aws-sdk-kms 1.3.0 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: ccbfd96a2bbd42fa8033c0813d07dfb7081aa59c
-  data.tar.gz: c880a357714e7a9d132d2a2ed3065e97deedf991
+  metadata.gz: 895eb50d5f2eb95892a3f4a91deaac264d30cf3d
+  data.tar.gz: b4e6d8058e2cbb69f6065fb5701c26f154e9c50d
 SHA512:
-  metadata.gz: 6d9dd353274e67852e1e154abd08ed67d3aeb9870567a5b0806da5d7c39574e2000d659f47e0e5efa341a2575719fbf6209206f42d9127fe5d33a473276f00b6
-  data.tar.gz: 1461631a9f78a18a44938c72e794f33b14a4539712bbaaf028ca8cb9563ab271441b2548a1844924ccc6c3ba535f3124ae6f8ac4f4fc38fe70c2d46c09781d10
+  metadata.gz: 4ada9c81d8850c2a1a2d6eed00e3398a6e6a736ba482808d3f26928b73b8b8c433c90ad0d735f349156d2f409619005ce39cb1665087051ddb700b29a4905f80
+  data.tar.gz: 315ff31679a785d1c94c951e0e93f1e3a5b311c59c376be1d3ea5c9a59f2b5512991478d08e1057bb66553dc2c71757c6865eb97238c110444239a16e803fcf9

data/lib/aws-sdk-kms.rb

@@ -42,6 +42,6 @@ require_relative 'aws-sdk-kms/customizations'
 # @service
 module Aws::KMS
 
-  GEM_VERSION = '1.3.0'
+  GEM_VERSION = '1.4.0'
 
 end

data/lib/aws-sdk-kms/client.rb

@@ -476,29 +476,29 @@ module Aws::KMS
     # @option params [String] :policy
     #   The key policy to attach to the CMK.
     #
-    #   If you specify a policy and do not set
-    #   `BypassPolicyLockoutSafetyCheck` to true, the policy must meet the
-    #   following criteria:
+    #   If you provide a key policy, it must meet the following criteria:
     #
-    #   * It must allow the principal that is making the `CreateKey` request
-    #     to make a subsequent PutKeyPolicy request on the CMK. This reduces
-    #     the likelihood that the CMK becomes unmanageable. For more
+    #   * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the key
+    #     policy must allow the principal that is making the `CreateKey`
+    #     request to make a subsequent PutKeyPolicy request on the CMK. This
+    #     reduces the risk that the CMK becomes unmanageable. For more
     #     information, refer to the scenario in the [Default Key Policy][1]
-    #     section in the *AWS Key Management Service Developer Guide*.
+    #     section of the *AWS Key Management Service Developer Guide*.
     #
-    #   * The principals that are specified in the key policy must exist and
-    #     be visible to AWS KMS. When you create a new AWS principal (for
+    #   * Each statement in the key policy must contain one or more
+    #     principals. The principals in the key policy must exist and be
+    #     visible to AWS KMS. When you create a new AWS principal (for
     #     example, an IAM user or role), you might need to enforce a delay
-    #     before specifying the new principal in a key policy because the new
-    #     principal might not immediately be visible to AWS KMS. For more
+    #     before including the new principal in a key policy because the new
+    #     principal might not be immediately visible to AWS KMS. For more
     #     information, see [Changes that I make are not always immediately
-    #     visible][2] in the *IAM User Guide*.
+    #     visible][2] in the *AWS Identity and Access Management User Guide*.
     #
-    #   If you do not specify a policy, AWS KMS attaches a default key policy
-    #   to the CMK. For more information, see [Default Key Policy][3] in the
-    #   *AWS Key Management Service Developer Guide*.
+    #   If you do not provide a key policy, AWS KMS attaches a default key
+    #   policy to the CMK. For more information, see [Default Key Policy][3]
+    #   in the *AWS Key Management Service Developer Guide*.
     #
-    #   The policy size limit is 32 kilobytes (32768 bytes).
+    #   The key policy size limit is 32 kilobytes (32768 bytes).
     #
     #
     #
@@ -537,8 +537,8 @@ module Aws::KMS
     #   A flag to indicate whether to bypass the key policy lockout safety
     #   check.
     #
-    #   Setting this value to true increases the likelihood that the CMK
-    #   becomes unmanageable. Do not set this value to true indiscriminately.
+    #   Setting this value to true increases the risk that the CMK becomes
+    #   unmanageable. Do not set this value to true indiscriminately.
     #
     #    For more information, refer to the scenario in the [Default Key
     #   Policy][1] section in the *AWS Key Management Service Developer
@@ -1576,8 +1576,8 @@ module Aws::KMS
     #   To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
     #
     # @option params [required, String] :policy_name
-    #   Specifies the name of the policy. The only valid name is `default`. To
-    #   get the names of key policies, use ListKeyPolicies.
+    #   Specifies the name of the key policy. The only valid name is
+    #   `default`. To get the names of key policies, use ListKeyPolicies.
     #
     # @return [Types::GetKeyPolicyResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2552,24 +2552,25 @@ module Aws::KMS
     # @option params [required, String] :policy
     #   The key policy to attach to the CMK.
     #
-    #   If you do not set `BypassPolicyLockoutSafetyCheck` to true, the policy
-    #   must meet the following criteria:
+    #   The key policy must meet the following criteria:
     #
-    #   * It must allow the principal that is making the `PutKeyPolicy`
+    #   * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the key
+    #     policy must allow the principal that is making the `PutKeyPolicy`
     #     request to make a subsequent `PutKeyPolicy` request on the CMK. This
-    #     reduces the likelihood that the CMK becomes unmanageable. For more
+    #     reduces the risk that the CMK becomes unmanageable. For more
     #     information, refer to the scenario in the [Default Key Policy][1]
-    #     section in the *AWS Key Management Service Developer Guide*.
+    #     section of the *AWS Key Management Service Developer Guide*.
     #
-    #   * The principals that are specified in the key policy must exist and
-    #     be visible to AWS KMS. When you create a new AWS principal (for
+    #   * Each statement in the key policy must contain one or more
+    #     principals. The principals in the key policy must exist and be
+    #     visible to AWS KMS. When you create a new AWS principal (for
     #     example, an IAM user or role), you might need to enforce a delay
-    #     before specifying the new principal in a key policy because the new
-    #     principal might not immediately be visible to AWS KMS. For more
+    #     before including the new principal in a key policy because the new
+    #     principal might not be immediately visible to AWS KMS. For more
     #     information, see [Changes that I make are not always immediately
-    #     visible][2] in the *IAM User Guide*.
+    #     visible][2] in the *AWS Identity and Access Management User Guide*.
     #
-    #   The policy size limit is 32 kilobytes (32768 bytes).
+    #   The key policy size limit is 32 kilobytes (32768 bytes).
     #
     #
     #
@@ -2580,8 +2581,8 @@ module Aws::KMS
     #   A flag to indicate whether to bypass the key policy lockout safety
     #   check.
     #
-    #   Setting this value to true increases the likelihood that the CMK
-    #   becomes unmanageable. Do not set this value to true indiscriminately.
+    #   Setting this value to true increases the risk that the CMK becomes
+    #   unmanageable. Do not set this value to true indiscriminately.
     #
     #    For more information, refer to the scenario in the [Default Key
     #   Policy][1] section in the *AWS Key Management Service Developer
@@ -3218,7 +3219,7 @@ module Aws::KMS
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-kms'
-      context[:gem_version] = '1.3.0'
+      context[:gem_version] = '1.4.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-kms/types.rb

@@ -287,29 +287,30 @@ module Aws::KMS
     # @!attribute [rw] policy
     #   The key policy to attach to the CMK.
     #
-    #   If you specify a policy and do not set
-    #   `BypassPolicyLockoutSafetyCheck` to true, the policy must meet the
-    #   following criteria:
+    #   If you provide a key policy, it must meet the following criteria:
     #
-    #   * It must allow the principal that is making the `CreateKey` request
-    #     to make a subsequent PutKeyPolicy request on the CMK. This reduces
-    #     the likelihood that the CMK becomes unmanageable. For more
+    #   * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the
+    #     key policy must allow the principal that is making the `CreateKey`
+    #     request to make a subsequent PutKeyPolicy request on the CMK. This
+    #     reduces the risk that the CMK becomes unmanageable. For more
     #     information, refer to the scenario in the [Default Key Policy][1]
-    #     section in the *AWS Key Management Service Developer Guide*.
+    #     section of the *AWS Key Management Service Developer Guide*.
     #
-    #   * The principals that are specified in the key policy must exist and
-    #     be visible to AWS KMS. When you create a new AWS principal (for
+    #   * Each statement in the key policy must contain one or more
+    #     principals. The principals in the key policy must exist and be
+    #     visible to AWS KMS. When you create a new AWS principal (for
     #     example, an IAM user or role), you might need to enforce a delay
-    #     before specifying the new principal in a key policy because the
-    #     new principal might not immediately be visible to AWS KMS. For
-    #     more information, see [Changes that I make are not always
-    #     immediately visible][2] in the *IAM User Guide*.
+    #     before including the new principal in a key policy because the new
+    #     principal might not be immediately visible to AWS KMS. For more
+    #     information, see [Changes that I make are not always immediately
+    #     visible][2] in the *AWS Identity and Access Management User
+    #     Guide*.
     #
-    #   If you do not specify a policy, AWS KMS attaches a default key
+    #   If you do not provide a key policy, AWS KMS attaches a default key
     #   policy to the CMK. For more information, see [Default Key Policy][3]
     #   in the *AWS Key Management Service Developer Guide*.
     #
-    #   The policy size limit is 32 kilobytes (32768 bytes).
+    #   The key policy size limit is 32 kilobytes (32768 bytes).
     #
     #
     #
@@ -353,9 +354,8 @@ module Aws::KMS
     #   A flag to indicate whether to bypass the key policy lockout safety
     #   check.
     #
-    #   Setting this value to true increases the likelihood that the CMK
-    #   becomes unmanageable. Do not set this value to true
-    #   indiscriminately.
+    #   Setting this value to true increases the risk that the CMK becomes
+    #   unmanageable. Do not set this value to true indiscriminately.
     #
     #    For more information, refer to the scenario in the [Default Key
     #   Policy][1] section in the *AWS Key Management Service Developer
@@ -1055,8 +1055,8 @@ module Aws::KMS
     #   @return [String]
     #
     # @!attribute [rw] policy_name
-    #   Specifies the name of the policy. The only valid name is `default`.
-    #   To get the names of key policies, use ListKeyPolicies.
+    #   Specifies the name of the key policy. The only valid name is
+    #   `default`. To get the names of key policies, use ListKeyPolicies.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyRequest AWS API Documentation
@@ -1068,7 +1068,7 @@ module Aws::KMS
     end
 
     # @!attribute [rw] policy
-    #   A policy document in JSON format.
+    #   A key policy document in JSON format.
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/kms-2014-11-01/GetKeyPolicyResponse AWS API Documentation
@@ -1702,8 +1702,8 @@ module Aws::KMS
     end
 
     # @!attribute [rw] policy_names
-    #   A list of policy names. Currently, there is only one policy and it
-    #   is named "Default".
+    #   A list of key policy names. Currently, there is only one key policy
+    #   per CMK and it is always named `default`.
     #   @return [Array<String>]
     #
     # @!attribute [rw] next_marker
@@ -1946,25 +1946,27 @@ module Aws::KMS
     # @!attribute [rw] policy
     #   The key policy to attach to the CMK.
     #
-    #   If you do not set `BypassPolicyLockoutSafetyCheck` to true, the
-    #   policy must meet the following criteria:
+    #   The key policy must meet the following criteria:
     #
-    #   * It must allow the principal that is making the `PutKeyPolicy`
-    #     request to make a subsequent `PutKeyPolicy` request on the CMK.
-    #     This reduces the likelihood that the CMK becomes unmanageable. For
-    #     more information, refer to the scenario in the [Default Key
-    #     Policy][1] section in the *AWS Key Management Service Developer
-    #     Guide*.
+    #   * If you don't set `BypassPolicyLockoutSafetyCheck` to true, the
+    #     key policy must allow the principal that is making the
+    #     `PutKeyPolicy` request to make a subsequent `PutKeyPolicy` request
+    #     on the CMK. This reduces the risk that the CMK becomes
+    #     unmanageable. For more information, refer to the scenario in the
+    #     [Default Key Policy][1] section of the *AWS Key Management Service
+    #     Developer Guide*.
     #
-    #   * The principals that are specified in the key policy must exist and
-    #     be visible to AWS KMS. When you create a new AWS principal (for
+    #   * Each statement in the key policy must contain one or more
+    #     principals. The principals in the key policy must exist and be
+    #     visible to AWS KMS. When you create a new AWS principal (for
     #     example, an IAM user or role), you might need to enforce a delay
-    #     before specifying the new principal in a key policy because the
-    #     new principal might not immediately be visible to AWS KMS. For
-    #     more information, see [Changes that I make are not always
-    #     immediately visible][2] in the *IAM User Guide*.
+    #     before including the new principal in a key policy because the new
+    #     principal might not be immediately visible to AWS KMS. For more
+    #     information, see [Changes that I make are not always immediately
+    #     visible][2] in the *AWS Identity and Access Management User
+    #     Guide*.
     #
-    #   The policy size limit is 32 kilobytes (32768 bytes).
+    #   The key policy size limit is 32 kilobytes (32768 bytes).
     #
     #
     #
@@ -1976,9 +1978,8 @@ module Aws::KMS
     #   A flag to indicate whether to bypass the key policy lockout safety
     #   check.
     #
-    #   Setting this value to true increases the likelihood that the CMK
-    #   becomes unmanageable. Do not set this value to true
-    #   indiscriminately.
+    #   Setting this value to true increases the risk that the CMK becomes
+    #   unmanageable. Do not set this value to true indiscriminately.
     #
     #    For more information, refer to the scenario in the [Default Key
     #   Policy][1] section in the *AWS Key Management Service Developer

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-kms
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.4.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-11-07 00:00:00.000000000 Z
+date: 2018-01-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core