aws-sdk-qldb 1.13.0 → 1.17.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +20 -0
- data/VERSION +1 -1
- data/lib/aws-sdk-qldb.rb +1 -1
- data/lib/aws-sdk-qldb/client.rb +275 -49
- data/lib/aws-sdk-qldb/client_api.rb +36 -0
- data/lib/aws-sdk-qldb/types.rb +380 -81
- metadata +7 -8
@@ -28,6 +28,7 @@ module Aws::QLDB
|
|
28
28
|
DescribeLedgerRequest = Shapes::StructureShape.new(name: 'DescribeLedgerRequest')
|
29
29
|
DescribeLedgerResponse = Shapes::StructureShape.new(name: 'DescribeLedgerResponse')
|
30
30
|
Digest = Shapes::BlobShape.new(name: 'Digest')
|
31
|
+
EncryptionStatus = Shapes::StringShape.new(name: 'EncryptionStatus')
|
31
32
|
ErrorCause = Shapes::StringShape.new(name: 'ErrorCause')
|
32
33
|
ErrorMessage = Shapes::StringShape.new(name: 'ErrorMessage')
|
33
34
|
ExportJournalToS3Request = Shapes::StructureShape.new(name: 'ExportJournalToS3Request')
|
@@ -46,6 +47,8 @@ module Aws::QLDB
|
|
46
47
|
JournalS3ExportDescription = Shapes::StructureShape.new(name: 'JournalS3ExportDescription')
|
47
48
|
JournalS3ExportList = Shapes::ListShape.new(name: 'JournalS3ExportList')
|
48
49
|
KinesisConfiguration = Shapes::StructureShape.new(name: 'KinesisConfiguration')
|
50
|
+
KmsKey = Shapes::StringShape.new(name: 'KmsKey')
|
51
|
+
LedgerEncryptionDescription = Shapes::StructureShape.new(name: 'LedgerEncryptionDescription')
|
49
52
|
LedgerList = Shapes::ListShape.new(name: 'LedgerList')
|
50
53
|
LedgerName = Shapes::StringShape.new(name: 'LedgerName')
|
51
54
|
LedgerState = Shapes::StringShape.new(name: 'LedgerState')
|
@@ -90,6 +93,8 @@ module Aws::QLDB
|
|
90
93
|
UniqueId = Shapes::StringShape.new(name: 'UniqueId')
|
91
94
|
UntagResourceRequest = Shapes::StructureShape.new(name: 'UntagResourceRequest')
|
92
95
|
UntagResourceResponse = Shapes::StructureShape.new(name: 'UntagResourceResponse')
|
96
|
+
UpdateLedgerPermissionsModeRequest = Shapes::StructureShape.new(name: 'UpdateLedgerPermissionsModeRequest')
|
97
|
+
UpdateLedgerPermissionsModeResponse = Shapes::StructureShape.new(name: 'UpdateLedgerPermissionsModeResponse')
|
93
98
|
UpdateLedgerRequest = Shapes::StructureShape.new(name: 'UpdateLedgerRequest')
|
94
99
|
UpdateLedgerResponse = Shapes::StructureShape.new(name: 'UpdateLedgerResponse')
|
95
100
|
ValueHolder = Shapes::StructureShape.new(name: 'ValueHolder')
|
@@ -105,13 +110,16 @@ module Aws::QLDB
|
|
105
110
|
CreateLedgerRequest.add_member(:tags, Shapes::ShapeRef.new(shape: Tags, location_name: "Tags"))
|
106
111
|
CreateLedgerRequest.add_member(:permissions_mode, Shapes::ShapeRef.new(shape: PermissionsMode, required: true, location_name: "PermissionsMode"))
|
107
112
|
CreateLedgerRequest.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: DeletionProtection, location_name: "DeletionProtection"))
|
113
|
+
CreateLedgerRequest.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "KmsKey"))
|
108
114
|
CreateLedgerRequest.struct_class = Types::CreateLedgerRequest
|
109
115
|
|
110
116
|
CreateLedgerResponse.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, location_name: "Name"))
|
111
117
|
CreateLedgerResponse.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, location_name: "Arn"))
|
112
118
|
CreateLedgerResponse.add_member(:state, Shapes::ShapeRef.new(shape: LedgerState, location_name: "State"))
|
113
119
|
CreateLedgerResponse.add_member(:creation_date_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "CreationDateTime"))
|
120
|
+
CreateLedgerResponse.add_member(:permissions_mode, Shapes::ShapeRef.new(shape: PermissionsMode, location_name: "PermissionsMode"))
|
114
121
|
CreateLedgerResponse.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: DeletionProtection, location_name: "DeletionProtection"))
|
122
|
+
CreateLedgerResponse.add_member(:kms_key_arn, Shapes::ShapeRef.new(shape: Arn, location_name: "KmsKeyArn"))
|
115
123
|
CreateLedgerResponse.struct_class = Types::CreateLedgerResponse
|
116
124
|
|
117
125
|
DeleteLedgerRequest.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, required: true, location: "uri", location_name: "name"))
|
@@ -138,7 +146,9 @@ module Aws::QLDB
|
|
138
146
|
DescribeLedgerResponse.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, location_name: "Arn"))
|
139
147
|
DescribeLedgerResponse.add_member(:state, Shapes::ShapeRef.new(shape: LedgerState, location_name: "State"))
|
140
148
|
DescribeLedgerResponse.add_member(:creation_date_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "CreationDateTime"))
|
149
|
+
DescribeLedgerResponse.add_member(:permissions_mode, Shapes::ShapeRef.new(shape: PermissionsMode, location_name: "PermissionsMode"))
|
141
150
|
DescribeLedgerResponse.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: DeletionProtection, location_name: "DeletionProtection"))
|
151
|
+
DescribeLedgerResponse.add_member(:encryption_description, Shapes::ShapeRef.new(shape: LedgerEncryptionDescription, location_name: "EncryptionDescription"))
|
142
152
|
DescribeLedgerResponse.struct_class = Types::DescribeLedgerResponse
|
143
153
|
|
144
154
|
ExportJournalToS3Request.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, required: true, location: "uri", location_name: "name"))
|
@@ -212,6 +222,11 @@ module Aws::QLDB
|
|
212
222
|
KinesisConfiguration.add_member(:aggregation_enabled, Shapes::ShapeRef.new(shape: Boolean, location_name: "AggregationEnabled"))
|
213
223
|
KinesisConfiguration.struct_class = Types::KinesisConfiguration
|
214
224
|
|
225
|
+
LedgerEncryptionDescription.add_member(:kms_key_arn, Shapes::ShapeRef.new(shape: Arn, required: true, location_name: "KmsKeyArn"))
|
226
|
+
LedgerEncryptionDescription.add_member(:encryption_status, Shapes::ShapeRef.new(shape: EncryptionStatus, required: true, location_name: "EncryptionStatus"))
|
227
|
+
LedgerEncryptionDescription.add_member(:inaccessible_kms_key_date_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "InaccessibleKmsKeyDateTime"))
|
228
|
+
LedgerEncryptionDescription.struct_class = Types::LedgerEncryptionDescription
|
229
|
+
|
215
230
|
LedgerList.member = Shapes::ShapeRef.new(shape: LedgerSummary)
|
216
231
|
|
217
232
|
LedgerSummary.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, location_name: "Name"))
|
@@ -321,8 +336,18 @@ module Aws::QLDB
|
|
321
336
|
|
322
337
|
UntagResourceResponse.struct_class = Types::UntagResourceResponse
|
323
338
|
|
339
|
+
UpdateLedgerPermissionsModeRequest.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, required: true, location: "uri", location_name: "name"))
|
340
|
+
UpdateLedgerPermissionsModeRequest.add_member(:permissions_mode, Shapes::ShapeRef.new(shape: PermissionsMode, required: true, location_name: "PermissionsMode"))
|
341
|
+
UpdateLedgerPermissionsModeRequest.struct_class = Types::UpdateLedgerPermissionsModeRequest
|
342
|
+
|
343
|
+
UpdateLedgerPermissionsModeResponse.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, location_name: "Name"))
|
344
|
+
UpdateLedgerPermissionsModeResponse.add_member(:arn, Shapes::ShapeRef.new(shape: Arn, location_name: "Arn"))
|
345
|
+
UpdateLedgerPermissionsModeResponse.add_member(:permissions_mode, Shapes::ShapeRef.new(shape: PermissionsMode, location_name: "PermissionsMode"))
|
346
|
+
UpdateLedgerPermissionsModeResponse.struct_class = Types::UpdateLedgerPermissionsModeResponse
|
347
|
+
|
324
348
|
UpdateLedgerRequest.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, required: true, location: "uri", location_name: "name"))
|
325
349
|
UpdateLedgerRequest.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: DeletionProtection, location_name: "DeletionProtection"))
|
350
|
+
UpdateLedgerRequest.add_member(:kms_key, Shapes::ShapeRef.new(shape: KmsKey, location_name: "KmsKey"))
|
326
351
|
UpdateLedgerRequest.struct_class = Types::UpdateLedgerRequest
|
327
352
|
|
328
353
|
UpdateLedgerResponse.add_member(:name, Shapes::ShapeRef.new(shape: LedgerName, location_name: "Name"))
|
@@ -330,6 +355,7 @@ module Aws::QLDB
|
|
330
355
|
UpdateLedgerResponse.add_member(:state, Shapes::ShapeRef.new(shape: LedgerState, location_name: "State"))
|
331
356
|
UpdateLedgerResponse.add_member(:creation_date_time, Shapes::ShapeRef.new(shape: Timestamp, location_name: "CreationDateTime"))
|
332
357
|
UpdateLedgerResponse.add_member(:deletion_protection, Shapes::ShapeRef.new(shape: DeletionProtection, location_name: "DeletionProtection"))
|
358
|
+
UpdateLedgerResponse.add_member(:encryption_description, Shapes::ShapeRef.new(shape: LedgerEncryptionDescription, location_name: "EncryptionDescription"))
|
333
359
|
UpdateLedgerResponse.struct_class = Types::UpdateLedgerResponse
|
334
360
|
|
335
361
|
ValueHolder.add_member(:ion_text, Shapes::ShapeRef.new(shape: IonText, location_name: "IonText"))
|
@@ -571,6 +597,16 @@ module Aws::QLDB
|
|
571
597
|
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
572
598
|
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
573
599
|
end)
|
600
|
+
|
601
|
+
api.add_operation(:update_ledger_permissions_mode, Seahorse::Model::Operation.new.tap do |o|
|
602
|
+
o.name = "UpdateLedgerPermissionsMode"
|
603
|
+
o.http_method = "PATCH"
|
604
|
+
o.http_request_uri = "/ledgers/{name}/permissions-mode"
|
605
|
+
o.input = Shapes::ShapeRef.new(shape: UpdateLedgerPermissionsModeRequest)
|
606
|
+
o.output = Shapes::ShapeRef.new(shape: UpdateLedgerPermissionsModeResponse)
|
607
|
+
o.errors << Shapes::ShapeRef.new(shape: InvalidParameterException)
|
608
|
+
o.errors << Shapes::ShapeRef.new(shape: ResourceNotFoundException)
|
609
|
+
end)
|
574
610
|
end
|
575
611
|
|
576
612
|
end
|
data/lib/aws-sdk-qldb/types.rb
CHANGED
@@ -23,7 +23,8 @@ module Aws::QLDB
|
|
23
23
|
# @return [String]
|
24
24
|
#
|
25
25
|
# @!attribute [rw] stream_id
|
26
|
-
# The
|
26
|
+
# The UUID (represented in Base62-encoded text) of the QLDB journal
|
27
|
+
# stream to be canceled.
|
27
28
|
# @return [String]
|
28
29
|
#
|
29
30
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CancelJournalKinesisStreamRequest AWS API Documentation
|
@@ -36,7 +37,7 @@ module Aws::QLDB
|
|
36
37
|
end
|
37
38
|
|
38
39
|
# @!attribute [rw] stream_id
|
39
|
-
# The
|
40
|
+
# The UUID (Base62-encoded text) of the canceled QLDB journal stream.
|
40
41
|
# @return [String]
|
41
42
|
#
|
42
43
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CancelJournalKinesisStreamResponse AWS API Documentation
|
@@ -55,13 +56,15 @@ module Aws::QLDB
|
|
55
56
|
# tags: {
|
56
57
|
# "TagKey" => "TagValue",
|
57
58
|
# },
|
58
|
-
# permissions_mode: "ALLOW_ALL", # required, accepts ALLOW_ALL
|
59
|
+
# permissions_mode: "ALLOW_ALL", # required, accepts ALLOW_ALL, STANDARD
|
59
60
|
# deletion_protection: false,
|
61
|
+
# kms_key: "KmsKey",
|
60
62
|
# }
|
61
63
|
#
|
62
64
|
# @!attribute [rw] name
|
63
65
|
# The name of the ledger that you want to create. The name must be
|
64
|
-
# unique among all of
|
66
|
+
# unique among all of the ledgers in your account in the current
|
67
|
+
# Region.
|
65
68
|
#
|
66
69
|
# Naming constraints for ledger names are defined in [Quotas in Amazon
|
67
70
|
# QLDB][1] in the *Amazon QLDB Developer Guide*.
|
@@ -79,7 +82,37 @@ module Aws::QLDB
|
|
79
82
|
#
|
80
83
|
# @!attribute [rw] permissions_mode
|
81
84
|
# The permissions mode to assign to the ledger that you want to
|
82
|
-
# create.
|
85
|
+
# create. This parameter can have one of the following values:
|
86
|
+
#
|
87
|
+
# * `ALLOW_ALL`\: A legacy permissions mode that enables access
|
88
|
+
# control with API-level granularity for ledgers.
|
89
|
+
#
|
90
|
+
# This mode allows users who have the `SendCommand` API permission
|
91
|
+
# for this ledger to run all PartiQL commands (hence, `ALLOW_ALL`)
|
92
|
+
# on any tables in the specified ledger. This mode disregards any
|
93
|
+
# table-level or command-level IAM permissions policies that you
|
94
|
+
# create for the ledger.
|
95
|
+
#
|
96
|
+
# * `STANDARD`\: (*Recommended*) A permissions mode that enables
|
97
|
+
# access control with finer granularity for ledgers, tables, and
|
98
|
+
# PartiQL commands.
|
99
|
+
#
|
100
|
+
# By default, this mode denies all user requests to run any PartiQL
|
101
|
+
# commands on any tables in this ledger. To allow PartiQL commands
|
102
|
+
# to run, you must create IAM permissions policies for specific
|
103
|
+
# table resources and PartiQL actions, in addition to the
|
104
|
+
# `SendCommand` API permission for the ledger. For information, see
|
105
|
+
# [Getting started with the standard permissions mode][1] in the
|
106
|
+
# *Amazon QLDB Developer Guide*.
|
107
|
+
#
|
108
|
+
# <note markdown="1"> We strongly recommend using the `STANDARD` permissions mode to
|
109
|
+
# maximize the security of your ledger data.
|
110
|
+
#
|
111
|
+
# </note>
|
112
|
+
#
|
113
|
+
#
|
114
|
+
#
|
115
|
+
# [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html
|
83
116
|
# @return [String]
|
84
117
|
#
|
85
118
|
# @!attribute [rw] deletion_protection
|
@@ -88,20 +121,64 @@ module Aws::QLDB
|
|
88
121
|
# default.
|
89
122
|
#
|
90
123
|
# If deletion protection is enabled, you must first disable it before
|
91
|
-
# you can delete the ledger
|
92
|
-
#
|
93
|
-
# `UpdateLedger` operation to set the flag to `false`. The QLDB
|
94
|
-
# console disables deletion protection for you when you use it to
|
95
|
-
# delete a ledger.
|
124
|
+
# you can delete the ledger. You can disable it by calling the
|
125
|
+
# `UpdateLedger` operation to set the flag to `false`.
|
96
126
|
# @return [Boolean]
|
97
127
|
#
|
128
|
+
# @!attribute [rw] kms_key
|
129
|
+
# The key in Key Management Service (KMS) to use for encryption of
|
130
|
+
# data at rest in the ledger. For more information, see [Encryption at
|
131
|
+
# rest][1] in the *Amazon QLDB Developer Guide*.
|
132
|
+
#
|
133
|
+
# Use one of the following options to specify this parameter:
|
134
|
+
#
|
135
|
+
# * `AWS_OWNED_KMS_KEY`\: Use an KMS key that is owned and managed by
|
136
|
+
# Amazon Web Services on your behalf.
|
137
|
+
#
|
138
|
+
# * **Undefined**\: By default, use an Amazon Web Services owned KMS
|
139
|
+
# key.
|
140
|
+
#
|
141
|
+
# * **A valid symmetric customer managed KMS key**\: Use the specified
|
142
|
+
# KMS key in your account that you create, own, and manage.
|
143
|
+
#
|
144
|
+
# Amazon QLDB does not support asymmetric keys. For more
|
145
|
+
# information, see [Using symmetric and asymmetric keys][2] in the
|
146
|
+
# *Key Management Service Developer Guide*.
|
147
|
+
#
|
148
|
+
# To specify a customer managed KMS key, you can use its key ID,
|
149
|
+
# Amazon Resource Name (ARN), alias name, or alias ARN. When using an
|
150
|
+
# alias name, prefix it with `"alias/"`. To specify a key in a
|
151
|
+
# different account, you must use the key ARN or alias ARN.
|
152
|
+
#
|
153
|
+
# For example:
|
154
|
+
#
|
155
|
+
# * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
|
156
|
+
#
|
157
|
+
# * Key ARN:
|
158
|
+
# `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
|
159
|
+
#
|
160
|
+
# * Alias name: `alias/ExampleAlias`
|
161
|
+
#
|
162
|
+
# * Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`
|
163
|
+
#
|
164
|
+
# For more information, see [Key identifiers (KeyId)][3] in the *Key
|
165
|
+
# Management Service Developer Guide*.
|
166
|
+
#
|
167
|
+
#
|
168
|
+
#
|
169
|
+
# [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html
|
170
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
|
171
|
+
# [3]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
|
172
|
+
# @return [String]
|
173
|
+
#
|
98
174
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CreateLedgerRequest AWS API Documentation
|
99
175
|
#
|
100
176
|
class CreateLedgerRequest < Struct.new(
|
101
177
|
:name,
|
102
178
|
:tags,
|
103
179
|
:permissions_mode,
|
104
|
-
:deletion_protection
|
180
|
+
:deletion_protection,
|
181
|
+
:kms_key)
|
105
182
|
SENSITIVE = []
|
106
183
|
include Aws::Structure
|
107
184
|
end
|
@@ -124,19 +201,26 @@ module Aws::QLDB
|
|
124
201
|
# 12:00:00 AM January 1, 1970 UTC.)
|
125
202
|
# @return [Time]
|
126
203
|
#
|
204
|
+
# @!attribute [rw] permissions_mode
|
205
|
+
# The permissions mode of the ledger that you created.
|
206
|
+
# @return [String]
|
207
|
+
#
|
127
208
|
# @!attribute [rw] deletion_protection
|
128
209
|
# The flag that prevents a ledger from being deleted by any user. If
|
129
210
|
# not provided on ledger creation, this feature is enabled (`true`) by
|
130
211
|
# default.
|
131
212
|
#
|
132
213
|
# If deletion protection is enabled, you must first disable it before
|
133
|
-
# you can delete the ledger
|
134
|
-
#
|
135
|
-
# `UpdateLedger` operation to set the flag to `false`. The QLDB
|
136
|
-
# console disables deletion protection for you when you use it to
|
137
|
-
# delete a ledger.
|
214
|
+
# you can delete the ledger. You can disable it by calling the
|
215
|
+
# `UpdateLedger` operation to set the flag to `false`.
|
138
216
|
# @return [Boolean]
|
139
217
|
#
|
218
|
+
# @!attribute [rw] kms_key_arn
|
219
|
+
# The ARN of the customer managed KMS key that the ledger uses for
|
220
|
+
# encryption at rest. If this parameter is undefined, the ledger uses
|
221
|
+
# an Amazon Web Services owned KMS key for encryption.
|
222
|
+
# @return [String]
|
223
|
+
#
|
140
224
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CreateLedgerResponse AWS API Documentation
|
141
225
|
#
|
142
226
|
class CreateLedgerResponse < Struct.new(
|
@@ -144,7 +228,9 @@ module Aws::QLDB
|
|
144
228
|
:arn,
|
145
229
|
:state,
|
146
230
|
:creation_date_time,
|
147
|
-
:
|
231
|
+
:permissions_mode,
|
232
|
+
:deletion_protection,
|
233
|
+
:kms_key_arn)
|
148
234
|
SENSITIVE = []
|
149
235
|
include Aws::Structure
|
150
236
|
end
|
@@ -181,7 +267,8 @@ module Aws::QLDB
|
|
181
267
|
# @return [String]
|
182
268
|
#
|
183
269
|
# @!attribute [rw] stream_id
|
184
|
-
# The
|
270
|
+
# The UUID (represented in Base62-encoded text) of the QLDB journal
|
271
|
+
# stream to describe.
|
185
272
|
# @return [String]
|
186
273
|
#
|
187
274
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeJournalKinesisStreamRequest AWS API Documentation
|
@@ -219,7 +306,8 @@ module Aws::QLDB
|
|
219
306
|
# @return [String]
|
220
307
|
#
|
221
308
|
# @!attribute [rw] export_id
|
222
|
-
# The
|
309
|
+
# The UUID (represented in Base62-encoded text) of the journal export
|
310
|
+
# job to describe.
|
223
311
|
# @return [String]
|
224
312
|
#
|
225
313
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeJournalS3ExportRequest AWS API Documentation
|
@@ -281,19 +369,26 @@ module Aws::QLDB
|
|
281
369
|
# 12:00:00 AM January 1, 1970 UTC.)
|
282
370
|
# @return [Time]
|
283
371
|
#
|
372
|
+
# @!attribute [rw] permissions_mode
|
373
|
+
# The permissions mode of the ledger.
|
374
|
+
# @return [String]
|
375
|
+
#
|
284
376
|
# @!attribute [rw] deletion_protection
|
285
377
|
# The flag that prevents a ledger from being deleted by any user. If
|
286
378
|
# not provided on ledger creation, this feature is enabled (`true`) by
|
287
379
|
# default.
|
288
380
|
#
|
289
381
|
# If deletion protection is enabled, you must first disable it before
|
290
|
-
# you can delete the ledger
|
291
|
-
#
|
292
|
-
# `UpdateLedger` operation to set the flag to `false`. The QLDB
|
293
|
-
# console disables deletion protection for you when you use it to
|
294
|
-
# delete a ledger.
|
382
|
+
# you can delete the ledger. You can disable it by calling the
|
383
|
+
# `UpdateLedger` operation to set the flag to `false`.
|
295
384
|
# @return [Boolean]
|
296
385
|
#
|
386
|
+
# @!attribute [rw] encryption_description
|
387
|
+
# Information about the encryption of data at rest in the ledger. This
|
388
|
+
# includes the current status, the KMS key, and when the key became
|
389
|
+
# inaccessible (in the case of an error).
|
390
|
+
# @return [Types::LedgerEncryptionDescription]
|
391
|
+
#
|
297
392
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeLedgerResponse AWS API Documentation
|
298
393
|
#
|
299
394
|
class DescribeLedgerResponse < Struct.new(
|
@@ -301,7 +396,9 @@ module Aws::QLDB
|
|
301
396
|
:arn,
|
302
397
|
:state,
|
303
398
|
:creation_date_time,
|
304
|
-
:
|
399
|
+
:permissions_mode,
|
400
|
+
:deletion_protection,
|
401
|
+
:encryption_description)
|
305
402
|
SENSITIVE = []
|
306
403
|
include Aws::Structure
|
307
404
|
end
|
@@ -330,11 +427,11 @@ module Aws::QLDB
|
|
330
427
|
#
|
331
428
|
# @!attribute [rw] inclusive_start_time
|
332
429
|
# The inclusive start date and time for the range of journal contents
|
333
|
-
#
|
430
|
+
# to export.
|
334
431
|
#
|
335
432
|
# The `InclusiveStartTime` must be in `ISO 8601` date and time format
|
336
433
|
# and in Universal Coordinated Time (UTC). For example:
|
337
|
-
# `2019-06-13T21:36:34Z
|
434
|
+
# `2019-06-13T21:36:34Z`.
|
338
435
|
#
|
339
436
|
# The `InclusiveStartTime` must be before `ExclusiveEndTime`.
|
340
437
|
#
|
@@ -344,12 +441,12 @@ module Aws::QLDB
|
|
344
441
|
# @return [Time]
|
345
442
|
#
|
346
443
|
# @!attribute [rw] exclusive_end_time
|
347
|
-
# The exclusive end date and time for the range of journal contents
|
348
|
-
#
|
444
|
+
# The exclusive end date and time for the range of journal contents to
|
445
|
+
# export.
|
349
446
|
#
|
350
447
|
# The `ExclusiveEndTime` must be in `ISO 8601` date and time format
|
351
448
|
# and in Universal Coordinated Time (UTC). For example:
|
352
|
-
# `2019-06-13T21:36:34Z
|
449
|
+
# `2019-06-13T21:36:34Z`.
|
353
450
|
#
|
354
451
|
# The `ExclusiveEndTime` must be less than or equal to the current UTC
|
355
452
|
# date and time.
|
@@ -367,9 +464,8 @@ module Aws::QLDB
|
|
367
464
|
# * Write objects into your Amazon Simple Storage Service (Amazon S3)
|
368
465
|
# bucket.
|
369
466
|
#
|
370
|
-
# * (Optional) Use your customer master key (CMK) in
|
371
|
-
#
|
372
|
-
# exported data.
|
467
|
+
# * (Optional) Use your customer master key (CMK) in Key Management
|
468
|
+
# Service (KMS) for server-side encryption of your exported data.
|
373
469
|
# @return [String]
|
374
470
|
#
|
375
471
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/ExportJournalToS3Request AWS API Documentation
|
@@ -385,7 +481,8 @@ module Aws::QLDB
|
|
385
481
|
end
|
386
482
|
|
387
483
|
# @!attribute [rw] export_id
|
388
|
-
# The
|
484
|
+
# The UUID (represented in Base62-encoded text) that QLDB assigns to
|
485
|
+
# each journal export job.
|
389
486
|
#
|
390
487
|
# To describe your export request and check the status of the job, you
|
391
488
|
# can use `ExportId` to call `DescribeJournalS3Export`.
|
@@ -421,7 +518,7 @@ module Aws::QLDB
|
|
421
518
|
# Amazon Ion structure that has two fields: `strandId` and
|
422
519
|
# `sequenceNo`.
|
423
520
|
#
|
424
|
-
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}
|
521
|
+
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`.
|
425
522
|
# @return [Types::ValueHolder]
|
426
523
|
#
|
427
524
|
# @!attribute [rw] digest_tip_address
|
@@ -429,7 +526,7 @@ module Aws::QLDB
|
|
429
526
|
# a proof. An address is an Amazon Ion structure that has two fields:
|
430
527
|
# `strandId` and `sequenceNo`.
|
431
528
|
#
|
432
|
-
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}
|
529
|
+
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`.
|
433
530
|
# @return [Types::ValueHolder]
|
434
531
|
#
|
435
532
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/GetBlockRequest AWS API Documentation
|
@@ -524,11 +621,12 @@ module Aws::QLDB
|
|
524
621
|
# address is an Amazon Ion structure that has two fields: `strandId`
|
525
622
|
# and `sequenceNo`.
|
526
623
|
#
|
527
|
-
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}
|
624
|
+
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`.
|
528
625
|
# @return [Types::ValueHolder]
|
529
626
|
#
|
530
627
|
# @!attribute [rw] document_id
|
531
|
-
# The
|
628
|
+
# The UUID (represented in Base62-encoded text) of the document to be
|
629
|
+
# verified.
|
532
630
|
# @return [String]
|
533
631
|
#
|
534
632
|
# @!attribute [rw] digest_tip_address
|
@@ -536,7 +634,7 @@ module Aws::QLDB
|
|
536
634
|
# a proof. An address is an Amazon Ion structure that has two fields:
|
537
635
|
# `strandId` and `sequenceNo`.
|
538
636
|
#
|
539
|
-
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}
|
637
|
+
# For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`.
|
540
638
|
# @return [Types::ValueHolder]
|
541
639
|
#
|
542
640
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/GetRevisionRequest AWS API Documentation
|
@@ -588,9 +686,9 @@ module Aws::QLDB
|
|
588
686
|
include Aws::Structure
|
589
687
|
end
|
590
688
|
|
591
|
-
#
|
592
|
-
#
|
593
|
-
#
|
689
|
+
# Information about an Amazon QLDB journal stream, including the Amazon
|
690
|
+
# Resource Name (ARN), stream name, creation time, current status, and
|
691
|
+
# the parameters of the original stream creation request.
|
594
692
|
#
|
595
693
|
# @!attribute [rw] ledger_name
|
596
694
|
# The name of the ledger.
|
@@ -609,7 +707,7 @@ module Aws::QLDB
|
|
609
707
|
#
|
610
708
|
# @!attribute [rw] exclusive_end_time
|
611
709
|
# The exclusive date and time that specifies when the stream ends. If
|
612
|
-
# this parameter is
|
710
|
+
# this parameter is undefined, the stream runs indefinitely until you
|
613
711
|
# cancel it.
|
614
712
|
# @return [Time]
|
615
713
|
#
|
@@ -620,7 +718,8 @@ module Aws::QLDB
|
|
620
718
|
# @return [String]
|
621
719
|
#
|
622
720
|
# @!attribute [rw] stream_id
|
623
|
-
# The
|
721
|
+
# The UUID (represented in Base62-encoded text) of the QLDB journal
|
722
|
+
# stream.
|
624
723
|
# @return [String]
|
625
724
|
#
|
626
725
|
# @!attribute [rw] arn
|
@@ -633,7 +732,7 @@ module Aws::QLDB
|
|
633
732
|
#
|
634
733
|
# @!attribute [rw] kinesis_configuration
|
635
734
|
# The configuration settings of the Amazon Kinesis Data Streams
|
636
|
-
# destination for
|
735
|
+
# destination for a QLDB journal stream.
|
637
736
|
# @return [Types::KinesisConfiguration]
|
638
737
|
#
|
639
738
|
# @!attribute [rw] error_cause
|
@@ -664,16 +763,17 @@ module Aws::QLDB
|
|
664
763
|
include Aws::Structure
|
665
764
|
end
|
666
765
|
|
667
|
-
#
|
668
|
-
# export ID,
|
669
|
-
#
|
766
|
+
# Information about a journal export job, including the ledger name,
|
767
|
+
# export ID, creation time, current status, and the parameters of the
|
768
|
+
# original export creation request.
|
670
769
|
#
|
671
770
|
# @!attribute [rw] ledger_name
|
672
771
|
# The name of the ledger.
|
673
772
|
# @return [String]
|
674
773
|
#
|
675
774
|
# @!attribute [rw] export_id
|
676
|
-
# The
|
775
|
+
# The UUID (represented in Base62-encoded text) of the journal export
|
776
|
+
# job.
|
677
777
|
# @return [String]
|
678
778
|
#
|
679
779
|
# @!attribute [rw] export_creation_time
|
@@ -708,9 +808,8 @@ module Aws::QLDB
|
|
708
808
|
# * Write objects into your Amazon Simple Storage Service (Amazon S3)
|
709
809
|
# bucket.
|
710
810
|
#
|
711
|
-
# * (Optional) Use your customer master key (CMK) in
|
712
|
-
#
|
713
|
-
# exported data.
|
811
|
+
# * (Optional) Use your customer master key (CMK) in Key Management
|
812
|
+
# Service (KMS) for server-side encryption of your exported data.
|
714
813
|
# @return [String]
|
715
814
|
#
|
716
815
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/JournalS3ExportDescription AWS API Documentation
|
@@ -729,7 +828,7 @@ module Aws::QLDB
|
|
729
828
|
end
|
730
829
|
|
731
830
|
# The configuration settings of the Amazon Kinesis Data Streams
|
732
|
-
# destination for
|
831
|
+
# destination for an Amazon QLDB journal stream.
|
733
832
|
#
|
734
833
|
# @note When making an API call, you may pass KinesisConfiguration
|
735
834
|
# data as a hash:
|
@@ -740,17 +839,24 @@ module Aws::QLDB
|
|
740
839
|
# }
|
741
840
|
#
|
742
841
|
# @!attribute [rw] stream_arn
|
743
|
-
# The Amazon Resource Name (ARN) of the Kinesis
|
842
|
+
# The Amazon Resource Name (ARN) of the Kinesis Data Streams resource.
|
744
843
|
# @return [String]
|
745
844
|
#
|
746
845
|
# @!attribute [rw] aggregation_enabled
|
747
846
|
# Enables QLDB to publish multiple data records in a single Kinesis
|
748
|
-
# Data Streams record
|
749
|
-
#
|
847
|
+
# Data Streams record, increasing the number of records sent per API
|
848
|
+
# call.
|
849
|
+
#
|
850
|
+
# *This option is enabled by default.* Record aggregation has
|
851
|
+
# important implications for processing records and requires
|
852
|
+
# de-aggregation in your stream consumer. To learn more, see [KPL Key
|
853
|
+
# Concepts][1] and [Consumer De-aggregation][2] in the *Amazon Kinesis
|
854
|
+
# Data Streams Developer Guide*.
|
750
855
|
#
|
751
856
|
#
|
752
857
|
#
|
753
858
|
# [1]: https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html
|
859
|
+
# [2]: https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html
|
754
860
|
# @return [Boolean]
|
755
861
|
#
|
756
862
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/KinesisConfiguration AWS API Documentation
|
@@ -762,6 +868,72 @@ module Aws::QLDB
|
|
762
868
|
include Aws::Structure
|
763
869
|
end
|
764
870
|
|
871
|
+
# Information about the encryption of data at rest in an Amazon QLDB
|
872
|
+
# ledger. This includes the current status, the key in Key Management
|
873
|
+
# Service (KMS), and when the key became inaccessible (in the case of an
|
874
|
+
# error).
|
875
|
+
#
|
876
|
+
# For more information, see [Encryption at rest][1] in the *Amazon QLDB
|
877
|
+
# Developer Guide*.
|
878
|
+
#
|
879
|
+
#
|
880
|
+
#
|
881
|
+
# [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html
|
882
|
+
#
|
883
|
+
# @!attribute [rw] kms_key_arn
|
884
|
+
# The Amazon Resource Name (ARN) of the customer managed KMS key that
|
885
|
+
# the ledger uses for encryption at rest. If this parameter is
|
886
|
+
# undefined, the ledger uses an Amazon Web Services owned KMS key for
|
887
|
+
# encryption.
|
888
|
+
# @return [String]
|
889
|
+
#
|
890
|
+
# @!attribute [rw] encryption_status
|
891
|
+
# The current state of encryption at rest for the ledger. This can be
|
892
|
+
# one of the following values:
|
893
|
+
#
|
894
|
+
# * `ENABLED`\: Encryption is fully enabled using the specified key.
|
895
|
+
#
|
896
|
+
# * `UPDATING`\: The ledger is actively processing the specified key
|
897
|
+
# change.
|
898
|
+
#
|
899
|
+
# Key changes in QLDB are asynchronous. The ledger is fully
|
900
|
+
# accessible without any performance impact while the key change is
|
901
|
+
# being processed. The amount of time it takes to update a key
|
902
|
+
# varies depending on the ledger size.
|
903
|
+
#
|
904
|
+
# * `KMS_KEY_INACCESSIBLE`\: The specified customer managed KMS key is
|
905
|
+
# not accessible, and the ledger is impaired. Either the key was
|
906
|
+
# disabled or deleted, or the grants on the key were revoked. When a
|
907
|
+
# ledger is impaired, it is not accessible and does not accept any
|
908
|
+
# read or write requests.
|
909
|
+
#
|
910
|
+
# An impaired ledger automatically returns to an active state after
|
911
|
+
# you restore the grants on the key, or re-enable the key that was
|
912
|
+
# disabled. However, deleting a customer managed KMS key is
|
913
|
+
# irreversible. After a key is deleted, you can no longer access the
|
914
|
+
# ledgers that are protected with that key, and the data becomes
|
915
|
+
# unrecoverable permanently.
|
916
|
+
# @return [String]
|
917
|
+
#
|
918
|
+
# @!attribute [rw] inaccessible_kms_key_date_time
|
919
|
+
# The date and time, in epoch time format, when the KMS key first
|
920
|
+
# became inaccessible, in the case of an error. (Epoch time format is
|
921
|
+
# the number of seconds that have elapsed since 12:00:00 AM January 1,
|
922
|
+
# 1970 UTC.)
|
923
|
+
#
|
924
|
+
# This parameter is undefined if the KMS key is accessible.
|
925
|
+
# @return [Time]
|
926
|
+
#
|
927
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/LedgerEncryptionDescription AWS API Documentation
|
928
|
+
#
|
929
|
+
class LedgerEncryptionDescription < Struct.new(
|
930
|
+
:kms_key_arn,
|
931
|
+
:encryption_status,
|
932
|
+
:inaccessible_kms_key_date_time)
|
933
|
+
SENSITIVE = []
|
934
|
+
include Aws::Structure
|
935
|
+
end
|
936
|
+
|
765
937
|
# Information about a ledger, including its name, state, and when it was
|
766
938
|
# created.
|
767
939
|
#
|
@@ -957,7 +1129,7 @@ module Aws::QLDB
|
|
957
1129
|
|
958
1130
|
# @!attribute [rw] journal_s3_exports
|
959
1131
|
# The array of journal export job descriptions for all ledgers that
|
960
|
-
# are associated with the current
|
1132
|
+
# are associated with the current account and Region.
|
961
1133
|
# @return [Array<Types::JournalS3ExportDescription>]
|
962
1134
|
#
|
963
1135
|
# @!attribute [rw] next_token
|
@@ -1009,7 +1181,7 @@ module Aws::QLDB
|
|
1009
1181
|
|
1010
1182
|
# @!attribute [rw] ledgers
|
1011
1183
|
# The array of ledger summaries that are associated with the current
|
1012
|
-
#
|
1184
|
+
# account and Region.
|
1013
1185
|
# @return [Array<Types::LedgerSummary>]
|
1014
1186
|
#
|
1015
1187
|
# @!attribute [rw] next_token
|
@@ -1041,8 +1213,8 @@ module Aws::QLDB
|
|
1041
1213
|
# }
|
1042
1214
|
#
|
1043
1215
|
# @!attribute [rw] resource_arn
|
1044
|
-
# The Amazon Resource Name (ARN) for which
|
1045
|
-
#
|
1216
|
+
# The Amazon Resource Name (ARN) for which to list the tags. For
|
1217
|
+
# example:
|
1046
1218
|
#
|
1047
1219
|
# `arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger`
|
1048
1220
|
# @return [String]
|
@@ -1184,9 +1356,9 @@ module Aws::QLDB
|
|
1184
1356
|
# @return [String]
|
1185
1357
|
#
|
1186
1358
|
# @!attribute [rw] kms_key_arn
|
1187
|
-
# The Amazon Resource Name (ARN)
|
1188
|
-
# (CMK) in
|
1189
|
-
#
|
1359
|
+
# The Amazon Resource Name (ARN) of a symmetric customer master key
|
1360
|
+
# (CMK) in Key Management Service (KMS). Amazon S3 does not support
|
1361
|
+
# asymmetric CMKs.
|
1190
1362
|
#
|
1191
1363
|
# You must provide a `KmsKeyArn` if you specify `SSE_KMS` as the
|
1192
1364
|
# `ObjectEncryptionType`.
|
@@ -1306,7 +1478,7 @@ module Aws::QLDB
|
|
1306
1478
|
# The inclusive start date and time from which to start streaming
|
1307
1479
|
# journal data. This parameter must be in `ISO 8601` date and time
|
1308
1480
|
# format and in Universal Coordinated Time (UTC). For example:
|
1309
|
-
# `2019-06-13T21:36:34Z
|
1481
|
+
# `2019-06-13T21:36:34Z`.
|
1310
1482
|
#
|
1311
1483
|
# The `InclusiveStartTime` cannot be in the future and must be before
|
1312
1484
|
# `ExclusiveEndTime`.
|
@@ -1323,7 +1495,7 @@ module Aws::QLDB
|
|
1323
1495
|
#
|
1324
1496
|
# The `ExclusiveEndTime` must be in `ISO 8601` date and time format
|
1325
1497
|
# and in Universal Coordinated Time (UTC). For example:
|
1326
|
-
# `2019-06-13T21:36:34Z
|
1498
|
+
# `2019-06-13T21:36:34Z`.
|
1327
1499
|
# @return [Time]
|
1328
1500
|
#
|
1329
1501
|
# @!attribute [rw] kinesis_configuration
|
@@ -1361,7 +1533,8 @@ module Aws::QLDB
|
|
1361
1533
|
end
|
1362
1534
|
|
1363
1535
|
# @!attribute [rw] stream_id
|
1364
|
-
# The
|
1536
|
+
# The UUID (represented in Base62-encoded text) that QLDB assigns to
|
1537
|
+
# each QLDB journal stream.
|
1365
1538
|
# @return [String]
|
1366
1539
|
#
|
1367
1540
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/StreamJournalToKinesisResponse AWS API Documentation
|
@@ -1418,14 +1591,14 @@ module Aws::QLDB
|
|
1418
1591
|
# }
|
1419
1592
|
#
|
1420
1593
|
# @!attribute [rw] resource_arn
|
1421
|
-
# The Amazon Resource Name (ARN) from which
|
1422
|
-
#
|
1594
|
+
# The Amazon Resource Name (ARN) from which to remove the tags. For
|
1595
|
+
# example:
|
1423
1596
|
#
|
1424
1597
|
# `arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger`
|
1425
1598
|
# @return [String]
|
1426
1599
|
#
|
1427
1600
|
# @!attribute [rw] tag_keys
|
1428
|
-
# The list of tag keys
|
1601
|
+
# The list of tag keys to remove.
|
1429
1602
|
# @return [Array<String>]
|
1430
1603
|
#
|
1431
1604
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UntagResourceRequest AWS API Documentation
|
@@ -1441,12 +1614,91 @@ module Aws::QLDB
|
|
1441
1614
|
#
|
1442
1615
|
class UntagResourceResponse < Aws::EmptyStructure; end
|
1443
1616
|
|
1617
|
+
# @note When making an API call, you may pass UpdateLedgerPermissionsModeRequest
|
1618
|
+
# data as a hash:
|
1619
|
+
#
|
1620
|
+
# {
|
1621
|
+
# name: "LedgerName", # required
|
1622
|
+
# permissions_mode: "ALLOW_ALL", # required, accepts ALLOW_ALL, STANDARD
|
1623
|
+
# }
|
1624
|
+
#
|
1625
|
+
# @!attribute [rw] name
|
1626
|
+
# The name of the ledger.
|
1627
|
+
# @return [String]
|
1628
|
+
#
|
1629
|
+
# @!attribute [rw] permissions_mode
|
1630
|
+
# The permissions mode to assign to the ledger. This parameter can
|
1631
|
+
# have one of the following values:
|
1632
|
+
#
|
1633
|
+
# * `ALLOW_ALL`\: A legacy permissions mode that enables access
|
1634
|
+
# control with API-level granularity for ledgers.
|
1635
|
+
#
|
1636
|
+
# This mode allows users who have the `SendCommand` API permission
|
1637
|
+
# for this ledger to run all PartiQL commands (hence, `ALLOW_ALL`)
|
1638
|
+
# on any tables in the specified ledger. This mode disregards any
|
1639
|
+
# table-level or command-level IAM permissions policies that you
|
1640
|
+
# create for the ledger.
|
1641
|
+
#
|
1642
|
+
# * `STANDARD`\: (*Recommended*) A permissions mode that enables
|
1643
|
+
# access control with finer granularity for ledgers, tables, and
|
1644
|
+
# PartiQL commands.
|
1645
|
+
#
|
1646
|
+
# By default, this mode denies all user requests to run any PartiQL
|
1647
|
+
# commands on any tables in this ledger. To allow PartiQL commands
|
1648
|
+
# to run, you must create IAM permissions policies for specific
|
1649
|
+
# table resources and PartiQL actions, in addition to the
|
1650
|
+
# `SendCommand` API permission for the ledger. For information, see
|
1651
|
+
# [Getting started with the standard permissions mode][1] in the
|
1652
|
+
# *Amazon QLDB Developer Guide*.
|
1653
|
+
#
|
1654
|
+
# <note markdown="1"> We strongly recommend using the `STANDARD` permissions mode to
|
1655
|
+
# maximize the security of your ledger data.
|
1656
|
+
#
|
1657
|
+
# </note>
|
1658
|
+
#
|
1659
|
+
#
|
1660
|
+
#
|
1661
|
+
# [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html
|
1662
|
+
# @return [String]
|
1663
|
+
#
|
1664
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UpdateLedgerPermissionsModeRequest AWS API Documentation
|
1665
|
+
#
|
1666
|
+
class UpdateLedgerPermissionsModeRequest < Struct.new(
|
1667
|
+
:name,
|
1668
|
+
:permissions_mode)
|
1669
|
+
SENSITIVE = []
|
1670
|
+
include Aws::Structure
|
1671
|
+
end
|
1672
|
+
|
1673
|
+
# @!attribute [rw] name
|
1674
|
+
# The name of the ledger.
|
1675
|
+
# @return [String]
|
1676
|
+
#
|
1677
|
+
# @!attribute [rw] arn
|
1678
|
+
# The Amazon Resource Name (ARN) for the ledger.
|
1679
|
+
# @return [String]
|
1680
|
+
#
|
1681
|
+
# @!attribute [rw] permissions_mode
|
1682
|
+
# The current permissions mode of the ledger.
|
1683
|
+
# @return [String]
|
1684
|
+
#
|
1685
|
+
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UpdateLedgerPermissionsModeResponse AWS API Documentation
|
1686
|
+
#
|
1687
|
+
class UpdateLedgerPermissionsModeResponse < Struct.new(
|
1688
|
+
:name,
|
1689
|
+
:arn,
|
1690
|
+
:permissions_mode)
|
1691
|
+
SENSITIVE = []
|
1692
|
+
include Aws::Structure
|
1693
|
+
end
|
1694
|
+
|
1444
1695
|
# @note When making an API call, you may pass UpdateLedgerRequest
|
1445
1696
|
# data as a hash:
|
1446
1697
|
#
|
1447
1698
|
# {
|
1448
1699
|
# name: "LedgerName", # required
|
1449
1700
|
# deletion_protection: false,
|
1701
|
+
# kms_key: "KmsKey",
|
1450
1702
|
# }
|
1451
1703
|
#
|
1452
1704
|
# @!attribute [rw] name
|
@@ -1459,18 +1711,61 @@ module Aws::QLDB
|
|
1459
1711
|
# default.
|
1460
1712
|
#
|
1461
1713
|
# If deletion protection is enabled, you must first disable it before
|
1462
|
-
# you can delete the ledger
|
1463
|
-
#
|
1464
|
-
# `UpdateLedger` operation to set the flag to `false`. The QLDB
|
1465
|
-
# console disables deletion protection for you when you use it to
|
1466
|
-
# delete a ledger.
|
1714
|
+
# you can delete the ledger. You can disable it by calling the
|
1715
|
+
# `UpdateLedger` operation to set the flag to `false`.
|
1467
1716
|
# @return [Boolean]
|
1468
1717
|
#
|
1718
|
+
# @!attribute [rw] kms_key
|
1719
|
+
# The key in Key Management Service (KMS) to use for encryption of
|
1720
|
+
# data at rest in the ledger. For more information, see [Encryption at
|
1721
|
+
# rest][1] in the *Amazon QLDB Developer Guide*.
|
1722
|
+
#
|
1723
|
+
# Use one of the following options to specify this parameter:
|
1724
|
+
#
|
1725
|
+
# * `AWS_OWNED_KMS_KEY`\: Use an KMS key that is owned and managed by
|
1726
|
+
# Amazon Web Services on your behalf.
|
1727
|
+
#
|
1728
|
+
# * **Undefined**\: Make no changes to the KMS key of the ledger.
|
1729
|
+
#
|
1730
|
+
# * **A valid symmetric customer managed KMS key**\: Use the specified
|
1731
|
+
# KMS key in your account that you create, own, and manage.
|
1732
|
+
#
|
1733
|
+
# Amazon QLDB does not support asymmetric keys. For more
|
1734
|
+
# information, see [Using symmetric and asymmetric keys][2] in the
|
1735
|
+
# *Key Management Service Developer Guide*.
|
1736
|
+
#
|
1737
|
+
# To specify a customer managed KMS key, you can use its key ID,
|
1738
|
+
# Amazon Resource Name (ARN), alias name, or alias ARN. When using an
|
1739
|
+
# alias name, prefix it with `"alias/"`. To specify a key in a
|
1740
|
+
# different account, you must use the key ARN or alias ARN.
|
1741
|
+
#
|
1742
|
+
# For example:
|
1743
|
+
#
|
1744
|
+
# * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
|
1745
|
+
#
|
1746
|
+
# * Key ARN:
|
1747
|
+
# `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
|
1748
|
+
#
|
1749
|
+
# * Alias name: `alias/ExampleAlias`
|
1750
|
+
#
|
1751
|
+
# * Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`
|
1752
|
+
#
|
1753
|
+
# For more information, see [Key identifiers (KeyId)][3] in the *Key
|
1754
|
+
# Management Service Developer Guide*.
|
1755
|
+
#
|
1756
|
+
#
|
1757
|
+
#
|
1758
|
+
# [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html
|
1759
|
+
# [2]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
|
1760
|
+
# [3]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
|
1761
|
+
# @return [String]
|
1762
|
+
#
|
1469
1763
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UpdateLedgerRequest AWS API Documentation
|
1470
1764
|
#
|
1471
1765
|
class UpdateLedgerRequest < Struct.new(
|
1472
1766
|
:name,
|
1473
|
-
:deletion_protection
|
1767
|
+
:deletion_protection,
|
1768
|
+
:kms_key)
|
1474
1769
|
SENSITIVE = []
|
1475
1770
|
include Aws::Structure
|
1476
1771
|
end
|
@@ -1499,13 +1794,16 @@ module Aws::QLDB
|
|
1499
1794
|
# default.
|
1500
1795
|
#
|
1501
1796
|
# If deletion protection is enabled, you must first disable it before
|
1502
|
-
# you can delete the ledger
|
1503
|
-
#
|
1504
|
-
# `UpdateLedger` operation to set the flag to `false`. The QLDB
|
1505
|
-
# console disables deletion protection for you when you use it to
|
1506
|
-
# delete a ledger.
|
1797
|
+
# you can delete the ledger. You can disable it by calling the
|
1798
|
+
# `UpdateLedger` operation to set the flag to `false`.
|
1507
1799
|
# @return [Boolean]
|
1508
1800
|
#
|
1801
|
+
# @!attribute [rw] encryption_description
|
1802
|
+
# Information about the encryption of data at rest in the ledger. This
|
1803
|
+
# includes the current status, the KMS key, and when the key became
|
1804
|
+
# inaccessible (in the case of an error).
|
1805
|
+
# @return [Types::LedgerEncryptionDescription]
|
1806
|
+
#
|
1509
1807
|
# @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UpdateLedgerResponse AWS API Documentation
|
1510
1808
|
#
|
1511
1809
|
class UpdateLedgerResponse < Struct.new(
|
@@ -1513,7 +1811,8 @@ module Aws::QLDB
|
|
1513
1811
|
:arn,
|
1514
1812
|
:state,
|
1515
1813
|
:creation_date_time,
|
1516
|
-
:deletion_protection
|
1814
|
+
:deletion_protection,
|
1815
|
+
:encryption_description)
|
1517
1816
|
SENSITIVE = []
|
1518
1817
|
include Aws::Structure
|
1519
1818
|
end
|