@aws-sdk/client-kms 3.288.0 → 3.289.0

package/dist-types/commands/ListAliasesCommand.d.ts

@@ -69,6 +69,62 @@ export interface ListAliasesCommandOutput extends ListAliasesResponse, __Metadat
  * @see {@link ListAliasesCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list aliases
+ * ```javascript
+ * // The following example lists aliases.
+ * const input = undefined;
+ * const command = new ListAliasesCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Aliases": [
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/acm",
+ *       "AliasName": "alias/aws/acm",
+ *       "TargetKeyId": "da03f6f7-d279-427a-9cae-de48d07e5b66"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/ebs",
+ *       "AliasName": "alias/aws/ebs",
+ *       "TargetKeyId": "25a217e7-7170-4b8c-8bf6-045ea5f70e5b"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/rds",
+ *       "AliasName": "alias/aws/rds",
+ *       "TargetKeyId": "7ec3104e-c3f2-4b5c-bf42-bfc4772c6685"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/redshift",
+ *       "AliasName": "alias/aws/redshift",
+ *       "TargetKeyId": "08f7a25a-69e2-4fb5-8f10-393db27326fa"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/aws/s3",
+ *       "AliasName": "alias/aws/s3",
+ *       "TargetKeyId": "d2b0f1a3-580d-4f79-b836-bc983be8cfa5"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example1",
+ *       "AliasName": "alias/example1",
+ *       "TargetKeyId": "4da1e216-62d0-46c5-a7c0-5f3a3d2f8046"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example2",
+ *       "AliasName": "alias/example2",
+ *       "TargetKeyId": "f32fef59-2cc2-445b-8573-2d73328acbee"
+ *     },
+ *     {
+ *       "AliasArn": "arn:aws:kms:us-east-2:111122223333:alias/example3",
+ *       "AliasName": "alias/example3",
+ *       "TargetKeyId": "1374ef38-d34e-4d5f-b2c9-4e0daee38855"
+ *     }
+ *   ],
+ *   "Truncated": false
+ * }
+ * *\/
+ * // example id: to-list-aliases-1480729693349
+ * ```
+ *
  */
 export declare class ListAliasesCommand extends $Command<ListAliasesCommandInput, ListAliasesCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListAliasesCommandInput;

package/dist-types/commands/ListGrantsCommand.d.ts

@@ -73,6 +73,75 @@ export interface ListGrantsCommandOutput extends ListGrantsResponse, __MetadataB
  * @see {@link ListGrantsCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list grants for a KMS key
+ * ```javascript
+ * // The following example lists grants for the specified KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new ListGrantsCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Grants": [
+ *     {
+ *       "CreationDate": "2016-10-25T14:37:41-07:00",
+ *       "GrantId": "91ad875e49b04a9d1f3bdeb84d821f9db6ea95e1098813f6d47f0c65fbe2a172",
+ *       "GranteePrincipal": "acm.us-east-2.amazonaws.com",
+ *       "IssuingAccount": "arn:aws:iam::111122223333:root",
+ *       "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *       "Operations": [
+ *         "Encrypt",
+ *         "ReEncryptFrom",
+ *         "ReEncryptTo"
+ *       ],
+ *       "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
+ *     },
+ *     {
+ *       "CreationDate": "2016-10-25T14:37:41-07:00",
+ *       "GrantId": "a5d67d3e207a8fc1f4928749ee3e52eb0440493a8b9cf05bbfad91655b056200",
+ *       "GranteePrincipal": "acm.us-east-2.amazonaws.com",
+ *       "IssuingAccount": "arn:aws:iam::111122223333:root",
+ *       "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *       "Operations": [
+ *         "ReEncryptFrom",
+ *         "ReEncryptTo"
+ *       ],
+ *       "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
+ *     },
+ *     {
+ *       "CreationDate": "2016-10-25T14:37:41-07:00",
+ *       "GrantId": "c541aaf05d90cb78846a73b346fc43e65be28b7163129488c738e0c9e0628f4f",
+ *       "GranteePrincipal": "acm.us-east-2.amazonaws.com",
+ *       "IssuingAccount": "arn:aws:iam::111122223333:root",
+ *       "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *       "Operations": [
+ *         "Encrypt",
+ *         "ReEncryptFrom",
+ *         "ReEncryptTo"
+ *       ],
+ *       "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
+ *     },
+ *     {
+ *       "CreationDate": "2016-10-25T14:37:41-07:00",
+ *       "GrantId": "dd2052c67b4c76ee45caf1dc6a1e2d24e8dc744a51b36ae2f067dc540ce0105c",
+ *       "GranteePrincipal": "acm.us-east-2.amazonaws.com",
+ *       "IssuingAccount": "arn:aws:iam::111122223333:root",
+ *       "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *       "Operations": [
+ *         "Encrypt",
+ *         "ReEncryptFrom",
+ *         "ReEncryptTo"
+ *       ],
+ *       "RetiringPrincipal": "acm.us-east-2.amazonaws.com"
+ *     }
+ *   ],
+ *   "Truncated": true
+ * }
+ * *\/
+ * // example id: to-list-grants-for-a-cmk-1481067365389
+ * ```
+ *
  */
 export declare class ListGrantsCommand extends $Command<ListGrantsCommandInput, ListGrantsCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListGrantsCommandInput;

package/dist-types/commands/ListKeyPoliciesCommand.d.ts

@@ -50,6 +50,25 @@ export interface ListKeyPoliciesCommandOutput extends ListKeyPoliciesResponse, _
  * @see {@link ListKeyPoliciesCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list key policies for a KMS key
+ * ```javascript
+ * // The following example lists key policies for the specified KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new ListKeyPoliciesCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "PolicyNames": [
+ *     "default"
+ *   ],
+ *   "Truncated": false
+ * }
+ * *\/
+ * // example id: to-list-key-policies-for-a-cmk-1481069780998
+ * ```
+ *
  */
 export declare class ListKeyPoliciesCommand extends $Command<ListKeyPoliciesCommandInput, ListKeyPoliciesCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListKeyPoliciesCommandInput;

package/dist-types/commands/ListKeysCommand.d.ts

@@ -58,6 +58,50 @@ export interface ListKeysCommandOutput extends ListKeysResponse, __MetadataBeare
  * @see {@link ListKeysCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list KMS keys
+ * ```javascript
+ * // The following example lists KMS keys.
+ * const input = undefined;
+ * const command = new ListKeysCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Keys": [
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/0d990263-018e-4e65-a703-eff731de951e",
+ *       "KeyId": "0d990263-018e-4e65-a703-eff731de951e"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/144be297-0ae1-44ac-9c8f-93cd8c82f841",
+ *       "KeyId": "144be297-0ae1-44ac-9c8f-93cd8c82f841"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/21184251-b765-428e-b852-2c7353e72571",
+ *       "KeyId": "21184251-b765-428e-b852-2c7353e72571"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/214fe92f-5b03-4ae1-b350-db2a45dbe10c",
+ *       "KeyId": "214fe92f-5b03-4ae1-b350-db2a45dbe10c"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/339963f2-e523-49d3-af24-a0fe752aa458",
+ *       "KeyId": "339963f2-e523-49d3-af24-a0fe752aa458"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/b776a44b-df37-4438-9be4-a27494e4271a",
+ *       "KeyId": "b776a44b-df37-4438-9be4-a27494e4271a"
+ *     },
+ *     {
+ *       "KeyArn": "arn:aws:kms:us-east-2:111122223333:key/deaf6c9e-cf2c-46a6-bf6d-0b6d487cffbb",
+ *       "KeyId": "deaf6c9e-cf2c-46a6-bf6d-0b6d487cffbb"
+ *     }
+ *   ],
+ *   "Truncated": false
+ * }
+ * *\/
+ * // example id: to-list-cmks-1481071643069
+ * ```
+ *
  */
 export declare class ListKeysCommand extends $Command<ListKeysCommandInput, ListKeysCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListKeysCommandInput;

package/dist-types/commands/ListResourceTagsCommand.d.ts

@@ -62,6 +62,36 @@ export interface ListResourceTagsCommandOutput extends ListResourceTagsResponse,
  * @see {@link ListResourceTagsCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list tags for a KMS key
+ * ```javascript
+ * // The following example lists tags for a KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new ListResourceTagsCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Tags": [
+ *     {
+ *       "TagKey": "CostCenter",
+ *       "TagValue": "87654"
+ *     },
+ *     {
+ *       "TagKey": "CreatedBy",
+ *       "TagValue": "ExampleUser"
+ *     },
+ *     {
+ *       "TagKey": "Purpose",
+ *       "TagValue": "Test"
+ *     }
+ *   ],
+ *   "Truncated": false
+ * }
+ * *\/
+ * // example id: to-list-tags-for-a-cmk-1483996855796
+ * ```
+ *
  */
 export declare class ListResourceTagsCommand extends $Command<ListResourceTagsCommandInput, ListResourceTagsCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListResourceTagsCommandInput;

package/dist-types/commands/ListRetirableGrantsCommand.d.ts

@@ -71,6 +71,36 @@ export interface ListRetirableGrantsCommandOutput extends ListGrantsResponse, __
  * @see {@link ListRetirableGrantsCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To list grants that the specified principal can retire
+ * ```javascript
+ * // The following example lists the grants that the specified principal (identity) can retire.
+ * const input = {
+ *   "RetiringPrincipal": "arn:aws:iam::111122223333:role/ExampleRole"
+ * };
+ * const command = new ListRetirableGrantsCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "Grants": [
+ *     {
+ *       "CreationDate": "2016-12-07T11:09:35-08:00",
+ *       "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
+ *       "GranteePrincipal": "arn:aws:iam::111122223333:role/ExampleRole",
+ *       "IssuingAccount": "arn:aws:iam::444455556666:root",
+ *       "KeyId": "arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *       "Operations": [
+ *         "Decrypt",
+ *         "Encrypt"
+ *       ],
+ *       "RetiringPrincipal": "arn:aws:iam::111122223333:role/ExampleRole"
+ *     }
+ *   ],
+ *   "Truncated": false
+ * }
+ * *\/
+ * // example id: to-list-grants-that-the-specified-principal-can-retire-1481140499620
+ * ```
+ *
  */
 export declare class ListRetirableGrantsCommand extends $Command<ListRetirableGrantsCommandInput, ListRetirableGrantsCommandOutput, KMSClientResolvedConfig> {
     readonly input: ListRetirableGrantsCommandInput;

package/dist-types/commands/PutKeyPolicyCommand.d.ts

@@ -41,6 +41,19 @@ export interface PutKeyPolicyCommandOutput extends __MetadataBearer {
  * @see {@link PutKeyPolicyCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To attach a key policy to a KMS key
+ * ```javascript
+ * // The following example attaches a key policy to the specified KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Policy": "{\n    \"Version\": \"2012-10-17\",\n    \"Id\": \"custom-policy-2016-12-07\",\n    \"Statement\": [\n        {\n            \"Sid\": \"Enable IAM User Permissions\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"AWS\": \"arn:aws:iam::111122223333:root\"\n            },\n            \"Action\": \"kms:*\",\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"Allow access for Key Administrators\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"AWS\": [\n                    \"arn:aws:iam::111122223333:user/ExampleAdminUser\",\n                    \"arn:aws:iam::111122223333:role/ExampleAdminRole\"\n                ]\n            },\n            \"Action\": [\n                \"kms:Create*\",\n                \"kms:Describe*\",\n                \"kms:Enable*\",\n                \"kms:List*\",\n                \"kms:Put*\",\n                \"kms:Update*\",\n                \"kms:Revoke*\",\n                \"kms:Disable*\",\n                \"kms:Get*\",\n                \"kms:Delete*\",\n                \"kms:ScheduleKeyDeletion\",\n                \"kms:CancelKeyDeletion\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"Allow use of the key\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n            },\n            \"Action\": [\n                \"kms:Encrypt\",\n                \"kms:Decrypt\",\n                \"kms:ReEncrypt*\",\n                \"kms:GenerateDataKey*\",\n                \"kms:DescribeKey\"\n            ],\n            \"Resource\": \"*\"\n        },\n        {\n            \"Sid\": \"Allow attachment of persistent resources\",\n            \"Effect\": \"Allow\",\n            \"Principal\": {\n                \"AWS\": \"arn:aws:iam::111122223333:role/ExamplePowerUserRole\"\n            },\n            \"Action\": [\n                \"kms:CreateGrant\",\n                \"kms:ListGrants\",\n                \"kms:RevokeGrant\"\n            ],\n            \"Resource\": \"*\",\n            \"Condition\": {\n                \"Bool\": {\n                    \"kms:GrantIsForAWSResource\": \"true\"\n                }\n            }\n        }\n    ]\n}\n",
+ *   "PolicyName": "default"
+ * };
+ * const command = new PutKeyPolicyCommand(input);
+ * await client.send(command);
+ * // example id: to-attach-a-key-policy-to-a-cmk-1481147345018
+ * ```
+ *
  */
 export declare class PutKeyPolicyCommand extends $Command<PutKeyPolicyCommandInput, PutKeyPolicyCommandOutput, KMSClientResolvedConfig> {
     readonly input: PutKeyPolicyCommandInput;

package/dist-types/commands/ReEncryptCommand.d.ts

@@ -123,6 +123,25 @@ export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBea
  * @see {@link ReEncryptCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To reencrypt data
+ * ```javascript
+ * // The following example reencrypts data with the specified KMS key.
+ * const input = {
+ *   "CiphertextBlob": "<binary data>",
+ *   "DestinationKeyId": "0987dcba-09fe-87dc-65ba-ab0987654321"
+ * };
+ * const command = new ReEncryptCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextBlob": "<binary data>",
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ *   "SourceKeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ * }
+ * *\/
+ * // example id: to-reencrypt-data-1481230358001
+ * ```
+ *
  */
 export declare class ReEncryptCommand extends $Command<ReEncryptCommandInput, ReEncryptCommandOutput, KMSClientResolvedConfig> {
     readonly input: ReEncryptCommandInput;

package/dist-types/commands/ReplicateKeyCommand.d.ts

@@ -111,6 +111,54 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad
  * @see {@link ReplicateKeyCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To replicate a multi-Region key in a different AWS Region
+ * ```javascript
+ * // This example creates a multi-Region replica key in us-west-2 of a multi-Region primary key in us-east-1.
+ * const input = {
+ *   "KeyId": "arn:aws:kms:us-east-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ *   "ReplicaRegion": "us-west-2"
+ * };
+ * const command = new ReplicateKeyCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "ReplicaKeyMetadata": {
+ *     "AWSAccountId": "111122223333",
+ *     "Arn": "arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ *     "CreationDate": 1607472987.918,
+ *     "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",
+ *     "Description": "",
+ *     "Enabled": true,
+ *     "EncryptionAlgorithms": [
+ *       "SYMMETRIC_DEFAULT"
+ *     ],
+ *     "KeyId": "mrk-1234abcd12ab34cd56ef1234567890ab",
+ *     "KeyManager": "CUSTOMER",
+ *     "KeyState": "Enabled",
+ *     "KeyUsage": "ENCRYPT_DECRYPT",
+ *     "MultiRegion": true,
+ *     "MultiRegionConfiguration": {
+ *       "MultiRegionKeyType": "REPLICA",
+ *       "PrimaryKey": {
+ *         "Arn": "arn:aws:kms:us-east-1:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ *         "Region": "us-east-1"
+ *       },
+ *       "ReplicaKeys": [
+ *         {
+ *           "Arn": "arn:aws:kms:us-west-2:111122223333:key/mrk-1234abcd12ab34cd56ef1234567890ab",
+ *           "Region": "us-west-2"
+ *         }
+ *       ]
+ *     },
+ *     "Origin": "AWS_KMS"
+ *   },
+ *   "ReplicaPolicy": "{\n  \"Version\" : \"2012-10-17\",\n  \"Id\" : \"key-default-1\",...}",
+ *   "ReplicaTags": []
+ * }
+ * *\/
+ * // example id: to-replicate-a-multi-region-key-in-a-different-aws-region-1628622402887
+ * ```
+ *
  */
 export declare class ReplicateKeyCommand extends $Command<ReplicateKeyCommandInput, ReplicateKeyCommandOutput, KMSClientResolvedConfig> {
     readonly input: ReplicateKeyCommandInput;

package/dist-types/commands/RetireGrantCommand.d.ts

@@ -74,6 +74,18 @@ export interface RetireGrantCommandOutput extends __MetadataBearer {
  * @see {@link RetireGrantCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To retire a grant
+ * ```javascript
+ * // The following example retires a grant.
+ * const input = {
+ *   "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
+ *   "KeyId": "arn:aws:kms:us-east-2:444455556666:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new RetireGrantCommand(input);
+ * await client.send(command);
+ * // example id: to-retire-a-grant-1481327028297
+ * ```
+ *
  */
 export declare class RetireGrantCommand extends $Command<RetireGrantCommandInput, RetireGrantCommandOutput, KMSClientResolvedConfig> {
     readonly input: RetireGrantCommandInput;

package/dist-types/commands/RevokeGrantCommand.d.ts

@@ -72,6 +72,18 @@ export interface RevokeGrantCommandOutput extends __MetadataBearer {
  * @see {@link RevokeGrantCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To revoke a grant
+ * ```javascript
+ * // The following example revokes a grant.
+ * const input = {
+ *   "GrantId": "0c237476b39f8bc44e45212e08498fbe3151305030726c0590dd8d3e9f3d6a60",
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new RevokeGrantCommand(input);
+ * await client.send(command);
+ * // example id: to-revoke-a-grant-1481329549302
+ * ```
+ *
  */
 export declare class RevokeGrantCommand extends $Command<RevokeGrantCommandInput, RevokeGrantCommandOutput, KMSClientResolvedConfig> {
     readonly input: RevokeGrantCommandInput;

package/dist-types/commands/ScheduleKeyDeletionCommand.d.ts

@@ -84,6 +84,24 @@ export interface ScheduleKeyDeletionCommandOutput extends ScheduleKeyDeletionRes
  * @see {@link ScheduleKeyDeletionCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To schedule a KMS key for deletion
+ * ```javascript
+ * // The following example schedules the specified KMS key for deletion.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "PendingWindowInDays": 7
+ * };
+ * const command = new ScheduleKeyDeletionCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "DeletionDate": "2016-12-17T16:00:00-08:00",
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
+ * }
+ * *\/
+ * // example id: to-schedule-a-cmk-for-deletion-1481331111094
+ * ```
+ *
  */
 export declare class ScheduleKeyDeletionCommand extends $Command<ScheduleKeyDeletionCommandInput, ScheduleKeyDeletionCommandOutput, KMSClientResolvedConfig> {
     readonly input: ScheduleKeyDeletionCommandInput;

package/dist-types/commands/SignCommand.d.ts

@@ -80,6 +80,48 @@ export interface SignCommandOutput extends SignResponse, __MetadataBearer {
  * @see {@link SignCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To digitally sign a message with an asymmetric KMS key.
+ * ```javascript
+ * // This operation uses the private key in an asymmetric elliptic curve (ECC) KMS key to generate a digital signature for a given message.
+ * const input = {
+ *   "KeyId": "alias/ECC_signing_key",
+ *   "Message": "<message to be signed>",
+ *   "MessageType": "RAW",
+ *   "SigningAlgorithm": "ECDSA_SHA_384"
+ * };
+ * const command = new SignCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Signature": "<binary data>",
+ *   "SigningAlgorithm": "ECDSA_SHA_384"
+ * }
+ * *\/
+ * // example id: to-digitally-sign-a-message-with-an-asymmetric-kms-key-1
+ * ```
+ *
+ * @example To digitally sign a message digest with an asymmetric KMS key.
+ * ```javascript
+ * // This operation uses the private key in an asymmetric RSA signing KMS key to generate a digital signature for a message digest. In this example, a large message was hashed and the resulting digest is provided in the Message parameter. To tell KMS not to hash the message again, the MessageType field is set to DIGEST
+ * const input = {
+ *   "KeyId": "alias/RSA_signing_key",
+ *   "Message": "<message digest to be signed>",
+ *   "MessageType": "DIGEST",
+ *   "SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
+ * };
+ * const command = new SignCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ *   "Signature": "<binary data>",
+ *   "SigningAlgorithm": "RSASSA_PKCS1_V1_5_SHA_256"
+ * }
+ * *\/
+ * // example id: to-digitally-sign-a-message-digest-with-an-asymmetric-kms-key-2
+ * ```
+ *
  */
 export declare class SignCommand extends $Command<SignCommandInput, SignCommandOutput, KMSClientResolvedConfig> {
     readonly input: SignCommandInput;

package/dist-types/commands/TagResourceCommand.d.ts

@@ -75,6 +75,23 @@ export interface TagResourceCommandOutput extends __MetadataBearer {
  * @see {@link TagResourceCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To tag a KMS key
+ * ```javascript
+ * // The following example tags a KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Tags": [
+ *     {
+ *       "TagKey": "Purpose",
+ *       "TagValue": "Test"
+ *     }
+ *   ]
+ * };
+ * const command = new TagResourceCommand(input);
+ * await client.send(command);
+ * // example id: to-tag-a-cmk-1483997246518
+ * ```
+ *
  */
 export declare class TagResourceCommand extends $Command<TagResourceCommandInput, TagResourceCommandOutput, KMSClientResolvedConfig> {
     readonly input: TagResourceCommandInput;

package/dist-types/commands/UntagResourceCommand.d.ts

@@ -70,6 +70,21 @@ export interface UntagResourceCommandOutput extends __MetadataBearer {
  * @see {@link UntagResourceCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To remove tags from a KMS key
+ * ```javascript
+ * // The following example removes tags from a KMS key.
+ * const input = {
+ *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "TagKeys": [
+ *     "Purpose",
+ *     "CostCenter"
+ *   ]
+ * };
+ * const command = new UntagResourceCommand(input);
+ * await client.send(command);
+ * // example id: to-remove-tags-from-a-cmk-1483997590962
+ * ```
+ *
  */
 export declare class UntagResourceCommand extends $Command<UntagResourceCommandInput, UntagResourceCommandOutput, KMSClientResolvedConfig> {
     readonly input: UntagResourceCommandInput;

package/dist-types/commands/UpdateAliasCommand.d.ts

@@ -91,6 +91,18 @@ export interface UpdateAliasCommandOutput extends __MetadataBearer {
  * @see {@link UpdateAliasCommandOutput} for command's `response` shape.
  * @see {@link KMSClientResolvedConfig | config} for KMSClient's `config` shape.
  *
+ * @example To update an alias
+ * ```javascript
+ * // The following example updates the specified alias to refer to the specified KMS key.
+ * const input = {
+ *   "AliasName": "alias/ExampleAlias",
+ *   "TargetKeyId": "1234abcd-12ab-34cd-56ef-1234567890ab"
+ * };
+ * const command = new UpdateAliasCommand(input);
+ * await client.send(command);
+ * // example id: to-update-an-alias-1481572726920
+ * ```
+ *
  */
 export declare class UpdateAliasCommand extends $Command<UpdateAliasCommandInput, UpdateAliasCommandOutput, KMSClientResolvedConfig> {
     readonly input: UpdateAliasCommandInput;