@aws-sdk/client-iot 3.857.0 → 3.858.0

package/dist-types/commands/DescribeEncryptionConfigurationCommand.d.ts

@@ -0,0 +1,95 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
+import { DescribeEncryptionConfigurationRequest, DescribeEncryptionConfigurationResponse } from "../models/models_1";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link DescribeEncryptionConfigurationCommand}.
+ */
+export interface DescribeEncryptionConfigurationCommandInput extends DescribeEncryptionConfigurationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link DescribeEncryptionConfigurationCommand}.
+ */
+export interface DescribeEncryptionConfigurationCommandOutput extends DescribeEncryptionConfigurationResponse, __MetadataBearer {
+}
+declare const DescribeEncryptionConfigurationCommand_base: {
+    new (input: DescribeEncryptionConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<DescribeEncryptionConfigurationCommandInput, DescribeEncryptionConfigurationCommandOutput, IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (...[input]: [] | [DescribeEncryptionConfigurationCommandInput]): import("@smithy/smithy-client").CommandImpl<DescribeEncryptionConfigurationCommandInput, DescribeEncryptionConfigurationCommandOutput, IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Retrieves the encryption configuration for resources and data of your Amazon Web Services account in
+ *          Amazon Web Services IoT Core. For more information, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/key-management.html">Key management in IoT</a> from
+ *          the <i>Amazon Web Services IoT Core Developer Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { IoTClient, DescribeEncryptionConfigurationCommand } from "@aws-sdk/client-iot"; // ES Modules import
+ * // const { IoTClient, DescribeEncryptionConfigurationCommand } = require("@aws-sdk/client-iot"); // CommonJS import
+ * const client = new IoTClient(config);
+ * const input = {};
+ * const command = new DescribeEncryptionConfigurationCommand(input);
+ * const response = await client.send(command);
+ * // { // DescribeEncryptionConfigurationResponse
+ * //   encryptionType: "CUSTOMER_MANAGED_KMS_KEY" || "AWS_OWNED_KMS_KEY",
+ * //   kmsKeyArn: "STRING_VALUE",
+ * //   kmsAccessRoleArn: "STRING_VALUE",
+ * //   configurationDetails: { // ConfigurationDetails
+ * //     configurationStatus: "HEALTHY" || "UNHEALTHY",
+ * //     errorCode: "STRING_VALUE",
+ * //     errorMessage: "STRING_VALUE",
+ * //   },
+ * //   lastModifiedDate: new Date("TIMESTAMP"),
+ * // };
+ *
+ * ```
+ *
+ * @param DescribeEncryptionConfigurationCommandInput - {@link DescribeEncryptionConfigurationCommandInput}
+ * @returns {@link DescribeEncryptionConfigurationCommandOutput}
+ * @see {@link DescribeEncryptionConfigurationCommandInput} for command's `input` shape.
+ * @see {@link DescribeEncryptionConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link IoTClientResolvedConfig | config} for IoTClient's `config` shape.
+ *
+ * @throws {@link InternalFailureException} (server fault)
+ *  <p>An unexpected error has occurred.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>The request is not valid.</p>
+ *
+ * @throws {@link ServiceUnavailableException} (server fault)
+ *  <p>The service is temporarily unavailable.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>The rate exceeds the limit.</p>
+ *
+ * @throws {@link UnauthorizedException} (client fault)
+ *  <p>You are not authorized to perform this operation.</p>
+ *
+ * @throws {@link IoTServiceException}
+ * <p>Base exception class for all service exceptions from IoT service.</p>
+ *
+ *
+ * @public
+ */
+export declare class DescribeEncryptionConfigurationCommand extends DescribeEncryptionConfigurationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: {};
+            output: DescribeEncryptionConfigurationResponse;
+        };
+        sdk: {
+            input: DescribeEncryptionConfigurationCommandInput;
+            output: DescribeEncryptionConfigurationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/ListCommandExecutionsCommand.d.ts

@@ -1,7 +1,8 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
-import { ListCommandExecutionsRequest, ListCommandExecutionsResponse } from "../models/models_1";
+import { ListCommandExecutionsRequest } from "../models/models_1";
+import { ListCommandExecutionsResponse } from "../models/models_2";
 /**
  * @public
  */

package/dist-types/commands/ListCommandsCommand.d.ts

@@ -1,7 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
-import { ListCommandsRequest, ListCommandsResponse } from "../models/models_1";
+import { ListCommandsRequest, ListCommandsResponse } from "../models/models_2";
 /**
  * @public
  */

package/dist-types/commands/ListCustomMetricsCommand.d.ts

@@ -1,8 +1,7 @@
 import { Command as $Command } from "@smithy/smithy-client";
 import { MetadataBearer as __MetadataBearer } from "@smithy/types";
 import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
-import { ListCustomMetricsRequest } from "../models/models_1";
-import { ListCustomMetricsResponse } from "../models/models_2";
+import { ListCustomMetricsRequest, ListCustomMetricsResponse } from "../models/models_2";
 /**
  * @public
  */

package/dist-types/commands/ListTopicRulesCommand.d.ts

@@ -73,6 +73,9 @@ declare const ListTopicRulesCommand_base: {
  * @throws {@link ServiceUnavailableException} (server fault)
  *  <p>The service is temporarily unavailable.</p>
  *
+ * @throws {@link UnauthorizedException} (client fault)
+ *  <p>You are not authorized to perform this operation.</p>
+ *
  * @throws {@link IoTServiceException}
  * <p>Base exception class for all service exceptions from IoT service.</p>
  *

package/dist-types/commands/TransferCertificateCommand.d.ts

@@ -30,12 +30,28 @@ declare const TransferCertificateCommand_base: {
  * <p>Transfers the specified certificate to the specified Amazon Web Services account.</p>
  *          <p>Requires permission to access the <a href="https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions">TransferCertificate</a> action.</p>
  *          <p>You can cancel the transfer until it is acknowledged by the recipient.</p>
- *          <p>No notification is sent to the transfer destination's account. It is up to the caller
+ *          <p>No notification is sent to the transfer destination's account. It's up to the caller
  *          to notify the transfer target.</p>
- *          <p>The certificate being transferred must not be in the ACTIVE state. You can use the
+ *          <p>The certificate being transferred must not be in the <code>ACTIVE</code> state. You can use the
  *          <a>UpdateCertificate</a> action to deactivate it.</p>
  *          <p>The certificate must not have any policies attached to it. You can use the
  *          <a>DetachPolicy</a> action to detach them.</p>
+ *          <p>
+ *             <b>Customer managed key behavior:</b> When you use a customer managed key to secure your data and then transfer
+ *          the key to a customer in a different account using the <a>TransferCertificate</a> operation, the certificates will no longer be protected by their
+ *          customer managed key configuration. During the transfer process, certificates are encrypted using IoT owned keys.</p>
+ *          <p>While a certificate is in the <b>PENDING_TRANSFER</b> state, it's always protected by IoT owned keys, regardless of the customer managed key configuration of either the source or destination account. </p>
+ *          <p>Once the transfer is completed through <a>AcceptCertificateTransfer</a>, <a>RejectCertificateTransfer</a>, or
+ *          <a>CancelCertificateTransfer</a>, the certificate will be protected by the customer managed key configuration of the account that owns
+ *          the certificate after the transfer operation:</p>
+ *          <ul>
+ *             <li>
+ *                <p>If the transfer is accepted: The certificate is protected by the destination account's customer managed key configuration.</p>
+ *             </li>
+ *             <li>
+ *                <p>If the transfer is rejected or cancelled: The certificate is protected by the source account's customer managed key configuration.</p>
+ *             </li>
+ *          </ul>
  * @example
  * Use a bare-bones client and the command you need to make an API call.
  * ```javascript

package/dist-types/commands/UpdateEncryptionConfigurationCommand.d.ts

@@ -0,0 +1,106 @@
+import { Command as $Command } from "@smithy/smithy-client";
+import { MetadataBearer as __MetadataBearer } from "@smithy/types";
+import { IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes } from "../IoTClient";
+import { UpdateEncryptionConfigurationRequest, UpdateEncryptionConfigurationResponse } from "../models/models_2";
+/**
+ * @public
+ */
+export type { __MetadataBearer };
+export { $Command };
+/**
+ * @public
+ *
+ * The input for {@link UpdateEncryptionConfigurationCommand}.
+ */
+export interface UpdateEncryptionConfigurationCommandInput extends UpdateEncryptionConfigurationRequest {
+}
+/**
+ * @public
+ *
+ * The output of {@link UpdateEncryptionConfigurationCommand}.
+ */
+export interface UpdateEncryptionConfigurationCommandOutput extends UpdateEncryptionConfigurationResponse, __MetadataBearer {
+}
+declare const UpdateEncryptionConfigurationCommand_base: {
+    new (input: UpdateEncryptionConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<UpdateEncryptionConfigurationCommandInput, UpdateEncryptionConfigurationCommandOutput, IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    new (input: UpdateEncryptionConfigurationCommandInput): import("@smithy/smithy-client").CommandImpl<UpdateEncryptionConfigurationCommandInput, UpdateEncryptionConfigurationCommandOutput, IoTClientResolvedConfig, ServiceInputTypes, ServiceOutputTypes>;
+    getEndpointParameterInstructions(): import("@smithy/middleware-endpoint").EndpointParameterInstructions;
+};
+/**
+ * <p>Updates the encryption configuration. By default, all Amazon Web Services IoT Core data at rest is
+ *          encrypted using Amazon Web Services owned keys. Amazon Web Services IoT Core also supports symmetric customer managed keys
+ *          from Amazon Web Services Key Management Service (KMS). With customer managed keys, you create, own, and
+ *          manage the KMS keys in your Amazon Web Services account. For more information, see <a href="https://docs.aws.amazon.com/iot/latest/developerguide/data-encryption.html">Data
+ *             encryption</a> in the <i>Amazon Web Services IoT Core Developer Guide</i>.</p>
+ * @example
+ * Use a bare-bones client and the command you need to make an API call.
+ * ```javascript
+ * import { IoTClient, UpdateEncryptionConfigurationCommand } from "@aws-sdk/client-iot"; // ES Modules import
+ * // const { IoTClient, UpdateEncryptionConfigurationCommand } = require("@aws-sdk/client-iot"); // CommonJS import
+ * const client = new IoTClient(config);
+ * const input = { // UpdateEncryptionConfigurationRequest
+ *   encryptionType: "CUSTOMER_MANAGED_KMS_KEY" || "AWS_OWNED_KMS_KEY", // required
+ *   kmsKeyArn: "STRING_VALUE",
+ *   kmsAccessRoleArn: "STRING_VALUE",
+ * };
+ * const command = new UpdateEncryptionConfigurationCommand(input);
+ * const response = await client.send(command);
+ * // {};
+ *
+ * ```
+ *
+ * @param UpdateEncryptionConfigurationCommandInput - {@link UpdateEncryptionConfigurationCommandInput}
+ * @returns {@link UpdateEncryptionConfigurationCommandOutput}
+ * @see {@link UpdateEncryptionConfigurationCommandInput} for command's `input` shape.
+ * @see {@link UpdateEncryptionConfigurationCommandOutput} for command's `response` shape.
+ * @see {@link IoTClientResolvedConfig | config} for IoTClient's `config` shape.
+ *
+ * @throws {@link InternalFailureException} (server fault)
+ *  <p>An unexpected error has occurred.</p>
+ *
+ * @throws {@link InvalidRequestException} (client fault)
+ *  <p>The request is not valid.</p>
+ *
+ * @throws {@link ServiceUnavailableException} (server fault)
+ *  <p>The service is temporarily unavailable.</p>
+ *
+ * @throws {@link ThrottlingException} (client fault)
+ *  <p>The rate exceeds the limit.</p>
+ *
+ * @throws {@link UnauthorizedException} (client fault)
+ *  <p>You are not authorized to perform this operation.</p>
+ *
+ * @throws {@link IoTServiceException}
+ * <p>Base exception class for all service exceptions from IoT service.</p>
+ *
+ *
+ * @example UpdateEncryptionConfiguration example
+ * ```javascript
+ * // This operation updates the encryption configuration.
+ * const input = {
+ *   encryptionType: "CUSTOMER_MANAGED_KMS_KEY",
+ *   kmsAccessRoleArn: "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   kmsKeyArn: "arn:aws:iam:us-west-2:111122223333:role/myrole"
+ * };
+ * const command = new UpdateEncryptionConfigurationCommand(input);
+ * const response = await client.send(command);
+ * /* response is
+ * { /* metadata only *\/ }
+ * *\/
+ * ```
+ *
+ * @public
+ */
+export declare class UpdateEncryptionConfigurationCommand extends UpdateEncryptionConfigurationCommand_base {
+    /** @internal type navigation helper, not in runtime. */
+    protected static __types: {
+        api: {
+            input: UpdateEncryptionConfigurationRequest;
+            output: {};
+        };
+        sdk: {
+            input: UpdateEncryptionConfigurationCommandInput;
+            output: UpdateEncryptionConfigurationCommandOutput;
+        };
+    };
+}

package/dist-types/commands/index.d.ts

@@ -99,6 +99,7 @@ export * from "./DescribeDefaultAuthorizerCommand";
 export * from "./DescribeDetectMitigationActionsTaskCommand";
 export * from "./DescribeDimensionCommand";
 export * from "./DescribeDomainConfigurationCommand";
+export * from "./DescribeEncryptionConfigurationCommand";
 export * from "./DescribeEndpointCommand";
 export * from "./DescribeEventConfigurationsCommand";
 export * from "./DescribeFleetMetricCommand";
@@ -249,6 +250,7 @@ export * from "./UpdateCustomMetricCommand";
 export * from "./UpdateDimensionCommand";
 export * from "./UpdateDomainConfigurationCommand";
 export * from "./UpdateDynamicThingGroupCommand";
+export * from "./UpdateEncryptionConfigurationCommand";
 export * from "./UpdateEventConfigurationsCommand";
 export * from "./UpdateFleetMetricCommand";
 export * from "./UpdateIndexingConfigurationCommand";

package/dist-types/models/models_1.d.ts

@@ -2102,6 +2102,93 @@ export interface DescribeDomainConfigurationResponse {
      */
     clientCertificateConfig?: ClientCertificateConfig | undefined;
 }
+/**
+ * @public
+ */
+export interface DescribeEncryptionConfigurationRequest {
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const ConfigurationStatus: {
+    readonly HEALTHY: "HEALTHY";
+    readonly UNHEALTHY: "UNHEALTHY";
+};
+/**
+ * @public
+ */
+export type ConfigurationStatus = (typeof ConfigurationStatus)[keyof typeof ConfigurationStatus];
+/**
+ * <p>The encryption configuration details that include the status information of the Amazon Web Services Key Management Service (KMS) key and the KMS access role.</p>
+ * @public
+ */
+export interface ConfigurationDetails {
+    /**
+     * <p>The health status of KMS key and KMS access role. If either KMS key or KMS access role
+     *          is <code>UNHEALTHY</code>, the return value will be <code>UNHEALTHY</code>. To use a
+     *          customer-managed KMS key, the value of <code>configurationStatus</code> must be
+     *             <code>HEALTHY</code>. </p>
+     * @public
+     */
+    configurationStatus?: ConfigurationStatus | undefined;
+    /**
+     * <p>The error code that indicates either the KMS key or the KMS access role is <code>UNHEALTHY</code>.
+     *          Valid values: <code>KMS_KEY_VALIDATION_ERROR</code> and <code>ROLE_VALIDATION_ERROR</code>.
+     *       </p>
+     * @public
+     */
+    errorCode?: string | undefined;
+    /**
+     * <p>The detailed error message that corresponds to the <code>errorCode</code>.</p>
+     * @public
+     */
+    errorMessage?: string | undefined;
+}
+/**
+ * @public
+ * @enum
+ */
+export declare const EncryptionType: {
+    readonly AWS_OWNED_KMS_KEY: "AWS_OWNED_KMS_KEY";
+    readonly CUSTOMER_MANAGED_KMS_KEY: "CUSTOMER_MANAGED_KMS_KEY";
+};
+/**
+ * @public
+ */
+export type EncryptionType = (typeof EncryptionType)[keyof typeof EncryptionType];
+/**
+ * @public
+ */
+export interface DescribeEncryptionConfigurationResponse {
+    /**
+     * <p>The type of the Amazon Web Services Key Management Service (KMS) key.</p>
+     * @public
+     */
+    encryptionType?: EncryptionType | undefined;
+    /**
+     * <p>The Amazon Resource Name (ARN) of the IAM role assumed by Amazon Web Services IoT Core to call KMS on
+     *          behalf of the customer.</p>
+     * @public
+     */
+    kmsKeyArn?: string | undefined;
+    /**
+     * <p>The ARN of the customer-managed KMS key.</p>
+     * @public
+     */
+    kmsAccessRoleArn?: string | undefined;
+    /**
+     * <p>The encryption configuration details that include the status information of the KMS key
+     *          and the KMS access role.</p>
+     * @public
+     */
+    configurationDetails?: ConfigurationDetails | undefined;
+    /**
+     * <p>The date when encryption configuration is last updated.</p>
+     * @public
+     */
+    lastModifiedDate?: Date | undefined;
+}
 /**
  * <p>The input for the DescribeEndpoint operation.</p>
  * @public
@@ -6399,137 +6486,6 @@ export interface CommandExecutionSummary {
      */
     completedAt?: Date | undefined;
 }
-/**
- * @public
- */
-export interface ListCommandExecutionsResponse {
-    /**
-     * <p>The list of command executions.</p>
-     * @public
-     */
-    commandExecutions?: CommandExecutionSummary[] | undefined;
-    /**
-     * <p>The token to use to get the next set of results, or <code>null</code> if there are no
-     *             additional results.</p>
-     * @public
-     */
-    nextToken?: string | undefined;
-}
-/**
- * @public
- */
-export interface ListCommandsRequest {
-    /**
-     * <p>The maximum number of results to return in this operation. By default, the API returns
-     *             up to a maximum of 25 results. You can override this default value to return up to a
-     *             maximum of 100 results for this operation.</p>
-     * @public
-     */
-    maxResults?: number | undefined;
-    /**
-     * <p>To retrieve the next set of results, the <code>nextToken</code> value from a previous
-     *             response; otherwise <code>null</code> to receive the first set of results.</p>
-     * @public
-     */
-    nextToken?: string | undefined;
-    /**
-     * <p>The namespace of the command. By default, the API returns all commands that have been
-     *             created for both <code>AWS-IoT</code> and <code>AWS-IoT-FleetWise</code> namespaces. You
-     *             can override this default value if you want to return all commands that have been
-     *             created only for a specific namespace.</p>
-     * @public
-     */
-    namespace?: CommandNamespace | undefined;
-    /**
-     * <p>A filter that can be used to display the list of commands that have a specific command
-     *             parameter name.</p>
-     * @public
-     */
-    commandParameterName?: string | undefined;
-    /**
-     * <p>Specify whether to list the commands that you have created in the ascending or
-     *             descending order. By default, the API returns all commands in the descending order based
-     *             on the time that they were created.</p>
-     * @public
-     */
-    sortOrder?: SortOrder | undefined;
-}
-/**
- * <p>Summary information about a particular command resource.</p>
- * @public
- */
-export interface CommandSummary {
-    /**
-     * <p>The Amazon Resource Name (ARN) of the command.</p>
-     * @public
-     */
-    commandArn?: string | undefined;
-    /**
-     * <p>The unique identifier of the command.</p>
-     * @public
-     */
-    commandId?: string | undefined;
-    /**
-     * <p>The display name of the command.</p>
-     * @public
-     */
-    displayName?: string | undefined;
-    /**
-     * <p>Indicates whether the command has been deprecated.</p>
-     * @public
-     */
-    deprecated?: boolean | undefined;
-    /**
-     * <p>The timestamp, when the command was created.</p>
-     * @public
-     */
-    createdAt?: Date | undefined;
-    /**
-     * <p>The timestamp, when the command was last updated.</p>
-     * @public
-     */
-    lastUpdatedAt?: Date | undefined;
-    /**
-     * <p>Indicates whether the command is pending deletion.</p>
-     * @public
-     */
-    pendingDeletion?: boolean | undefined;
-}
-/**
- * @public
- */
-export interface ListCommandsResponse {
-    /**
-     * <p>The list of commands.</p>
-     * @public
-     */
-    commands?: CommandSummary[] | undefined;
-    /**
-     * <p>The token to use to get the next set of results, or <code>null</code> if there are no
-     *             additional results.</p>
-     * @public
-     */
-    nextToken?: string | undefined;
-}
-/**
- * @public
- */
-export interface ListCustomMetricsRequest {
-    /**
-     * <p>
-     *       The token for the next set of results.
-     *     </p>
-     * @public
-     */
-    nextToken?: string | undefined;
-    /**
-     * <p>
-     *       The maximum number of results to return at one time. The default is 25.
-     *     </p>
-     * @public
-     */
-    maxResults?: number | undefined;
-}
 /**
  * @internal
  */