npm - @aws-sdk/client-kms - Versions diffs - 3.325.0 → 3.326.0 - Mend

@aws-sdk/client-kms 3.325.0 → 3.326.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist-types/commands/CancelKeyDeletionCommand.d.ts CHANGED Viewed

@@ -43,6 +43,10 @@ export interface CancelKeyDeletionCommandOutput extends CancelKeyDeletionRespons
  * };
  * const command = new CancelKeyDeletionCommand(input);
  * const response = await client.send(command);
+ * // { // CancelKeyDeletionResponse
+ * //   KeyId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param CancelKeyDeletionCommandInput - {@link CancelKeyDeletionCommandInput}
@@ -85,6 +89,8 @@ export interface CancelKeyDeletionCommandOutput extends CancelKeyDeletionRespons
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To cancel deletion of a KMS key
  * ```javascript

package/dist-types/commands/ConnectCustomKeyStoreCommand.d.ts CHANGED Viewed

@@ -117,6 +117,8 @@ export interface ConnectCustomKeyStoreCommandOutput extends ConnectCustomKeyStor
  * };
  * const command = new ConnectCustomKeyStoreCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param ConnectCustomKeyStoreCommandInput - {@link ConnectCustomKeyStoreCommandInput}
@@ -209,6 +211,8 @@ export interface ConnectCustomKeyStoreCommandOutput extends ConnectCustomKeyStor
  *  <p>The request was rejected because an internal exception occurred. The request can be
  *       retried.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To connect a custom key store
  * ```javascript

package/dist-types/commands/CreateAliasCommand.d.ts CHANGED Viewed

@@ -88,6 +88,8 @@ export interface CreateAliasCommandOutput extends __MetadataBearer {
  * };
  * const command = new CreateAliasCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param CreateAliasCommandInput - {@link CreateAliasCommandInput}
@@ -137,6 +139,8 @@ export interface CreateAliasCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To create an alias
  * ```javascript

package/dist-types/commands/CreateCustomKeyStoreCommand.d.ts CHANGED Viewed

@@ -130,6 +130,10 @@ export interface CreateCustomKeyStoreCommandOutput extends CreateCustomKeyStoreR
  * };
  * const command = new CreateCustomKeyStoreCommand(input);
  * const response = await client.send(command);
+ * // { // CreateCustomKeyStoreResponse
+ * //   CustomKeyStoreId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param CreateCustomKeyStoreCommandInput - {@link CreateCustomKeyStoreCommandInput}
@@ -262,12 +266,14 @@ export interface CreateCustomKeyStoreCommandOutput extends CreateCustomKeyStoreR
  *       endpoint service includes the KMS service principal for the Region, such as
  *         <code>cks.kms.us-east-1.amazonaws.com</code>.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To create an AWS CloudHSM key store
  * ```javascript
  * // This example creates a custom key store that is associated with an AWS CloudHSM cluster.
  * const input = {
- *   "CloudHsmClusterId": "cluster-1a23b4cdefg",
+ *   "CloudHsmClusterId": "cluster-234abcdefABC",
  *   "CustomKeyStoreName": "ExampleKeyStore",
  *   "KeyStorePassword": "kmsPswd",
  *   "TrustAnchorCertificate": "<certificate-goes-here>"

package/dist-types/commands/CreateGrantCommand.d.ts CHANGED Viewed

@@ -109,6 +109,11 @@ export interface CreateGrantCommandOutput extends CreateGrantResponse, __Metadat
  * };
  * const command = new CreateGrantCommand(input);
  * const response = await client.send(command);
+ * // { // CreateGrantResponse
+ * //   GrantToken: "STRING_VALUE",
+ * //   GrantId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param CreateGrantCommandInput - {@link CreateGrantCommandInput}
@@ -161,6 +166,8 @@ export interface CreateGrantCommandOutput extends CreateGrantResponse, __Metadat
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To create a grant
  * ```javascript

package/dist-types/commands/CreateKeyCommand.d.ts CHANGED Viewed

@@ -212,6 +212,55 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea
  * };
  * const command = new CreateKeyCommand(input);
  * const response = await client.send(command);
+ * // { // CreateKeyResponse
+ * //   KeyMetadata: { // KeyMetadata
+ * //     AWSAccountId: "STRING_VALUE",
+ * //     KeyId: "STRING_VALUE", // required
+ * //     Arn: "STRING_VALUE",
+ * //     CreationDate: new Date("TIMESTAMP"),
+ * //     Enabled: true || false,
+ * //     Description: "STRING_VALUE",
+ * //     KeyUsage: "SIGN_VERIFY" || "ENCRYPT_DECRYPT" || "GENERATE_VERIFY_MAC",
+ * //     KeyState: "Creating" || "Enabled" || "Disabled" || "PendingDeletion" || "PendingImport" || "PendingReplicaDeletion" || "Unavailable" || "Updating",
+ * //     DeletionDate: new Date("TIMESTAMP"),
+ * //     ValidTo: new Date("TIMESTAMP"),
+ * //     Origin: "AWS_KMS" || "EXTERNAL" || "AWS_CLOUDHSM" || "EXTERNAL_KEY_STORE",
+ * //     CustomKeyStoreId: "STRING_VALUE",
+ * //     CloudHsmClusterId: "STRING_VALUE",
+ * //     ExpirationModel: "KEY_MATERIAL_EXPIRES" || "KEY_MATERIAL_DOES_NOT_EXPIRE",
+ * //     KeyManager: "AWS" || "CUSTOMER",
+ * //     CustomerMasterKeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     KeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     EncryptionAlgorithms: [ // EncryptionAlgorithmSpecList
+ * //       "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * //     ],
+ * //     SigningAlgorithms: [ // SigningAlgorithmSpecList
+ * //       "RSASSA_PSS_SHA_256" || "RSASSA_PSS_SHA_384" || "RSASSA_PSS_SHA_512" || "RSASSA_PKCS1_V1_5_SHA_256" || "RSASSA_PKCS1_V1_5_SHA_384" || "RSASSA_PKCS1_V1_5_SHA_512" || "ECDSA_SHA_256" || "ECDSA_SHA_384" || "ECDSA_SHA_512" || "SM2DSA",
+ * //     ],
+ * //     MultiRegion: true || false,
+ * //     MultiRegionConfiguration: { // MultiRegionConfiguration
+ * //       MultiRegionKeyType: "PRIMARY" || "REPLICA",
+ * //       PrimaryKey: { // MultiRegionKey
+ * //         Arn: "STRING_VALUE",
+ * //         Region: "STRING_VALUE",
+ * //       },
+ * //       ReplicaKeys: [ // MultiRegionKeyList
+ * //         {
+ * //           Arn: "STRING_VALUE",
+ * //           Region: "STRING_VALUE",
+ * //         },
+ * //       ],
+ * //     },
+ * //     PendingDeletionWindowInDays: Number("int"),
+ * //     MacAlgorithms: [ // MacAlgorithmSpecList
+ * //       "HMAC_SHA_224" || "HMAC_SHA_256" || "HMAC_SHA_384" || "HMAC_SHA_512",
+ * //     ],
+ * //     XksKeyConfiguration: { // XksKeyConfigurationType
+ * //       Id: "STRING_VALUE",
+ * //     },
+ * //   },
+ * // };
+ *
  * ```
  *
  * @param CreateKeyCommandInput - {@link CreateKeyCommandInput}
@@ -341,6 +390,8 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea
  *       For details, see the documentation provided with your external key store proxy or key
  *       manager.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To create a KMS key
  * ```javascript
@@ -564,7 +615,7 @@ export interface CreateKeyCommandOutput extends CreateKeyResponse, __MetadataBea
  *   "KeyMetadata": {
  *     "AWSAccountId": "111122223333",
  *     "Arn": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
- *     "CloudHsmClusterId": "cluster-1a23b4cdefg",
+ *     "CloudHsmClusterId": "cluster-234abcdefABC",
  *     "CreationDate": "2019-12-02T07:48:55-07:00",
  *     "CustomKeyStoreId": "cks-1234567890abcdef0",
  *     "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",

package/dist-types/commands/DecryptCommand.d.ts CHANGED Viewed

@@ -136,6 +136,12 @@ export interface DecryptCommandOutput extends DecryptResponse, __MetadataBearer
  * };
  * const command = new DecryptCommand(input);
  * const response = await client.send(command);
+ * // { // DecryptResponse
+ * //   KeyId: "STRING_VALUE",
+ * //   Plaintext: "BLOB_VALUE",
+ * //   EncryptionAlgorithm: "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * // };
+ *
  * ```
  *
  * @param DecryptCommandInput - {@link DecryptCommandInput}
@@ -219,10 +225,12 @@ export interface DecryptCommandOutput extends DecryptResponse, __MetadataBearer
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
- * @example To decrypt data
+ * @example To decrypt data with a symmetric encryption KMS key
  * ```javascript
- * // The following example decrypts data that was encrypted with a KMS key.
+ * // The following example decrypts data that was encrypted with a symmetric encryption KMS key. The KeyId is not required when decrypting with a symmetric encryption key, but it is a best practice.
  * const input = {
  *   "CiphertextBlob": "<binary data>",
  *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
@@ -231,11 +239,55 @@ export interface DecryptCommandOutput extends DecryptResponse, __MetadataBearer
  * const response = await client.send(command);
  * /* response ==
  * {
+ *   "EncryptionAlgorithm": "SYMMETRIC_DEFAULT",
  *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
  *   "Plaintext": "<binary data>"
  * }
  * *\/
- * // example id: to-decrypt-data-1478281622886
+ * // example id: to-decrypt-data-1
+ * ```
+ *
+ * @example To decrypt data with an asymmetric encryption KMS key
+ * ```javascript
+ * // The following example decrypts data that was encrypted with an asymmetric encryption KMS key. When the KMS encryption key is asymmetric, you must specify the KMS key ID and the encryption algorithm that was used to encrypt the data.
+ * const input = {
+ *   "CiphertextBlob": "<binary data>",
+ *   "EncryptionAlgorithm": "RSAES_OAEP_SHA_256",
+ *   "KeyId": "0987dcba-09fe-87dc-65ba-ab0987654321"
+ * };
+ * const command = new DecryptCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "EncryptionAlgorithm": "RSAES_OAEP_SHA_256",
+ *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321",
+ *   "Plaintext": "<binary data>"
+ * }
+ * *\/
+ * // example id: to-decrypt-data-2
+ * ```
+ *
+ * @example To decrypt data for a Nitro enclave
+ * ```javascript
+ * // The following Decrypt example includes the Recipient parameter with a signed attestation document from an AWS Nitro enclave. Instead of returning the decrypted data in plaintext (Plaintext), the operation returns the decrypted data encrypted by the public key from the attestation document (CiphertextForRecipient).
+ * const input = {
+ *   "CiphertextBlob": "<binary data>",
+ *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Recipient": {
+ *     "AttestationDocument": "<attestation document>",
+ *     "KeyEncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ *   }
+ * };
+ * const command = new DecryptCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextForRecipient": "<binary data>",
+ *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Plaintext": ""
+ * }
+ * *\/
+ * // example id: to-decrypt-data-for-a-nitro-enclave-2
  * ```
  *
  * @example To decrypt data with an asymmetric encryption KMS key

package/dist-types/commands/DeleteAliasCommand.d.ts CHANGED Viewed

@@ -78,6 +78,8 @@ export interface DeleteAliasCommandOutput extends __MetadataBearer {
  * };
  * const command = new DeleteAliasCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DeleteAliasCommandInput - {@link DeleteAliasCommandInput}
@@ -116,6 +118,8 @@ export interface DeleteAliasCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To delete an alias
  * ```javascript

package/dist-types/commands/DeleteCustomKeyStoreCommand.d.ts CHANGED Viewed

@@ -89,6 +89,8 @@ export interface DeleteCustomKeyStoreCommandOutput extends DeleteCustomKeyStoreR
  * };
  * const command = new DeleteCustomKeyStoreCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DeleteCustomKeyStoreCommandInput - {@link DeleteCustomKeyStoreCommandInput}
@@ -147,6 +149,8 @@ export interface DeleteCustomKeyStoreCommandOutput extends DeleteCustomKeyStoreR
  *  <p>The request was rejected because an internal exception occurred. The request can be
  *       retried.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To delete a custom key store from AWS KMS
  * ```javascript

package/dist-types/commands/DeleteImportedKeyMaterialCommand.d.ts CHANGED Viewed

@@ -59,6 +59,8 @@ export interface DeleteImportedKeyMaterialCommandOutput extends __MetadataBearer
  * };
  * const command = new DeleteImportedKeyMaterialCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DeleteImportedKeyMaterialCommandInput - {@link DeleteImportedKeyMaterialCommandInput}
@@ -105,6 +107,8 @@ export interface DeleteImportedKeyMaterialCommandOutput extends __MetadataBearer
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To delete imported key material
  * ```javascript

package/dist-types/commands/DescribeCustomKeyStoresCommand.d.ts CHANGED Viewed

@@ -92,6 +92,30 @@ export interface DescribeCustomKeyStoresCommandOutput extends DescribeCustomKeyS
  * };
  * const command = new DescribeCustomKeyStoresCommand(input);
  * const response = await client.send(command);
+ * // { // DescribeCustomKeyStoresResponse
+ * //   CustomKeyStores: [ // CustomKeyStoresList
+ * //     { // CustomKeyStoresListEntry
+ * //       CustomKeyStoreId: "STRING_VALUE",
+ * //       CustomKeyStoreName: "STRING_VALUE",
+ * //       CloudHsmClusterId: "STRING_VALUE",
+ * //       TrustAnchorCertificate: "STRING_VALUE",
+ * //       ConnectionState: "CONNECTED" || "CONNECTING" || "FAILED" || "DISCONNECTED" || "DISCONNECTING",
+ * //       ConnectionErrorCode: "INVALID_CREDENTIALS" || "CLUSTER_NOT_FOUND" || "NETWORK_ERRORS" || "INTERNAL_ERROR" || "INSUFFICIENT_CLOUDHSM_HSMS" || "USER_LOCKED_OUT" || "USER_NOT_FOUND" || "USER_LOGGED_IN" || "SUBNET_NOT_FOUND" || "INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET" || "XKS_PROXY_ACCESS_DENIED" || "XKS_PROXY_NOT_REACHABLE" || "XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND" || "XKS_PROXY_INVALID_RESPONSE" || "XKS_PROXY_INVALID_CONFIGURATION" || "XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION" || "XKS_PROXY_TIMED_OUT" || "XKS_PROXY_INVALID_TLS_CONFIGURATION",
+ * //       CreationDate: new Date("TIMESTAMP"),
+ * //       CustomKeyStoreType: "AWS_CLOUDHSM" || "EXTERNAL_KEY_STORE",
+ * //       XksProxyConfiguration: { // XksProxyConfigurationType
+ * //         Connectivity: "PUBLIC_ENDPOINT" || "VPC_ENDPOINT_SERVICE",
+ * //         AccessKeyId: "STRING_VALUE",
+ * //         UriEndpoint: "STRING_VALUE",
+ * //         UriPath: "STRING_VALUE",
+ * //         VpcEndpointServiceName: "STRING_VALUE",
+ * //       },
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param DescribeCustomKeyStoresCommandInput - {@link DescribeCustomKeyStoresCommandInput}
@@ -112,6 +136,8 @@ export interface DescribeCustomKeyStoresCommandOutput extends DescribeCustomKeyS
  *  <p>The request was rejected because an internal exception occurred. The request can be
  *       retried.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To get detailed information about custom key stores in the account and Region
  * ```javascript
@@ -139,7 +165,7 @@ export interface DescribeCustomKeyStoresCommandOutput extends DescribeCustomKeyS
  * {
  *   "CustomKeyStores": [
  *     {
- *       "CloudHsmClusterId": "cluster-1a23b4cdefg",
+ *       "CloudHsmClusterId": "cluster-234abcdefABC",
  *       "ConnectionState": "CONNECTED",
  *       "CreationDate": "1.499288695918E9",
  *       "CustomKeyStoreId": "cks-1234567890abcdef0",

package/dist-types/commands/DescribeKeyCommand.d.ts CHANGED Viewed

@@ -116,6 +116,55 @@ export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __Metadat
  * };
  * const command = new DescribeKeyCommand(input);
  * const response = await client.send(command);
+ * // { // DescribeKeyResponse
+ * //   KeyMetadata: { // KeyMetadata
+ * //     AWSAccountId: "STRING_VALUE",
+ * //     KeyId: "STRING_VALUE", // required
+ * //     Arn: "STRING_VALUE",
+ * //     CreationDate: new Date("TIMESTAMP"),
+ * //     Enabled: true || false,
+ * //     Description: "STRING_VALUE",
+ * //     KeyUsage: "SIGN_VERIFY" || "ENCRYPT_DECRYPT" || "GENERATE_VERIFY_MAC",
+ * //     KeyState: "Creating" || "Enabled" || "Disabled" || "PendingDeletion" || "PendingImport" || "PendingReplicaDeletion" || "Unavailable" || "Updating",
+ * //     DeletionDate: new Date("TIMESTAMP"),
+ * //     ValidTo: new Date("TIMESTAMP"),
+ * //     Origin: "AWS_KMS" || "EXTERNAL" || "AWS_CLOUDHSM" || "EXTERNAL_KEY_STORE",
+ * //     CustomKeyStoreId: "STRING_VALUE",
+ * //     CloudHsmClusterId: "STRING_VALUE",
+ * //     ExpirationModel: "KEY_MATERIAL_EXPIRES" || "KEY_MATERIAL_DOES_NOT_EXPIRE",
+ * //     KeyManager: "AWS" || "CUSTOMER",
+ * //     CustomerMasterKeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     KeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     EncryptionAlgorithms: [ // EncryptionAlgorithmSpecList
+ * //       "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * //     ],
+ * //     SigningAlgorithms: [ // SigningAlgorithmSpecList
+ * //       "RSASSA_PSS_SHA_256" || "RSASSA_PSS_SHA_384" || "RSASSA_PSS_SHA_512" || "RSASSA_PKCS1_V1_5_SHA_256" || "RSASSA_PKCS1_V1_5_SHA_384" || "RSASSA_PKCS1_V1_5_SHA_512" || "ECDSA_SHA_256" || "ECDSA_SHA_384" || "ECDSA_SHA_512" || "SM2DSA",
+ * //     ],
+ * //     MultiRegion: true || false,
+ * //     MultiRegionConfiguration: { // MultiRegionConfiguration
+ * //       MultiRegionKeyType: "PRIMARY" || "REPLICA",
+ * //       PrimaryKey: { // MultiRegionKey
+ * //         Arn: "STRING_VALUE",
+ * //         Region: "STRING_VALUE",
+ * //       },
+ * //       ReplicaKeys: [ // MultiRegionKeyList
+ * //         {
+ * //           Arn: "STRING_VALUE",
+ * //           Region: "STRING_VALUE",
+ * //         },
+ * //       ],
+ * //     },
+ * //     PendingDeletionWindowInDays: Number("int"),
+ * //     MacAlgorithms: [ // MacAlgorithmSpecList
+ * //       "HMAC_SHA_224" || "HMAC_SHA_256" || "HMAC_SHA_384" || "HMAC_SHA_512",
+ * //     ],
+ * //     XksKeyConfiguration: { // XksKeyConfigurationType
+ * //       Id: "STRING_VALUE",
+ * //     },
+ * //   },
+ * // };
+ *
  * ```
  *
  * @param DescribeKeyCommandInput - {@link DescribeKeyCommandInput}
@@ -140,6 +189,8 @@ export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __Metadat
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To get details about a KMS key
  * ```javascript
@@ -310,7 +361,7 @@ export interface DescribeKeyCommandOutput extends DescribeKeyResponse, __Metadat
  *   "KeyMetadata": {
  *     "AWSAccountId": "123456789012",
  *     "Arn": "arn:aws:kms:us-west-2:123456789012:key/1234abcd-12ab-34cd-56ef-1234567890ab",
- *     "CloudHsmClusterId": "cluster-1a23b4cdefg",
+ *     "CloudHsmClusterId": "cluster-234abcdefABC",
  *     "CreationDate": 1646160362.664,
  *     "CustomKeyStoreId": "cks-1234567890abcdef0",
  *     "CustomerMasterKeySpec": "SYMMETRIC_DEFAULT",

package/dist-types/commands/DisableKeyCommand.d.ts CHANGED Viewed

@@ -45,6 +45,8 @@ export interface DisableKeyCommandOutput extends __MetadataBearer {
  * };
  * const command = new DisableKeyCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DisableKeyCommandInput - {@link DisableKeyCommandInput}
@@ -87,6 +89,8 @@ export interface DisableKeyCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To disable a KMS key
  * ```javascript

package/dist-types/commands/DisableKeyRotationCommand.d.ts CHANGED Viewed

@@ -63,6 +63,8 @@ export interface DisableKeyRotationCommandOutput extends __MetadataBearer {
  * };
  * const command = new DisableKeyRotationCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DisableKeyRotationCommandInput - {@link DisableKeyRotationCommandInput}
@@ -112,6 +114,8 @@ export interface DisableKeyRotationCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To disable automatic rotation of key material
  * ```javascript

package/dist-types/commands/DisconnectCustomKeyStoreCommand.d.ts CHANGED Viewed

@@ -82,6 +82,8 @@ export interface DisconnectCustomKeyStoreCommandOutput extends DisconnectCustomK
  * };
  * const command = new DisconnectCustomKeyStoreCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param DisconnectCustomKeyStoreCommandInput - {@link DisconnectCustomKeyStoreCommandInput}
@@ -134,6 +136,8 @@ export interface DisconnectCustomKeyStoreCommandOutput extends DisconnectCustomK
  *  <p>The request was rejected because an internal exception occurred. The request can be
  *       retried.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To disconnect a custom key store from its CloudHSM cluster
  * ```javascript
@@ -143,7 +147,7 @@ export interface DisconnectCustomKeyStoreCommandOutput extends DisconnectCustomK
  * };
  * const command = new DisconnectCustomKeyStoreCommand(input);
  * await client.send(command);
- * // example id: to-disconnect-a-custom-key-store-from-its-cloudhsm-cluster-1628627955156
+ * // example id: to-disconnect-a-custom-key-store-from-its-cloudhsm-cluster-234abcdefABC
  * ```
  *
  * @example To disconnect a custom key store from its CloudHSM cluster

package/dist-types/commands/EnableKeyCommand.d.ts CHANGED Viewed

@@ -41,6 +41,8 @@ export interface EnableKeyCommandOutput extends __MetadataBearer {
  * };
  * const command = new EnableKeyCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param EnableKeyCommandInput - {@link EnableKeyCommandInput}
@@ -87,6 +89,8 @@ export interface EnableKeyCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To enable a KMS key
  * ```javascript

package/dist-types/commands/EnableKeyRotationCommand.d.ts CHANGED Viewed

@@ -71,6 +71,8 @@ export interface EnableKeyRotationCommandOutput extends __MetadataBearer {
  * };
  * const command = new EnableKeyRotationCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param EnableKeyRotationCommandInput - {@link EnableKeyRotationCommandInput}
@@ -120,6 +122,8 @@ export interface EnableKeyRotationCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To enable automatic rotation of key material
  * ```javascript

package/dist-types/commands/EncryptCommand.d.ts CHANGED Viewed

@@ -148,6 +148,12 @@ export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer
  * };
  * const command = new EncryptCommand(input);
  * const response = await client.send(command);
+ * // { // EncryptResponse
+ * //   CiphertextBlob: "BLOB_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * //   EncryptionAlgorithm: "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * // };
+ *
  * ```
  *
  * @param EncryptCommandInput - {@link EncryptCommandInput}
@@ -217,10 +223,12 @@ export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
- * @example To encrypt data
+ * @example To encrypt data with a symmetric encryption KMS key
  * ```javascript
- * // The following example encrypts data with the specified KMS key.
+ * // The following example encrypts data with the specified symmetric encryption KMS key.
  * const input = {
  *   "KeyId": "1234abcd-12ab-34cd-56ef-1234567890ab",
  *   "Plaintext": "<binary data>"
@@ -230,10 +238,31 @@ export interface EncryptCommandOutput extends EncryptResponse, __MetadataBearer
  * /* response ==
  * {
  *   "CiphertextBlob": "<binary data>",
+ *   "EncryptionAlgorithm": "SYMMETRIC_DEFAULT",
  *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"
  * }
  * *\/
- * // example id: to-encrypt-data-1478906026012
+ * // example id: to-encrypt-data-1
+ * ```
+ *
+ * @example To encrypt data with an asymmetric encryption KMS key
+ * ```javascript
+ * // The following example encrypts data with the specified RSA asymmetric KMS key. When you encrypt with an asymmetric key, you must specify the encryption algorithm.
+ * const input = {
+ *   "EncryptionAlgorithm": "RSAES_OAEP_SHA_256",
+ *   "KeyId": "0987dcba-09fe-87dc-65ba-ab0987654321",
+ *   "Plaintext": "<binary data>"
+ * };
+ * const command = new EncryptCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextBlob": "<binary data>",
+ *   "EncryptionAlgorithm": "RSAES_OAEP_SHA_256",
+ *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/0987dcba-09fe-87dc-65ba-ab0987654321"
+ * }
+ * *\/
+ * // example id: to-encrypt-data-2
  * ```
  *
  * @example To encrypt data with an asymmetric encryption KMS key