aws-sdk-paymentcryptography 1.52.0 → 1.54.0

data/lib/aws-sdk-paymentcryptography/types.rb

@@ -98,6 +98,46 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # @!attribute [rw] action
+    #   The protected operation to associate with the MPA team. Currently,
+    #   the only supported value is `IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE`.
+    #   @return [String]
+    #
+    # @!attribute [rw] mpa_team_arn
+    #   The ARN of the MPA team to associate with the protected operation.
+    #   @return [String]
+    #
+    # @!attribute [rw] requester_comment
+    #   The comment from the requester explaining the reason for the
+    #   association.
+    #
+    #   Don't include personal, confidential or sensitive information in
+    #   this field. This field may be displayed in plaintext in CloudTrail
+    #   logs and other output.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/AssociateMpaTeamInput AWS API Documentation
+    #
+    class AssociateMpaTeamInput < Struct.new(
+      :action,
+      :mpa_team_arn,
+      :requester_comment)
+      SENSITIVE = [:requester_comment]
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] mpa_team_association
+    #   The details of the MPA team association.
+    #   @return [Types::MpaTeamAssociation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/AssociateMpaTeamOutput AWS API Documentation
+    #
+    class AssociateMpaTeamOutput < Struct.new(
+      :mpa_team_association)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # The metadata used to create the certificate signing request.
     #
     # @!attribute [rw] common_name
@@ -345,6 +385,23 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   The `KeyARN` of the key whose resource-based policy you want to
+    #   delete.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteResourcePolicyInput AWS API Documentation
+    #
+    class DeleteResourcePolicyInput < Struct.new(
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DeleteResourcePolicyOutput AWS API Documentation
+    #
+    class DeleteResourcePolicyOutput < Aws::EmptyStructure; end
+
     # The shared information used when deriving a key using ECDH.
     #
     # @note DiffieHellmanDerivationData is a union - when making an API calls you must set exactly one of the members.
@@ -412,6 +469,42 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # @!attribute [rw] action
+    #   The protected operation to disassociate from the MPA team.
+    #   Currently, the only supported value is
+    #   `IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE`.
+    #   @return [String]
+    #
+    # @!attribute [rw] requester_comment
+    #   The comment from the requester explaining the reason for the
+    #   disassociation.
+    #
+    #   Don't include personal, confidential or sensitive information in
+    #   this field. This field may be displayed in plaintext in CloudTrail
+    #   logs and other output.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DisassociateMpaTeamInput AWS API Documentation
+    #
+    class DisassociateMpaTeamInput < Struct.new(
+      :action,
+      :requester_comment)
+      SENSITIVE = [:requester_comment]
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] mpa_team_association
+    #   The details of the MPA team association.
+    #   @return [Types::MpaTeamAssociation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/DisassociateMpaTeamOutput AWS API Documentation
+    #
+    class DisassociateMpaTeamOutput < Struct.new(
+      :mpa_team_association)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Input parameters for enabling default key replication regions for the
     # account.
     #
@@ -904,6 +997,32 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # @!attribute [rw] action
+    #   The protected operation whose MPA team association you want to
+    #   retrieve. Currently, the only supported value is
+    #   `IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE`.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetMpaTeamAssociationInput AWS API Documentation
+    #
+    class GetMpaTeamAssociationInput < Struct.new(
+      :action)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] mpa_team_association
+    #   The details of the MPA team association.
+    #   @return [Types::MpaTeamAssociation]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetMpaTeamAssociationOutput AWS API Documentation
+    #
+    class GetMpaTeamAssociationOutput < Struct.new(
+      :mpa_team_association)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @!attribute [rw] key_material_type
     #   The key block format type (for example, TR-34 or TR-31) to use
     #   during key material export. Export token is only required for a
@@ -917,11 +1036,23 @@ module Aws::PaymentCryptography
     #   key block. `RSA_2048` is the only signing key algorithm allowed.
     #   @return [String]
     #
+    # @!attribute [rw] reuse_last_generated_token
+    #   Specifies whether to reuse the existing export token and signing key
+    #   certificate. If set to `true` and a valid export token exists for
+    #   the same key material type and signing key algorithm with at least 7
+    #   days of remaining validity, the existing token and signing key
+    #   certificate are returned. Otherwise, a new export token and signing
+    #   key certificate are generated. The default value is `false`, which
+    #   generates a new export token and signing key certificate on every
+    #   call.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForExportInput AWS API Documentation
     #
     class GetParametersForExportInput < Struct.new(
       :key_material_type,
-      :signing_key_algorithm)
+      :signing_key_algorithm,
+      :reuse_last_generated_token)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -985,11 +1116,23 @@ module Aws::PaymentCryptography
     #   import.
     #   @return [String]
     #
+    # @!attribute [rw] reuse_last_generated_token
+    #   Specifies whether to reuse the existing import token and wrapping
+    #   key certificate. If set to `true` and a valid import token exists
+    #   for the same key material type and wrapping key algorithm with at
+    #   least 7 days of remaining validity, the existing token and wrapping
+    #   key certificate are returned. Otherwise, a new import token and
+    #   wrapping key certificate are generated. The default value is
+    #   `false`, which generates a new import token and wrapping key
+    #   certificate on every call.
+    #   @return [Boolean]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetParametersForImportInput AWS API Documentation
     #
     class GetParametersForImportInput < Struct.new(
       :key_material_type,
-      :wrapping_key_algorithm)
+      :wrapping_key_algorithm,
+      :reuse_last_generated_token)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -1049,7 +1192,10 @@ module Aws::PaymentCryptography
     # @!attribute [rw] key_certificate
     #   The public key component of the asymmetric key pair in a certificate
     #   PEM format (base64 encoded). It is signed by the root certificate
-    #   authority (CA). The certificate expires in 90 days.
+    #   authority (CA). The certificate is valid for 90 days from the time
+    #   it is issued. The service returns a cached certificate if one exists
+    #   with at least 30 days of remaining validity. Otherwise, a new 90-day
+    #   certificate is issued.
     #   @return [String]
     #
     # @!attribute [rw] key_certificate_chain
@@ -1067,6 +1213,36 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # @!attribute [rw] resource_arn
+    #   The `KeyARN` of the key whose resource-based policy you want to
+    #   retrieve.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetResourcePolicyInput AWS API Documentation
+    #
+    class GetResourcePolicyInput < Struct.new(
+      :resource_arn)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] resource_arn
+    #   The `KeyARN` of the key.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy
+    #   The resource-based policy attached to the key, in JSON format.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/GetResourcePolicyOutput AWS API Documentation
+    #
+    class GetResourcePolicyOutput < Struct.new(
+      :resource_arn,
+      :policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Parameter information for key material import using AS2805 key
     # cryptogram format.
     #
@@ -1273,6 +1449,14 @@ module Aws::PaymentCryptography
     #   added to or removed from a key's replication configuration.
     #   @return [Array<String>]
     #
+    # @!attribute [rw] requester_comment
+    #   The comment from the requester explaining the reason for the import.
+    #
+    #   Don't include personal, confidential or sensitive information in
+    #   this field. This field may be displayed in plaintext in CloudTrail
+    #   logs and other output.
+    #   @return [String]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/ImportKeyInput AWS API Documentation
     #
     class ImportKeyInput < Struct.new(
@@ -1280,8 +1464,9 @@ module Aws::PaymentCryptography
       :key_check_value_algorithm,
       :enabled,
       :tags,
-      :replication_regions)
-      SENSITIVE = []
+      :replication_regions,
+      :requester_comment)
+      SENSITIVE = [:requester_comment]
       include Aws::Structure
     end
 
@@ -1594,6 +1779,10 @@ module Aws::PaymentCryptography
     #   [1]: https://docs.aws.amazon.com/payment-cryptography/latest/userguide/keys-multi-region-replication.html
     #   @return [Boolean]
     #
+    # @!attribute [rw] mpa_status
+    #   The Multi-Party Approval (MPA) status for the key, if applicable.
+    #   @return [Types::MpaStatus]
+    #
     # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/Key AWS API Documentation
     #
     class Key < Struct.new(
@@ -1614,7 +1803,8 @@ module Aws::PaymentCryptography
       :multi_region_key_type,
       :primary_region,
       :replication_status,
-      :using_default_replication_regions)
+      :using_default_replication_regions,
+      :mpa_status)
       SENSITIVE = []
       include Aws::Structure
     end
@@ -2007,6 +2197,116 @@ module Aws::PaymentCryptography
       include Aws::Structure
     end
 
+    # The status of an MPA session.
+    #
+    # @!attribute [rw] mpa_session_arn
+    #   The ARN of the MPA session.
+    #   @return [String]
+    #
+    # @!attribute [rw] status
+    #   The current status of the MPA session.
+    #   @return [String]
+    #
+    # @!attribute [rw] initiation_date
+    #   The date and time when the MPA session was initiated.
+    #   @return [Time]
+    #
+    # @!attribute [rw] status_message
+    #   The message providing additional information about the MPA session
+    #   status.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/MpaStatus AWS API Documentation
+    #
+    class MpaStatus < Struct.new(
+      :mpa_session_arn,
+      :status,
+      :initiation_date,
+      :status_message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The details of an MPA team association with a protected operation.
+    #
+    # @!attribute [rw] action
+    #   The protected operation associated with the MPA team.
+    #   @return [String]
+    #
+    # @!attribute [rw] mpa_team_arn
+    #   The ARN of the MPA team.
+    #   @return [String]
+    #
+    # @!attribute [rw] association_state
+    #   The state of the MPA team association.
+    #   @return [String]
+    #
+    # @!attribute [rw] mpa_status
+    #   The MPA session status for the association, if applicable.
+    #   @return [Types::MpaStatus]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/MpaTeamAssociation AWS API Documentation
+    #
+    class MpaTeamAssociation < Struct.new(
+      :action,
+      :mpa_team_arn,
+      :association_state,
+      :mpa_status)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # The resource-based policy would grant public access to the key.
+    #
+    # Modify the policy to restrict access to specific principals and
+    # resubmit the request.
+    #
+    # @!attribute [rw] message
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/PublicPolicyException AWS API Documentation
+    #
+    class PublicPolicyException < Struct.new(
+      :message)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] resource_arn
+    #   The `KeyARN` of the key to attach the resource-based policy to.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy
+    #   The resource-based policy to attach to the key, in JSON format.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/PutResourcePolicyInput AWS API Documentation
+    #
+    class PutResourcePolicyInput < Struct.new(
+      :resource_arn,
+      :policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] resource_arn
+    #   The `KeyARN` of the key that the resource-based policy was attached
+    #   to.
+    #   @return [String]
+    #
+    # @!attribute [rw] policy
+    #   The resource-based policy that was attached to the key.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/payment-cryptography-2021-09-14/PutResourcePolicyOutput AWS API Documentation
+    #
+    class PutResourcePolicyOutput < Struct.new(
+      :resource_arn,
+      :policy)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Input parameters for removing replication regions from a specific key.
     #
     # @!attribute [rw] key_identifier

data/lib/aws-sdk-paymentcryptography.rb

@@ -55,7 +55,7 @@ module Aws::PaymentCryptography
   autoload :EndpointProvider, 'aws-sdk-paymentcryptography/endpoint_provider'
   autoload :Endpoints, 'aws-sdk-paymentcryptography/endpoints'
 
-  GEM_VERSION = '1.52.0'
+  GEM_VERSION = '1.54.0'
 
 end
 

data/sig/client.rbs

@@ -90,6 +90,18 @@ module Aws
                                        ) -> _AddKeyReplicationRegionsResponseSuccess
                                      | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _AddKeyReplicationRegionsResponseSuccess
 
+      interface _AssociateMpaTeamResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::AssociateMpaTeamOutput]
+        def mpa_team_association: () -> Types::MpaTeamAssociation
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#associate_mpa_team-instance_method
+      def associate_mpa_team: (
+                                action: ("IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE"),
+                                mpa_team_arn: ::String,
+                                ?requester_comment: ::String
+                              ) -> _AssociateMpaTeamResponseSuccess
+                            | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _AssociateMpaTeamResponseSuccess
+
       interface _CreateAliasResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::CreateAliasOutput]
         def alias: () -> Types::Alias
@@ -157,6 +169,15 @@ module Aws
                       ) -> _DeleteKeyResponseSuccess
                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteKeyResponseSuccess
 
+      interface _DeleteResourcePolicyResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::DeleteResourcePolicyOutput]
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#delete_resource_policy-instance_method
+      def delete_resource_policy: (
+                                    resource_arn: ::String
+                                  ) -> _DeleteResourcePolicyResponseSuccess
+                                | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DeleteResourcePolicyResponseSuccess
+
       interface _DisableDefaultKeyReplicationRegionsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::DisableDefaultKeyReplicationRegionsOutput]
         def enabled_replication_regions: () -> ::Array[::String]
@@ -167,6 +188,17 @@ module Aws
                                                    ) -> _DisableDefaultKeyReplicationRegionsResponseSuccess
                                                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DisableDefaultKeyReplicationRegionsResponseSuccess
 
+      interface _DisassociateMpaTeamResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::DisassociateMpaTeamOutput]
+        def mpa_team_association: () -> Types::MpaTeamAssociation
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#disassociate_mpa_team-instance_method
+      def disassociate_mpa_team: (
+                                   action: ("IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE"),
+                                   ?requester_comment: ::String
+                                 ) -> _DisassociateMpaTeamResponseSuccess
+                               | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _DisassociateMpaTeamResponseSuccess
+
       interface _EnableDefaultKeyReplicationRegionsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::EnableDefaultKeyReplicationRegionsOutput]
         def enabled_replication_regions: () -> ::Array[::String]
@@ -324,6 +356,16 @@ module Aws
                    ) -> _GetKeyResponseSuccess
                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetKeyResponseSuccess
 
+      interface _GetMpaTeamAssociationResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetMpaTeamAssociationOutput]
+        def mpa_team_association: () -> Types::MpaTeamAssociation
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#get_mpa_team_association-instance_method
+      def get_mpa_team_association: (
+                                      action: ("IMPORT_ROOT_PUBLIC_KEY_CERTIFICATE")
+                                    ) -> _GetMpaTeamAssociationResponseSuccess
+                                  | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetMpaTeamAssociationResponseSuccess
+
       interface _GetParametersForExportResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::GetParametersForExportOutput]
         def signing_key_certificate: () -> ::String
@@ -335,7 +377,8 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#get_parameters_for_export-instance_method
       def get_parameters_for_export: (
                                        key_material_type: ("TR34_KEY_BLOCK" | "TR31_KEY_BLOCK" | "ROOT_PUBLIC_KEY_CERTIFICATE" | "TRUSTED_PUBLIC_KEY_CERTIFICATE" | "KEY_CRYPTOGRAM"),
-                                       signing_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224" | "RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521")
+                                       signing_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224" | "RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521"),
+                                       ?reuse_last_generated_token: bool
                                      ) -> _GetParametersForExportResponseSuccess
                                    | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetParametersForExportResponseSuccess
 
@@ -350,7 +393,8 @@ module Aws
       # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#get_parameters_for_import-instance_method
       def get_parameters_for_import: (
                                        key_material_type: ("TR34_KEY_BLOCK" | "TR31_KEY_BLOCK" | "ROOT_PUBLIC_KEY_CERTIFICATE" | "TRUSTED_PUBLIC_KEY_CERTIFICATE" | "KEY_CRYPTOGRAM"),
-                                       wrapping_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224" | "RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521")
+                                       wrapping_key_algorithm: ("TDES_2KEY" | "TDES_3KEY" | "AES_128" | "AES_192" | "AES_256" | "HMAC_SHA256" | "HMAC_SHA384" | "HMAC_SHA512" | "HMAC_SHA224" | "RSA_2048" | "RSA_3072" | "RSA_4096" | "ECC_NIST_P256" | "ECC_NIST_P384" | "ECC_NIST_P521"),
+                                       ?reuse_last_generated_token: bool
                                      ) -> _GetParametersForImportResponseSuccess
                                    | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetParametersForImportResponseSuccess
 
@@ -365,6 +409,17 @@ module Aws
                                       ) -> _GetPublicKeyCertificateResponseSuccess
                                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetPublicKeyCertificateResponseSuccess
 
+      interface _GetResourcePolicyResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::GetResourcePolicyOutput]
+        def resource_arn: () -> ::String
+        def policy: () -> ::String
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#get_resource_policy-instance_method
+      def get_resource_policy: (
+                                 resource_arn: ::String
+                               ) -> _GetResourcePolicyResponseSuccess
+                             | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _GetResourcePolicyResponseSuccess
+
       interface _ImportKeyResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::ImportKeyOutput]
         def key: () -> Types::Key
@@ -486,7 +541,8 @@ module Aws
                             value: ::String
                           },
                         ],
-                        ?replication_regions: Array[::String]
+                        ?replication_regions: Array[::String],
+                        ?requester_comment: ::String
                       ) -> _ImportKeyResponseSuccess
                     | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ImportKeyResponseSuccess
 
@@ -529,6 +585,18 @@ module Aws
                                   ) -> _ListTagsForResourceResponseSuccess
                                 | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _ListTagsForResourceResponseSuccess
 
+      interface _PutResourcePolicyResponseSuccess
+        include ::Seahorse::Client::_ResponseSuccess[Types::PutResourcePolicyOutput]
+        def resource_arn: () -> ::String
+        def policy: () -> ::String
+      end
+      # https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/PaymentCryptography/Client.html#put_resource_policy-instance_method
+      def put_resource_policy: (
+                                 resource_arn: ::String,
+                                 policy: ::String
+                               ) -> _PutResourcePolicyResponseSuccess
+                             | (Hash[Symbol, untyped] params, ?Hash[Symbol, untyped] options) -> _PutResourcePolicyResponseSuccess
+
       interface _RemoveKeyReplicationRegionsResponseSuccess
         include ::Seahorse::Client::_ResponseSuccess[Types::RemoveKeyReplicationRegionsOutput]
         def key: () -> Types::Key

data/sig/errors.rbs

@@ -20,6 +20,9 @@ module Aws
       class InternalServerException < ::Aws::Errors::ServiceError
         def message: () -> ::String
       end
+      class PublicPolicyException < ::Aws::Errors::ServiceError
+        def message: () -> ::String
+      end
       class ResourceNotFoundException < ::Aws::Errors::ServiceError
         def resource_id: () -> ::String
       end