@aws-sdk/client-kms 3.28.0 → 3.32.0

package/dist/es/commands/CreateKeyCommand.js

@@ -4,109 +4,109 @@ import { deserializeAws_json1_1CreateKeyCommand, serializeAws_json1_1CreateKeyCo
 import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
- * <p>Creates a unique customer managed <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master-keys">customer master key</a> (CMK) in your AWS
- *       account and Region.</p>
+ * <p>Creates a unique customer managed <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms-keys">KMS key</a> in your Amazon Web Services account and Region.</p>
+ *          <note>
+ *             <p>KMS is replacing the term <i>customer master key (CMK)</i> with <i>KMS key</i> and <i>KMS key</i>. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.</p>
+ *          </note>
  *
- *          <p>You can use the <code>CreateKey</code> operation to create symmetric or asymmetric
- *       CMKs.</p>
+ *          <p>You can use the <code>CreateKey</code> operation to create symmetric or asymmetric KMS keys.</p>
  *          <ul>
  *             <li>
  *                <p>
- *                   <b>Symmetric CMKs</b> contain a 256-bit symmetric key that
- *           never leaves AWS KMS unencrypted. To use the CMK, you must call AWS KMS. You can use a
- *           symmetric CMK to encrypt and decrypt small amounts of data, but they are typically used to
+ *                   <b>Symmetric KMS keys</b> contain a 256-bit symmetric key that
+ *           never leaves KMS unencrypted. To use the KMS key, you must call KMS. You can use a
+ *           symmetric KMS key to encrypt and decrypt small amounts of data, but they are typically used to
  *           generate <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys">data
  *             keys</a> and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-key-pairs">data keys pairs</a>. For details,
  *           see <a>GenerateDataKey</a> and <a>GenerateDataKeyPair</a>.</p>
  *             </li>
  *             <li>
  *                <p>
- *                   <b>Asymmetric CMKs</b> can contain an RSA key pair or an
- *           Elliptic Curve (ECC) key pair. The private key in an asymmetric CMK never leaves AWS KMS
+ *                   <b>Asymmetric KMS keys</b> can contain an RSA key pair or an
+ *           Elliptic Curve (ECC) key pair. The private key in an asymmetric KMS key never leaves KMS
  *           unencrypted. However, you can use the <a>GetPublicKey</a> operation to download
- *           the public key so it can be used outside of AWS KMS. CMKs with RSA key pairs can be used to
- *           encrypt or decrypt data or sign and verify messages (but not both). CMKs with ECC key
+ *           the public key so it can be used outside of KMS. KMS keys with RSA key pairs can be used to
+ *           encrypt or decrypt data or sign and verify messages (but not both). KMS keys with ECC key
  *           pairs can be used only to sign and verify messages.</p>
  *             </li>
  *          </ul>
- *          <p>For information about symmetric and asymmetric CMKs, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric CMKs</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *          <p>For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *
  *
- *          <p>To create different types of CMKs, use the following guidance:</p>
+ *          <p>To create different types of KMS keys, use the following guidance:</p>
  *
  *          <dl>
- *             <dt>Asymmetric CMKs</dt>
+ *             <dt>Asymmetric KMS keys</dt>
  *             <dd>
- *                <p>To create an asymmetric CMK, use the <code>CustomerMasterKeySpec</code> parameter to
- *             specify the type of key material in the CMK. Then, use the <code>KeyUsage</code>
- *             parameter to determine whether the CMK will be used to encrypt and decrypt or sign and
- *             verify. You can't change these properties after the CMK is created.</p>
+ *                <p>To create an asymmetric KMS key, use the <code>KeySpec</code> parameter to specify
+ *             the type of key material in the KMS key. Then, use the <code>KeyUsage</code> parameter
+ *             to determine whether the KMS key will be used to encrypt and decrypt or sign and verify.
+ *             You can't change these properties after the KMS key is created.</p>
  *                <p> </p>
  *             </dd>
- *             <dt>Symmetric CMKs</dt>
+ *             <dt>Symmetric KMS keys</dt>
  *             <dd>
- *                <p>When creating a symmetric CMK, you don't need to specify the
- *               <code>CustomerMasterKeySpec</code> or <code>KeyUsage</code> parameters. The default
- *             value for <code>CustomerMasterKeySpec</code>, <code>SYMMETRIC_DEFAULT</code>, and the
- *             default value for <code>KeyUsage</code>, <code>ENCRYPT_DECRYPT</code>, are the only
- *             valid values for symmetric CMKs. </p>
+ *                <p>When creating a symmetric KMS key, you don't need to specify the
+ *               <code>KeySpec</code> or <code>KeyUsage</code> parameters. The default value for
+ *               <code>KeySpec</code>, <code>SYMMETRIC_DEFAULT</code>, and the default value for
+ *               <code>KeyUsage</code>, <code>ENCRYPT_DECRYPT</code>, are the only valid values for
+ *             symmetric KMS keys. </p>
  *                <p> </p>
  *             </dd>
  *             <dt>Multi-Region primary keys</dt>
  *             <dt>Imported key material</dt>
  *             <dd>
- *                <p>To create a multi-Region <i>primary key</i> in the local AWS Region,
+ *                <p>To create a multi-Region <i>primary key</i> in the local Amazon Web Services Region,
  *             use the <code>MultiRegion</code> parameter with a value of <code>True</code>. To create
- *             a multi-Region <i>replica key</i>, that is, a CMK with the same key ID and
- *             key material as a primary key, but in a different AWS Region, use the <a>ReplicateKey</a> operation. To change a replica key to a primary key, and its
+ *             a multi-Region <i>replica key</i>, that is, a KMS key with the same key ID and
+ *             key material as a primary key, but in a different Amazon Web Services Region, use the <a>ReplicateKey</a> operation. To change a replica key to a primary key, and its
  *             primary key to a replica key, use the <a>UpdatePrimaryRegion</a>
  *             operation.</p>
- *                <p>This operation supports <i>multi-Region keys</i>, an AWS KMS feature that lets you create multiple
- *       interoperable CMKs in different AWS Regions. Because these CMKs have the same key ID, key
- *       material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt
- *       it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *                <p>This operation supports <i>multi-Region keys</i>, an KMS feature that lets you create multiple
+ *       interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key
+ *       material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt
+ *       it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *                <p>You can create symmetric and asymmetric multi-Region keys and multi-Region keys with
  *             imported key material. You cannot create multi-Region keys in a custom key store.</p>
  *                <p> </p>
  *             </dd>
  *             <dd>
- *                <p>To import your own key material, begin by creating a symmetric CMK with no key
+ *                <p>To import your own key material, begin by creating a symmetric KMS key with no key
  *             material. To do this, use the <code>Origin</code> parameter of <code>CreateKey</code>
  *             with a value of <code>EXTERNAL</code>. Next, use <a>GetParametersForImport</a> operation to get a public key and import token, and use the public key to encrypt
  *             your key material. Then, use <a>ImportKeyMaterial</a> with your import token
  *             to import the key material. For step-by-step instructions, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">Importing Key Material</a> in the <i>
- *                      <i>AWS Key Management Service Developer Guide</i>
+ *                      <i>Key Management Service Developer Guide</i>
  *                   </i>. You
- *             cannot import the key material into an asymmetric CMK.</p>
+ *             cannot import the key material into an asymmetric KMS key.</p>
  *                <p>To create a multi-Region primary key with imported key material, use the
  *               <code>Origin</code> parameter of <code>CreateKey</code> with a value of
  *               <code>EXTERNAL</code> and the <code>MultiRegion</code> parameter with a value of
- *               <code>True</code>. To create replicas of the multi-Region primary key, use the <a>ReplicateKey</a> operation. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *               <code>True</code>. To create replicas of the multi-Region primary key, use the <a>ReplicateKey</a> operation. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *                <p> </p>
  *             </dd>
  *             <dt>Custom key store</dt>
  *             <dd>
- *                <p>To create a symmetric CMK in a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, use the
+ *                <p>To create a symmetric KMS key in a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, use the
  *               <code>CustomKeyStoreId</code> parameter to specify the custom key store. You must also
  *             use the <code>Origin</code> parameter with a value of <code>AWS_CLOUDHSM</code>. The
- *             AWS CloudHSM cluster that is associated with the custom key store must have at least two active
- *             HSMs in different Availability Zones in the AWS Region. </p>
- *                <p>You cannot create an asymmetric CMK or a multi-Region CMK in a custom key store. For
- *             information about custom key stores in AWS KMS see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Using Custom Key Stores</a> in
+ *             CloudHSM cluster that is associated with the custom key store must have at least two active
+ *             HSMs in different Availability Zones in the Amazon Web Services Region. </p>
+ *                <p>You cannot create an asymmetric KMS key in a custom key store. For information about
+ *             custom key stores in KMS see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Using Custom Key Stores</a> in
  *             the <i>
- *                      <i>AWS Key Management Service Developer Guide</i>
+ *                      <i>Key Management Service Developer Guide</i>
  *                   </i>.</p>
  *             </dd>
  *          </dl>
  *          <p>
  *             <b>Cross-account use</b>:  No. You cannot use this operation to
- *       create a CMK in a different AWS account.</p>
+ *       create a KMS key in a different Amazon Web Services account.</p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CreateKey</a> (IAM policy). To use the
  *         <code>Tags</code> parameter, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:TagResource</a> (IAM policy). For examples and information about related
- *       permissions, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policy-example-create-key">Allow a user to create
- *         CMKs</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *       permissions, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policy-example-create-key">Allow a user to create KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
  *             <b>Related operations:</b>
  *          </p>

package/dist/es/commands/DecryptCommand.js

@@ -4,7 +4,7 @@ import { deserializeAws_json1_1DecryptCommand, serializeAws_json1_1DecryptComman
 import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
- * <p>Decrypts ciphertext that was encrypted by a AWS KMS customer master key (CMK) using any of
+ * <p>Decrypts ciphertext that was encrypted by a KMS key using any of
  *       the following operations:</p>
  *          <ul>
  *             <li>
@@ -34,33 +34,34 @@ import { Command as $Command } from "@aws-sdk/smithy-client";
  *             </li>
  *          </ul>
  *          <p>You can use this operation to decrypt ciphertext that was encrypted under a symmetric or
- *       asymmetric CMK. When the CMK is asymmetric, you must specify the CMK and the encryption
- *       algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric CMKs, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric CMKs</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
- *          <p>The Decrypt operation also decrypts ciphertext that was encrypted outside of AWS KMS by the
- *       public key in an AWS KMS asymmetric CMK. However, it cannot decrypt ciphertext produced by other
- *       libraries, such as the <a href="https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/">AWS Encryption
+ *       asymmetric KMS key. When the KMS key is asymmetric, you must specify the KMS key and the encryption
+ *       algorithm that was used to encrypt the ciphertext. For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
+ *          <p>The Decrypt operation also decrypts ciphertext that was encrypted outside of KMS by the
+ *       public key in an KMS asymmetric KMS key. However, it cannot decrypt ciphertext produced by other
+ *       libraries, such as the <a href="https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/">Amazon Web Services Encryption
  *         SDK</a> or <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon S3 client-side encryption</a>. These libraries return a ciphertext format that
- *       is incompatible with AWS KMS.</p>
- *          <p>If the ciphertext was encrypted under a symmetric CMK, the <code>KeyId</code> parameter is
- *       optional. AWS KMS can get this information from metadata that it adds to the symmetric
+ *       is incompatible with KMS.</p>
+ *          <p>If the ciphertext was encrypted under a symmetric KMS key, the <code>KeyId</code> parameter is
+ *       optional. KMS can get this information from metadata that it adds to the symmetric
  *       ciphertext blob. This feature adds durability to your implementation by ensuring that
  *       authorized users can decrypt ciphertext decades after it was encrypted, even if they've lost
- *       track of the CMK ID. However, specifying the CMK is always recommended as a best practice.
- *       When you use the <code>KeyId</code> parameter to specify a CMK, AWS KMS only uses the CMK you
- *       specify. If the ciphertext was encrypted under a different CMK, the <code>Decrypt</code>
- *       operation fails. This practice ensures that you use the CMK that you intend.</p>
+ *       track of the key ID. However, specifying the KMS key is always recommended as a best practice.
+ *       When you use the <code>KeyId</code> parameter to specify a KMS key, KMS only uses the KMS key you
+ *       specify. If the ciphertext was encrypted under a different KMS key, the <code>Decrypt</code>
+ *       operation fails. This practice ensures that you use the KMS key that you intend.</p>
  *          <p>Whenever possible, use key policies to give users permission to call the
- *         <code>Decrypt</code> operation on a particular CMK, instead of using IAM policies.
+ *         <code>Decrypt</code> operation on a particular KMS key, instead of using IAM policies.
  *       Otherwise, you might create an IAM user policy that gives the user <code>Decrypt</code>
- *       permission on all CMKs. This user could decrypt ciphertext that was encrypted by CMKs in other
- *       accounts if the key policy for the cross-account CMK permits it. If you must use an IAM policy
- *       for <code>Decrypt</code> permissions, limit the user to particular CMKs or particular trusted
- *       accounts. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policies-best-practices">Best practices for IAM policies</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
- *          <p>The CMK that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *       permission on all KMS keys. This user could decrypt ciphertext that was encrypted by KMS keys in other
+ *       accounts if the key policy for the cross-account KMS key permits it. If you must use an IAM policy
+ *       for <code>Decrypt</code> permissions, limit the user to particular KMS keys or particular trusted
+ *       accounts. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/iam-policies.html#iam-policies-best-practices">Best practices for IAM policies</a> in the <i>Key Management Service Developer Guide</i>.</p>
+ *          <p>Applications in Amazon Web Services Nitro Enclaves can call this operation by using the <a href="https://github.com/aws/aws-nitro-enclaves-sdk-c">Amazon Web Services Nitro Enclaves Development Kit</a>. For information about the supporting parameters, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html">How Amazon Web Services Nitro Enclaves use KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
+ *          <p>The KMS key that you use for this operation must be in a compatible key state. For
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
- *             <b>Cross-account use</b>: Yes. You can decrypt a ciphertext
- *       using a CMK in a different AWS account.</p>
+ *             <b>Cross-account use</b>: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
+ *   the key ARN or alias ARN in the value of the <code>KeyId</code> parameter. </p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:Decrypt</a> (key policy)</p>

package/dist/es/commands/DecryptCommand.js.map

@@ -1 +1 @@
-{"version":3,"file":"DecryptCommand.js","sourceRoot":"","sources":["../../../commands/DecryptCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,oCAAoC,EAAE,kCAAkC,EAAE,MAAM,0BAA0B,CAAC;AACpH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAoGG;AACH;IAAoC,kCAA4E;IAC9G,oCAAoC;IACpC,kCAAkC;IAElC,wBAAqB,KAA0B;QAA/C;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAqB;;QAG7C,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,0CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,gBAAgB,CAAC;QACrC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,cAAc,CAAC,kBAAkB;YAC1D,wBAAwB,EAAE,eAAe,CAAC,kBAAkB;SAC7D,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,kCAAS,GAAjB,UAAkB,KAA0B,EAAE,OAAuB;QACnE,OAAO,kCAAkC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAEO,oCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,oCAAoC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/D,CAAC;IAIH,qBAAC;AAAD,CAAC,AAlDD,CAAoC,QAAQ,GAkD3C"}
+{"version":3,"file":"DecryptCommand.js","sourceRoot":"","sources":["../../../commands/DecryptCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,oCAAoC,EAAE,kCAAkC,EAAE,MAAM,0BAA0B,CAAC;AACpH,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAqGG;AACH;IAAoC,kCAA4E;IAC9G,oCAAoC;IACpC,kCAAkC;IAElC,wBAAqB,KAA0B;QAA/C;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAqB;;QAG7C,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,0CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,gBAAgB,CAAC;QACrC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,cAAc,CAAC,kBAAkB;YAC1D,wBAAwB,EAAE,eAAe,CAAC,kBAAkB;SAC7D,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,kCAAS,GAAjB,UAAkB,KAA0B,EAAE,OAAuB;QACnE,OAAO,kCAAkC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAEO,oCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,oCAAoC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC/D,CAAC;IAIH,qBAAC;AAAD,CAAC,AAlDD,CAAoC,QAAQ,GAkD3C"}

package/dist/es/commands/DeleteAliasCommand.js

@@ -6,15 +6,14 @@ import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
  * <p>Deletes the specified alias.  </p>
  *          <note>
- *             <p>Adding, deleting, or updating an alias can allow or deny permission to the CMK. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in AWS KMS</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *             <p>Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          </note>
- *          <p>Because an alias is not a property of a CMK, you can delete and change the aliases of a
- *       CMK without affecting the CMK. Also, aliases do not appear in the response from the <a>DescribeKey</a> operation. To get the aliases of all CMKs, use the <a>ListAliases</a> operation. </p>
- *          <p>Each CMK can have multiple aliases. To change the alias of a CMK, use <a>DeleteAlias</a> to delete the current alias and <a>CreateAlias</a> to
- *       create a new alias. To associate an existing alias with a different customer master key (CMK),
+ *          <p>Because an alias is not a property of a KMS key, you can delete and change the aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from the <a>DescribeKey</a> operation. To get the aliases of all KMS keys, use the <a>ListAliases</a> operation. </p>
+ *          <p>Each KMS key can have multiple aliases. To change the alias of a KMS key, use <a>DeleteAlias</a> to delete the current alias and <a>CreateAlias</a> to
+ *       create a new alias. To associate an existing alias with a different KMS key,
  *       call <a>UpdateAlias</a>.</p>
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on an alias in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on an alias in a different Amazon Web Services account.</p>
  *          <p>
  *             <b>Required permissions</b>
  *          </p>
@@ -25,10 +24,10 @@ import { Command as $Command } from "@aws-sdk/smithy-client";
  *             </li>
  *             <li>
  *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DeleteAlias</a> on the CMK (key policy).</p>
+ *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DeleteAlias</a> on the KMS key (key policy).</p>
  *             </li>
  *          </ul>
- *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
  *             <b>Related operations:</b>
  *          </p>

package/dist/es/commands/DeleteAliasCommand.js.map

@@ -1 +1 @@
-{"version":3,"file":"DeleteAliasCommand.js","sourceRoot":"","sources":["../../../commands/DeleteAliasCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EACL,wCAAwC,EACxC,sCAAsC,GACvC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4DG;AACH;IAAwC,sCAIvC;IACC,oCAAoC;IACpC,kCAAkC;IAElC,4BAAqB,KAA8B;QAAnD;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAyB;;QAGjD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,8CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,oBAAoB,CAAC;QACzC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,kBAAkB,CAAC,kBAAkB;YAC9D,wBAAwB,EAAE,UAAC,MAAW,IAAK,OAAA,MAAM,EAAN,CAAM;SAClD,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,sCAAS,GAAjB,UAAkB,KAA8B,EAAE,OAAuB;QACvE,OAAO,sCAAsC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;IAEO,wCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,wCAAwC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAIH,yBAAC;AAAD,CAAC,AAtDD,CAAwC,QAAQ,GAsD/C"}
+{"version":3,"file":"DeleteAliasCommand.js","sourceRoot":"","sources":["../../../commands/DeleteAliasCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EACL,wCAAwC,EACxC,sCAAsC,GACvC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2DG;AACH;IAAwC,sCAIvC;IACC,oCAAoC;IACpC,kCAAkC;IAElC,4BAAqB,KAA8B;QAAnD;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAyB;;QAGjD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,8CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,oBAAoB,CAAC;QACzC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,kBAAkB,CAAC,kBAAkB;YAC9D,wBAAwB,EAAE,UAAC,MAAW,IAAK,OAAA,MAAM,EAAN,CAAM;SAClD,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,sCAAS,GAAjB,UAAkB,KAA8B,EAAE,OAAuB;QACvE,OAAO,sCAAsC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;IAEO,wCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,wCAAwC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAIH,yBAAC;AAAD,CAAC,AAtDD,CAAwC,QAAQ,GAsD/C"}

package/dist/es/commands/DeleteCustomKeyStoreCommand.js

@@ -4,29 +4,29 @@ import { deserializeAws_json1_1DeleteCustomKeyStoreCommand, serializeAws_json1_1
 import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
- * <p>Deletes a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. This operation does not delete the AWS CloudHSM cluster that is
+ * <p>Deletes a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. This operation does not delete the CloudHSM cluster that is
  *       associated with the custom key store, or affect any users or keys in the cluster.</p>
- *          <p>The custom key store that you delete cannot contain any AWS KMS <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys">customer master keys (CMKs)</a>. Before
- *       deleting the key store, verify that you will never need to use any of the CMKs in the key
+ *          <p>The custom key store that you delete cannot contain any KMS <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys">KMS keys</a>. Before
+ *       deleting the key store, verify that you will never need to use any of the KMS keys in the key
  *       store for any <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations">cryptographic operations</a>. Then, use <a>ScheduleKeyDeletion</a> to delete the
- *       AWS KMS customer master keys (CMKs) from the key store. When the scheduled waiting period
- *       expires, the <code>ScheduleKeyDeletion</code> operation deletes the CMKs. Then it makes a best
+ *       KMS keys from the key store. When the scheduled waiting period
+ *       expires, the <code>ScheduleKeyDeletion</code> operation deletes the KMS keys. Then it makes a best
  *       effort to delete the key material from the associated cluster. However, you might need to
  *       manually <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key">delete the orphaned key
  *         material</a> from the cluster and its backups.</p>
- *          <p>After all CMKs are deleted from AWS KMS, use <a>DisconnectCustomKeyStore</a> to
- *       disconnect the key store from AWS KMS. Then, you can delete the custom key store.</p>
- *          <p>Instead of deleting the custom key store, consider using <a>DisconnectCustomKeyStore</a> to disconnect it from AWS KMS. While the key store is
- *       disconnected, you cannot create or use the CMKs in the key store. But, you do not need to
- *       delete CMKs and you can reconnect a disconnected custom key store at any time.</p>
+ *          <p>After all KMS keys are deleted from KMS, use <a>DisconnectCustomKeyStore</a> to
+ *       disconnect the key store from KMS. Then, you can delete the custom key store.</p>
+ *          <p>Instead of deleting the custom key store, consider using <a>DisconnectCustomKeyStore</a> to disconnect it from KMS. While the key store is
+ *       disconnected, you cannot create or use the KMS keys in the key store. But, you do not need to
+ *       delete KMS keys and you can reconnect a disconnected custom key store at any time.</p>
  *          <p>If the operation succeeds, it returns a JSON object with no
  * properties.</p>
- *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in AWS KMS, which
- * combines the convenience and extensive integration of AWS KMS with the isolation and control of a
+ *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
+ * combines the convenience and extensive integration of KMS with the isolation and control of a
  * single-tenant key store.</p>
  *
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.</p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DeleteCustomKeyStore</a> (IAM policy)</p>

package/dist/es/commands/DeleteImportedKeyMaterialCommand.js

@@ -5,18 +5,18 @@ import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
  * <p>Deletes key material that you previously imported. This operation makes the specified
- *       customer master key (CMK) unusable. For more information about importing key material into
- *       AWS KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">Importing Key
- *         Material</a> in the <i>AWS Key Management Service Developer Guide</i>. </p>
- *          <p>When the specified CMK is in the <code>PendingDeletion</code> state, this operation does
- *       not change the CMK's state. Otherwise, it changes the CMK's state to
+ *       KMS key unusable. For more information about importing key material into
+ *       KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">Importing Key
+ *         Material</a> in the <i>Key Management Service Developer Guide</i>. </p>
+ *          <p>When the specified KMS key is in the <code>PendingDeletion</code> state, this operation does
+ *       not change the KMS key's state. Otherwise, it changes the KMS key's state to
  *         <code>PendingImport</code>.</p>
  *          <p>After you delete key material, you can use <a>ImportKeyMaterial</a> to reimport
- *       the same key material into the CMK.</p>
- *          <p>The CMK that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *       the same key material into the KMS key.</p>
+ *          <p>The KMS key that you use for this operation must be in a compatible key state. For
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DeleteImportedKeyMaterial</a> (key policy)</p>

package/dist/es/commands/DescribeCustomKeyStoresCommand.js

@@ -5,14 +5,14 @@ import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
  * <p>Gets information about <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key stores</a> in the account and Region.</p>
- *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in AWS KMS, which
- * combines the convenience and extensive integration of AWS KMS with the isolation and control of a
+ *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
+ * combines the convenience and extensive integration of KMS with the isolation and control of a
  * single-tenant key store.</p>
  *          <p>By default, this operation returns information about all custom key stores in the account and
  *       Region. To get only information about a particular custom key store, use either the
  *         <code>CustomKeyStoreName</code> or <code>CustomKeyStoreId</code> parameter (but not
  *       both).</p>
- *          <p>To determine whether the custom key store is connected to its AWS CloudHSM cluster, use the
+ *          <p>To determine whether the custom key store is connected to its CloudHSM cluster, use the
  *         <code>ConnectionState</code> element in the response. If an attempt to connect the custom
  *       key store failed, the <code>ConnectionState</code> value is <code>FAILED</code> and the
  *         <code>ConnectionErrorCode</code> element in the response indicates the cause of the failure.
@@ -20,12 +20,12 @@ import { Command as $Command } from "@aws-sdk/smithy-client";
  *          <p>Custom key stores have a <code>DISCONNECTED</code> connection state if the key store has
  *       never been connected or you use the <a>DisconnectCustomKeyStore</a> operation to
  *       disconnect it. If your custom key store state is <code>CONNECTED</code> but you are having
- *       trouble using it, make sure that its associated AWS CloudHSM cluster is active and contains the
+ *       trouble using it, make sure that its associated CloudHSM cluster is active and contains the
  *       minimum number of HSMs required for the operation, if any.</p>
  *          <p> For help repairing your custom key store, see the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html">Troubleshooting Custom Key Stores</a> topic in the
- *       <i>AWS Key Management Service Developer Guide</i>.</p>
+ *       <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.</p>
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DescribeCustomKeyStores</a> (IAM policy)</p>
  *          <p>

package/dist/es/commands/DescribeKeyCommand.js

@@ -4,41 +4,40 @@ import { deserializeAws_json1_1DescribeKeyCommand, serializeAws_json1_1DescribeK
 import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
- * <p>Provides detailed information about a customer master key (CMK). You can run
- *         <code>DescribeKey</code> on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed CMK</a> or an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">AWS managed
- *         CMK</a>.</p>
+ * <p>Provides detailed information about a KMS key. You can run
+ *         <code>DescribeKey</code> on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a> or an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a>.</p>
  *          <p>This detailed information includes the key ARN, creation date (and deletion date, if
  *       applicable), the key state, and the origin and expiration date (if any) of the key material.
- *       For CMKs in custom key stores, it includes information about the custom key store, such as the
- *       key store ID and the AWS CloudHSM cluster ID. It includes fields, like <code>KeySpec</code>, that
- *       help you distinguish symmetric from asymmetric CMKs. It also provides information that is
- *       particularly important to asymmetric CMKs, such as the key usage (encryption or signing) and
- *       the encryption algorithms or signing algorithms that the CMK supports.</p>
+ *       It includes fields, like <code>KeySpec</code>, that help you distinguish symmetric from
+ *       asymmetric KMS keys. It also provides information that is particularly important to asymmetric
+ *       keys, such as the key usage (encryption or signing) and the encryption algorithms or signing
+ *       algorithms that the KMS key supports. For KMS keys in custom key stores, it includes information about
+ *       the custom key store, such as the key store ID and the CloudHSM cluster ID. For multi-Region
+ *       keys, it displays the primary key and all related replica keys. </p>
  *          <p>
  *             <code>DescribeKey</code> does not return the following information:</p>
  *          <ul>
  *             <li>
- *                <p>Aliases associated with the CMK. To get this information, use <a>ListAliases</a>.</p>
+ *                <p>Aliases associated with the KMS key. To get this information, use <a>ListAliases</a>.</p>
  *             </li>
  *             <li>
- *                <p>Whether automatic key rotation is enabled on the CMK. To get this information, use
- *             <a>GetKeyRotationStatus</a>. Also, some key states prevent a CMK from being
+ *                <p>Whether automatic key rotation is enabled on the KMS key. To get this information, use
+ *             <a>GetKeyRotationStatus</a>. Also, some key states prevent a KMS key from being
  *           automatically rotated. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-how-it-works">How Automatic Key Rotation
- *             Works</a> in <i>AWS Key Management Service Developer Guide</i>.</p>
+ *             Works</a> in <i>Key Management Service Developer Guide</i>.</p>
  *             </li>
  *             <li>
- *                <p>Tags on the CMK. To get this information, use <a>ListResourceTags</a>.</p>
+ *                <p>Tags on the KMS key. To get this information, use <a>ListResourceTags</a>.</p>
  *             </li>
  *             <li>
- *                <p>Key policies and grants on the CMK. To get this information, use <a>GetKeyPolicy</a> and <a>ListGrants</a>.</p>
+ *                <p>Key policies and grants on the KMS key. To get this information, use <a>GetKeyPolicy</a> and <a>ListGrants</a>.</p>
  *             </li>
  *          </ul>
- *          <p>If you call the <code>DescribeKey</code> operation on a <i>predefined AWS
- *         alias</i>, that is, an AWS alias with no key ID, AWS KMS creates an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys">AWS managed CMK</a>.
- *       Then, it associates the alias with the new CMK, and returns the <code>KeyId</code> and
- *         <code>Arn</code> of the new CMK in the response.</p>
+ *          <p>If you call the <code>DescribeKey</code> operation on a <i>predefined Amazon Web Services alias</i>, that is, an Amazon Web Services alias with no key ID, KMS creates an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a>.
+ *       Then, it associates the alias with the new KMS key, and returns the <code>KeyId</code> and
+ *         <code>Arn</code> of the new KMS key in the response.</p>
  *          <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation with a CMK in a different AWS account, specify
+ *             <b>Cross-account use</b>: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
  *   the key ARN or alias ARN in the value of the <code>KeyId</code> parameter.</p>
  *
  *          <p>

package/dist/es/commands/DescribeKeyCommand.js.map

@@ -1 +1 @@
-{"version":3,"file":"DescribeKeyCommand.js","sourceRoot":"","sources":["../../../commands/DescribeKeyCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC7E,OAAO,EACL,wCAAwC,EACxC,sCAAsC,GACvC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8FG;AACH;IAAwC,sCAIvC;IACC,oCAAoC;IACpC,kCAAkC;IAElC,4BAAqB,KAA8B;QAAnD;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAyB;;QAGjD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,8CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,oBAAoB,CAAC;QACzC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,kBAAkB,CAAC,kBAAkB;YAC9D,wBAAwB,EAAE,mBAAmB,CAAC,kBAAkB;SACjE,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,sCAAS,GAAjB,UAAkB,KAA8B,EAAE,OAAuB;QACvE,OAAO,sCAAsC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;IAEO,wCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,wCAAwC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAIH,yBAAC;AAAD,CAAC,AAtDD,CAAwC,QAAQ,GAsD/C"}
+{"version":3,"file":"DescribeKeyCommand.js","sourceRoot":"","sources":["../../../commands/DescribeKeyCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,kBAAkB,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAC7E,OAAO,EACL,wCAAwC,EACxC,sCAAsC,GACvC,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6FG;AACH;IAAwC,sCAIvC;IACC,oCAAoC;IACpC,kCAAkC;IAElC,4BAAqB,KAA8B;QAAnD;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAyB;;QAGjD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,8CAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,oBAAoB,CAAC;QACzC,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,kBAAkB,CAAC,kBAAkB;YAC9D,wBAAwB,EAAE,mBAAmB,CAAC,kBAAkB;SACjE,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,sCAAS,GAAjB,UAAkB,KAA8B,EAAE,OAAuB;QACvE,OAAO,sCAAsC,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC;IAEO,wCAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,wCAAwC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAIH,yBAAC;AAAD,CAAC,AAtDD,CAAwC,QAAQ,GAsD/C"}

package/dist/es/commands/DisableKeyCommand.js

@@ -4,15 +4,15 @@ import { deserializeAws_json1_1DisableKeyCommand, serializeAws_json1_1DisableKey
 import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
- * <p>Sets the state of a customer master key (CMK) to disabled. This change temporarily
- *       prevents use of the CMK for <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations">cryptographic operations</a>. </p>
- *          <p>For more information about how key state affects the use of a CMK, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>
- *                <i>AWS Key Management Service Developer Guide</i>
+ * <p>Sets the state of a KMS key to disabled. This change temporarily
+ *       prevents use of the KMS key for <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations">cryptographic operations</a>. </p>
+ *          <p>For more information about how key state affects the use of a KMS key, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>
+ *                <i>Key Management Service Developer Guide</i>
  *             </i>.</p>
- *          <p>The CMK that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *          <p>The KMS key that you use for this operation must be in a compatible key state. For
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DisableKey</a> (key policy)</p>

package/dist/es/commands/DisableKeyRotationCommand.js

@@ -5,13 +5,12 @@ import { getSerdePlugin } from "@aws-sdk/middleware-serde";
 import { Command as $Command } from "@aws-sdk/smithy-client";
 /**
  * <p>Disables <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html">automatic
- *         rotation of the key material</a> for the specified symmetric customer master key
- *       (CMK).</p>
- *          <p> You cannot enable automatic rotation of <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks">asymmetric CMKs</a>, CMKs with <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">imported key material</a>, or CMKs in a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. To enable or disable automatic rotation of a set of related <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-replica-key">multi-Region keys</a>, set the property on the primary key. </p>
- *          <p>The CMK that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
+ *         rotation of the key material</a> for the specified symmetric KMS key.</p>
+ *          <p> You cannot enable automatic rotation of <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks">asymmetric KMS keys</a>, KMS keys with <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">imported key material</a>, or KMS keys in a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. To enable or disable automatic rotation of a set of related <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-replica-key">multi-Region keys</a>, set the property on the primary key. </p>
+ *          <p>The KMS key that you use for this operation must be in a compatible key state. For
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
  *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account.</p>
+ *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
  *
  *          <p>
  *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:DisableKeyRotation</a> (key policy)</p>

package/dist/es/commands/DisableKeyRotationCommand.js.map

@@ -1 +1 @@
-{"version":3,"file":"DisableKeyRotationCommand.js","sourceRoot":"","sources":["../../../commands/DisableKeyRotationCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,yBAAyB,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EACL,+CAA+C,EAC/C,6CAA6C,GAC9C,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAyCG;AACH;IAA+C,6CAI9C;IACC,oCAAoC;IACpC,kCAAkC;IAElC,mCAAqB,KAAqC;QAA1D;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAgC;;QAGxD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,qDAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,2BAA2B,CAAC;QAChD,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,yBAAyB,CAAC,kBAAkB;YACrE,wBAAwB,EAAE,UAAC,MAAW,IAAK,OAAA,MAAM,EAAN,CAAM;SAClD,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,6CAAS,GAAjB,UAAkB,KAAqC,EAAE,OAAuB;QAC9E,OAAO,6CAA6C,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACvE,CAAC;IAEO,+CAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,+CAA+C,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC1E,CAAC;IAIH,gCAAC;AAAD,CAAC,AAtDD,CAA+C,QAAQ,GAsDtD"}
+{"version":3,"file":"DisableKeyRotationCommand.js","sourceRoot":"","sources":["../../../commands/DisableKeyRotationCommand.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,yBAAyB,EAAE,MAAM,oBAAoB,CAAC;AAC/D,OAAO,EACL,+CAA+C,EAC/C,6CAA6C,GAC9C,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,OAAO,EAAE,OAAO,IAAI,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAc7D;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAwCG;AACH;IAA+C,6CAI9C;IACC,oCAAoC;IACpC,kCAAkC;IAElC,mCAAqB,KAAqC;QAA1D;QACE,qCAAqC;QACrC,iBAAO,SAER;QAJoB,WAAK,GAAL,KAAK,CAAgC;;QAGxD,mCAAmC;IACrC,CAAC;IAED;;OAEG;IACH,qDAAiB,GAAjB,UACE,WAAmE,EACnE,aAAsC,EACtC,OAA8B;QAE9B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,cAAc,CAAC,aAAa,EAAE,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;QAE1F,IAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAE/C,IAAA,MAAM,GAAK,aAAa,OAAlB,CAAmB;QACjC,IAAM,UAAU,GAAG,WAAW,CAAC;QAC/B,IAAM,WAAW,GAAG,2BAA2B,CAAC;QAChD,IAAM,uBAAuB,GAA4B;YACvD,MAAM,QAAA;YACN,UAAU,YAAA;YACV,WAAW,aAAA;YACX,uBAAuB,EAAE,yBAAyB,CAAC,kBAAkB;YACrE,wBAAwB,EAAE,UAAC,MAAW,IAAK,OAAA,MAAM,EAAN,CAAM;SAClD,CAAC;QACM,IAAA,cAAc,GAAK,aAAa,eAAlB,CAAmB;QACzC,OAAO,KAAK,CAAC,OAAO,CAClB,UAAC,OAAsC;YACrC,OAAA,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,OAAwB,EAAE,OAAO,IAAI,EAAE,CAAC;QAAtE,CAAsE,EACxE,uBAAuB,CACxB,CAAC;IACJ,CAAC;IAEO,6CAAS,GAAjB,UAAkB,KAAqC,EAAE,OAAuB;QAC9E,OAAO,6CAA6C,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACvE,CAAC;IAEO,+CAAW,GAAnB,UAAoB,MAAsB,EAAE,OAAuB;QACjE,OAAO,+CAA+C,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC1E,CAAC;IAIH,gCAAC;AAAD,CAAC,AAtDD,CAA+C,QAAQ,GAsDtD"}