
+    #     `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   To get the key ID and key ARN for a KMS key, use ListKeys or
+    #   DescribeKey.
+    #   @return [String]
+    #
+    # @!attribute [rw] limit
+    #   Use this parameter to specify the maximum number of items to return.
+    #   When this value is present, KMS does not return more than the
+    #   specified number of items, but it might return fewer.
+    #
+    #   This value is optional. If you include a value, it must be between 1
+    #   and 1000, inclusive. If you do not include a value, it defaults to
+    #   100.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] marker
+    #   Use this parameter in a subsequent request after you receive a
+    #   response with truncated results. Set it to the value of `NextMarker`
+    #   from the truncated response you just received.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyRotationsRequest AWS API Documentation
+    #
+    class ListKeyRotationsRequest < Struct.new(
+      :key_id,
+      :limit,
+      :marker)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] rotations
+    #   A list of completed key material rotations.
+    #   @return [Array<Types::RotationsListEntry>]
+    #
+    # @!attribute [rw] next_marker
+    #   When `Truncated` is true, this element is present and contains the
+    #   value to use for the `Marker` parameter in a subsequent request.
+    #   @return [String]
+    #
+    # @!attribute [rw] truncated
+    #   A flag that indicates whether there are more items in the list. When
+    #   this value is true, the list in this response is truncated. To get
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
+    #   @return [Boolean]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyRotationsResponse AWS API Documentation
+    #
+    class ListKeyRotationsResponse < Struct.new(
+      :rotations,
+      :next_marker,
+      :truncated)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] limit
     #   Use this parameter to specify the maximum number of items to return.
     #   When this value is present, KMS does not return more than the
@@ -4414,8 +4556,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeysResponse AWS API Documentation
@@ -4496,8 +4638,8 @@ module Aws::KMS
     # @!attribute [rw] truncated
     #   A flag that indicates whether there are more items in the list. When
     #   this value is true, the list in this response is truncated. To get
-    #   more items, pass the value of the `NextMarker` element in
-    #   thisresponse to the `Marker` parameter in a subsequent request.
+    #   more items, pass the value of the `NextMarker` element in this
+    #   response to the `Marker` parameter in a subsequent request.
     #   @return [Boolean]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListResourceTagsResponse AWS API Documentation
@@ -4650,7 +4792,8 @@ module Aws::KMS
     #   @return [String]
     #
     # @!attribute [rw] policy_name
-    #   The name of the key policy. The only valid value is `default`.
+    #   The name of the key policy. If no policy name is specified, the
+    #   default value is `default`. The only valid value is `default`.
     #   @return [String]
     #
     # @!attribute [rw] policy
@@ -5320,6 +5463,87 @@ module Aws::KMS
       include Aws::Structure
     end
 
+    # @!attribute [rw] key_id
+    #   Identifies a symmetric encryption KMS key. You cannot perform
+    #   on-demand rotation of [asymmetric KMS keys][1], [HMAC KMS keys][2],
+    #   KMS keys with [imported key material][3], or KMS keys in a [custom
+    #   key store][4]. To perform on-demand rotation of a set of related
+    #   [multi-Region keys][5], invoke the on-demand rotation on the primary
+    #   key.
+    #
+    #   Specify the key ID or key ARN of the KMS key.
+    #
+    #   For example:
+    #
+    #   * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Key ARN:
+    #     `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   To get the key ID and key ARN for a KMS key, use ListKeys or
+    #   DescribeKey.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
+    #   [2]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
+    #   [3]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
+    #   [4]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
+    #   [5]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotateKeyOnDemandRequest AWS API Documentation
+    #
+    class RotateKeyOnDemandRequest < Struct.new(
+      :key_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] key_id
+    #   Identifies the symmetric encryption KMS key that you initiated
+    #   on-demand rotation on.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotateKeyOnDemandResponse AWS API Documentation
+    #
+    class RotateKeyOnDemandResponse < Struct.new(
+      :key_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # Contains information about completed key material rotations.
+    #
+    # @!attribute [rw] key_id
+    #   Unique identifier of the key.
+    #   @return [String]
+    #
+    # @!attribute [rw] rotation_date
+    #   Date and time that the key material rotation completed. Formatted as
+    #   Unix time.
+    #   @return [Time]
+    #
+    # @!attribute [rw] rotation_type
+    #   Identifies whether the key material rotation was a scheduled
+    #   [automatic rotation][1] or an [on-demand rotation][2].
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-enable-disable
+    #   [2]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-on-demand
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotationsListEntry AWS API Documentation
+    #
+    class RotationsListEntry < Struct.new(
+      :key_id,
+      :rotation_date,
+      :rotation_type)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] key_id
     #   The unique identifier of the KMS key to delete.
     #

data/lib/aws-sdk-kms.rb

@@ -52,6 +52,6 @@ require_relative 'aws-sdk-kms/customizations'
 # @!group service
 module Aws::KMS
 
-  GEM_VERSION = '1.77.0'
+  GEM_VERSION = '1.79.0'
 
 end