aws-sdk-qldb 1.14.0 → 1.18.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b855a08fcf61fe9ab43c75c07bdf8d94e7a0def11d2f33d61608bbab93d099ee
-  data.tar.gz: d3352328214a2cd14a07b6243d7e36322517ad47aa804a81c39056729ff9e119
+  metadata.gz: ae34f01e72fbae85f8988ed6f378fb7a9c1cdb640e6f8a27cc38f514965db40c
+  data.tar.gz: 5d4da458dae894ff0384f7681ab8141bffc50a21e70fa44998df6661a41a43db
 SHA512:
-  metadata.gz: 25e3d4a5839cf6d3aa07f2658746e77d5d61020fc68c3882355d4a7e70844fd1f5c9d50bb1d9b6fd031113434d3b666fefdfec6443c459914db49a195599c5a5
-  data.tar.gz: fc783f746b0f652e372b76da4e26bc3a787d76f2a5728b76995af0627bf877a32e12e1eacb5629de0b30883dabec81a3576c6ff00c2825ff332c6216c88febe2
+  metadata.gz: 5ed1ce6c975ed9e11f705a68fe427cad6629d4df4a78c220cbc02bd1bf1fa43f7ebbf5adf6783596bacba01d749bfd80463063b70c4b12be828928d83b6f970d
+  data.tar.gz: ce6bee2f028877841f902c70048975538f2105e34ff4216a50ff297ab747f28ca8587d19d958edf869bc9f5fa05ae2ec4f2df0cf02e190f861301cff759be944

data/CHANGELOG.md

@@ -1,6 +1,26 @@
 Unreleased Changes
 ------------------
 
+1.18.0 (2021-07-30)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.17.0 (2021-07-28)
+------------------
+
+* Feature - Code Generated Changes, see `./build_tools` or `aws-sdk-core`'s CHANGELOG.md for details.
+
+1.16.0 (2021-07-22)
+------------------
+
+* Feature - Amazon QLDB now supports ledgers encrypted with customer managed KMS keys. Changes in CreateLedger, UpdateLedger and DescribeLedger APIs to support the changes.
+
+1.15.0 (2021-06-04)
+------------------
+
+* Feature - Documentation updates for Amazon QLDB
+
 1.14.0 (2021-05-26)
 ------------------
 

data/VERSION

@@ -1 +1 @@
-1.14.0
+1.18.0

data/lib/aws-sdk-qldb.rb

@@ -48,6 +48,6 @@ require_relative 'aws-sdk-qldb/customizations'
 # @!group service
 module Aws::QLDB
 
-  GEM_VERSION = '1.14.0'
+  GEM_VERSION = '1.18.0'
 
 end

data/lib/aws-sdk-qldb/client.rb

@@ -338,7 +338,8 @@ module Aws::QLDB
     #   The name of the ledger.
     #
     # @option params [required, String] :stream_id
-    #   The unique ID that QLDB assigns to each QLDB journal stream.
+    #   The UUID (represented in Base62-encoded text) of the QLDB journal
+    #   stream to be canceled.
     #
     # @return [Types::CancelJournalKinesisStreamResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -364,11 +365,11 @@ module Aws::QLDB
       req.send_request(options)
     end
 
-    # Creates a new ledger in your AWS account.
+    # Creates a new ledger in your account in the current Region.
     #
     # @option params [required, String] :name
     #   The name of the ledger that you want to create. The name must be
-    #   unique among all of your ledgers in the current AWS Region.
+    #   unique among all of the ledgers in your account in the current Region.
     #
     #   Naming constraints for ledger names are defined in [Quotas in Amazon
     #   QLDB][1] in the *Amazon QLDB Developer Guide*.
@@ -389,8 +390,8 @@ module Aws::QLDB
     #   * `ALLOW_ALL`\: A legacy permissions mode that enables access control
     #     with API-level granularity for ledgers.
     #
-    #     This mode allows users who have `SendCommand` permissions for this
-    #     ledger to run all PartiQL commands (hence, `ALLOW_ALL`) on any
+    #     This mode allows users who have the `SendCommand` API permission for
+    #     this ledger to run all PartiQL commands (hence, `ALLOW_ALL`) on any
     #     tables in the specified ledger. This mode disregards any table-level
     #     or command-level IAM permissions policies that you create for the
     #     ledger.
@@ -402,24 +403,73 @@ module Aws::QLDB
     #     By default, this mode denies all user requests to run any PartiQL
     #     commands on any tables in this ledger. To allow PartiQL commands to
     #     run, you must create IAM permissions policies for specific table
-    #     resources and PartiQL actions, in addition to `SendCommand` API
-    #     permissions for the ledger.
+    #     resources and PartiQL actions, in addition to the `SendCommand` API
+    #     permission for the ledger. For information, see [Getting started
+    #     with the standard permissions mode][1] in the *Amazon QLDB Developer
+    #     Guide*.
     #
     #   <note markdown="1"> We strongly recommend using the `STANDARD` permissions mode to
     #   maximize the security of your ledger data.
     #
     #    </note>
     #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html
+    #
     # @option params [Boolean] :deletion_protection
     #   The flag that prevents a ledger from being deleted by any user. If not
     #   provided on ledger creation, this feature is enabled (`true`) by
     #   default.
     #
     #   If deletion protection is enabled, you must first disable it before
-    #   you can delete the ledger using the QLDB API or the AWS Command Line
-    #   Interface (AWS CLI). You can disable it by calling the `UpdateLedger`
-    #   operation to set the flag to `false`. The QLDB console disables
-    #   deletion protection for you when you use it to delete a ledger.
+    #   you can delete the ledger. You can disable it by calling the
+    #   `UpdateLedger` operation to set the flag to `false`.
+    #
+    # @option params [String] :kms_key
+    #   The key in Key Management Service (KMS) to use for encryption of data
+    #   at rest in the ledger. For more information, see [Encryption at
+    #   rest][1] in the *Amazon QLDB Developer Guide*.
+    #
+    #   Use one of the following options to specify this parameter:
+    #
+    #   * `AWS_OWNED_KMS_KEY`\: Use an KMS key that is owned and managed by
+    #     Amazon Web Services on your behalf.
+    #
+    #   * **Undefined**\: By default, use an Amazon Web Services owned KMS
+    #     key.
+    #
+    #   * **A valid symmetric customer managed KMS key**\: Use the specified
+    #     KMS key in your account that you create, own, and manage.
+    #
+    #     Amazon QLDB does not support asymmetric keys. For more information,
+    #     see [Using symmetric and asymmetric keys][2] in the *Key Management
+    #     Service Developer Guide*.
+    #
+    #   To specify a customer managed KMS key, you can use its key ID, Amazon
+    #   Resource Name (ARN), alias name, or alias ARN. When using an alias
+    #   name, prefix it with `"alias/"`. To specify a key in a different
+    #   account, you must use the key ARN or alias ARN.
+    #
+    #   For example:
+    #
+    #   * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Key ARN:
+    #     `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Alias name: `alias/ExampleAlias`
+    #
+    #   * Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`
+    #
+    #   For more information, see [Key identifiers (KeyId)][3] in the *Key
+    #   Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html
+    #   [2]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
+    #   [3]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
     #
     # @return [Types::CreateLedgerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -429,6 +479,7 @@ module Aws::QLDB
     #   * {Types::CreateLedgerResponse#creation_date_time #creation_date_time} => Time
     #   * {Types::CreateLedgerResponse#permissions_mode #permissions_mode} => String
     #   * {Types::CreateLedgerResponse#deletion_protection #deletion_protection} => Boolean
+    #   * {Types::CreateLedgerResponse#kms_key_arn #kms_key_arn} => String
     #
     # @example Request syntax with placeholder values
     #
@@ -439,6 +490,7 @@ module Aws::QLDB
     #     },
     #     permissions_mode: "ALLOW_ALL", # required, accepts ALLOW_ALL, STANDARD
     #     deletion_protection: false,
+    #     kms_key: "KmsKey",
     #   })
     #
     # @example Response structure
@@ -449,6 +501,7 @@ module Aws::QLDB
     #   resp.creation_date_time #=> Time
     #   resp.permissions_mode #=> String, one of "ALLOW_ALL", "STANDARD"
     #   resp.deletion_protection #=> Boolean
+    #   resp.kms_key_arn #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/CreateLedger AWS API Documentation
     #
@@ -462,10 +515,8 @@ module Aws::QLDB
     # Deletes a ledger and all of its contents. This action is irreversible.
     #
     # If deletion protection is enabled, you must first disable it before
-    # you can delete the ledger using the QLDB API or the AWS Command Line
-    # Interface (AWS CLI). You can disable it by calling the `UpdateLedger`
-    # operation to set the flag to `false`. The QLDB console disables
-    # deletion protection for you when you use it to delete a ledger.
+    # you can delete the ledger. You can disable it by calling the
+    # `UpdateLedger` operation to set the flag to `false`.
     #
     # @option params [required, String] :name
     #   The name of the ledger that you want to delete.
@@ -489,14 +540,23 @@ module Aws::QLDB
 
     # Returns detailed information about a given Amazon QLDB journal stream.
     # The output includes the Amazon Resource Name (ARN), stream name,
-    # current status, creation time, and the parameters of your original
+    # current status, creation time, and the parameters of the original
     # stream creation request.
     #
+    # This action does not return any expired journal streams. For more
+    # information, see [Expiration for terminal streams][1] in the *Amazon
+    # QLDB Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/streams.create.html#streams.create.states.expiration
+    #
     # @option params [required, String] :ledger_name
     #   The name of the ledger.
     #
     # @option params [required, String] :stream_id
-    #   The unique ID that QLDB assigns to each QLDB journal stream.
+    #   The UUID (represented in Base62-encoded text) of the QLDB journal
+    #   stream to describe.
     #
     # @return [Types::DescribeJournalKinesisStreamResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -534,11 +594,11 @@ module Aws::QLDB
     end
 
     # Returns information about a journal export job, including the ledger
-    # name, export ID, when it was created, current status, and its start
-    # and end time export parameters.
+    # name, export ID, creation time, current status, and the parameters of
+    # the original export creation request.
     #
     # This action does not return any expired export jobs. For more
-    # information, see [Export Job Expiration][1] in the *Amazon QLDB
+    # information, see [Export job expiration][1] in the *Amazon QLDB
     # Developer Guide*.
     #
     # If the export job with the given `ExportId` doesn't exist, then
@@ -555,7 +615,8 @@ module Aws::QLDB
     #   The name of the ledger.
     #
     # @option params [required, String] :export_id
-    #   The unique ID of the journal export job that you want to describe.
+    #   The UUID (represented in Base62-encoded text) of the journal export
+    #   job to describe.
     #
     # @return [Types::DescribeJournalS3ExportResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -591,8 +652,8 @@ module Aws::QLDB
       req.send_request(options)
     end
 
-    # Returns information about a ledger, including its state and when it
-    # was created.
+    # Returns information about a ledger, including its state, permissions
+    # mode, encryption at rest settings, and when it was created.
     #
     # @option params [required, String] :name
     #   The name of the ledger that you want to describe.
@@ -605,6 +666,7 @@ module Aws::QLDB
     #   * {Types::DescribeLedgerResponse#creation_date_time #creation_date_time} => Time
     #   * {Types::DescribeLedgerResponse#permissions_mode #permissions_mode} => String
     #   * {Types::DescribeLedgerResponse#deletion_protection #deletion_protection} => Boolean
+    #   * {Types::DescribeLedgerResponse#encryption_description #encryption_description} => Types::LedgerEncryptionDescription
     #
     # @example Request syntax with placeholder values
     #
@@ -620,6 +682,9 @@ module Aws::QLDB
     #   resp.creation_date_time #=> Time
     #   resp.permissions_mode #=> String, one of "ALLOW_ALL", "STANDARD"
     #   resp.deletion_protection #=> Boolean
+    #   resp.encryption_description.kms_key_arn #=> String
+    #   resp.encryption_description.encryption_status #=> String, one of "ENABLED", "UPDATING", "KMS_KEY_INACCESSIBLE"
+    #   resp.encryption_description.inaccessible_kms_key_date_time #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/DescribeLedger AWS API Documentation
     #
@@ -648,12 +713,12 @@ module Aws::QLDB
     #   The name of the ledger.
     #
     # @option params [required, Time,DateTime,Date,Integer,String] :inclusive_start_time
-    #   The inclusive start date and time for the range of journal contents
-    #   that you want to export.
+    #   The inclusive start date and time for the range of journal contents to
+    #   export.
     #
     #   The `InclusiveStartTime` must be in `ISO 8601` date and time format
     #   and in Universal Coordinated Time (UTC). For example:
-    #   `2019-06-13T21:36:34Z`
+    #   `2019-06-13T21:36:34Z`.
     #
     #   The `InclusiveStartTime` must be before `ExclusiveEndTime`.
     #
@@ -662,12 +727,12 @@ module Aws::QLDB
     #   `CreationDateTime`.
     #
     # @option params [required, Time,DateTime,Date,Integer,String] :exclusive_end_time
-    #   The exclusive end date and time for the range of journal contents that
-    #   you want to export.
+    #   The exclusive end date and time for the range of journal contents to
+    #   export.
     #
     #   The `ExclusiveEndTime` must be in `ISO 8601` date and time format and
     #   in Universal Coordinated Time (UTC). For example:
-    #   `2019-06-13T21:36:34Z`
+    #   `2019-06-13T21:36:34Z`.
     #
     #   The `ExclusiveEndTime` must be less than or equal to the current UTC
     #   date and time.
@@ -683,8 +748,8 @@ module Aws::QLDB
     #   * Write objects into your Amazon Simple Storage Service (Amazon S3)
     #     bucket.
     #
-    #   * (Optional) Use your customer master key (CMK) in AWS Key Management
-    #     Service (AWS KMS) for server-side encryption of your exported data.
+    #   * (Optional) Use your customer master key (CMK) in Key Management
+    #     Service (KMS) for server-side encryption of your exported data.
     #
     # @return [Types::ExportJournalToS3Response] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -747,14 +812,14 @@ module Aws::QLDB
     #   The location of the block that you want to request. An address is an
     #   Amazon Ion structure that has two fields: `strandId` and `sequenceNo`.
     #
-    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`
+    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`.
     #
     # @option params [Types::ValueHolder] :digest_tip_address
     #   The latest block location covered by the digest for which to request a
     #   proof. An address is an Amazon Ion structure that has two fields:
     #   `strandId` and `sequenceNo`.
     #
-    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`
+    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`.
     #
     # @return [Types::GetBlockResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -831,17 +896,18 @@ module Aws::QLDB
     #   is an Amazon Ion structure that has two fields: `strandId` and
     #   `sequenceNo`.
     #
-    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`
+    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:14\}`.
     #
     # @option params [required, String] :document_id
-    #   The unique ID of the document to be verified.
+    #   The UUID (represented in Base62-encoded text) of the document to be
+    #   verified.
     #
     # @option params [Types::ValueHolder] :digest_tip_address
     #   The latest block location covered by the digest for which to request a
     #   proof. An address is an Amazon Ion structure that has two fields:
     #   `strandId` and `sequenceNo`.
     #
-    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`
+    #   For example: `\{strandId:"BlFTjlSXze9BIh1KOszcE3",sequenceNo:49\}`.
     #
     # @return [Types::GetRevisionResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -879,10 +945,18 @@ module Aws::QLDB
     # given ledger. The output of each stream descriptor includes the same
     # details that are returned by `DescribeJournalKinesisStream`.
     #
+    # This action does not return any expired journal streams. For more
+    # information, see [Expiration for terminal streams][1] in the *Amazon
+    # QLDB Developer Guide*.
+    #
     # This action returns a maximum of `MaxResults` items. It is paginated
     # so that you can retrieve all the items by calling
     # `ListJournalKinesisStreamsForLedger` multiple times.
     #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/streams.create.html#streams.create.states.expiration
+    #
     # @option params [required, String] :ledger_name
     #   The name of the ledger.
     #
@@ -939,14 +1013,14 @@ module Aws::QLDB
     end
 
     # Returns an array of journal export job descriptions for all ledgers
-    # that are associated with the current AWS account and Region.
+    # that are associated with the current account and Region.
     #
     # This action returns a maximum of `MaxResults` items, and is paginated
     # so that you can retrieve all the items by calling
     # `ListJournalS3Exports` multiple times.
     #
     # This action does not return any expired export jobs. For more
-    # information, see [Export Job Expiration][1] in the *Amazon QLDB
+    # information, see [Export job expiration][1] in the *Amazon QLDB
     # Developer Guide*.
     #
     #
@@ -1011,7 +1085,7 @@ module Aws::QLDB
     # `ListJournalS3ExportsForLedger` multiple times.
     #
     # This action does not return any expired export jobs. For more
-    # information, see [Export Job Expiration][1] in the *Amazon QLDB
+    # information, see [Export job expiration][1] in the *Amazon QLDB
     # Developer Guide*.
     #
     #
@@ -1073,7 +1147,7 @@ module Aws::QLDB
     end
 
     # Returns an array of ledger summaries that are associated with the
-    # current AWS account and Region.
+    # current account and Region.
     #
     # This action returns a maximum of 100 items and is paginated so that
     # you can retrieve all the items by calling `ListLedgers` multiple
@@ -1123,8 +1197,8 @@ module Aws::QLDB
     # Returns all tags for a specified Amazon QLDB resource.
     #
     # @option params [required, String] :resource_arn
-    #   The Amazon Resource Name (ARN) for which you want to list the tags.
-    #   For example:
+    #   The Amazon Resource Name (ARN) for which to list the tags. For
+    #   example:
     #
     #   `arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger`
     #
@@ -1174,7 +1248,7 @@ module Aws::QLDB
     #   The inclusive start date and time from which to start streaming
     #   journal data. This parameter must be in `ISO 8601` date and time
     #   format and in Universal Coordinated Time (UTC). For example:
-    #   `2019-06-13T21:36:34Z`
+    #   `2019-06-13T21:36:34Z`.
     #
     #   The `InclusiveStartTime` cannot be in the future and must be before
     #   `ExclusiveEndTime`.
@@ -1190,7 +1264,7 @@ module Aws::QLDB
     #
     #   The `ExclusiveEndTime` must be in `ISO 8601` date and time format and
     #   in Universal Coordinated Time (UTC). For example:
-    #   `2019-06-13T21:36:34Z`
+    #   `2019-06-13T21:36:34Z`.
     #
     # @option params [required, Types::KinesisConfiguration] :kinesis_configuration
     #   The configuration settings of the Kinesis Data Streams destination for
@@ -1285,13 +1359,13 @@ module Aws::QLDB
     # can specify up to 50 tag keys to remove.
     #
     # @option params [required, String] :resource_arn
-    #   The Amazon Resource Name (ARN) from which you want to remove the tags.
-    #   For example:
+    #   The Amazon Resource Name (ARN) from which to remove the tags. For
+    #   example:
     #
     #   `arn:aws:qldb:us-east-1:123456789012:ledger/exampleLedger`
     #
     # @option params [required, Array<String>] :tag_keys
-    #   The list of tag keys that you want to remove.
+    #   The list of tag keys to remove.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -1322,10 +1396,52 @@ module Aws::QLDB
     #   default.
     #
     #   If deletion protection is enabled, you must first disable it before
-    #   you can delete the ledger using the QLDB API or the AWS Command Line
-    #   Interface (AWS CLI). You can disable it by calling the `UpdateLedger`
-    #   operation to set the flag to `false`. The QLDB console disables
-    #   deletion protection for you when you use it to delete a ledger.
+    #   you can delete the ledger. You can disable it by calling the
+    #   `UpdateLedger` operation to set the flag to `false`.
+    #
+    # @option params [String] :kms_key
+    #   The key in Key Management Service (KMS) to use for encryption of data
+    #   at rest in the ledger. For more information, see [Encryption at
+    #   rest][1] in the *Amazon QLDB Developer Guide*.
+    #
+    #   Use one of the following options to specify this parameter:
+    #
+    #   * `AWS_OWNED_KMS_KEY`\: Use an KMS key that is owned and managed by
+    #     Amazon Web Services on your behalf.
+    #
+    #   * **Undefined**\: Make no changes to the KMS key of the ledger.
+    #
+    #   * **A valid symmetric customer managed KMS key**\: Use the specified
+    #     KMS key in your account that you create, own, and manage.
+    #
+    #     Amazon QLDB does not support asymmetric keys. For more information,
+    #     see [Using symmetric and asymmetric keys][2] in the *Key Management
+    #     Service Developer Guide*.
+    #
+    #   To specify a customer managed KMS key, you can use its key ID, Amazon
+    #   Resource Name (ARN), alias name, or alias ARN. When using an alias
+    #   name, prefix it with `"alias/"`. To specify a key in a different
+    #   account, you must use the key ARN or alias ARN.
+    #
+    #   For example:
+    #
+    #   * Key ID: `1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Key ARN:
+    #     `arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`
+    #
+    #   * Alias name: `alias/ExampleAlias`
+    #
+    #   * Alias ARN: `arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias`
+    #
+    #   For more information, see [Key identifiers (KeyId)][3] in the *Key
+    #   Management Service Developer Guide*.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/encryption-at-rest.html
+    #   [2]: https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html
+    #   [3]: https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id
     #
     # @return [Types::UpdateLedgerResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -1334,12 +1450,14 @@ module Aws::QLDB
     #   * {Types::UpdateLedgerResponse#state #state} => String
     #   * {Types::UpdateLedgerResponse#creation_date_time #creation_date_time} => Time
     #   * {Types::UpdateLedgerResponse#deletion_protection #deletion_protection} => Boolean
+    #   * {Types::UpdateLedgerResponse#encryption_description #encryption_description} => Types::LedgerEncryptionDescription
     #
     # @example Request syntax with placeholder values
     #
     #   resp = client.update_ledger({
     #     name: "LedgerName", # required
     #     deletion_protection: false,
+    #     kms_key: "KmsKey",
     #   })
     #
     # @example Response structure
@@ -1349,6 +1467,9 @@ module Aws::QLDB
     #   resp.state #=> String, one of "CREATING", "ACTIVE", "DELETING", "DELETED"
     #   resp.creation_date_time #=> Time
     #   resp.deletion_protection #=> Boolean
+    #   resp.encryption_description.kms_key_arn #=> String
+    #   resp.encryption_description.encryption_status #=> String, one of "ENABLED", "UPDATING", "KMS_KEY_INACCESSIBLE"
+    #   resp.encryption_description.inaccessible_kms_key_date_time #=> Time
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/qldb-2019-01-02/UpdateLedger AWS API Documentation
     #
@@ -1361,6 +1482,15 @@ module Aws::QLDB
 
     # Updates the permissions mode of a ledger.
     #
+    # Before you switch to the `STANDARD` permissions mode, you must first
+    # create all required IAM policies and table tags to avoid disruption to
+    # your users. To learn more, see [Migrating to the standard permissions
+    # mode][1] in the *Amazon QLDB Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/ledger-management.basics.html#ledger-mgmt.basics.update-permissions.migrating
+    #
     # @option params [required, String] :name
     #   The name of the ledger.
     #
@@ -1371,8 +1501,8 @@ module Aws::QLDB
     #   * `ALLOW_ALL`\: A legacy permissions mode that enables access control
     #     with API-level granularity for ledgers.
     #
-    #     This mode allows users who have `SendCommand` permissions for this
-    #     ledger to run all PartiQL commands (hence, `ALLOW_ALL`) on any
+    #     This mode allows users who have the `SendCommand` API permission for
+    #     this ledger to run all PartiQL commands (hence, `ALLOW_ALL`) on any
     #     tables in the specified ledger. This mode disregards any table-level
     #     or command-level IAM permissions policies that you create for the
     #     ledger.
@@ -1384,14 +1514,20 @@ module Aws::QLDB
     #     By default, this mode denies all user requests to run any PartiQL
     #     commands on any tables in this ledger. To allow PartiQL commands to
     #     run, you must create IAM permissions policies for specific table
-    #     resources and PartiQL actions, in addition to `SendCommand` API
-    #     permissions for the ledger.
+    #     resources and PartiQL actions, in addition to the `SendCommand` API
+    #     permission for the ledger. For information, see [Getting started
+    #     with the standard permissions mode][1] in the *Amazon QLDB Developer
+    #     Guide*.
     #
     #   <note markdown="1"> We strongly recommend using the `STANDARD` permissions mode to
     #   maximize the security of your ledger data.
     #
     #    </note>
     #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/qldb/latest/developerguide/getting-started-standard-mode.html
+    #
     # @return [Types::UpdateLedgerPermissionsModeResponse] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
     #   * {Types::UpdateLedgerPermissionsModeResponse#name #name} => String
@@ -1433,7 +1569,7 @@ module Aws::QLDB
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-qldb'
-      context[:gem_version] = '1.14.0'
+      context[:gem_version] = '1.18.0'
       Seahorse::Client::Request.new(handlers, context)
     end