aws-sdk-kms 1.77.0 → 1.79.0

Sign up to get free protection for your applications and to get access to all the features.
@@ -31,6 +31,7 @@ module Aws::KMS
31
31
  CloudHsmClusterNotActiveException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotActiveException')
32
32
  CloudHsmClusterNotFoundException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotFoundException')
33
33
  CloudHsmClusterNotRelatedException = Shapes::StructureShape.new(name: 'CloudHsmClusterNotRelatedException')
34
+ ConflictException = Shapes::StructureShape.new(name: 'ConflictException')
34
35
  ConnectCustomKeyStoreRequest = Shapes::StructureShape.new(name: 'ConnectCustomKeyStoreRequest')
35
36
  ConnectCustomKeyStoreResponse = Shapes::StructureShape.new(name: 'ConnectCustomKeyStoreResponse')
36
37
  ConnectionErrorCodeType = Shapes::StringShape.new(name: 'ConnectionErrorCodeType')
@@ -150,6 +151,8 @@ module Aws::KMS
150
151
  ListGrantsResponse = Shapes::StructureShape.new(name: 'ListGrantsResponse')
151
152
  ListKeyPoliciesRequest = Shapes::StructureShape.new(name: 'ListKeyPoliciesRequest')
152
153
  ListKeyPoliciesResponse = Shapes::StructureShape.new(name: 'ListKeyPoliciesResponse')
154
+ ListKeyRotationsRequest = Shapes::StructureShape.new(name: 'ListKeyRotationsRequest')
155
+ ListKeyRotationsResponse = Shapes::StructureShape.new(name: 'ListKeyRotationsResponse')
153
156
  ListKeysRequest = Shapes::StructureShape.new(name: 'ListKeysRequest')
154
157
  ListKeysResponse = Shapes::StructureShape.new(name: 'ListKeysResponse')
155
158
  ListResourceTagsRequest = Shapes::StructureShape.new(name: 'ListResourceTagsRequest')
@@ -184,6 +187,12 @@ module Aws::KMS
184
187
  ReplicateKeyResponse = Shapes::StructureShape.new(name: 'ReplicateKeyResponse')
185
188
  RetireGrantRequest = Shapes::StructureShape.new(name: 'RetireGrantRequest')
186
189
  RevokeGrantRequest = Shapes::StructureShape.new(name: 'RevokeGrantRequest')
190
+ RotateKeyOnDemandRequest = Shapes::StructureShape.new(name: 'RotateKeyOnDemandRequest')
191
+ RotateKeyOnDemandResponse = Shapes::StructureShape.new(name: 'RotateKeyOnDemandResponse')
192
+ RotationPeriodInDaysType = Shapes::IntegerShape.new(name: 'RotationPeriodInDaysType')
193
+ RotationType = Shapes::StringShape.new(name: 'RotationType')
194
+ RotationsList = Shapes::ListShape.new(name: 'RotationsList')
195
+ RotationsListEntry = Shapes::StructureShape.new(name: 'RotationsListEntry')
187
196
  ScheduleKeyDeletionRequest = Shapes::StructureShape.new(name: 'ScheduleKeyDeletionRequest')
188
197
  ScheduleKeyDeletionResponse = Shapes::StructureShape.new(name: 'ScheduleKeyDeletionResponse')
189
198
  SignRequest = Shapes::StructureShape.new(name: 'SignRequest')
@@ -266,6 +275,9 @@ module Aws::KMS
266
275
  CloudHsmClusterNotRelatedException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessageType, location_name: "message"))
267
276
  CloudHsmClusterNotRelatedException.struct_class = Types::CloudHsmClusterNotRelatedException
268
277
 
278
+ ConflictException.add_member(:message, Shapes::ShapeRef.new(shape: ErrorMessageType, location_name: "message"))
279
+ ConflictException.struct_class = Types::ConflictException
280
+
269
281
  ConnectCustomKeyStoreRequest.add_member(:custom_key_store_id, Shapes::ShapeRef.new(shape: CustomKeyStoreIdType, required: true, location_name: "CustomKeyStoreId"))
270
282
  ConnectCustomKeyStoreRequest.struct_class = Types::ConnectCustomKeyStoreRequest
271
283
 
@@ -413,6 +425,7 @@ module Aws::KMS
413
425
  EnableKeyRequest.struct_class = Types::EnableKeyRequest
414
426
 
415
427
  EnableKeyRotationRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
428
+ EnableKeyRotationRequest.add_member(:rotation_period_in_days, Shapes::ShapeRef.new(shape: RotationPeriodInDaysType, location_name: "RotationPeriodInDays"))
416
429
  EnableKeyRotationRequest.struct_class = Types::EnableKeyRotationRequest
417
430
 
418
431
  EncryptRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
@@ -514,16 +527,21 @@ module Aws::KMS
514
527
  GenerateRandomResponse.struct_class = Types::GenerateRandomResponse
515
528
 
516
529
  GetKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
517
- GetKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, required: true, location_name: "PolicyName"))
530
+ GetKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
518
531
  GetKeyPolicyRequest.struct_class = Types::GetKeyPolicyRequest
519
532
 
520
533
  GetKeyPolicyResponse.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, location_name: "Policy"))
534
+ GetKeyPolicyResponse.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
521
535
  GetKeyPolicyResponse.struct_class = Types::GetKeyPolicyResponse
522
536
 
523
537
  GetKeyRotationStatusRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
524
538
  GetKeyRotationStatusRequest.struct_class = Types::GetKeyRotationStatusRequest
525
539
 
526
540
  GetKeyRotationStatusResponse.add_member(:key_rotation_enabled, Shapes::ShapeRef.new(shape: BooleanType, location_name: "KeyRotationEnabled"))
541
+ GetKeyRotationStatusResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
542
+ GetKeyRotationStatusResponse.add_member(:rotation_period_in_days, Shapes::ShapeRef.new(shape: RotationPeriodInDaysType, location_name: "RotationPeriodInDays"))
543
+ GetKeyRotationStatusResponse.add_member(:next_rotation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "NextRotationDate"))
544
+ GetKeyRotationStatusResponse.add_member(:on_demand_rotation_start_date, Shapes::ShapeRef.new(shape: DateType, location_name: "OnDemandRotationStartDate"))
527
545
  GetKeyRotationStatusResponse.struct_class = Types::GetKeyRotationStatusResponse
528
546
 
529
547
  GetParametersForImportRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
@@ -695,6 +713,16 @@ module Aws::KMS
695
713
  ListKeyPoliciesResponse.add_member(:truncated, Shapes::ShapeRef.new(shape: BooleanType, location_name: "Truncated"))
696
714
  ListKeyPoliciesResponse.struct_class = Types::ListKeyPoliciesResponse
697
715
 
716
+ ListKeyRotationsRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
717
+ ListKeyRotationsRequest.add_member(:limit, Shapes::ShapeRef.new(shape: LimitType, location_name: "Limit"))
718
+ ListKeyRotationsRequest.add_member(:marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "Marker"))
719
+ ListKeyRotationsRequest.struct_class = Types::ListKeyRotationsRequest
720
+
721
+ ListKeyRotationsResponse.add_member(:rotations, Shapes::ShapeRef.new(shape: RotationsList, location_name: "Rotations"))
722
+ ListKeyRotationsResponse.add_member(:next_marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "NextMarker"))
723
+ ListKeyRotationsResponse.add_member(:truncated, Shapes::ShapeRef.new(shape: BooleanType, location_name: "Truncated"))
724
+ ListKeyRotationsResponse.struct_class = Types::ListKeyRotationsResponse
725
+
698
726
  ListKeysRequest.add_member(:limit, Shapes::ShapeRef.new(shape: LimitType, location_name: "Limit"))
699
727
  ListKeysRequest.add_member(:marker, Shapes::ShapeRef.new(shape: MarkerType, location_name: "Marker"))
700
728
  ListKeysRequest.struct_class = Types::ListKeysRequest
@@ -741,7 +769,7 @@ module Aws::KMS
741
769
  PolicyNameList.member = Shapes::ShapeRef.new(shape: PolicyNameType)
742
770
 
743
771
  PutKeyPolicyRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
744
- PutKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, required: true, location_name: "PolicyName"))
772
+ PutKeyPolicyRequest.add_member(:policy_name, Shapes::ShapeRef.new(shape: PolicyNameType, location_name: "PolicyName"))
745
773
  PutKeyPolicyRequest.add_member(:policy, Shapes::ShapeRef.new(shape: PolicyType, required: true, location_name: "Policy"))
746
774
  PutKeyPolicyRequest.add_member(:bypass_policy_lockout_safety_check, Shapes::ShapeRef.new(shape: BooleanType, location_name: "BypassPolicyLockoutSafetyCheck"))
747
775
  PutKeyPolicyRequest.struct_class = Types::PutKeyPolicyRequest
@@ -792,6 +820,19 @@ module Aws::KMS
792
820
  RevokeGrantRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: NullableBooleanType, location_name: "DryRun"))
793
821
  RevokeGrantRequest.struct_class = Types::RevokeGrantRequest
794
822
 
823
+ RotateKeyOnDemandRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
824
+ RotateKeyOnDemandRequest.struct_class = Types::RotateKeyOnDemandRequest
825
+
826
+ RotateKeyOnDemandResponse.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
827
+ RotateKeyOnDemandResponse.struct_class = Types::RotateKeyOnDemandResponse
828
+
829
+ RotationsList.member = Shapes::ShapeRef.new(shape: RotationsListEntry)
830
+
831
+ RotationsListEntry.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, location_name: "KeyId"))
832
+ RotationsListEntry.add_member(:rotation_date, Shapes::ShapeRef.new(shape: DateType, location_name: "RotationDate"))
833
+ RotationsListEntry.add_member(:rotation_type, Shapes::ShapeRef.new(shape: RotationType, location_name: "RotationType"))
834
+ RotationsListEntry.struct_class = Types::RotationsListEntry
835
+
795
836
  ScheduleKeyDeletionRequest.add_member(:key_id, Shapes::ShapeRef.new(shape: KeyIdType, required: true, location_name: "KeyId"))
796
837
  ScheduleKeyDeletionRequest.add_member(:pending_window_in_days, Shapes::ShapeRef.new(shape: PendingWindowInDaysType, location_name: "PendingWindowInDays"))
797
838
  ScheduleKeyDeletionRequest.struct_class = Types::ScheduleKeyDeletionRequest
@@ -1131,6 +1172,7 @@ module Aws::KMS
1131
1172
  o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
1132
1173
  o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1133
1174
  o[:pager] = Aws::Pager.new(
1175
+ more_results: "truncated",
1134
1176
  limit_key: "limit",
1135
1177
  tokens: {
1136
1178
  "next_marker" => "marker"
@@ -1423,6 +1465,7 @@ module Aws::KMS
1423
1465
  o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
1424
1466
  o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
1425
1467
  o[:pager] = Aws::Pager.new(
1468
+ more_results: "truncated",
1426
1469
  limit_key: "limit",
1427
1470
  tokens: {
1428
1471
  "next_marker" => "marker"
@@ -1444,6 +1487,7 @@ module Aws::KMS
1444
1487
  o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1445
1488
  o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
1446
1489
  o[:pager] = Aws::Pager.new(
1490
+ more_results: "truncated",
1447
1491
  limit_key: "limit",
1448
1492
  tokens: {
1449
1493
  "next_marker" => "marker"
@@ -1463,6 +1507,28 @@ module Aws::KMS
1463
1507
  o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1464
1508
  o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
1465
1509
  o[:pager] = Aws::Pager.new(
1510
+ more_results: "truncated",
1511
+ limit_key: "limit",
1512
+ tokens: {
1513
+ "next_marker" => "marker"
1514
+ }
1515
+ )
1516
+ end)
1517
+
1518
+ api.add_operation(:list_key_rotations, Seahorse::Model::Operation.new.tap do |o|
1519
+ o.name = "ListKeyRotations"
1520
+ o.http_method = "POST"
1521
+ o.http_request_uri = "/"
1522
+ o.input = Shapes::ShapeRef.new(shape: ListKeyRotationsRequest)
1523
+ o.output = Shapes::ShapeRef.new(shape: ListKeyRotationsResponse)
1524
+ o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
1525
+ o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
1526
+ o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
1527
+ o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1528
+ o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
1529
+ o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
1530
+ o[:pager] = Aws::Pager.new(
1531
+ more_results: "truncated",
1466
1532
  limit_key: "limit",
1467
1533
  tokens: {
1468
1534
  "next_marker" => "marker"
@@ -1480,6 +1546,7 @@ module Aws::KMS
1480
1546
  o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1481
1547
  o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
1482
1548
  o[:pager] = Aws::Pager.new(
1549
+ more_results: "truncated",
1483
1550
  limit_key: "limit",
1484
1551
  tokens: {
1485
1552
  "next_marker" => "marker"
@@ -1498,6 +1565,7 @@ module Aws::KMS
1498
1565
  o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
1499
1566
  o.errors << Shapes::ShapeRef.new(shape: InvalidMarkerException)
1500
1567
  o[:pager] = Aws::Pager.new(
1568
+ more_results: "truncated",
1501
1569
  limit_key: "limit",
1502
1570
  tokens: {
1503
1571
  "next_marker" => "marker"
@@ -1517,6 +1585,7 @@ module Aws::KMS
1517
1585
  o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
1518
1586
  o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1519
1587
  o[:pager] = Aws::Pager.new(
1588
+ more_results: "truncated",
1520
1589
  limit_key: "limit",
1521
1590
  tokens: {
1522
1591
  "next_marker" => "marker"
@@ -1608,6 +1677,23 @@ module Aws::KMS
1608
1677
  o.errors << Shapes::ShapeRef.new(shape: DryRunOperationException)
1609
1678
  end)
1610
1679
 
1680
+ api.add_operation(:rotate_key_on_demand, Seahorse::Model::Operation.new.tap do |o|
1681
+ o.name = "RotateKeyOnDemand"
1682
+ o.http_method = "POST"
1683
+ o.http_request_uri = "/"
1684
+ o.input = Shapes::ShapeRef.new(shape: RotateKeyOnDemandRequest)
1685
+ o.output = Shapes::ShapeRef.new(shape: RotateKeyOnDemandResponse)
1686
+ o.errors << Shapes::ShapeRef.new(shape: NotFoundException)
1687
+ o.errors << Shapes::ShapeRef.new(shape: DisabledException)
1688
+ o.errors << Shapes::ShapeRef.new(shape: InvalidArnException)
1689
+ o.errors << Shapes::ShapeRef.new(shape: DependencyTimeoutException)
1690
+ o.errors << Shapes::ShapeRef.new(shape: KMSInternalException)
1691
+ o.errors << Shapes::ShapeRef.new(shape: KMSInvalidStateException)
1692
+ o.errors << Shapes::ShapeRef.new(shape: UnsupportedOperationException)
1693
+ o.errors << Shapes::ShapeRef.new(shape: LimitExceededException)
1694
+ o.errors << Shapes::ShapeRef.new(shape: ConflictException)
1695
+ end)
1696
+
1611
1697
  api.add_operation(:schedule_key_deletion, Seahorse::Model::Operation.new.tap do |o|
1612
1698
  o.name = "ScheduleKeyDeletion"
1613
1699
  o.http_method = "POST"
@@ -460,6 +460,20 @@ module Aws::KMS
460
460
  end
461
461
  end
462
462
 
463
+ class ListKeyRotations
464
+ def self.build(context)
465
+ unless context.config.regional_endpoint
466
+ endpoint = context.config.endpoint.to_s
467
+ end
468
+ Aws::KMS::EndpointParameters.new(
469
+ region: context.config.region,
470
+ use_dual_stack: context.config.use_dualstack_endpoint,
471
+ use_fips: context.config.use_fips_endpoint,
472
+ endpoint: endpoint,
473
+ )
474
+ end
475
+ end
476
+
463
477
  class ListKeys
464
478
  def self.build(context)
465
479
  unless context.config.regional_endpoint
@@ -572,6 +586,20 @@ module Aws::KMS
572
586
  end
573
587
  end
574
588
 
589
+ class RotateKeyOnDemand
590
+ def self.build(context)
591
+ unless context.config.regional_endpoint
592
+ endpoint = context.config.endpoint.to_s
593
+ end
594
+ Aws::KMS::EndpointParameters.new(
595
+ region: context.config.region,
596
+ use_dual_stack: context.config.use_dualstack_endpoint,
597
+ use_fips: context.config.use_fips_endpoint,
598
+ endpoint: endpoint,
599
+ )
600
+ end
601
+ end
602
+
575
603
  class ScheduleKeyDeletion
576
604
  def self.build(context)
577
605
  unless context.config.regional_endpoint
@@ -33,6 +33,7 @@ module Aws::KMS
33
33
  # * {CloudHsmClusterNotActiveException}
34
34
  # * {CloudHsmClusterNotFoundException}
35
35
  # * {CloudHsmClusterNotRelatedException}
36
+ # * {ConflictException}
36
37
  # * {CustomKeyStoreHasCMKsException}
37
38
  # * {CustomKeyStoreInvalidStateException}
38
39
  # * {CustomKeyStoreNameInUseException}
@@ -171,6 +172,21 @@ module Aws::KMS
171
172
  end
172
173
  end
173
174
 
175
+ class ConflictException < ServiceError
176
+
177
+ # @param [Seahorse::Client::RequestContext] context
178
+ # @param [String] message
179
+ # @param [Aws::KMS::Types::ConflictException] data
180
+ def initialize(context, message, data = Aws::EmptyStructure.new)
181
+ super(context, message, data)
182
+ end
183
+
184
+ # @return [String]
185
+ def message
186
+ @message || @data[:message]
187
+ end
188
+ end
189
+
174
190
  class CustomKeyStoreHasCMKsException < ServiceError
175
191
 
176
192
  # @param [Seahorse::Client::RequestContext] context
@@ -122,6 +122,8 @@ module Aws::KMS
122
122
  Aws::KMS::Endpoints::ListGrants.build(context)
123
123
  when :list_key_policies
124
124
  Aws::KMS::Endpoints::ListKeyPolicies.build(context)
125
+ when :list_key_rotations
126
+ Aws::KMS::Endpoints::ListKeyRotations.build(context)
125
127
  when :list_keys
126
128
  Aws::KMS::Endpoints::ListKeys.build(context)
127
129
  when :list_resource_tags
@@ -138,6 +140,8 @@ module Aws::KMS
138
140
  Aws::KMS::Endpoints::RetireGrant.build(context)
139
141
  when :revoke_grant
140
142
  Aws::KMS::Endpoints::RevokeGrant.build(context)
143
+ when :rotate_key_on_demand
144
+ Aws::KMS::Endpoints::RotateKeyOnDemand.build(context)
141
145
  when :schedule_key_deletion
142
146
  Aws::KMS::Endpoints::ScheduleKeyDeletion.build(context)
143
147
  when :sign
@@ -242,6 +242,21 @@ module Aws::KMS
242
242
  include Aws::Structure
243
243
  end
244
244
 
245
+ # The request was rejected because an automatic rotation of this key is
246
+ # currently in progress or scheduled to begin within the next 20
247
+ # minutes.
248
+ #
249
+ # @!attribute [rw] message
250
+ # @return [String]
251
+ #
252
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ConflictException AWS API Documentation
253
+ #
254
+ class ConflictException < Struct.new(
255
+ :message)
256
+ SENSITIVE = []
257
+ include Aws::Structure
258
+ end
259
+
245
260
  # @!attribute [rw] custom_key_store_id
246
261
  # Enter the key store ID of the custom key store that you want to
247
262
  # connect. To find the ID of a custom key store, use the
@@ -1801,8 +1816,8 @@ module Aws::KMS
1801
1816
  # @!attribute [rw] truncated
1802
1817
  # A flag that indicates whether there are more items in the list. When
1803
1818
  # this value is true, the list in this response is truncated. To get
1804
- # more items, pass the value of the `NextMarker` element in
1805
- # thisresponse to the `Marker` parameter in a subsequent request.
1819
+ # more items, pass the value of the `NextMarker` element in this
1820
+ # response to the `Marker` parameter in a subsequent request.
1806
1821
  # @return [Boolean]
1807
1822
  #
1808
1823
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/DescribeCustomKeyStoresResponse AWS API Documentation
@@ -2036,10 +2051,31 @@ module Aws::KMS
2036
2051
  # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
2037
2052
  # @return [String]
2038
2053
  #
2054
+ # @!attribute [rw] rotation_period_in_days
2055
+ # Use this parameter to specify a custom period of time between each
2056
+ # rotation date. If no value is specified, the default value is 365
2057
+ # days.
2058
+ #
2059
+ # The rotation period defines the number of days after you enable
2060
+ # automatic key rotation that KMS will rotate your key material, and
2061
+ # the number of days between each automatic rotation thereafter.
2062
+ #
2063
+ # You can use the [ `kms:RotationPeriodInDays` ][1] condition key to
2064
+ # further constrain the values that principals can specify in the
2065
+ # `RotationPeriodInDays` parameter.
2066
+ #
2067
+ #
2068
+ #
2069
+ #
2070
+ #
2071
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/conditions-kms.html#conditions-kms-rotation-period-in-days
2072
+ # @return [Integer]
2073
+ #
2039
2074
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/EnableKeyRotationRequest AWS API Documentation
2040
2075
  #
2041
2076
  class EnableKeyRotationRequest < Struct.new(
2042
- :key_id)
2077
+ :key_id,
2078
+ :rotation_period_in_days)
2043
2079
  SENSITIVE = []
2044
2080
  include Aws::Structure
2045
2081
  end
@@ -3048,7 +3084,8 @@ module Aws::KMS
3048
3084
  # @return [String]
3049
3085
  #
3050
3086
  # @!attribute [rw] policy_name
3051
- # Specifies the name of the key policy. The only valid name is
3087
+ # Specifies the name of the key policy. If no policy name is
3088
+ # specified, the default value is `default`. The only valid name is
3052
3089
  # `default`. To get the names of key policies, use ListKeyPolicies.
3053
3090
  # @return [String]
3054
3091
  #
@@ -3065,10 +3102,15 @@ module Aws::KMS
3065
3102
  # A key policy document in JSON format.
3066
3103
  # @return [String]
3067
3104
  #
3105
+ # @!attribute [rw] policy_name
3106
+ # The name of the key policy. The only valid value is `default`.
3107
+ # @return [String]
3108
+ #
3068
3109
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyResponse AWS API Documentation
3069
3110
  #
3070
3111
  class GetKeyPolicyResponse < Struct.new(
3071
- :policy)
3112
+ :policy,
3113
+ :policy_name)
3072
3114
  SENSITIVE = []
3073
3115
  include Aws::Structure
3074
3116
  end
@@ -3103,10 +3145,42 @@ module Aws::KMS
3103
3145
  # A Boolean value that specifies whether key rotation is enabled.
3104
3146
  # @return [Boolean]
3105
3147
  #
3148
+ # @!attribute [rw] key_id
3149
+ # Identifies the specified symmetric encryption KMS key.
3150
+ # @return [String]
3151
+ #
3152
+ # @!attribute [rw] rotation_period_in_days
3153
+ # The number of days between each automatic rotation. The default
3154
+ # value is 365 days.
3155
+ # @return [Integer]
3156
+ #
3157
+ # @!attribute [rw] next_rotation_date
3158
+ # The next date that KMS will automatically rotate the key material.
3159
+ # @return [Time]
3160
+ #
3161
+ # @!attribute [rw] on_demand_rotation_start_date
3162
+ # Identifies the date and time that an in progress on-demand rotation
3163
+ # was initiated.
3164
+ #
3165
+ # The KMS API follows an [eventual consistency][1] model due to the
3166
+ # distributed nature of the system. As a result, there might be a
3167
+ # slight delay between initiating on-demand key rotation and the
3168
+ # rotation's completion. Once the on-demand rotation is complete, use
3169
+ # ListKeyRotations to view the details of the on-demand rotation.
3170
+ #
3171
+ #
3172
+ #
3173
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/programming-eventual-consistency.html
3174
+ # @return [Time]
3175
+ #
3106
3176
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyRotationStatusResponse AWS API Documentation
3107
3177
  #
3108
3178
  class GetKeyRotationStatusResponse < Struct.new(
3109
- :key_rotation_enabled)
3179
+ :key_rotation_enabled,
3180
+ :key_id,
3181
+ :rotation_period_in_days,
3182
+ :next_rotation_date,
3183
+ :on_demand_rotation_start_date)
3110
3184
  SENSITIVE = []
3111
3185
  include Aws::Structure
3112
3186
  end
@@ -4210,8 +4284,8 @@ module Aws::KMS
4210
4284
  # @!attribute [rw] truncated
4211
4285
  # A flag that indicates whether there are more items in the list. When
4212
4286
  # this value is true, the list in this response is truncated. To get
4213
- # more items, pass the value of the `NextMarker` element in
4214
- # thisresponse to the `Marker` parameter in a subsequent request.
4287
+ # more items, pass the value of the `NextMarker` element in this
4288
+ # response to the `Marker` parameter in a subsequent request.
4215
4289
  # @return [Boolean]
4216
4290
  #
4217
4291
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListAliasesResponse AWS API Documentation
@@ -4293,8 +4367,8 @@ module Aws::KMS
4293
4367
  # @!attribute [rw] truncated
4294
4368
  # A flag that indicates whether there are more items in the list. When
4295
4369
  # this value is true, the list in this response is truncated. To get
4296
- # more items, pass the value of the `NextMarker` element in
4297
- # thisresponse to the `Marker` parameter in a subsequent request.
4370
+ # more items, pass the value of the `NextMarker` element in this
4371
+ # response to the `Marker` parameter in a subsequent request.
4298
4372
  # @return [Boolean]
4299
4373
  #
4300
4374
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListGrantsResponse AWS API Documentation
@@ -4363,8 +4437,8 @@ module Aws::KMS
4363
4437
  # @!attribute [rw] truncated
4364
4438
  # A flag that indicates whether there are more items in the list. When
4365
4439
  # this value is true, the list in this response is truncated. To get
4366
- # more items, pass the value of the `NextMarker` element in
4367
- # thisresponse to the `Marker` parameter in a subsequent request.
4440
+ # more items, pass the value of the `NextMarker` element in this
4441
+ # response to the `Marker` parameter in a subsequent request.
4368
4442
  # @return [Boolean]
4369
4443
  #
4370
4444
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyPoliciesResponse AWS API Documentation
@@ -4377,6 +4451,74 @@ module Aws::KMS
4377
4451
  include Aws::Structure
4378
4452
  end
4379
4453
 
4454
+ # @!attribute [rw] key_id
4455
+ # Gets the key rotations for the specified KMS key.
4456
+ #
4457
+ # Specify the key ID or key ARN of the KMS key.
4458
+ #
4459
+ # For example:
4460
+ #
4461
+ # * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
4462
+ #
4463
+ # * Key ARN:
4464
+ # `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
4465
+ #
4466
+ # To get the key ID and key ARN for a KMS key, use ListKeys or
4467
+ # DescribeKey.
4468
+ # @return [String]
4469
+ #
4470
+ # @!attribute [rw] limit
4471
+ # Use this parameter to specify the maximum number of items to return.
4472
+ # When this value is present, KMS does not return more than the
4473
+ # specified number of items, but it might return fewer.
4474
+ #
4475
+ # This value is optional. If you include a value, it must be between 1
4476
+ # and 1000, inclusive. If you do not include a value, it defaults to
4477
+ # 100.
4478
+ # @return [Integer]
4479
+ #
4480
+ # @!attribute [rw] marker
4481
+ # Use this parameter in a subsequent request after you receive a
4482
+ # response with truncated results. Set it to the value of `NextMarker`
4483
+ # from the truncated response you just received.
4484
+ # @return [String]
4485
+ #
4486
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyRotationsRequest AWS API Documentation
4487
+ #
4488
+ class ListKeyRotationsRequest < Struct.new(
4489
+ :key_id,
4490
+ :limit,
4491
+ :marker)
4492
+ SENSITIVE = []
4493
+ include Aws::Structure
4494
+ end
4495
+
4496
+ # @!attribute [rw] rotations
4497
+ # A list of completed key material rotations.
4498
+ # @return [Array<Types::RotationsListEntry>]
4499
+ #
4500
+ # @!attribute [rw] next_marker
4501
+ # When `Truncated` is true, this element is present and contains the
4502
+ # value to use for the `Marker` parameter in a subsequent request.
4503
+ # @return [String]
4504
+ #
4505
+ # @!attribute [rw] truncated
4506
+ # A flag that indicates whether there are more items in the list. When
4507
+ # this value is true, the list in this response is truncated. To get
4508
+ # more items, pass the value of the `NextMarker` element in this
4509
+ # response to the `Marker` parameter in a subsequent request.
4510
+ # @return [Boolean]
4511
+ #
4512
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeyRotationsResponse AWS API Documentation
4513
+ #
4514
+ class ListKeyRotationsResponse < Struct.new(
4515
+ :rotations,
4516
+ :next_marker,
4517
+ :truncated)
4518
+ SENSITIVE = []
4519
+ include Aws::Structure
4520
+ end
4521
+
4380
4522
  # @!attribute [rw] limit
4381
4523
  # Use this parameter to specify the maximum number of items to return.
4382
4524
  # When this value is present, KMS does not return more than the
@@ -4414,8 +4556,8 @@ module Aws::KMS
4414
4556
  # @!attribute [rw] truncated
4415
4557
  # A flag that indicates whether there are more items in the list. When
4416
4558
  # this value is true, the list in this response is truncated. To get
4417
- # more items, pass the value of the `NextMarker` element in
4418
- # thisresponse to the `Marker` parameter in a subsequent request.
4559
+ # more items, pass the value of the `NextMarker` element in this
4560
+ # response to the `Marker` parameter in a subsequent request.
4419
4561
  # @return [Boolean]
4420
4562
  #
4421
4563
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListKeysResponse AWS API Documentation
@@ -4496,8 +4638,8 @@ module Aws::KMS
4496
4638
  # @!attribute [rw] truncated
4497
4639
  # A flag that indicates whether there are more items in the list. When
4498
4640
  # this value is true, the list in this response is truncated. To get
4499
- # more items, pass the value of the `NextMarker` element in
4500
- # thisresponse to the `Marker` parameter in a subsequent request.
4641
+ # more items, pass the value of the `NextMarker` element in this
4642
+ # response to the `Marker` parameter in a subsequent request.
4501
4643
  # @return [Boolean]
4502
4644
  #
4503
4645
  # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/ListResourceTagsResponse AWS API Documentation
@@ -4650,7 +4792,8 @@ module Aws::KMS
4650
4792
  # @return [String]
4651
4793
  #
4652
4794
  # @!attribute [rw] policy_name
4653
- # The name of the key policy. The only valid value is `default`.
4795
+ # The name of the key policy. If no policy name is specified, the
4796
+ # default value is `default`. The only valid value is `default`.
4654
4797
  # @return [String]
4655
4798
  #
4656
4799
  # @!attribute [rw] policy
@@ -5320,6 +5463,87 @@ module Aws::KMS
5320
5463
  include Aws::Structure
5321
5464
  end
5322
5465
 
5466
+ # @!attribute [rw] key_id
5467
+ # Identifies a symmetric encryption KMS key. You cannot perform
5468
+ # on-demand rotation of [asymmetric KMS keys][1], [HMAC KMS keys][2],
5469
+ # KMS keys with [imported key material][3], or KMS keys in a [custom
5470
+ # key store][4]. To perform on-demand rotation of a set of related
5471
+ # [multi-Region keys][5], invoke the on-demand rotation on the primary
5472
+ # key.
5473
+ #
5474
+ # Specify the key ID or key ARN of the KMS key.
5475
+ #
5476
+ # For example:
5477
+ #
5478
+ # * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
5479
+ #
5480
+ # * Key ARN:
5481
+ # `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
5482
+ #
5483
+ # To get the key ID and key ARN for a KMS key, use ListKeys or
5484
+ # DescribeKey.
5485
+ #
5486
+ #
5487
+ #
5488
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
5489
+ # [2]: https://docs.aws.amazon.com/kms/latest/developerguide/hmac.html
5490
+ # [3]: https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html
5491
+ # [4]: https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html
5492
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-rotate
5493
+ # @return [String]
5494
+ #
5495
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotateKeyOnDemandRequest AWS API Documentation
5496
+ #
5497
+ class RotateKeyOnDemandRequest < Struct.new(
5498
+ :key_id)
5499
+ SENSITIVE = []
5500
+ include Aws::Structure
5501
+ end
5502
+
5503
+ # @!attribute [rw] key_id
5504
+ # Identifies the symmetric encryption KMS key that you initiated
5505
+ # on-demand rotation on.
5506
+ # @return [String]
5507
+ #
5508
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotateKeyOnDemandResponse AWS API Documentation
5509
+ #
5510
+ class RotateKeyOnDemandResponse < Struct.new(
5511
+ :key_id)
5512
+ SENSITIVE = []
5513
+ include Aws::Structure
5514
+ end
5515
+
5516
+ # Contains information about completed key material rotations.
5517
+ #
5518
+ # @!attribute [rw] key_id
5519
+ # Unique identifier of the key.
5520
+ # @return [String]
5521
+ #
5522
+ # @!attribute [rw] rotation_date
5523
+ # Date and time that the key material rotation completed. Formatted as
5524
+ # Unix time.
5525
+ # @return [Time]
5526
+ #
5527
+ # @!attribute [rw] rotation_type
5528
+ # Identifies whether the key material rotation was a scheduled
5529
+ # [automatic rotation][1] or an [on-demand rotation][2].
5530
+ #
5531
+ #
5532
+ #
5533
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-enable-disable
5534
+ # [2]: https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotating-keys-on-demand
5535
+ # @return [String]
5536
+ #
5537
+ # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/RotationsListEntry AWS API Documentation
5538
+ #
5539
+ class RotationsListEntry < Struct.new(
5540
+ :key_id,
5541
+ :rotation_date,
5542
+ :rotation_type)
5543
+ SENSITIVE = []
5544
+ include Aws::Structure
5545
+ end
5546
+
5323
5547
  # @!attribute [rw] key_id
5324
5548
  # The unique identifier of the KMS key to delete.
5325
5549
  #
data/lib/aws-sdk-kms.rb CHANGED
@@ -52,6 +52,6 @@ require_relative 'aws-sdk-kms/customizations'
52
52
  # @!group service
53
53
  module Aws::KMS
54
54
 
55
- GEM_VERSION = '1.77.0'
55
+ GEM_VERSION = '1.79.0'
56
56
 
57
57
  end