aws-sdk-lambda 1.138.0 → 1.140.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 3a50fc0147ae147df20b3ea44d022386321c20fe460054b3cfaafc357d34882a
4
- data.tar.gz: ac311e7731eeefdc925901d5dc4c5424c858fc01a94f9852dceaa85c87299117
3
+ metadata.gz: b345c545812a8bf5e1b00f4b14d40d6e15e91a31f2c34d0a11b960f7c3edaa63
4
+ data.tar.gz: f65aaf58a147766deb19cac0224ed0dc74f0690c06a3ec36b1905089aa362e35
5
5
  SHA512:
6
- metadata.gz: 9af3081399ca7e635d774c626eeb216dd91476f6cfc08af25048a8d64e7927715b70881c69683e438de2b925313a170b776a0e5d4a366a2bed710433057366fd
7
- data.tar.gz: bd670f36d41bed2a1df6c42b1b18fc22696f880e3b2f0d85b33b24321882fd03378d62bcf1d773886f31215fbca91c2761a53a64ea05de279d3f0ee3e168f063
6
+ metadata.gz: 0eba8465dbbc3ffa6981d36bd01e3babdb560056fdef88e4a0404d3159a60f85f4df7fde55915aa002b4d7dc06712006d1d36bc375a331a4236baeaf9359e820
7
+ data.tar.gz: '09f2b303083d0408052f9f3d4e0e920fd0374e904cdff520edc17213fa4b517a55263823139b09e10444249ffc7ca8df9f032b51b0e6704fa879b5629dfed7e5'
data/CHANGELOG.md CHANGED
@@ -1,6 +1,16 @@
1
1
  Unreleased Changes
2
2
  ------------------
3
3
 
4
+ 1.140.0 (2024-11-08)
5
+ ------------------
6
+
7
+ * Feature - This release adds support for using AWS KMS customer managed keys to encrypt AWS Lambda .zip deployment packages.
8
+
9
+ 1.139.0 (2024-11-06)
10
+ ------------------
11
+
12
+ * Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
13
+
4
14
  1.138.0 (2024-10-25)
5
15
  ------------------
6
16
 
data/VERSION CHANGED
@@ -1 +1 @@
1
- 1.138.0
1
+ 1.140.0
@@ -1497,19 +1497,33 @@ module Aws::Lambda
1497
1497
  #
1498
1498
  # @option params [String] :kms_key_arn
1499
1499
  # The ARN of the Key Management Service (KMS) customer managed key
1500
- # that's used to encrypt your function's [environment variables][1].
1501
- # When [Lambda SnapStart][2] is activated, Lambda also uses this key is
1502
- # to encrypt your function's snapshot. If you deploy your function
1503
- # using a container image, Lambda also uses this key to encrypt your
1504
- # function when it's deployed. Note that this is not the same key
1505
- # that's used to protect your container image in the Amazon Elastic
1506
- # Container Registry (Amazon ECR). If you don't provide a customer
1507
- # managed key, Lambda uses a default service key.
1500
+ # that's used to encrypt the following resources:
1501
+ #
1502
+ # * The function's [environment variables][1].
1503
+ #
1504
+ # * The function's [Lambda SnapStart][2] snapshots.
1505
+ #
1506
+ # * When used with `SourceKMSKeyArn`, the unzipped version of the .zip
1507
+ # deployment package that's used for function invocations. For more
1508
+ # information, see [ Specifying a customer managed key for Lambda][3].
1509
+ #
1510
+ # * The optimized version of the container image that's used for
1511
+ # function invocations. Note that this is not the same key that's
1512
+ # used to protect your container image in the Amazon Elastic Container
1513
+ # Registry (Amazon ECR). For more information, see [Function
1514
+ # lifecycle][4].
1515
+ #
1516
+ # If you don't provide a customer managed key, Lambda uses an [Amazon
1517
+ # Web Services owned key][5] or an [Amazon Web Services managed key][6].
1508
1518
  #
1509
1519
  #
1510
1520
  #
1511
1521
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption
1512
1522
  # [2]: https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html
1523
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption
1524
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle
1525
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
1526
+ # [6]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
1513
1527
  #
1514
1528
  # @option params [Types::TracingConfig] :tracing_config
1515
1529
  # Set `Mode` to `Active` to sample and trace a subset of incoming
@@ -1690,6 +1704,7 @@ module Aws::Lambda
1690
1704
  # s3_key: "S3Key",
1691
1705
  # s3_object_version: "S3ObjectVersion",
1692
1706
  # image_uri: "String",
1707
+ # source_kms_key_arn: "KMSKeyArn",
1693
1708
  # },
1694
1709
  # description: "Description",
1695
1710
  # timeout: 1,
@@ -2904,6 +2919,7 @@ module Aws::Lambda
2904
2919
  # resp.code.location #=> String
2905
2920
  # resp.code.image_uri #=> String
2906
2921
  # resp.code.resolved_image_uri #=> String
2922
+ # resp.code.source_kms_key_arn #=> String
2907
2923
  # resp.tags #=> Hash
2908
2924
  # resp.tags["TagKey"] #=> String
2909
2925
  # resp.tags_error.error_code #=> String
@@ -3708,9 +3724,9 @@ module Aws::Lambda
3708
3724
  # * {Types::GetProvisionedConcurrencyConfigResponse#last_modified #last_modified} => Time
3709
3725
  #
3710
3726
  #
3711
- # @example Example: To get a provisioned concurrency configuration
3727
+ # @example Example: To view a provisioned concurrency configuration
3712
3728
  #
3713
- # # The following example returns details for the provisioned concurrency configuration for the BLUE alias of the specified
3729
+ # # The following example displays details for the provisioned concurrency configuration for the BLUE alias of the specified
3714
3730
  # # function.
3715
3731
  #
3716
3732
  # resp = client.get_provisioned_concurrency_config({
@@ -3727,9 +3743,9 @@ module Aws::Lambda
3727
3743
  # status: "READY",
3728
3744
  # }
3729
3745
  #
3730
- # @example Example: To view a provisioned concurrency configuration
3746
+ # @example Example: To get a provisioned concurrency configuration
3731
3747
  #
3732
- # # The following example displays details for the provisioned concurrency configuration for the BLUE alias of the specified
3748
+ # # The following example returns details for the provisioned concurrency configuration for the BLUE alias of the specified
3733
3749
  # # function.
3734
3750
  #
3735
3751
  # resp = client.get_provisioned_concurrency_config({
@@ -3931,9 +3947,9 @@ module Aws::Lambda
3931
3947
  # @option params [String, StringIO, File] :payload
3932
3948
  # The JSON that you want to provide to your Lambda function as input.
3933
3949
  #
3934
- # You can enter the JSON directly. For example, `--payload '\{ "key":
3935
- # "value" \}'`. You can also specify a file path. For example,
3936
- # `--payload file://payload.json`.
3950
+ # You can enter the JSON directly. For example, `--payload '{ "key":
3951
+ # "value" }'`. You can also specify a file path. For example, `--payload
3952
+ # file://payload.json`.
3937
3953
  #
3938
3954
  # @option params [String] :qualifier
3939
3955
  # Specify a version or alias to invoke a published version of the
@@ -4130,9 +4146,9 @@ module Aws::Lambda
4130
4146
  # @option params [String, StringIO, File] :payload
4131
4147
  # The JSON that you want to provide to your Lambda function as input.
4132
4148
  #
4133
- # You can enter the JSON directly. For example, `--payload '\{ "key":
4134
- # "value" \}'`. You can also specify a file path. For example,
4135
- # `--payload file://payload.json`.
4149
+ # You can enter the JSON directly. For example, `--payload '{ "key":
4150
+ # "value" }'`. You can also specify a file path. For example, `--payload
4151
+ # file://payload.json`.
4136
4152
  #
4137
4153
  # @return [Types::InvokeWithResponseStreamResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
4138
4154
  #
@@ -7237,6 +7253,12 @@ module Aws::Lambda
7237
7253
  # string array with one of the valid values (arm64 or x86\_64). The
7238
7254
  # default value is `x86_64`.
7239
7255
  #
7256
+ # @option params [String] :source_kms_key_arn
7257
+ # The ARN of the Key Management Service (KMS) customer managed key
7258
+ # that's used to encrypt your function's .zip deployment package. If
7259
+ # you don't provide a customer managed key, Lambda uses an Amazon Web
7260
+ # Services managed key.
7261
+ #
7240
7262
  # @return [Types::FunctionConfiguration] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
7241
7263
  #
7242
7264
  # * {Types::FunctionConfiguration#function_name #function_name} => String
@@ -7321,6 +7343,7 @@ module Aws::Lambda
7321
7343
  # dry_run: false,
7322
7344
  # revision_id: "String",
7323
7345
  # architectures: ["x86_64"], # accepts x86_64, arm64
7346
+ # source_kms_key_arn: "KMSKeyArn",
7324
7347
  # })
7325
7348
  #
7326
7349
  # @example Response structure
@@ -7519,19 +7542,33 @@ module Aws::Lambda
7519
7542
  #
7520
7543
  # @option params [String] :kms_key_arn
7521
7544
  # The ARN of the Key Management Service (KMS) customer managed key
7522
- # that's used to encrypt your function's [environment variables][1].
7523
- # When [Lambda SnapStart][2] is activated, Lambda also uses this key is
7524
- # to encrypt your function's snapshot. If you deploy your function
7525
- # using a container image, Lambda also uses this key to encrypt your
7526
- # function when it's deployed. Note that this is not the same key
7527
- # that's used to protect your container image in the Amazon Elastic
7528
- # Container Registry (Amazon ECR). If you don't provide a customer
7529
- # managed key, Lambda uses a default service key.
7545
+ # that's used to encrypt the following resources:
7546
+ #
7547
+ # * The function's [environment variables][1].
7548
+ #
7549
+ # * The function's [Lambda SnapStart][2] snapshots.
7550
+ #
7551
+ # * When used with `SourceKMSKeyArn`, the unzipped version of the .zip
7552
+ # deployment package that's used for function invocations. For more
7553
+ # information, see [ Specifying a customer managed key for Lambda][3].
7554
+ #
7555
+ # * The optimized version of the container image that's used for
7556
+ # function invocations. Note that this is not the same key that's
7557
+ # used to protect your container image in the Amazon Elastic Container
7558
+ # Registry (Amazon ECR). For more information, see [Function
7559
+ # lifecycle][4].
7560
+ #
7561
+ # If you don't provide a customer managed key, Lambda uses an [Amazon
7562
+ # Web Services owned key][5] or an [Amazon Web Services managed key][6].
7530
7563
  #
7531
7564
  #
7532
7565
  #
7533
7566
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption
7534
7567
  # [2]: https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html
7568
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption
7569
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle
7570
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
7571
+ # [6]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
7535
7572
  #
7536
7573
  # @option params [Types::TracingConfig] :tracing_config
7537
7574
  # Set `Mode` to `Active` to sample and trace a subset of incoming
@@ -8034,7 +8071,7 @@ module Aws::Lambda
8034
8071
  tracer: tracer
8035
8072
  )
8036
8073
  context[:gem_name] = 'aws-sdk-lambda'
8037
- context[:gem_version] = '1.138.0'
8074
+ context[:gem_version] = '1.140.0'
8038
8075
  Seahorse::Client::Request.new(handlers, context)
8039
8076
  end
8040
8077
 
@@ -740,12 +740,14 @@ module Aws::Lambda
740
740
  FunctionCode.add_member(:s3_key, Shapes::ShapeRef.new(shape: S3Key, location_name: "S3Key"))
741
741
  FunctionCode.add_member(:s3_object_version, Shapes::ShapeRef.new(shape: S3ObjectVersion, location_name: "S3ObjectVersion"))
742
742
  FunctionCode.add_member(:image_uri, Shapes::ShapeRef.new(shape: String, location_name: "ImageUri"))
743
+ FunctionCode.add_member(:source_kms_key_arn, Shapes::ShapeRef.new(shape: KMSKeyArn, location_name: "SourceKMSKeyArn"))
743
744
  FunctionCode.struct_class = Types::FunctionCode
744
745
 
745
746
  FunctionCodeLocation.add_member(:repository_type, Shapes::ShapeRef.new(shape: String, location_name: "RepositoryType"))
746
747
  FunctionCodeLocation.add_member(:location, Shapes::ShapeRef.new(shape: String, location_name: "Location"))
747
748
  FunctionCodeLocation.add_member(:image_uri, Shapes::ShapeRef.new(shape: String, location_name: "ImageUri"))
748
749
  FunctionCodeLocation.add_member(:resolved_image_uri, Shapes::ShapeRef.new(shape: String, location_name: "ResolvedImageUri"))
750
+ FunctionCodeLocation.add_member(:source_kms_key_arn, Shapes::ShapeRef.new(shape: String, location_name: "SourceKMSKeyArn"))
749
751
  FunctionCodeLocation.struct_class = Types::FunctionCodeLocation
750
752
 
751
753
  FunctionConfiguration.add_member(:function_name, Shapes::ShapeRef.new(shape: NamespacedFunctionName, location_name: "FunctionName"))
@@ -1490,6 +1492,7 @@ module Aws::Lambda
1490
1492
  UpdateFunctionCodeRequest.add_member(:dry_run, Shapes::ShapeRef.new(shape: Boolean, location_name: "DryRun"))
1491
1493
  UpdateFunctionCodeRequest.add_member(:revision_id, Shapes::ShapeRef.new(shape: String, location_name: "RevisionId"))
1492
1494
  UpdateFunctionCodeRequest.add_member(:architectures, Shapes::ShapeRef.new(shape: ArchitecturesList, location_name: "Architectures"))
1495
+ UpdateFunctionCodeRequest.add_member(:source_kms_key_arn, Shapes::ShapeRef.new(shape: KMSKeyArn, location_name: "SourceKMSKeyArn"))
1493
1496
  UpdateFunctionCodeRequest.struct_class = Types::UpdateFunctionCodeRequest
1494
1497
 
1495
1498
  UpdateFunctionConfigurationRequest.add_member(:function_name, Shapes::ShapeRef.new(shape: FunctionName, required: true, location: "uri", location_name: "FunctionName"))
@@ -1016,19 +1016,35 @@ module Aws::Lambda
1016
1016
  #
1017
1017
  # @!attribute [rw] kms_key_arn
1018
1018
  # The ARN of the Key Management Service (KMS) customer managed key
1019
- # that's used to encrypt your function's [environment variables][1].
1020
- # When [Lambda SnapStart][2] is activated, Lambda also uses this key
1021
- # is to encrypt your function's snapshot. If you deploy your function
1022
- # using a container image, Lambda also uses this key to encrypt your
1023
- # function when it's deployed. Note that this is not the same key
1024
- # that's used to protect your container image in the Amazon Elastic
1025
- # Container Registry (Amazon ECR). If you don't provide a customer
1026
- # managed key, Lambda uses a default service key.
1019
+ # that's used to encrypt the following resources:
1020
+ #
1021
+ # * The function's [environment variables][1].
1022
+ #
1023
+ # * The function's [Lambda SnapStart][2] snapshots.
1024
+ #
1025
+ # * When used with `SourceKMSKeyArn`, the unzipped version of the .zip
1026
+ # deployment package that's used for function invocations. For more
1027
+ # information, see [ Specifying a customer managed key for
1028
+ # Lambda][3].
1029
+ #
1030
+ # * The optimized version of the container image that's used for
1031
+ # function invocations. Note that this is not the same key that's
1032
+ # used to protect your container image in the Amazon Elastic
1033
+ # Container Registry (Amazon ECR). For more information, see
1034
+ # [Function lifecycle][4].
1035
+ #
1036
+ # If you don't provide a customer managed key, Lambda uses an [Amazon
1037
+ # Web Services owned key][5] or an [Amazon Web Services managed
1038
+ # key][6].
1027
1039
  #
1028
1040
  #
1029
1041
  #
1030
1042
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption
1031
1043
  # [2]: https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html
1044
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption
1045
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle
1046
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
1047
+ # [6]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
1032
1048
  # @return [String]
1033
1049
  #
1034
1050
  # @!attribute [rw] tracing_config
@@ -2181,6 +2197,17 @@ module Aws::Lambda
2181
2197
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html
2182
2198
  # @return [String]
2183
2199
  #
2200
+ # @!attribute [rw] source_kms_key_arn
2201
+ # The ARN of the Key Management Service (KMS) customer managed key
2202
+ # that's used to encrypt your function's .zip deployment package. If
2203
+ # you don't provide a customer managed key, Lambda uses an [Amazon
2204
+ # Web Services owned key][1].
2205
+ #
2206
+ #
2207
+ #
2208
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
2209
+ # @return [String]
2210
+ #
2184
2211
  # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/FunctionCode AWS API Documentation
2185
2212
  #
2186
2213
  class FunctionCode < Struct.new(
@@ -2188,7 +2215,8 @@ module Aws::Lambda
2188
2215
  :s3_bucket,
2189
2216
  :s3_key,
2190
2217
  :s3_object_version,
2191
- :image_uri)
2218
+ :image_uri,
2219
+ :source_kms_key_arn)
2192
2220
  SENSITIVE = [:zip_file]
2193
2221
  include Aws::Structure
2194
2222
  end
@@ -2211,13 +2239,25 @@ module Aws::Lambda
2211
2239
  # The resolved URI for the image.
2212
2240
  # @return [String]
2213
2241
  #
2242
+ # @!attribute [rw] source_kms_key_arn
2243
+ # The ARN of the Key Management Service (KMS) customer managed key
2244
+ # that's used to encrypt your function's .zip deployment package. If
2245
+ # you don't provide a customer managed key, Lambda uses an [Amazon
2246
+ # Web Services owned key][1].
2247
+ #
2248
+ #
2249
+ #
2250
+ # [1]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
2251
+ # @return [String]
2252
+ #
2214
2253
  # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/FunctionCodeLocation AWS API Documentation
2215
2254
  #
2216
2255
  class FunctionCodeLocation < Struct.new(
2217
2256
  :repository_type,
2218
2257
  :location,
2219
2258
  :image_uri,
2220
- :resolved_image_uri)
2259
+ :resolved_image_uri,
2260
+ :source_kms_key_arn)
2221
2261
  SENSITIVE = []
2222
2262
  include Aws::Structure
2223
2263
  end
@@ -2313,15 +2353,36 @@ module Aws::Lambda
2313
2353
  # @return [Types::EnvironmentResponse]
2314
2354
  #
2315
2355
  # @!attribute [rw] kms_key_arn
2316
- # The KMS key that's used to encrypt the function's [environment
2317
- # variables][1]. When [Lambda SnapStart][2] is activated, this key is
2318
- # also used to encrypt the function's snapshot. This key is returned
2319
- # only if you've configured a customer managed key.
2356
+ # The ARN of the Key Management Service (KMS) customer managed key
2357
+ # that's used to encrypt the following resources:
2358
+ #
2359
+ # * The function's [environment variables][1].
2360
+ #
2361
+ # * The function's [Lambda SnapStart][2] snapshots.
2362
+ #
2363
+ # * When used with `SourceKMSKeyArn`, the unzipped version of the .zip
2364
+ # deployment package that's used for function invocations. For more
2365
+ # information, see [ Specifying a customer managed key for
2366
+ # Lambda][3].
2367
+ #
2368
+ # * The optimized version of the container image that's used for
2369
+ # function invocations. Note that this is not the same key that's
2370
+ # used to protect your container image in the Amazon Elastic
2371
+ # Container Registry (Amazon ECR). For more information, see
2372
+ # [Function lifecycle][4].
2373
+ #
2374
+ # If you don't provide a customer managed key, Lambda uses an [Amazon
2375
+ # Web Services owned key][5] or an [Amazon Web Services managed
2376
+ # key][6].
2320
2377
  #
2321
2378
  #
2322
2379
  #
2323
2380
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption
2324
2381
  # [2]: https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html
2382
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption
2383
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle
2384
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
2385
+ # [6]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
2325
2386
  # @return [String]
2326
2387
  #
2327
2388
  # @!attribute [rw] tracing_config
@@ -2928,7 +2989,7 @@ module Aws::Lambda
2928
2989
  #
2929
2990
  #
2930
2991
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/tagging.html
2931
- # [2]: https://docs.aws.amazon.com/https:/docs.aws.amazon.com/lambda/latest/api/API_ListTags.html
2992
+ # [2]: https://docs.aws.amazon.com/lambda/latest/api/API_ListTags.html
2932
2993
  # @return [Hash<String,String>]
2933
2994
  #
2934
2995
  # @!attribute [rw] tags_error
@@ -3622,8 +3683,8 @@ module Aws::Lambda
3622
3683
  # @!attribute [rw] payload
3623
3684
  # The JSON that you want to provide to your Lambda function as input.
3624
3685
  #
3625
- # You can enter the JSON directly. For example, `--payload '\{ "key":
3626
- # "value" \}'`. You can also specify a file path. For example,
3686
+ # You can enter the JSON directly. For example, `--payload '{ "key":
3687
+ # "value" }'`. You can also specify a file path. For example,
3627
3688
  # `--payload file://payload.json`.
3628
3689
  # @return [String]
3629
3690
  #
@@ -3813,8 +3874,8 @@ module Aws::Lambda
3813
3874
  # @!attribute [rw] payload
3814
3875
  # The JSON that you want to provide to your Lambda function as input.
3815
3876
  #
3816
- # You can enter the JSON directly. For example, `--payload '\{ "key":
3817
- # "value" \}'`. You can also specify a file path. For example,
3877
+ # You can enter the JSON directly. For example, `--payload '{ "key":
3878
+ # "value" }'`. You can also specify a file path. For example,
3818
3879
  # `--payload file://payload.json`.
3819
3880
  # @return [String]
3820
3881
  #
@@ -6524,6 +6585,13 @@ module Aws::Lambda
6524
6585
  # default value is `x86_64`.
6525
6586
  # @return [Array<String>]
6526
6587
  #
6588
+ # @!attribute [rw] source_kms_key_arn
6589
+ # The ARN of the Key Management Service (KMS) customer managed key
6590
+ # that's used to encrypt your function's .zip deployment package. If
6591
+ # you don't provide a customer managed key, Lambda uses an Amazon Web
6592
+ # Services managed key.
6593
+ # @return [String]
6594
+ #
6527
6595
  # @see http://docs.aws.amazon.com/goto/WebAPI/lambda-2015-03-31/UpdateFunctionCodeRequest AWS API Documentation
6528
6596
  #
6529
6597
  class UpdateFunctionCodeRequest < Struct.new(
@@ -6536,7 +6604,8 @@ module Aws::Lambda
6536
6604
  :publish,
6537
6605
  :dry_run,
6538
6606
  :revision_id,
6539
- :architectures)
6607
+ :architectures,
6608
+ :source_kms_key_arn)
6540
6609
  SENSITIVE = [:zip_file]
6541
6610
  include Aws::Structure
6542
6611
  end
@@ -6648,19 +6717,35 @@ module Aws::Lambda
6648
6717
  #
6649
6718
  # @!attribute [rw] kms_key_arn
6650
6719
  # The ARN of the Key Management Service (KMS) customer managed key
6651
- # that's used to encrypt your function's [environment variables][1].
6652
- # When [Lambda SnapStart][2] is activated, Lambda also uses this key
6653
- # is to encrypt your function's snapshot. If you deploy your function
6654
- # using a container image, Lambda also uses this key to encrypt your
6655
- # function when it's deployed. Note that this is not the same key
6656
- # that's used to protect your container image in the Amazon Elastic
6657
- # Container Registry (Amazon ECR). If you don't provide a customer
6658
- # managed key, Lambda uses a default service key.
6720
+ # that's used to encrypt the following resources:
6721
+ #
6722
+ # * The function's [environment variables][1].
6723
+ #
6724
+ # * The function's [Lambda SnapStart][2] snapshots.
6725
+ #
6726
+ # * When used with `SourceKMSKeyArn`, the unzipped version of the .zip
6727
+ # deployment package that's used for function invocations. For more
6728
+ # information, see [ Specifying a customer managed key for
6729
+ # Lambda][3].
6730
+ #
6731
+ # * The optimized version of the container image that's used for
6732
+ # function invocations. Note that this is not the same key that's
6733
+ # used to protect your container image in the Amazon Elastic
6734
+ # Container Registry (Amazon ECR). For more information, see
6735
+ # [Function lifecycle][4].
6736
+ #
6737
+ # If you don't provide a customer managed key, Lambda uses an [Amazon
6738
+ # Web Services owned key][5] or an [Amazon Web Services managed
6739
+ # key][6].
6659
6740
  #
6660
6741
  #
6661
6742
  #
6662
6743
  # [1]: https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html#configuration-envvars-encryption
6663
6744
  # [2]: https://docs.aws.amazon.com/lambda/latest/dg/snapstart-security.html
6745
+ # [3]: https://docs.aws.amazon.com/lambda/latest/dg/encrypt-zip-package.html#enable-zip-custom-encryption
6746
+ # [4]: https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-lifecycle
6747
+ # [5]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk
6748
+ # [6]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk
6664
6749
  # @return [String]
6665
6750
  #
6666
6751
  # @!attribute [rw] tracing_config
@@ -56,7 +56,7 @@ module Aws::Lambda
56
56
  autoload :Endpoints, 'aws-sdk-lambda/endpoints'
57
57
  autoload :EventStreams, 'aws-sdk-lambda/event_streams'
58
58
 
59
- GEM_VERSION = '1.138.0'
59
+ GEM_VERSION = '1.140.0'
60
60
 
61
61
  end
62
62
 
data/sig/client.rbs CHANGED
@@ -296,7 +296,8 @@ module Aws
296
296
  s3_bucket: ::String?,
297
297
  s3_key: ::String?,
298
298
  s3_object_version: ::String?,
299
- image_uri: ::String?
299
+ image_uri: ::String?,
300
+ source_kms_key_arn: ::String?
300
301
  },
301
302
  ?description: ::String,
302
303
  ?timeout: ::Integer,
@@ -1338,7 +1339,8 @@ module Aws
1338
1339
  ?publish: bool,
1339
1340
  ?dry_run: bool,
1340
1341
  ?revision_id: ::String,
1341
- ?architectures: Array[("x86_64" | "arm64")]
1342
+ ?architectures: Array[("x86_64" | "arm64")],
1343
+ ?source_kms_key_arn: ::String
1342
1344
  ) -> _UpdateFunctionCodeResponseSuccess
1343
1345
  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _UpdateFunctionCodeResponseSuccess
1344
1346
 
data/sig/types.rbs CHANGED
@@ -441,6 +441,7 @@ module Aws::Lambda
441
441
  attr_accessor s3_key: ::String
442
442
  attr_accessor s3_object_version: ::String
443
443
  attr_accessor image_uri: ::String
444
+ attr_accessor source_kms_key_arn: ::String
444
445
  SENSITIVE: [:zip_file]
445
446
  end
446
447
 
@@ -449,6 +450,7 @@ module Aws::Lambda
449
450
  attr_accessor location: ::String
450
451
  attr_accessor image_uri: ::String
451
452
  attr_accessor resolved_image_uri: ::String
453
+ attr_accessor source_kms_key_arn: ::String
452
454
  SENSITIVE: []
453
455
  end
454
456
 
@@ -1413,6 +1415,7 @@ module Aws::Lambda
1413
1415
  attr_accessor dry_run: bool
1414
1416
  attr_accessor revision_id: ::String
1415
1417
  attr_accessor architectures: ::Array[("x86_64" | "arm64")]
1418
+ attr_accessor source_kms_key_arn: ::String
1416
1419
  SENSITIVE: [:zip_file]
1417
1420
  end
1418
1421
 
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: aws-sdk-lambda
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.138.0
4
+ version: 1.140.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Amazon Web Services
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2024-10-25 00:00:00.000000000 Z
11
+ date: 2024-11-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: aws-sdk-core