@aws-sdk/client-kms 3.28.0 → 3.32.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (313) hide show
  1. package/CHANGELOG.md +35 -0
  2. package/KMS.ts +567 -572
  3. package/KMSClient.ts +18 -18
  4. package/README.md +18 -18
  5. package/commands/CancelKeyDeletionCommand.ts +6 -7
  6. package/commands/ConnectCustomKeyStoreCommand.ts +9 -9
  7. package/commands/CreateAliasCommand.ts +13 -14
  8. package/commands/CreateCustomKeyStoreCommand.ts +8 -8
  9. package/commands/CreateGrantCommand.ts +15 -22
  10. package/commands/CreateKeyCommand.ts +44 -44
  11. package/commands/DecryptCommand.ts +23 -22
  12. package/commands/DeleteAliasCommand.ts +7 -8
  13. package/commands/DeleteCustomKeyStoreCommand.ts +13 -13
  14. package/commands/DeleteImportedKeyMaterialCommand.ts +9 -9
  15. package/commands/DescribeCustomKeyStoresCommand.ts +6 -6
  16. package/commands/DescribeKeyCommand.ts +18 -19
  17. package/commands/DisableKeyCommand.ts +7 -7
  18. package/commands/DisableKeyRotationCommand.ts +5 -6
  19. package/commands/DisconnectCustomKeyStoreCommand.ts +6 -8
  20. package/commands/EnableKeyCommand.ts +4 -5
  21. package/commands/EnableKeyRotationCommand.ts +5 -5
  22. package/commands/EncryptCommand.ts +20 -21
  23. package/commands/GenerateDataKeyCommand.ts +17 -18
  24. package/commands/GenerateDataKeyPairCommand.ts +21 -15
  25. package/commands/GenerateDataKeyPairWithoutPlaintextCommand.ts +16 -12
  26. package/commands/GenerateDataKeyWithoutPlaintextCommand.ts +9 -9
  27. package/commands/GenerateRandomCommand.ts +4 -3
  28. package/commands/GetKeyPolicyCommand.ts +2 -2
  29. package/commands/GetKeyRotationStatusCommand.ts +9 -9
  30. package/commands/GetParametersForImportCommand.ts +8 -8
  31. package/commands/GetPublicKeyCommand.ts +15 -15
  32. package/commands/ImportKeyMaterialCommand.ts +18 -18
  33. package/commands/ListAliasesCommand.ts +8 -10
  34. package/commands/ListGrantsCommand.ts +9 -4
  35. package/commands/ListKeyPoliciesCommand.ts +2 -2
  36. package/commands/ListKeysCommand.ts +2 -2
  37. package/commands/ListResourceTagsCommand.ts +4 -4
  38. package/commands/ListRetirableGrantsCommand.ts +14 -14
  39. package/commands/PutKeyPolicyCommand.ts +5 -5
  40. package/commands/ReEncryptCommand.ts +30 -34
  41. package/commands/ReplicateKeyCommand.ts +16 -16
  42. package/commands/RetireGrantCommand.ts +9 -9
  43. package/commands/RevokeGrantCommand.ts +9 -4
  44. package/commands/ScheduleKeyDeletionCommand.ts +17 -17
  45. package/commands/SignCommand.ts +12 -13
  46. package/commands/TagResourceCommand.ts +10 -12
  47. package/commands/UntagResourceCommand.ts +9 -10
  48. package/commands/UpdateAliasCommand.ts +15 -15
  49. package/commands/UpdateCustomKeyStoreCommand.ts +9 -9
  50. package/commands/UpdateKeyDescriptionCommand.ts +4 -4
  51. package/commands/UpdatePrimaryRegionCommand.ts +13 -13
  52. package/commands/VerifyCommand.ts +14 -14
  53. package/dist/cjs/KMS.js +18 -18
  54. package/dist/cjs/KMS.js.map +1 -1
  55. package/dist/cjs/KMSClient.js +18 -18
  56. package/dist/cjs/commands/CancelKeyDeletionCommand.js +6 -7
  57. package/dist/cjs/commands/CancelKeyDeletionCommand.js.map +1 -1
  58. package/dist/cjs/commands/ConnectCustomKeyStoreCommand.js +9 -9
  59. package/dist/cjs/commands/CreateAliasCommand.js +13 -14
  60. package/dist/cjs/commands/CreateAliasCommand.js.map +1 -1
  61. package/dist/cjs/commands/CreateCustomKeyStoreCommand.js +8 -8
  62. package/dist/cjs/commands/CreateGrantCommand.js +15 -22
  63. package/dist/cjs/commands/CreateGrantCommand.js.map +1 -1
  64. package/dist/cjs/commands/CreateKeyCommand.js +44 -44
  65. package/dist/cjs/commands/DecryptCommand.js +23 -22
  66. package/dist/cjs/commands/DecryptCommand.js.map +1 -1
  67. package/dist/cjs/commands/DeleteAliasCommand.js +7 -8
  68. package/dist/cjs/commands/DeleteAliasCommand.js.map +1 -1
  69. package/dist/cjs/commands/DeleteCustomKeyStoreCommand.js +13 -13
  70. package/dist/cjs/commands/DeleteImportedKeyMaterialCommand.js +9 -9
  71. package/dist/cjs/commands/DescribeCustomKeyStoresCommand.js +6 -6
  72. package/dist/cjs/commands/DescribeKeyCommand.js +18 -19
  73. package/dist/cjs/commands/DescribeKeyCommand.js.map +1 -1
  74. package/dist/cjs/commands/DisableKeyCommand.js +7 -7
  75. package/dist/cjs/commands/DisableKeyRotationCommand.js +5 -6
  76. package/dist/cjs/commands/DisableKeyRotationCommand.js.map +1 -1
  77. package/dist/cjs/commands/DisconnectCustomKeyStoreCommand.js +6 -8
  78. package/dist/cjs/commands/DisconnectCustomKeyStoreCommand.js.map +1 -1
  79. package/dist/cjs/commands/EnableKeyCommand.js +4 -5
  80. package/dist/cjs/commands/EnableKeyCommand.js.map +1 -1
  81. package/dist/cjs/commands/EnableKeyRotationCommand.js +5 -5
  82. package/dist/cjs/commands/EncryptCommand.js +20 -21
  83. package/dist/cjs/commands/EncryptCommand.js.map +1 -1
  84. package/dist/cjs/commands/GenerateDataKeyCommand.js +17 -18
  85. package/dist/cjs/commands/GenerateDataKeyCommand.js.map +1 -1
  86. package/dist/cjs/commands/GenerateDataKeyPairCommand.js +21 -15
  87. package/dist/cjs/commands/GenerateDataKeyPairCommand.js.map +1 -1
  88. package/dist/cjs/commands/GenerateDataKeyPairWithoutPlaintextCommand.js +16 -12
  89. package/dist/cjs/commands/GenerateDataKeyPairWithoutPlaintextCommand.js.map +1 -1
  90. package/dist/cjs/commands/GenerateDataKeyWithoutPlaintextCommand.js +9 -9
  91. package/dist/cjs/commands/GenerateRandomCommand.js +4 -3
  92. package/dist/cjs/commands/GenerateRandomCommand.js.map +1 -1
  93. package/dist/cjs/commands/GetKeyPolicyCommand.js +2 -2
  94. package/dist/cjs/commands/GetKeyRotationStatusCommand.js +9 -9
  95. package/dist/cjs/commands/GetParametersForImportCommand.js +8 -8
  96. package/dist/cjs/commands/GetPublicKeyCommand.js +15 -15
  97. package/dist/cjs/commands/ImportKeyMaterialCommand.js +18 -18
  98. package/dist/cjs/commands/ListAliasesCommand.js +8 -10
  99. package/dist/cjs/commands/ListAliasesCommand.js.map +1 -1
  100. package/dist/cjs/commands/ListGrantsCommand.js +9 -4
  101. package/dist/cjs/commands/ListGrantsCommand.js.map +1 -1
  102. package/dist/cjs/commands/ListKeyPoliciesCommand.js +2 -2
  103. package/dist/cjs/commands/ListKeysCommand.js +2 -2
  104. package/dist/cjs/commands/ListResourceTagsCommand.js +4 -4
  105. package/dist/cjs/commands/ListRetirableGrantsCommand.js +14 -14
  106. package/dist/cjs/commands/PutKeyPolicyCommand.js +5 -5
  107. package/dist/cjs/commands/ReEncryptCommand.js +30 -34
  108. package/dist/cjs/commands/ReEncryptCommand.js.map +1 -1
  109. package/dist/cjs/commands/ReplicateKeyCommand.js +16 -16
  110. package/dist/cjs/commands/RetireGrantCommand.js +9 -9
  111. package/dist/cjs/commands/RevokeGrantCommand.js +9 -4
  112. package/dist/cjs/commands/RevokeGrantCommand.js.map +1 -1
  113. package/dist/cjs/commands/ScheduleKeyDeletionCommand.js +17 -17
  114. package/dist/cjs/commands/SignCommand.js +12 -13
  115. package/dist/cjs/commands/SignCommand.js.map +1 -1
  116. package/dist/cjs/commands/TagResourceCommand.js +10 -12
  117. package/dist/cjs/commands/TagResourceCommand.js.map +1 -1
  118. package/dist/cjs/commands/UntagResourceCommand.js +9 -10
  119. package/dist/cjs/commands/UntagResourceCommand.js.map +1 -1
  120. package/dist/cjs/commands/UpdateAliasCommand.js +15 -15
  121. package/dist/cjs/commands/UpdateCustomKeyStoreCommand.js +9 -9
  122. package/dist/cjs/commands/UpdateKeyDescriptionCommand.js +4 -4
  123. package/dist/cjs/commands/UpdatePrimaryRegionCommand.js +13 -13
  124. package/dist/cjs/commands/VerifyCommand.js +14 -14
  125. package/dist/cjs/models/models_0.js +14 -3
  126. package/dist/cjs/models/models_0.js.map +1 -1
  127. package/dist/cjs/package.json +31 -31
  128. package/dist/cjs/protocols/Aws_json1_1.js +16 -11
  129. package/dist/cjs/protocols/Aws_json1_1.js.map +1 -1
  130. package/dist/es/KMS.js +18 -18
  131. package/dist/es/KMS.js.map +1 -1
  132. package/dist/es/KMSClient.js +18 -18
  133. package/dist/es/commands/CancelKeyDeletionCommand.js +6 -7
  134. package/dist/es/commands/CancelKeyDeletionCommand.js.map +1 -1
  135. package/dist/es/commands/ConnectCustomKeyStoreCommand.js +9 -9
  136. package/dist/es/commands/CreateAliasCommand.js +13 -14
  137. package/dist/es/commands/CreateAliasCommand.js.map +1 -1
  138. package/dist/es/commands/CreateCustomKeyStoreCommand.js +8 -8
  139. package/dist/es/commands/CreateGrantCommand.js +15 -22
  140. package/dist/es/commands/CreateGrantCommand.js.map +1 -1
  141. package/dist/es/commands/CreateKeyCommand.js +44 -44
  142. package/dist/es/commands/DecryptCommand.js +23 -22
  143. package/dist/es/commands/DecryptCommand.js.map +1 -1
  144. package/dist/es/commands/DeleteAliasCommand.js +7 -8
  145. package/dist/es/commands/DeleteAliasCommand.js.map +1 -1
  146. package/dist/es/commands/DeleteCustomKeyStoreCommand.js +13 -13
  147. package/dist/es/commands/DeleteImportedKeyMaterialCommand.js +9 -9
  148. package/dist/es/commands/DescribeCustomKeyStoresCommand.js +6 -6
  149. package/dist/es/commands/DescribeKeyCommand.js +18 -19
  150. package/dist/es/commands/DescribeKeyCommand.js.map +1 -1
  151. package/dist/es/commands/DisableKeyCommand.js +7 -7
  152. package/dist/es/commands/DisableKeyRotationCommand.js +5 -6
  153. package/dist/es/commands/DisableKeyRotationCommand.js.map +1 -1
  154. package/dist/es/commands/DisconnectCustomKeyStoreCommand.js +6 -8
  155. package/dist/es/commands/DisconnectCustomKeyStoreCommand.js.map +1 -1
  156. package/dist/es/commands/EnableKeyCommand.js +4 -5
  157. package/dist/es/commands/EnableKeyCommand.js.map +1 -1
  158. package/dist/es/commands/EnableKeyRotationCommand.js +5 -5
  159. package/dist/es/commands/EncryptCommand.js +20 -21
  160. package/dist/es/commands/EncryptCommand.js.map +1 -1
  161. package/dist/es/commands/GenerateDataKeyCommand.js +17 -18
  162. package/dist/es/commands/GenerateDataKeyCommand.js.map +1 -1
  163. package/dist/es/commands/GenerateDataKeyPairCommand.js +21 -15
  164. package/dist/es/commands/GenerateDataKeyPairCommand.js.map +1 -1
  165. package/dist/es/commands/GenerateDataKeyPairWithoutPlaintextCommand.js +16 -12
  166. package/dist/es/commands/GenerateDataKeyPairWithoutPlaintextCommand.js.map +1 -1
  167. package/dist/es/commands/GenerateDataKeyWithoutPlaintextCommand.js +9 -9
  168. package/dist/es/commands/GenerateRandomCommand.js +4 -3
  169. package/dist/es/commands/GenerateRandomCommand.js.map +1 -1
  170. package/dist/es/commands/GetKeyPolicyCommand.js +2 -2
  171. package/dist/es/commands/GetKeyRotationStatusCommand.js +9 -9
  172. package/dist/es/commands/GetParametersForImportCommand.js +8 -8
  173. package/dist/es/commands/GetPublicKeyCommand.js +15 -15
  174. package/dist/es/commands/ImportKeyMaterialCommand.js +18 -18
  175. package/dist/es/commands/ListAliasesCommand.js +8 -10
  176. package/dist/es/commands/ListAliasesCommand.js.map +1 -1
  177. package/dist/es/commands/ListGrantsCommand.js +9 -4
  178. package/dist/es/commands/ListGrantsCommand.js.map +1 -1
  179. package/dist/es/commands/ListKeyPoliciesCommand.js +2 -2
  180. package/dist/es/commands/ListKeysCommand.js +2 -2
  181. package/dist/es/commands/ListResourceTagsCommand.js +4 -4
  182. package/dist/es/commands/ListRetirableGrantsCommand.js +14 -14
  183. package/dist/es/commands/PutKeyPolicyCommand.js +5 -5
  184. package/dist/es/commands/ReEncryptCommand.js +30 -34
  185. package/dist/es/commands/ReEncryptCommand.js.map +1 -1
  186. package/dist/es/commands/ReplicateKeyCommand.js +16 -16
  187. package/dist/es/commands/RetireGrantCommand.js +9 -9
  188. package/dist/es/commands/RevokeGrantCommand.js +9 -4
  189. package/dist/es/commands/RevokeGrantCommand.js.map +1 -1
  190. package/dist/es/commands/ScheduleKeyDeletionCommand.js +17 -17
  191. package/dist/es/commands/SignCommand.js +12 -13
  192. package/dist/es/commands/SignCommand.js.map +1 -1
  193. package/dist/es/commands/TagResourceCommand.js +10 -12
  194. package/dist/es/commands/TagResourceCommand.js.map +1 -1
  195. package/dist/es/commands/UntagResourceCommand.js +9 -10
  196. package/dist/es/commands/UntagResourceCommand.js.map +1 -1
  197. package/dist/es/commands/UpdateAliasCommand.js +15 -15
  198. package/dist/es/commands/UpdateCustomKeyStoreCommand.js +9 -9
  199. package/dist/es/commands/UpdateKeyDescriptionCommand.js +4 -4
  200. package/dist/es/commands/UpdatePrimaryRegionCommand.js +13 -13
  201. package/dist/es/commands/VerifyCommand.js +14 -14
  202. package/dist/es/endpoints.js +1 -2
  203. package/dist/es/endpoints.js.map +1 -1
  204. package/dist/es/models/models_0.js +11 -0
  205. package/dist/es/models/models_0.js.map +1 -1
  206. package/dist/es/package.json +31 -31
  207. package/dist/es/protocols/Aws_json1_1.js +18 -14
  208. package/dist/es/protocols/Aws_json1_1.js.map +1 -1
  209. package/dist/types/KMS.d.ts +567 -572
  210. package/dist/types/KMSClient.d.ts +18 -18
  211. package/dist/types/commands/CancelKeyDeletionCommand.d.ts +6 -7
  212. package/dist/types/commands/ConnectCustomKeyStoreCommand.d.ts +9 -9
  213. package/dist/types/commands/CreateAliasCommand.d.ts +13 -14
  214. package/dist/types/commands/CreateCustomKeyStoreCommand.d.ts +8 -8
  215. package/dist/types/commands/CreateGrantCommand.d.ts +15 -22
  216. package/dist/types/commands/CreateKeyCommand.d.ts +44 -44
  217. package/dist/types/commands/DecryptCommand.d.ts +23 -22
  218. package/dist/types/commands/DeleteAliasCommand.d.ts +7 -8
  219. package/dist/types/commands/DeleteCustomKeyStoreCommand.d.ts +13 -13
  220. package/dist/types/commands/DeleteImportedKeyMaterialCommand.d.ts +9 -9
  221. package/dist/types/commands/DescribeCustomKeyStoresCommand.d.ts +6 -6
  222. package/dist/types/commands/DescribeKeyCommand.d.ts +18 -19
  223. package/dist/types/commands/DisableKeyCommand.d.ts +7 -7
  224. package/dist/types/commands/DisableKeyRotationCommand.d.ts +5 -6
  225. package/dist/types/commands/DisconnectCustomKeyStoreCommand.d.ts +6 -8
  226. package/dist/types/commands/EnableKeyCommand.d.ts +4 -5
  227. package/dist/types/commands/EnableKeyRotationCommand.d.ts +5 -5
  228. package/dist/types/commands/EncryptCommand.d.ts +20 -21
  229. package/dist/types/commands/GenerateDataKeyCommand.d.ts +17 -18
  230. package/dist/types/commands/GenerateDataKeyPairCommand.d.ts +21 -15
  231. package/dist/types/commands/GenerateDataKeyPairWithoutPlaintextCommand.d.ts +16 -12
  232. package/dist/types/commands/GenerateDataKeyWithoutPlaintextCommand.d.ts +9 -9
  233. package/dist/types/commands/GenerateRandomCommand.d.ts +4 -3
  234. package/dist/types/commands/GetKeyPolicyCommand.d.ts +2 -2
  235. package/dist/types/commands/GetKeyRotationStatusCommand.d.ts +9 -9
  236. package/dist/types/commands/GetParametersForImportCommand.d.ts +8 -8
  237. package/dist/types/commands/GetPublicKeyCommand.d.ts +15 -15
  238. package/dist/types/commands/ImportKeyMaterialCommand.d.ts +18 -18
  239. package/dist/types/commands/ListAliasesCommand.d.ts +8 -10
  240. package/dist/types/commands/ListGrantsCommand.d.ts +9 -4
  241. package/dist/types/commands/ListKeyPoliciesCommand.d.ts +2 -2
  242. package/dist/types/commands/ListKeysCommand.d.ts +2 -2
  243. package/dist/types/commands/ListResourceTagsCommand.d.ts +4 -4
  244. package/dist/types/commands/ListRetirableGrantsCommand.d.ts +14 -14
  245. package/dist/types/commands/PutKeyPolicyCommand.d.ts +5 -5
  246. package/dist/types/commands/ReEncryptCommand.d.ts +30 -34
  247. package/dist/types/commands/ReplicateKeyCommand.d.ts +16 -16
  248. package/dist/types/commands/RetireGrantCommand.d.ts +9 -9
  249. package/dist/types/commands/RevokeGrantCommand.d.ts +9 -4
  250. package/dist/types/commands/ScheduleKeyDeletionCommand.d.ts +17 -17
  251. package/dist/types/commands/SignCommand.d.ts +12 -13
  252. package/dist/types/commands/TagResourceCommand.d.ts +10 -12
  253. package/dist/types/commands/UntagResourceCommand.d.ts +9 -10
  254. package/dist/types/commands/UpdateAliasCommand.d.ts +15 -15
  255. package/dist/types/commands/UpdateCustomKeyStoreCommand.d.ts +9 -9
  256. package/dist/types/commands/UpdateKeyDescriptionCommand.d.ts +4 -4
  257. package/dist/types/commands/UpdatePrimaryRegionCommand.d.ts +13 -13
  258. package/dist/types/commands/VerifyCommand.d.ts +14 -14
  259. package/dist/types/models/models_0.d.ts +584 -570
  260. package/dist/types/ts3.4/KMS.d.ts +567 -572
  261. package/dist/types/ts3.4/KMSClient.d.ts +18 -18
  262. package/dist/types/ts3.4/commands/CancelKeyDeletionCommand.d.ts +6 -7
  263. package/dist/types/ts3.4/commands/ConnectCustomKeyStoreCommand.d.ts +9 -9
  264. package/dist/types/ts3.4/commands/CreateAliasCommand.d.ts +13 -14
  265. package/dist/types/ts3.4/commands/CreateCustomKeyStoreCommand.d.ts +8 -8
  266. package/dist/types/ts3.4/commands/CreateGrantCommand.d.ts +15 -22
  267. package/dist/types/ts3.4/commands/CreateKeyCommand.d.ts +44 -44
  268. package/dist/types/ts3.4/commands/DecryptCommand.d.ts +23 -22
  269. package/dist/types/ts3.4/commands/DeleteAliasCommand.d.ts +7 -8
  270. package/dist/types/ts3.4/commands/DeleteCustomKeyStoreCommand.d.ts +13 -13
  271. package/dist/types/ts3.4/commands/DeleteImportedKeyMaterialCommand.d.ts +9 -9
  272. package/dist/types/ts3.4/commands/DescribeCustomKeyStoresCommand.d.ts +6 -6
  273. package/dist/types/ts3.4/commands/DescribeKeyCommand.d.ts +18 -19
  274. package/dist/types/ts3.4/commands/DisableKeyCommand.d.ts +7 -7
  275. package/dist/types/ts3.4/commands/DisableKeyRotationCommand.d.ts +5 -6
  276. package/dist/types/ts3.4/commands/DisconnectCustomKeyStoreCommand.d.ts +6 -8
  277. package/dist/types/ts3.4/commands/EnableKeyCommand.d.ts +4 -5
  278. package/dist/types/ts3.4/commands/EnableKeyRotationCommand.d.ts +5 -5
  279. package/dist/types/ts3.4/commands/EncryptCommand.d.ts +20 -21
  280. package/dist/types/ts3.4/commands/GenerateDataKeyCommand.d.ts +17 -18
  281. package/dist/types/ts3.4/commands/GenerateDataKeyPairCommand.d.ts +21 -15
  282. package/dist/types/ts3.4/commands/GenerateDataKeyPairWithoutPlaintextCommand.d.ts +16 -12
  283. package/dist/types/ts3.4/commands/GenerateDataKeyWithoutPlaintextCommand.d.ts +9 -9
  284. package/dist/types/ts3.4/commands/GenerateRandomCommand.d.ts +4 -3
  285. package/dist/types/ts3.4/commands/GetKeyPolicyCommand.d.ts +2 -2
  286. package/dist/types/ts3.4/commands/GetKeyRotationStatusCommand.d.ts +9 -9
  287. package/dist/types/ts3.4/commands/GetParametersForImportCommand.d.ts +8 -8
  288. package/dist/types/ts3.4/commands/GetPublicKeyCommand.d.ts +15 -15
  289. package/dist/types/ts3.4/commands/ImportKeyMaterialCommand.d.ts +18 -18
  290. package/dist/types/ts3.4/commands/ListAliasesCommand.d.ts +8 -10
  291. package/dist/types/ts3.4/commands/ListGrantsCommand.d.ts +9 -4
  292. package/dist/types/ts3.4/commands/ListKeyPoliciesCommand.d.ts +2 -2
  293. package/dist/types/ts3.4/commands/ListKeysCommand.d.ts +2 -2
  294. package/dist/types/ts3.4/commands/ListResourceTagsCommand.d.ts +4 -4
  295. package/dist/types/ts3.4/commands/ListRetirableGrantsCommand.d.ts +14 -14
  296. package/dist/types/ts3.4/commands/PutKeyPolicyCommand.d.ts +5 -5
  297. package/dist/types/ts3.4/commands/ReEncryptCommand.d.ts +30 -34
  298. package/dist/types/ts3.4/commands/ReplicateKeyCommand.d.ts +16 -16
  299. package/dist/types/ts3.4/commands/RetireGrantCommand.d.ts +9 -9
  300. package/dist/types/ts3.4/commands/RevokeGrantCommand.d.ts +9 -4
  301. package/dist/types/ts3.4/commands/ScheduleKeyDeletionCommand.d.ts +17 -17
  302. package/dist/types/ts3.4/commands/SignCommand.d.ts +12 -13
  303. package/dist/types/ts3.4/commands/TagResourceCommand.d.ts +10 -12
  304. package/dist/types/ts3.4/commands/UntagResourceCommand.d.ts +9 -10
  305. package/dist/types/ts3.4/commands/UpdateAliasCommand.d.ts +15 -15
  306. package/dist/types/ts3.4/commands/UpdateCustomKeyStoreCommand.d.ts +9 -9
  307. package/dist/types/ts3.4/commands/UpdateKeyDescriptionCommand.d.ts +4 -4
  308. package/dist/types/ts3.4/commands/UpdatePrimaryRegionCommand.d.ts +13 -13
  309. package/dist/types/ts3.4/commands/VerifyCommand.d.ts +14 -14
  310. package/dist/types/ts3.4/models/models_0.d.ts +584 -570
  311. package/models/models_0.ts +588 -570
  312. package/package.json +31 -31
  313. package/protocols/Aws_json1_1.ts +20 -12
@@ -7,77 +7,73 @@ export interface ReEncryptCommandInput extends ReEncryptRequest {
7
7
  export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Decrypts ciphertext and then reencrypts it entirely within AWS KMS. You can use this
11
- * operation to change the customer master key (CMK) under which data is encrypted, such as when
12
- * you <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually">manually rotate</a> a CMK or change the CMK that protects a ciphertext. You can also
13
- * use it to reencrypt ciphertext under the same CMK, such as to change the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context">encryption
10
+ * <p>Decrypts ciphertext and then reencrypts it entirely within KMS. You can use this
11
+ * operation to change the KMS key under which data is encrypted, such as when
12
+ * you <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html#rotate-keys-manually">manually rotate</a> a KMS key or change the KMS key that protects a ciphertext. You can also
13
+ * use it to reencrypt ciphertext under the same KMS key, such as to change the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#encrypt_context">encryption
14
14
  * context</a> of a ciphertext.</p>
15
15
  * <p>The <code>ReEncrypt</code> operation can decrypt ciphertext that was encrypted by using an
16
- * AWS KMS CMK in an AWS KMS operation, such as <a>Encrypt</a> or <a>GenerateDataKey</a>. It can also decrypt ciphertext that was encrypted by using the
17
- * public key of an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks">asymmetric CMK</a> outside
18
- * of AWS KMS. However, it cannot decrypt ciphertext produced by other libraries, such as the
19
- * <a href="https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/">AWS Encryption SDK</a> or <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon S3 client-side
20
- * encryption</a>. These libraries return a ciphertext format that is incompatible with
21
- * AWS KMS.</p>
16
+ * KMS KMS key in an KMS operation, such as <a>Encrypt</a> or <a>GenerateDataKey</a>. It can also decrypt ciphertext that was encrypted by using the
17
+ * public key of an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks">asymmetric KMS key</a> outside of KMS. However, it cannot decrypt ciphertext
18
+ * produced by other libraries, such as the <a href="https://docs.aws.amazon.com/encryption-sdk/latest/developer-guide/">Amazon Web Services Encryption SDK</a> or <a href="https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingClientSideEncryption.html">Amazon S3 client-side encryption</a>.
19
+ * These libraries return a ciphertext format that is incompatible with KMS.</p>
22
20
  * <p>When you use the <code>ReEncrypt</code> operation, you need to provide information for the
23
21
  * decrypt operation and the subsequent encrypt operation.</p>
24
22
  * <ul>
25
23
  * <li>
26
- * <p>If your ciphertext was encrypted under an asymmetric CMK, you must use the
27
- * <code>SourceKeyId</code> parameter to identify the CMK that encrypted the ciphertext.
24
+ * <p>If your ciphertext was encrypted under an asymmetric KMS key, you must use the
25
+ * <code>SourceKeyId</code> parameter to identify the KMS key that encrypted the ciphertext.
28
26
  * You must also supply the encryption algorithm that was used. This information is required
29
27
  * to decrypt the data.</p>
30
28
  * </li>
31
29
  * <li>
32
- * <p>If your ciphertext was encrypted under a symmetric CMK, the <code>SourceKeyId</code>
33
- * parameter is optional. AWS KMS can get this information from metadata that it adds to the
30
+ * <p>If your ciphertext was encrypted under a symmetric KMS key, the <code>SourceKeyId</code>
31
+ * parameter is optional. KMS can get this information from metadata that it adds to the
34
32
  * symmetric ciphertext blob. This feature adds durability to your implementation by ensuring
35
33
  * that authorized users can decrypt ciphertext decades after it was encrypted, even if
36
- * they've lost track of the CMK ID. However, specifying the source CMK is always recommended
37
- * as a best practice. When you use the <code>SourceKeyId</code> parameter to specify a CMK,
38
- * AWS KMS uses only the CMK you specify. If the ciphertext was encrypted under a different
39
- * CMK, the <code>ReEncrypt</code> operation fails. This practice ensures that you use the
40
- * CMK that you intend.</p>
34
+ * they've lost track of the key ID. However, specifying the source KMS key is always recommended
35
+ * as a best practice. When you use the <code>SourceKeyId</code> parameter to specify a KMS key,
36
+ * KMS uses only the KMS key you specify. If the ciphertext was encrypted under a different KMS key, the <code>ReEncrypt</code> operation fails. This practice ensures that you use the KMS key that you intend.</p>
41
37
  * </li>
42
38
  * <li>
43
39
  * <p>To reencrypt the data, you must use the <code>DestinationKeyId</code> parameter
44
- * specify the CMK that re-encrypts the data after it is decrypted. You can select a
45
- * symmetric or asymmetric CMK. If the destination CMK is an asymmetric CMK, you must also
40
+ * specify the KMS key that re-encrypts the data after it is decrypted. You can select a
41
+ * symmetric or asymmetric KMS key. If the destination KMS key is an asymmetric KMS key, you must also
46
42
  * provide the encryption algorithm. The algorithm that you choose must be compatible with
47
- * the CMK.</p>
43
+ * the KMS key.</p>
48
44
  *
49
45
  * <important>
50
- * <p>When you use an asymmetric CMK to encrypt or reencrypt data, be sure to record the CMK and encryption algorithm that you choose. You will be required to provide the same CMK and encryption algorithm when you decrypt the data. If the CMK and algorithm do not match the values used to encrypt the data, the decrypt operation fails.</p>
51
- * <p>You are not required to supply the CMK ID and encryption algorithm when you decrypt with symmetric CMKs because AWS KMS stores this information in the ciphertext blob. AWS KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.</p>
46
+ * <p>When you use an asymmetric KMS key to encrypt or reencrypt data, be sure to record the KMS key and encryption algorithm that you choose. You will be required to provide the same KMS key and encryption algorithm when you decrypt the data. If the KMS key and algorithm do not match the values used to encrypt the data, the decrypt operation fails.</p>
47
+ * <p>You are not required to supply the key ID and encryption algorithm when you decrypt with symmetric KMS keys because KMS stores this information in the ciphertext blob. KMS cannot store metadata in ciphertext generated with asymmetric keys. The standard format for asymmetric key ciphertext does not include configurable fields.</p>
52
48
  * </important>
53
49
  * </li>
54
50
  * </ul>
55
51
  *
56
52
  *
57
53
  *
58
- * <p>The CMK that you use for this operation must be in a compatible key state. For
59
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
54
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
55
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
60
56
  * <p>
61
- * <b>Cross-account use</b>: Yes. The source CMK and destination
62
- * CMK can be in different AWS accounts. Either or both CMKs can be in a different account than
63
- * the caller.</p>
57
+ * <b>Cross-account use</b>: Yes. The source KMS key and destination KMS key can be in different Amazon Web Services accounts. Either or both KMS keys can be in a different account than
58
+ * the caller. To specify a KMS key in a different account, you must use its key ARN or alias
59
+ * ARN.</p>
64
60
  *
65
61
  * <p>
66
62
  * <b>Required permissions</b>:</p>
67
63
  * <ul>
68
64
  * <li>
69
65
  * <p>
70
- * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ReEncryptFrom</a> permission on the source CMK (key policy)</p>
66
+ * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ReEncryptFrom</a> permission on the source KMS key (key policy)</p>
71
67
  * </li>
72
68
  * <li>
73
69
  * <p>
74
- * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ReEncryptTo</a> permission on the destination CMK (key policy)</p>
70
+ * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ReEncryptTo</a> permission on the destination KMS key (key policy)</p>
75
71
  * </li>
76
72
  * </ul>
77
- * <p>To permit reencryption from or to a CMK, include the <code>"kms:ReEncrypt*"</code>
73
+ * <p>To permit reencryption from or to a KMS key, include the <code>"kms:ReEncrypt*"</code>
78
74
  * permission in your <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">key policy</a>. This permission is
79
- * automatically included in the key policy when you use the console to create a CMK. But you
80
- * must include it manually when you create a CMK programmatically or when you use the <a>PutKeyPolicy</a> operation to set a key policy.</p>
75
+ * automatically included in the key policy when you use the console to create a KMS key. But you
76
+ * must include it manually when you create a KMS key programmatically or when you use the <a>PutKeyPolicy</a> operation to set a key policy.</p>
81
77
  *
82
78
  * <p>
83
79
  * <b>Related operations:</b>
@@ -9,24 +9,24 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad
9
9
  /**
10
10
  * <p>Replicates a multi-Region key into the specified Region. This operation creates a
11
11
  * multi-Region replica key based on a multi-Region primary key in a different Region of the same
12
- * AWS partition. You can create multiple replicas of a primary key, but each must be in a
12
+ * Amazon Web Services partition. You can create multiple replicas of a primary key, but each must be in a
13
13
  * different Region. To create a multi-Region primary key, use the <a>CreateKey</a>
14
14
  * operation.</p>
15
- * <p>This operation supports <i>multi-Region keys</i>, an AWS KMS feature that lets you create multiple
16
- * interoperable CMKs in different AWS Regions. Because these CMKs have the same key ID, key
17
- * material, and other metadata, you can use them to encrypt data in one AWS Region and decrypt
18
- * it in a different AWS Region without making a cross-Region call or exposing the plaintext data. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
19
- * <p>A <i>replica key</i> is a fully-functional CMK that can be used
15
+ * <p>This operation supports <i>multi-Region keys</i>, an KMS feature that lets you create multiple
16
+ * interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key
17
+ * material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt
18
+ * it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
19
+ * <p>A <i>replica key</i> is a fully-functional KMS key that can be used
20
20
  * independently of its primary and peer replica keys. A primary key and its replica keys share
21
21
  * properties that make them interoperable. They have the same <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id">key ID</a> and key material. They also
22
22
  * have the same <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-spec">key
23
23
  * spec</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-usage">key
24
24
  * usage</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-origin">key
25
- * material origin</a>, and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html">automatic key rotation status</a>. AWS KMS automatically synchronizes these shared
25
+ * material origin</a>, and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html">automatic key rotation status</a>. KMS automatically synchronizes these shared
26
26
  * properties among related multi-Region keys. All other properties of a replica key can differ,
27
27
  * including its <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html">key
28
28
  * policy</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">tags</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html">aliases</a>, and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">key
29
- * state</a>. AWS KMS pricing and quotas for CMKs apply to each primary key and replica
29
+ * state</a>. KMS pricing and quotas for KMS keys apply to each primary key and replica
30
30
  * key.</p>
31
31
  * <p>When this operation completes, the new replica key has a transient key state of
32
32
  * <code>Creating</code>. This key state changes to <code>Enabled</code> (or
@@ -35,31 +35,31 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad
35
35
  * cannot yet use it in cryptographic operations. If you are creating and using the replica key
36
36
  * programmatically, retry on <code>KMSInvalidStateException</code> or call
37
37
  * <code>DescribeKey</code> to check its <code>KeyState</code> value before using it. For
38
- * details about the <code>Creating</code> key state, see <a href="kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the
39
- * <i>AWS Key Management Service Developer Guide</i>.</p>
40
- * <p>The AWS CloudTrail log of a <code>ReplicateKey</code> operation records a
38
+ * details about the <code>Creating</code> key state, see <a href="kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the
39
+ * <i>Key Management Service Developer Guide</i>.</p>
40
+ * <p>The CloudTrail log of a <code>ReplicateKey</code> operation records a
41
41
  * <code>ReplicateKey</code> operation in the primary key's Region and a <a>CreateKey</a> operation in the replica key's Region.</p>
42
42
  * <p>If you replicate a multi-Region primary key with imported key material, the replica key is
43
43
  * created with no key material. You must import the same key material that you imported into the
44
- * primary key. For details, see <a href="kms/latest/developerguide/multi-region-keys-import.html">Importing key material into multi-Region keys</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
44
+ * primary key. For details, see <a href="kms/latest/developerguide/multi-region-keys-import.html">Importing key material into multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
45
45
  * <p>To convert a replica key to a primary key, use the <a>UpdatePrimaryRegion</a>
46
46
  * operation.</p>
47
47
  * <note>
48
48
  * <p>
49
49
  * <code>ReplicateKey</code> uses different default values for the <code>KeyPolicy</code> and
50
- * <code>Tags</code> parameters than those used in the AWS KMS console. For details, see the
50
+ * <code>Tags</code> parameters than those used in the KMS console. For details, see the
51
51
  * parameter descriptions.</p>
52
52
  * </note>
53
53
  * <p>
54
54
  * <b>Cross-account use</b>: No. You cannot use this operation to
55
- * create a CMK in a different AWS account. </p>
55
+ * create a replica key in a different Amazon Web Services account. </p>
56
56
  * <p>
57
57
  * <b>Required permissions</b>: </p>
58
58
  * <ul>
59
59
  * <li>
60
60
  * <p>
61
- * <code>kms:ReplicateKey</code> on the primary CMK (in the primary CMK's Region). Include this
62
- * permission in the primary CMK's key policy.</p>
61
+ * <code>kms:ReplicateKey</code> on the primary key (in the primary key's Region). Include this
62
+ * permission in the primary key's key policy.</p>
63
63
  * </li>
64
64
  * <li>
65
65
  * <p>
@@ -9,24 +9,24 @@ export interface RetireGrantCommandOutput extends __MetadataBearer {
9
9
  /**
10
10
  * <p>Deletes a grant. Typically, you retire a grant when you no longer need its permissions. To
11
11
  * identify the grant to retire, use a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#grant_token">grant token</a>, or both the grant ID and a
12
- * key identifier (key ID or key ARN) of the customer master key (CMK). The <a>CreateGrant</a> operation returns both values.</p>
12
+ * key identifier (key ID or key ARN) of the KMS key. The <a>CreateGrant</a> operation returns both values.</p>
13
13
  * <p>This operation can be called by the <i>retiring principal</i> for a grant,
14
14
  * by the <i>grantee principal</i> if the grant allows the <code>RetireGrant</code>
15
- * operation, and by the AWS account (root user) in which the grant is created. It can also be
15
+ * operation, and by the Amazon Web Services account (root user) in which the grant is created. It can also be
16
16
  * called by principals to whom permission for retiring a grant is delegated. For details, see
17
- * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete">Retiring and
18
- * revoking grants</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
17
+ * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete">Retiring and
18
+ * revoking grants</a> in the <i>Key Management Service Developer Guide</i>.</p>
19
19
  * <p>For detailed information about grants, including grant terminology, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html">Using grants</a> in the
20
20
  * <i>
21
- * <i>AWS Key Management Service Developer Guide</i>
21
+ * <i>Key Management Service Developer Guide</i>
22
22
  * </i>. For examples of working with grants in several
23
- * programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>.</p>
23
+ * programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>. </p>
24
24
  * <p>
25
- * <b>Cross-account use</b>: Yes. You can retire a grant on a CMK
26
- * in a different AWS account.</p>
25
+ * <b>Cross-account use</b>: Yes. You can retire a grant on a KMS key
26
+ * in a different Amazon Web Services account.</p>
27
27
  * <p>
28
28
  * <b>Required permissions:</b>:Permission to retire a grant is
29
- * determined primarily by the grant. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete">Retiring and revoking grants</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
29
+ * determined primarily by the grant. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#grant-delete">Retiring and revoking grants</a> in the <i>Key Management Service Developer Guide</i>.</p>
30
30
  * <p>
31
31
  * <b>Related operations:</b>
32
32
  * </p>
@@ -11,14 +11,19 @@ export interface RevokeGrantCommandOutput extends __MetadataBearer {
11
11
  * grant allows. For more
12
12
  * information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/managing-grants.html#grant-delete">Retiring and revoking grants</a> in
13
13
  * the <i>
14
- * <i>AWS Key Management Service Developer Guide</i>
14
+ * <i>Key Management Service Developer Guide</i>
15
15
  * </i>.</p>
16
- * <p>When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout AWS KMS. This state is known as <i>eventual consistency</i>. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-eventual-consistency">Eventual consistency</a> in
16
+ * <p>When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as <i>eventual consistency</i>. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-eventual-consistency">Eventual consistency</a> in
17
17
  * the <i>
18
- * <i>AWS Key Management Service Developer Guide</i>
18
+ * <i>Key Management Service Developer Guide</i>
19
19
  * </i>. </p>
20
+ * <p>For detailed information about grants, including grant terminology, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html">Using grants</a> in the
21
+ * <i>
22
+ * <i>Key Management Service Developer Guide</i>
23
+ * </i>. For examples of working with grants in several
24
+ * programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>. </p>
20
25
  * <p>
21
- * <b>Cross-account use</b>: Yes. To perform this operation on a CMK in a different AWS account, specify the key
26
+ * <b>Cross-account use</b>: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key
22
27
  * ARN in the value of the <code>KeyId</code> parameter.</p>
23
28
  * <p>
24
29
  * <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:RevokeGrant</a> (key policy).</p>
@@ -7,38 +7,38 @@ export interface ScheduleKeyDeletionCommandInput extends ScheduleKeyDeletionRequ
7
7
  export interface ScheduleKeyDeletionCommandOutput extends ScheduleKeyDeletionResponse, __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Schedules the deletion of a customer master key (CMK). By default, AWS KMS applies a waiting
10
+ * <p>Schedules the deletion of a KMS key. By default, KMS applies a waiting
11
11
  * period of 30 days, but you can specify a waiting period of 7-30 days. When this operation is
12
- * successful, the key state of the CMK changes to <code>PendingDeletion</code> and the key can't
12
+ * successful, the key state of the KMS key changes to <code>PendingDeletion</code> and the key can't
13
13
  * be used in any cryptographic operations. It remains in this state for the duration of the
14
- * waiting period. Before the waiting period ends, you can use <a>CancelKeyDeletion</a> to cancel the deletion of the CMK. After the waiting period ends, AWS KMS deletes the CMK,
15
- * its key material, and all AWS KMS data associated with it, including all aliases that refer to
14
+ * waiting period. Before the waiting period ends, you can use <a>CancelKeyDeletion</a> to cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,
15
+ * its key material, and all KMS data associated with it, including all aliases that refer to
16
16
  * it.</p>
17
17
  * <important>
18
- * <p>Deleting a CMK is a destructive and potentially dangerous operation. When a CMK is
19
- * deleted, all data that was encrypted under the CMK is unrecoverable. (The only exception is
20
- * a multi-Region replica key.) To prevent the use of a CMK without deleting it, use <a>DisableKey</a>. </p>
18
+ * <p>Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key is
19
+ * deleted, all data that was encrypted under the KMS key is unrecoverable. (The only exception is
20
+ * a multi-Region replica key.) To prevent the use of a KMS key without deleting it, use <a>DisableKey</a>. </p>
21
21
  * </important>
22
- * <p>If you schedule deletion of a CMK from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, when the waiting period
23
- * expires, <code>ScheduleKeyDeletion</code> deletes the CMK from AWS KMS. Then AWS KMS makes a best
24
- * effort to delete the key material from the associated AWS CloudHSM cluster. However, you might need
22
+ * <p>If you schedule deletion of a KMS key from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, when the waiting period
23
+ * expires, <code>ScheduleKeyDeletion</code> deletes the KMS key from KMS. Then KMS makes a best
24
+ * effort to delete the key material from the associated CloudHSM cluster. However, you might need
25
25
  * to manually <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key">delete the orphaned key
26
26
  * material</a> from the cluster and its backups.</p>
27
27
  * <p>You can schedule the deletion of a multi-Region primary key and its replica keys at any
28
- * time. However, AWS KMS will not delete a multi-Region primary key with existing replica keys. If
28
+ * time. However, KMS will not delete a multi-Region primary key with existing replica keys. If
29
29
  * you schedule the deletion of a primary key with replicas, its key state changes to
30
30
  * <code>PendingReplicaDeletion</code> and it cannot be replicated or used in cryptographic
31
31
  * operations. This status can continue indefinitely. When the last of its replicas keys is
32
32
  * deleted (not just scheduled), the key state of the primary key changes to
33
33
  * <code>PendingDeletion</code> and its waiting period (<code>PendingWindowInDays</code>)
34
- * begins. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html">Deleting multi-Region keys</a> in the <i>AWS Key Management Service Developer Guide</i>. </p>
35
- * <p>For more information about scheduling a CMK for deletion, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html">Deleting Customer Master Keys</a> in the
36
- * <i>AWS Key Management Service Developer Guide</i>.</p>
37
- * <p>The CMK that you use for this operation must be in a compatible key state. For
38
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
34
+ * begins. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html">Deleting multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>. </p>
35
+ * <p>For more information about scheduling a KMS key for deletion, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html">Deleting KMS keys</a> in the
36
+ * <i>Key Management Service Developer Guide</i>.</p>
37
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
38
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
39
39
  *
40
40
  * <p>
41
- * <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account.</p>
41
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
42
42
  *
43
43
  *
44
44
  * <p>
@@ -8,21 +8,20 @@ export interface SignCommandOutput extends SignResponse, __MetadataBearer {
8
8
  }
9
9
  /**
10
10
  * <p>Creates a <a href="https://en.wikipedia.org/wiki/Digital_signature">digital
11
- * signature</a> for a message or message digest by using the private key in an asymmetric
12
- * CMK. To verify the signature, use the <a>Verify</a> operation, or use the public
13
- * key in the same asymmetric CMK outside of AWS KMS. For information about symmetric and asymmetric CMKs, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric CMKs</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
11
+ * signature</a> for a message or message digest by using the private key in an asymmetric KMS key. To verify the signature, use the <a>Verify</a> operation, or use the public
12
+ * key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
14
13
  * <p>Digital signatures are generated and verified by using asymmetric key pair, such as an RSA
15
- * or ECC pair that is represented by an asymmetric customer master key (CMK). The key owner (or
14
+ * or ECC pair that is represented by an asymmetric KMS key. The key owner (or
16
15
  * an authorized user) uses their private key to sign a message. Anyone with the public key can
17
16
  * verify that the message was signed with that particular private key and that the message
18
17
  * hasn't changed since it was signed. </p>
19
18
  * <p>To use the <code>Sign</code> operation, provide the following information:</p>
20
19
  * <ul>
21
20
  * <li>
22
- * <p>Use the <code>KeyId</code> parameter to identify an asymmetric CMK with a
21
+ * <p>Use the <code>KeyId</code> parameter to identify an asymmetric KMS key with a
23
22
  * <code>KeyUsage</code> value of <code>SIGN_VERIFY</code>. To get the
24
- * <code>KeyUsage</code> value of a CMK, use the <a>DescribeKey</a> operation.
25
- * The caller must have <code>kms:Sign</code> permission on the CMK.</p>
23
+ * <code>KeyUsage</code> value of a KMS key, use the <a>DescribeKey</a> operation.
24
+ * The caller must have <code>kms:Sign</code> permission on the KMS key.</p>
26
25
  * </li>
27
26
  * <li>
28
27
  * <p>Use the <code>Message</code> parameter to specify the message or message digest to
@@ -32,20 +31,20 @@ export interface SignCommandOutput extends SignResponse, __MetadataBearer {
32
31
  * <code>MessageType</code> parameter.</p>
33
32
  * </li>
34
33
  * <li>
35
- * <p>Choose a signing algorithm that is compatible with the CMK. </p>
34
+ * <p>Choose a signing algorithm that is compatible with the KMS key. </p>
36
35
  * </li>
37
36
  * </ul>
38
37
  * <important>
39
- * <p>When signing a message, be sure to record the CMK and the signing algorithm. This
38
+ * <p>When signing a message, be sure to record the KMS key and the signing algorithm. This
40
39
  * information is required to verify the signature.</p>
41
40
  * </important>
42
41
  * <p>To verify the signature that this operation generates, use the <a>Verify</a>
43
42
  * operation. Or use the <a>GetPublicKey</a> operation to download the public key and
44
- * then use the public key to verify the signature outside of AWS KMS. </p>
45
- * <p>The CMK that you use for this operation must be in a compatible key state. For
46
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
43
+ * then use the public key to verify the signature outside of KMS. </p>
44
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
45
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
47
46
  * <p>
48
- * <b>Cross-account use</b>: Yes. To perform this operation with a CMK in a different AWS account, specify
47
+ * <b>Cross-account use</b>: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
49
48
  * the key ARN or alias ARN in the value of the <code>KeyId</code> parameter.</p>
50
49
  *
51
50
  * <p>
@@ -7,26 +7,24 @@ export interface TagResourceCommandInput extends TagResourceRequest {
7
7
  export interface TagResourceCommandOutput extends __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Adds or edits tags on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed CMK</a>.</p>
10
+ * <p>Adds or edits tags on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>.</p>
11
11
  * <note>
12
- * <p>Tagging or untagging a CMK can allow or deny permission to the
13
- * CMK. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in AWS KMS</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
12
+ * <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
14
13
  * </note>
15
14
  * <p>Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.
16
15
  * The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag
17
16
  * value. To edit a tag, specify an existing tag key and a new tag value.</p>
18
- * <p>You can use this operation to tag a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed CMK</a>, but you cannot
19
- * tag an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">AWS
20
- * managed CMK</a>, an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk">AWS owned CMK</a>, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#keystore-concept">custom key store</a>, or
17
+ * <p>You can use this operation to tag a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>, but you cannot
18
+ * tag an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services managed key</a>, an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk">Amazon Web Services owned key</a>, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#keystore-concept">custom key store</a>, or
21
19
  * an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#alias-concept">alias</a>.</p>
22
- * <p>You can also add tags to a CMK while creating it (<a>CreateKey</a>) or replicating it (<a>ReplicateKey</a>).</p>
23
- * <p>For information about using tags in AWS KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
24
- * tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging AWS resources</a> in the <i>Amazon
20
+ * <p>You can also add tags to a KMS key while creating it (<a>CreateKey</a>) or replicating it (<a>ReplicateKey</a>).</p>
21
+ * <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
22
+ * tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
25
23
  * Web Services General Reference</i>. </p>
26
- * <p>The CMK that you use for this operation must be in a compatible key state. For
27
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
24
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
25
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
28
26
  * <p>
29
- * <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account. </p>
27
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
30
28
  *
31
29
  * <p>
32
30
  * <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:TagResource</a> (key policy)</p>
@@ -7,23 +7,22 @@ export interface UntagResourceCommandInput extends UntagResourceRequest {
7
7
  export interface UntagResourceCommandOutput extends __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Deletes tags from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed CMK</a>. To delete a tag,
11
- * specify the tag key and the CMK.</p>
10
+ * <p>Deletes tags from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>. To delete a tag,
11
+ * specify the tag key and the KMS key.</p>
12
12
  * <note>
13
- * <p>Tagging or untagging a CMK can allow or deny permission to the
14
- * CMK. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in AWS KMS</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
13
+ * <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
15
14
  * </note>
16
15
  * <p>When it succeeds, the <code>UntagResource</code> operation doesn't return any output.
17
- * Also, if the specified tag key isn't found on the CMK, it doesn't throw an exception or return
16
+ * Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or return
18
17
  * a response. To confirm that the operation worked, use the <a>ListResourceTags</a> operation.</p>
19
18
  *
20
- * <p>For information about using tags in AWS KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
21
- * tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging AWS resources</a> in the <i>Amazon
19
+ * <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
20
+ * tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
22
21
  * Web Services General Reference</i>. </p>
23
- * <p>The CMK that you use for this operation must be in a compatible key state. For
24
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
22
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
23
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
25
24
  * <p>
26
- * <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account.</p>
25
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
27
26
  *
28
27
  * <p>
29
28
  * <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UntagResource</a> (key policy)</p>
@@ -7,27 +7,27 @@ export interface UpdateAliasCommandInput extends UpdateAliasRequest {
7
7
  export interface UpdateAliasCommandOutput extends __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Associates an existing AWS KMS alias with a different customer master key (CMK). Each alias
11
- * is associated with only one CMK at a time, although a CMK can have multiple aliases. The alias
12
- * and the CMK must be in the same AWS account and Region.</p>
10
+ * <p>Associates an existing KMS alias with a different KMS key. Each alias
11
+ * is associated with only one KMS key at a time, although a KMS key can have multiple aliases. The alias
12
+ * and the KMS key must be in the same Amazon Web Services account and Region.</p>
13
13
  * <note>
14
- * <p>Adding, deleting, or updating an alias can allow or deny permission to the CMK. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in AWS KMS</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
14
+ * <p>Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
15
15
  * </note>
16
- * <p>The current and new CMK must be the same type (both symmetric or both asymmetric), and
16
+ * <p>The current and new KMS key must be the same type (both symmetric or both asymmetric), and
17
17
  * they must have the same key usage (<code>ENCRYPT_DECRYPT</code> or <code>SIGN_VERIFY</code>).
18
18
  * This restriction prevents errors in code that uses aliases. If you must assign an alias to a
19
- * different type of CMK, use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to create a new alias.</p>
19
+ * different type of KMS key, use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to create a new alias.</p>
20
20
  * <p>You cannot use <code>UpdateAlias</code> to change an alias name. To change an alias name,
21
21
  * use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to
22
22
  * create a new alias.</p>
23
- * <p>Because an alias is not a property of a CMK, you can create, update, and delete the
24
- * aliases of a CMK without affecting the CMK. Also, aliases do not appear in the response from
25
- * the <a>DescribeKey</a> operation. To get the aliases of all CMKs in the account,
23
+ * <p>Because an alias is not a property of a KMS key, you can create, update, and delete the
24
+ * aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the response from
25
+ * the <a>DescribeKey</a> operation. To get the aliases of all KMS keys in the account,
26
26
  * use the <a>ListAliases</a> operation. </p>
27
- * <p>The CMK that you use for this operation must be in a compatible key state. For
28
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
27
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
28
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
29
29
  * <p>
30
- * <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account. </p>
30
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
31
31
  * <p>
32
32
  * <b>Required permissions</b>
33
33
  * </p>
@@ -38,14 +38,14 @@ export interface UpdateAliasCommandOutput extends __MetadataBearer {
38
38
  * </li>
39
39
  * <li>
40
40
  * <p>
41
- * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on the current CMK (key policy).</p>
41
+ * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on the current KMS key (key policy).</p>
42
42
  * </li>
43
43
  * <li>
44
44
  * <p>
45
- * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on the new CMK (key policy).</p>
45
+ * <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on the new KMS key (key policy).</p>
46
46
  * </li>
47
47
  * </ul>
48
- * <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
48
+ * <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the <i>Key Management Service Developer Guide</i>.</p>
49
49
  * <p>
50
50
  * <b>Related operations:</b>
51
51
  * </p>
@@ -24,30 +24,30 @@ export interface UpdateCustomKeyStoreCommandOutput extends UpdateCustomKeyStoreR
24
24
  * <p> </p>
25
25
  * </li>
26
26
  * <li>
27
- * <p>Use the <b>KeyStorePassword</b> parameter tell AWS KMS the
27
+ * <p>Use the <b>KeyStorePassword</b> parameter tell KMS the
28
28
  * current password of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser">
29
29
  * <code>kmsuser</code> crypto
30
- * user (CU)</a> in the associated AWS CloudHSM cluster. You can use this parameter to <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-password">fix
31
- * connection failures</a> that occur when AWS KMS cannot log into the associated cluster
30
+ * user (CU)</a> in the associated CloudHSM cluster. You can use this parameter to <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-password">fix
31
+ * connection failures</a> that occur when KMS cannot log into the associated cluster
32
32
  * because the <code>kmsuser</code> password has changed. This value does not change the
33
- * password in the AWS CloudHSM cluster.</p>
33
+ * password in the CloudHSM cluster.</p>
34
34
  * <p> </p>
35
35
  * </li>
36
36
  * <li>
37
37
  * <p>Use the <b>CloudHsmClusterId</b> parameter to associate the
38
- * custom key store with a different, but related, AWS CloudHSM cluster. You can use this parameter
39
- * to repair a custom key store if its AWS CloudHSM cluster becomes corrupted or is deleted, or when
38
+ * custom key store with a different, but related, CloudHSM cluster. You can use this parameter
39
+ * to repair a custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when
40
40
  * you need to create or restore a cluster from a backup. </p>
41
41
  * </li>
42
42
  * </ul>
43
43
  * <p>If the operation succeeds, it returns a JSON object with no
44
44
  * properties.</p>
45
- * <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in AWS KMS, which
46
- * combines the convenience and extensive integration of AWS KMS with the isolation and control of a
45
+ * <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
46
+ * combines the convenience and extensive integration of KMS with the isolation and control of a
47
47
  * single-tenant key store.</p>
48
48
  *
49
49
  * <p>
50
- * <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different AWS account. </p>
50
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account. </p>
51
51
  * <p>
52
52
  * <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateCustomKeyStore</a> (IAM policy)</p>
53
53
  * <p>
@@ -7,12 +7,12 @@ export interface UpdateKeyDescriptionCommandInput extends UpdateKeyDescriptionRe
7
7
  export interface UpdateKeyDescriptionCommandOutput extends __MetadataBearer {
8
8
  }
9
9
  /**
10
- * <p>Updates the description of a customer master key (CMK). To see the description of a CMK,
10
+ * <p>Updates the description of a KMS key. To see the description of a KMS key,
11
11
  * use <a>DescribeKey</a>. </p>
12
- * <p>The CMK that you use for this operation must be in a compatible key state. For
13
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your CMK</a> in the <i>AWS Key Management Service Developer Guide</i>.</p>
12
+ * <p>The KMS key that you use for this operation must be in a compatible key state. For
13
+ * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
14
14
  * <p>
15
- * <b>Cross-account use</b>: No. You cannot perform this operation on a CMK in a different AWS account. </p>
15
+ * <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
16
16
  *
17
17
  * <p>
18
18
  * <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateKeyDescription</a> (key policy)</p>