npm - @aws-sdk/client-kms - Versions diffs - 3.325.0 → 3.327.0 - Mend

@aws-sdk/client-kms 3.325.0 → 3.327.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist-types/commands/GenerateDataKeyCommand.d.ts CHANGED Viewed

@@ -144,6 +144,12 @@ export interface GenerateDataKeyCommandOutput extends GenerateDataKeyResponse, _
  * };
  * const command = new GenerateDataKeyCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateDataKeyResponse
+ * //   CiphertextBlob: "BLOB_VALUE",
+ * //   Plaintext: "BLOB_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param GenerateDataKeyCommandInput - {@link GenerateDataKeyCommandInput}
@@ -213,6 +219,8 @@ export interface GenerateDataKeyCommandOutput extends GenerateDataKeyResponse, _
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate a data key
  * ```javascript
@@ -230,7 +238,31 @@ export interface GenerateDataKeyCommandOutput extends GenerateDataKeyResponse, _
  *   "Plaintext": "<binary data>"
  * }
  * *\/
- * // example id: to-generate-a-data-key-1478912956062
+ * // example id: to-generate-a-data-key-1
+ * ```
+ *
+ * @example To generate a data key pair for a Nitro enclave
+ * ```javascript
+ * // The following example includes the Recipient parameter with a signed attestation document from an AWS Nitro enclave. Instead of returning a copy of the data key encrypted by the KMS key and a plaintext copy of the data key, GenerateDataKey returns one copy of the data key encrypted by the KMS key (CiphertextBlob) and one copy of the data key encrypted by the public key from the attestation document (CiphertextForRecipient). The operation doesn't return a plaintext data key.
+ * const input = {
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "KeySpec": "AES_256",
+ *   "Recipient": {
+ *     "AttestationDocument": "<attestation document>",
+ *     "KeyEncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ *   }
+ * };
+ * const command = new GenerateDataKeyCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextBlob": "<binary data>",
+ *   "CiphertextForRecipient": "<binary data>",
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "Plaintext": ""
+ * }
+ * *\/
+ * // example id: to-generate-a-data-key-for-a-nitro-enclave-2
  * ```
  *
  * @example To generate a data key pair for a Nitro enclave

package/dist-types/commands/GenerateDataKeyPairCommand.d.ts CHANGED Viewed

@@ -121,6 +121,14 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes
  * };
  * const command = new GenerateDataKeyPairCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateDataKeyPairResponse
+ * //   PrivateKeyCiphertextBlob: "BLOB_VALUE",
+ * //   PrivateKeyPlaintext: "BLOB_VALUE",
+ * //   PublicKey: "BLOB_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * //   KeyPairSpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SM2",
+ * // };
+ *
  * ```
  *
  * @param GenerateDataKeyPairCommandInput - {@link GenerateDataKeyPairCommandInput}
@@ -194,6 +202,8 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate an RSA key pair for encryption and decryption
  * ```javascript
@@ -213,7 +223,33 @@ export interface GenerateDataKeyPairCommandOutput extends GenerateDataKeyPairRes
  *   "PublicKey": "<binary data>"
  * }
  * *\/
- * // example id: to-generate-an-rsa-key-pair-for-encryption-and-decryption-1628619376878
+ * // example id: to-generate-an-rsa-key-pair-for-encryption-and-decryption-1
+ * ```
+ *
+ * @example To generate a data key pair for a Nitro enclave
+ * ```javascript
+ * // The following example includes the Recipient parameter with a signed attestation document from an AWS Nitro enclave. Instead of returning a plaintext copy of the private data key, GenerateDataKeyPair returns a copy of the private data key encrypted by the public key from the attestation document (CiphertextForRecipient). It returns the public data key (PublicKey) and a copy of private data key encrypted under the specified KMS key (PrivateKeyCiphertextBlob), as usual, but plaintext private data key field (PrivateKeyPlaintext) is null or empty.
+ * const input = {
+ *   "KeyId": "arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "KeyPairSpec": "RSA_3072",
+ *   "Recipient": {
+ *     "AttestationDocument": "<attestation document>",
+ *     "KeyEncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ *   }
+ * };
+ * const command = new GenerateDataKeyPairCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextForRecipient": "<binary data>",
+ *   "KeyId": "arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab",
+ *   "KeyPairSpec": "RSA_3072",
+ *   "PrivateKeyCiphertextBlob": "<binary data>",
+ *   "PrivateKeyPlaintext": "",
+ *   "PublicKey": "<binary data>"
+ * }
+ * *\/
+ * // example id: to-generate-a-data-key-pair-for-a-nitro-enclave-2
  * ```
  *
  * @example To generate a data key pair for a Nitro enclave

package/dist-types/commands/GenerateDataKeyPairWithoutPlaintextCommand.d.ts CHANGED Viewed

@@ -100,6 +100,13 @@ export interface GenerateDataKeyPairWithoutPlaintextCommandOutput extends Genera
  * };
  * const command = new GenerateDataKeyPairWithoutPlaintextCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateDataKeyPairWithoutPlaintextResponse
+ * //   PrivateKeyCiphertextBlob: "BLOB_VALUE",
+ * //   PublicKey: "BLOB_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * //   KeyPairSpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SM2",
+ * // };
+ *
  * ```
  *
  * @param GenerateDataKeyPairWithoutPlaintextCommandInput - {@link GenerateDataKeyPairWithoutPlaintextCommandInput}
@@ -173,6 +180,8 @@ export interface GenerateDataKeyPairWithoutPlaintextCommandOutput extends Genera
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate an asymmetric data key pair without a plaintext key
  * ```javascript

package/dist-types/commands/GenerateDataKeyWithoutPlaintextCommand.d.ts CHANGED Viewed

@@ -110,6 +110,11 @@ export interface GenerateDataKeyWithoutPlaintextCommandOutput extends GenerateDa
  * };
  * const command = new GenerateDataKeyWithoutPlaintextCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateDataKeyWithoutPlaintextResponse
+ * //   CiphertextBlob: "BLOB_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param GenerateDataKeyWithoutPlaintextCommandInput - {@link GenerateDataKeyWithoutPlaintextCommandInput}
@@ -179,6 +184,8 @@ export interface GenerateDataKeyWithoutPlaintextCommandOutput extends GenerateDa
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate an encrypted data key
  * ```javascript

package/dist-types/commands/GenerateMacCommand.d.ts CHANGED Viewed

@@ -63,6 +63,12 @@ export interface GenerateMacCommandOutput extends GenerateMacResponse, __Metadat
  * };
  * const command = new GenerateMacCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateMacResponse
+ * //   Mac: "BLOB_VALUE",
+ * //   MacAlgorithm: "HMAC_SHA_224" || "HMAC_SHA_256" || "HMAC_SHA_384" || "HMAC_SHA_512",
+ * //   KeyId: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param GenerateMacCommandInput - {@link GenerateMacCommandInput}
@@ -128,6 +134,8 @@ export interface GenerateMacCommandOutput extends GenerateMacResponse, __Metadat
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate an HMAC for a message
  * ```javascript

package/dist-types/commands/GenerateRandomCommand.d.ts CHANGED Viewed

@@ -56,6 +56,10 @@ export interface GenerateRandomCommandOutput extends GenerateRandomResponse, __M
  * };
  * const command = new GenerateRandomCommand(input);
  * const response = await client.send(command);
+ * // { // GenerateRandomResponse
+ * //   Plaintext: "BLOB_VALUE",
+ * // };
+ *
  * ```
  *
  * @param GenerateRandomCommandInput - {@link GenerateRandomCommandInput}
@@ -116,6 +120,8 @@ export interface GenerateRandomCommandOutput extends GenerateRandomResponse, __M
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To generate random data
  * ```javascript
@@ -130,7 +136,28 @@ export interface GenerateRandomCommandOutput extends GenerateRandomResponse, __M
  *   "Plaintext": "<binary data>"
  * }
  * *\/
- * // example id: to-generate-random-data-1479163645600
+ * // example id: to-generate-random-data-1
+ * ```
+ *
+ * @example To generate random data
+ * ```javascript
+ * // The following example includes the Recipient parameter with a signed attestation document from an AWS Nitro enclave. Instead of returning a plaintext (unencrypted) byte string, GenerateRandom returns the byte string encrypted by the public key from the enclave's attestation document.
+ * const input = {
+ *   "NumberOfBytes": 1024,
+ *   "Recipient": {
+ *     "AttestationDocument": "<attestation document>",
+ *     "KeyEncryptionAlgorithm": "RSAES_OAEP_SHA_256"
+ *   }
+ * };
+ * const command = new GenerateRandomCommand(input);
+ * const response = await client.send(command);
+ * /* response ==
+ * {
+ *   "CiphertextForRecipient": "<binary data>",
+ *   "Plaintext": ""
+ * }
+ * *\/
+ * // example id: to-generate-random-data-2
  * ```
  *
  * @example To generate random data

package/dist-types/commands/GetKeyPolicyCommand.d.ts CHANGED Viewed

@@ -39,6 +39,10 @@ export interface GetKeyPolicyCommandOutput extends GetKeyPolicyResponse, __Metad
  * };
  * const command = new GetKeyPolicyCommand(input);
  * const response = await client.send(command);
+ * // { // GetKeyPolicyResponse
+ * //   Policy: "STRING_VALUE",
+ * // };
+ *
  * ```
  *
  * @param GetKeyPolicyCommandInput - {@link GetKeyPolicyCommandInput}
@@ -81,6 +85,8 @@ export interface GetKeyPolicyCommandOutput extends GetKeyPolicyResponse, __Metad
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To retrieve a key policy
  * ```javascript

package/dist-types/commands/GetKeyRotationStatusCommand.d.ts CHANGED Viewed

@@ -83,6 +83,10 @@ export interface GetKeyRotationStatusCommandOutput extends GetKeyRotationStatusR
  * };
  * const command = new GetKeyRotationStatusCommand(input);
  * const response = await client.send(command);
+ * // { // GetKeyRotationStatusResponse
+ * //   KeyRotationEnabled: true || false,
+ * // };
+ *
  * ```
  *
  * @param GetKeyRotationStatusCommandInput - {@link GetKeyRotationStatusCommandInput}
@@ -129,6 +133,8 @@ export interface GetKeyRotationStatusCommandOutput extends GetKeyRotationStatusR
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To retrieve the rotation status for a KMS key
  * ```javascript

package/dist-types/commands/GetParametersForImportCommand.d.ts CHANGED Viewed

@@ -66,6 +66,13 @@ export interface GetParametersForImportCommandOutput extends GetParametersForImp
  * };
  * const command = new GetParametersForImportCommand(input);
  * const response = await client.send(command);
+ * // { // GetParametersForImportResponse
+ * //   KeyId: "STRING_VALUE",
+ * //   ImportToken: "BLOB_VALUE",
+ * //   PublicKey: "BLOB_VALUE",
+ * //   ParametersValidTo: new Date("TIMESTAMP"),
+ * // };
+ *
  * ```
  *
  * @param GetParametersForImportCommandInput - {@link GetParametersForImportCommandInput}
@@ -112,6 +119,8 @@ export interface GetParametersForImportCommandOutput extends GetParametersForImp
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To retrieve the public key and import token for a KMS key
  * ```javascript

package/dist-types/commands/GetPublicKeyCommand.d.ts CHANGED Viewed

@@ -82,6 +82,20 @@ export interface GetPublicKeyCommandOutput extends GetPublicKeyResponse, __Metad
  * };
  * const command = new GetPublicKeyCommand(input);
  * const response = await client.send(command);
+ * // { // GetPublicKeyResponse
+ * //   KeyId: "STRING_VALUE",
+ * //   PublicKey: "BLOB_VALUE",
+ * //   CustomerMasterKeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //   KeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //   KeyUsage: "SIGN_VERIFY" || "ENCRYPT_DECRYPT" || "GENERATE_VERIFY_MAC",
+ * //   EncryptionAlgorithms: [ // EncryptionAlgorithmSpecList
+ * //     "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * //   ],
+ * //   SigningAlgorithms: [ // SigningAlgorithmSpecList
+ * //     "RSASSA_PSS_SHA_256" || "RSASSA_PSS_SHA_384" || "RSASSA_PSS_SHA_512" || "RSASSA_PKCS1_V1_5_SHA_256" || "RSASSA_PKCS1_V1_5_SHA_384" || "RSASSA_PKCS1_V1_5_SHA_512" || "ECDSA_SHA_256" || "ECDSA_SHA_384" || "ECDSA_SHA_512" || "SM2DSA",
+ * //   ],
+ * // };
+ *
  * ```
  *
  * @param GetPublicKeyCommandInput - {@link GetPublicKeyCommandInput}
@@ -159,6 +173,8 @@ export interface GetPublicKeyCommandOutput extends GetPublicKeyResponse, __Metad
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To download the public key of an asymmetric KMS key
  * ```javascript

package/dist-types/commands/ImportKeyMaterialCommand.d.ts CHANGED Viewed

@@ -98,6 +98,8 @@ export interface ImportKeyMaterialCommandOutput extends ImportKeyMaterialRespons
  * };
  * const command = new ImportKeyMaterialCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param ImportKeyMaterialCommandInput - {@link ImportKeyMaterialCommandInput}
@@ -164,6 +166,8 @@ export interface ImportKeyMaterialCommandOutput extends ImportKeyMaterialRespons
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To import key material into a KMS key
  * ```javascript

package/dist-types/commands/ListAliasesCommand.d.ts CHANGED Viewed

@@ -73,6 +73,20 @@ export interface ListAliasesCommandOutput extends ListAliasesResponse, __Metadat
  * };
  * const command = new ListAliasesCommand(input);
  * const response = await client.send(command);
+ * // { // ListAliasesResponse
+ * //   Aliases: [ // AliasList
+ * //     { // AliasListEntry
+ * //       AliasName: "STRING_VALUE",
+ * //       AliasArn: "STRING_VALUE",
+ * //       TargetKeyId: "STRING_VALUE",
+ * //       CreationDate: new Date("TIMESTAMP"),
+ * //       LastUpdatedDate: new Date("TIMESTAMP"),
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListAliasesCommandInput - {@link ListAliasesCommandInput}
@@ -101,6 +115,8 @@ export interface ListAliasesCommandOutput extends ListAliasesResponse, __Metadat
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list aliases
  * ```javascript

package/dist-types/commands/ListGrantsCommand.d.ts CHANGED Viewed

@@ -79,6 +79,33 @@ export interface ListGrantsCommandOutput extends ListGrantsResponse, __MetadataB
  * };
  * const command = new ListGrantsCommand(input);
  * const response = await client.send(command);
+ * // { // ListGrantsResponse
+ * //   Grants: [ // GrantList
+ * //     { // GrantListEntry
+ * //       KeyId: "STRING_VALUE",
+ * //       GrantId: "STRING_VALUE",
+ * //       Name: "STRING_VALUE",
+ * //       CreationDate: new Date("TIMESTAMP"),
+ * //       GranteePrincipal: "STRING_VALUE",
+ * //       RetiringPrincipal: "STRING_VALUE",
+ * //       IssuingAccount: "STRING_VALUE",
+ * //       Operations: [ // GrantOperationList
+ * //         "Decrypt" || "Encrypt" || "GenerateDataKey" || "GenerateDataKeyWithoutPlaintext" || "ReEncryptFrom" || "ReEncryptTo" || "Sign" || "Verify" || "GetPublicKey" || "CreateGrant" || "RetireGrant" || "DescribeKey" || "GenerateDataKeyPair" || "GenerateDataKeyPairWithoutPlaintext" || "GenerateMac" || "VerifyMac",
+ * //       ],
+ * //       Constraints: { // GrantConstraints
+ * //         EncryptionContextSubset: { // EncryptionContextType
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //         EncryptionContextEquals: {
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //       },
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListGrantsCommandInput - {@link ListGrantsCommandInput}
@@ -128,6 +155,8 @@ export interface ListGrantsCommandOutput extends ListGrantsResponse, __MetadataB
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list grants for a KMS key
  * ```javascript

package/dist-types/commands/ListKeyPoliciesCommand.d.ts CHANGED Viewed

@@ -54,6 +54,14 @@ export interface ListKeyPoliciesCommandOutput extends ListKeyPoliciesResponse, _
  * };
  * const command = new ListKeyPoliciesCommand(input);
  * const response = await client.send(command);
+ * // { // ListKeyPoliciesResponse
+ * //   PolicyNames: [ // PolicyNameList
+ * //     "STRING_VALUE",
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListKeyPoliciesCommandInput - {@link ListKeyPoliciesCommandInput}
@@ -96,6 +104,8 @@ export interface ListKeyPoliciesCommandOutput extends ListKeyPoliciesResponse, _
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list key policies for a KMS key
  * ```javascript

package/dist-types/commands/ListKeysCommand.d.ts CHANGED Viewed

@@ -61,6 +61,17 @@ export interface ListKeysCommandOutput extends ListKeysResponse, __MetadataBeare
  * };
  * const command = new ListKeysCommand(input);
  * const response = await client.send(command);
+ * // { // ListKeysResponse
+ * //   Keys: [ // KeyList
+ * //     { // KeyListEntry
+ * //       KeyId: "STRING_VALUE",
+ * //       KeyArn: "STRING_VALUE",
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListKeysCommandInput - {@link ListKeysCommandInput}
@@ -81,6 +92,8 @@ export interface ListKeysCommandOutput extends ListKeysResponse, __MetadataBeare
  *  <p>The request was rejected because an internal exception occurred. The request can be
  *       retried.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list KMS keys
  * ```javascript

package/dist-types/commands/ListResourceTagsCommand.d.ts CHANGED Viewed

@@ -66,6 +66,17 @@ export interface ListResourceTagsCommandOutput extends ListResourceTagsResponse,
  * };
  * const command = new ListResourceTagsCommand(input);
  * const response = await client.send(command);
+ * // { // ListResourceTagsResponse
+ * //   Tags: [ // TagList
+ * //     { // Tag
+ * //       TagKey: "STRING_VALUE", // required
+ * //       TagValue: "STRING_VALUE", // required
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListResourceTagsCommandInput - {@link ListResourceTagsCommandInput}
@@ -90,6 +101,8 @@ export interface ListResourceTagsCommandOutput extends ListResourceTagsResponse,
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list tags for a KMS key
  * ```javascript

package/dist-types/commands/ListRetirableGrantsCommand.d.ts CHANGED Viewed

@@ -75,6 +75,33 @@ export interface ListRetirableGrantsCommandOutput extends ListGrantsResponse, __
  * };
  * const command = new ListRetirableGrantsCommand(input);
  * const response = await client.send(command);
+ * // { // ListGrantsResponse
+ * //   Grants: [ // GrantList
+ * //     { // GrantListEntry
+ * //       KeyId: "STRING_VALUE",
+ * //       GrantId: "STRING_VALUE",
+ * //       Name: "STRING_VALUE",
+ * //       CreationDate: new Date("TIMESTAMP"),
+ * //       GranteePrincipal: "STRING_VALUE",
+ * //       RetiringPrincipal: "STRING_VALUE",
+ * //       IssuingAccount: "STRING_VALUE",
+ * //       Operations: [ // GrantOperationList
+ * //         "Decrypt" || "Encrypt" || "GenerateDataKey" || "GenerateDataKeyWithoutPlaintext" || "ReEncryptFrom" || "ReEncryptTo" || "Sign" || "Verify" || "GetPublicKey" || "CreateGrant" || "RetireGrant" || "DescribeKey" || "GenerateDataKeyPair" || "GenerateDataKeyPairWithoutPlaintext" || "GenerateMac" || "VerifyMac",
+ * //       ],
+ * //       Constraints: { // GrantConstraints
+ * //         EncryptionContextSubset: { // EncryptionContextType
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //         EncryptionContextEquals: {
+ * //           "<keys>": "STRING_VALUE",
+ * //         },
+ * //       },
+ * //     },
+ * //   ],
+ * //   NextMarker: "STRING_VALUE",
+ * //   Truncated: true || false,
+ * // };
+ *
  * ```
  *
  * @param ListRetirableGrantsCommandInput - {@link ListRetirableGrantsCommandInput}
@@ -103,6 +130,8 @@ export interface ListRetirableGrantsCommandOutput extends ListGrantsResponse, __
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To list grants that the specified principal can retire
  * ```javascript

package/dist-types/commands/PutKeyPolicyCommand.d.ts CHANGED Viewed

@@ -46,6 +46,8 @@ export interface PutKeyPolicyCommandOutput extends __MetadataBearer {
  * };
  * const command = new PutKeyPolicyCommand(input);
  * const response = await client.send(command);
+ * // {};
+ *
  * ```
  *
  * @param PutKeyPolicyCommandInput - {@link PutKeyPolicyCommandInput}
@@ -100,6 +102,8 @@ export interface PutKeyPolicyCommandOutput extends __MetadataBearer {
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To attach a key policy to a KMS key
  * ```javascript

package/dist-types/commands/ReEncryptCommand.d.ts CHANGED Viewed

@@ -138,6 +138,14 @@ export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBea
  * };
  * const command = new ReEncryptCommand(input);
  * const response = await client.send(command);
+ * // { // ReEncryptResponse
+ * //   CiphertextBlob: "BLOB_VALUE",
+ * //   SourceKeyId: "STRING_VALUE",
+ * //   KeyId: "STRING_VALUE",
+ * //   SourceEncryptionAlgorithm: "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * //   DestinationEncryptionAlgorithm: "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * // };
+ *
  * ```
  *
  * @param ReEncryptCommandInput - {@link ReEncryptCommandInput}
@@ -221,6 +229,8 @@ export interface ReEncryptCommandOutput extends ReEncryptResponse, __MetadataBea
  *  <p>The request was rejected because the specified entity or resource could not be
  *       found.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To reencrypt data
  * ```javascript

package/dist-types/commands/ReplicateKeyCommand.d.ts CHANGED Viewed

@@ -123,6 +123,62 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad
  * };
  * const command = new ReplicateKeyCommand(input);
  * const response = await client.send(command);
+ * // { // ReplicateKeyResponse
+ * //   ReplicaKeyMetadata: { // KeyMetadata
+ * //     AWSAccountId: "STRING_VALUE",
+ * //     KeyId: "STRING_VALUE", // required
+ * //     Arn: "STRING_VALUE",
+ * //     CreationDate: new Date("TIMESTAMP"),
+ * //     Enabled: true || false,
+ * //     Description: "STRING_VALUE",
+ * //     KeyUsage: "SIGN_VERIFY" || "ENCRYPT_DECRYPT" || "GENERATE_VERIFY_MAC",
+ * //     KeyState: "Creating" || "Enabled" || "Disabled" || "PendingDeletion" || "PendingImport" || "PendingReplicaDeletion" || "Unavailable" || "Updating",
+ * //     DeletionDate: new Date("TIMESTAMP"),
+ * //     ValidTo: new Date("TIMESTAMP"),
+ * //     Origin: "AWS_KMS" || "EXTERNAL" || "AWS_CLOUDHSM" || "EXTERNAL_KEY_STORE",
+ * //     CustomKeyStoreId: "STRING_VALUE",
+ * //     CloudHsmClusterId: "STRING_VALUE",
+ * //     ExpirationModel: "KEY_MATERIAL_EXPIRES" || "KEY_MATERIAL_DOES_NOT_EXPIRE",
+ * //     KeyManager: "AWS" || "CUSTOMER",
+ * //     CustomerMasterKeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     KeySpec: "RSA_2048" || "RSA_3072" || "RSA_4096" || "ECC_NIST_P256" || "ECC_NIST_P384" || "ECC_NIST_P521" || "ECC_SECG_P256K1" || "SYMMETRIC_DEFAULT" || "HMAC_224" || "HMAC_256" || "HMAC_384" || "HMAC_512" || "SM2",
+ * //     EncryptionAlgorithms: [ // EncryptionAlgorithmSpecList
+ * //       "SYMMETRIC_DEFAULT" || "RSAES_OAEP_SHA_1" || "RSAES_OAEP_SHA_256" || "SM2PKE",
+ * //     ],
+ * //     SigningAlgorithms: [ // SigningAlgorithmSpecList
+ * //       "RSASSA_PSS_SHA_256" || "RSASSA_PSS_SHA_384" || "RSASSA_PSS_SHA_512" || "RSASSA_PKCS1_V1_5_SHA_256" || "RSASSA_PKCS1_V1_5_SHA_384" || "RSASSA_PKCS1_V1_5_SHA_512" || "ECDSA_SHA_256" || "ECDSA_SHA_384" || "ECDSA_SHA_512" || "SM2DSA",
+ * //     ],
+ * //     MultiRegion: true || false,
+ * //     MultiRegionConfiguration: { // MultiRegionConfiguration
+ * //       MultiRegionKeyType: "PRIMARY" || "REPLICA",
+ * //       PrimaryKey: { // MultiRegionKey
+ * //         Arn: "STRING_VALUE",
+ * //         Region: "STRING_VALUE",
+ * //       },
+ * //       ReplicaKeys: [ // MultiRegionKeyList
+ * //         {
+ * //           Arn: "STRING_VALUE",
+ * //           Region: "STRING_VALUE",
+ * //         },
+ * //       ],
+ * //     },
+ * //     PendingDeletionWindowInDays: Number("int"),
+ * //     MacAlgorithms: [ // MacAlgorithmSpecList
+ * //       "HMAC_SHA_224" || "HMAC_SHA_256" || "HMAC_SHA_384" || "HMAC_SHA_512",
+ * //     ],
+ * //     XksKeyConfiguration: { // XksKeyConfigurationType
+ * //       Id: "STRING_VALUE",
+ * //     },
+ * //   },
+ * //   ReplicaPolicy: "STRING_VALUE",
+ * //   ReplicaTags: [ // TagList
+ * //     { // Tag
+ * //       TagKey: "STRING_VALUE", // required
+ * //       TagValue: "STRING_VALUE", // required
+ * //     },
+ * //   ],
+ * // };
+ *
  * ```
  *
  * @param ReplicateKeyCommandInput - {@link ReplicateKeyCommandInput}
@@ -183,6 +239,8 @@ export interface ReplicateKeyCommandOutput extends ReplicateKeyResponse, __Metad
  *  <p>The request was rejected because a specified parameter is not supported or a specified
  *       resource is not valid for this operation.</p>
  *
+ * @throws {@link KMSServiceException}
+ * <p>Base exception class for all service exceptions from KMS service.</p>
  *
  * @example To replicate a multi-Region key in a different AWS Region
  * ```javascript