@aws-sdk/client-kms 3.36.0 → 3.39.0

package/dist-types/ts3.4/KMSClient.d.ts

@@ -57,213 +57,59 @@ import { VerifyCommandInput, VerifyCommandOutput } from "./commands/VerifyComman
 export declare type ServiceInputTypes = CancelKeyDeletionCommandInput | ConnectCustomKeyStoreCommandInput | CreateAliasCommandInput | CreateCustomKeyStoreCommandInput | CreateGrantCommandInput | CreateKeyCommandInput | DecryptCommandInput | DeleteAliasCommandInput | DeleteCustomKeyStoreCommandInput | DeleteImportedKeyMaterialCommandInput | DescribeCustomKeyStoresCommandInput | DescribeKeyCommandInput | DisableKeyCommandInput | DisableKeyRotationCommandInput | DisconnectCustomKeyStoreCommandInput | EnableKeyCommandInput | EnableKeyRotationCommandInput | EncryptCommandInput | GenerateDataKeyCommandInput | GenerateDataKeyPairCommandInput | GenerateDataKeyPairWithoutPlaintextCommandInput | GenerateDataKeyWithoutPlaintextCommandInput | GenerateRandomCommandInput | GetKeyPolicyCommandInput | GetKeyRotationStatusCommandInput | GetParametersForImportCommandInput | GetPublicKeyCommandInput | ImportKeyMaterialCommandInput | ListAliasesCommandInput | ListGrantsCommandInput | ListKeyPoliciesCommandInput | ListKeysCommandInput | ListResourceTagsCommandInput | ListRetirableGrantsCommandInput | PutKeyPolicyCommandInput | ReEncryptCommandInput | ReplicateKeyCommandInput | RetireGrantCommandInput | RevokeGrantCommandInput | ScheduleKeyDeletionCommandInput | SignCommandInput | TagResourceCommandInput | UntagResourceCommandInput | UpdateAliasCommandInput | UpdateCustomKeyStoreCommandInput | UpdateKeyDescriptionCommandInput | UpdatePrimaryRegionCommandInput | VerifyCommandInput;
 export declare type ServiceOutputTypes = CancelKeyDeletionCommandOutput | ConnectCustomKeyStoreCommandOutput | CreateAliasCommandOutput | CreateCustomKeyStoreCommandOutput | CreateGrantCommandOutput | CreateKeyCommandOutput | DecryptCommandOutput | DeleteAliasCommandOutput | DeleteCustomKeyStoreCommandOutput | DeleteImportedKeyMaterialCommandOutput | DescribeCustomKeyStoresCommandOutput | DescribeKeyCommandOutput | DisableKeyCommandOutput | DisableKeyRotationCommandOutput | DisconnectCustomKeyStoreCommandOutput | EnableKeyCommandOutput | EnableKeyRotationCommandOutput | EncryptCommandOutput | GenerateDataKeyCommandOutput | GenerateDataKeyPairCommandOutput | GenerateDataKeyPairWithoutPlaintextCommandOutput | GenerateDataKeyWithoutPlaintextCommandOutput | GenerateRandomCommandOutput | GetKeyPolicyCommandOutput | GetKeyRotationStatusCommandOutput | GetParametersForImportCommandOutput | GetPublicKeyCommandOutput | ImportKeyMaterialCommandOutput | ListAliasesCommandOutput | ListGrantsCommandOutput | ListKeyPoliciesCommandOutput | ListKeysCommandOutput | ListResourceTagsCommandOutput | ListRetirableGrantsCommandOutput | PutKeyPolicyCommandOutput | ReEncryptCommandOutput | ReplicateKeyCommandOutput | RetireGrantCommandOutput | RevokeGrantCommandOutput | ScheduleKeyDeletionCommandOutput | SignCommandOutput | TagResourceCommandOutput | UntagResourceCommandOutput | UpdateAliasCommandOutput | UpdateCustomKeyStoreCommandOutput | UpdateKeyDescriptionCommandOutput | UpdatePrimaryRegionCommandOutput | VerifyCommandOutput;
 export interface ClientDefaults extends Partial<__SmithyResolvedConfiguration<__HttpHandlerOptions>> {
-    /**
-     * The HTTP handler to use. Fetch in browser and Https in Nodejs.
-     */
+    
     requestHandler?: __HttpHandler;
-    /**
-     * A constructor for a class implementing the {@link __Hash} interface
-     * that computes the SHA-256 HMAC or checksum of a string or binary buffer.
-     * @internal
-     */
+    
     sha256?: __HashConstructor;
-    /**
-     * The function that will be used to convert strings into HTTP endpoints.
-     * @internal
-     */
+    
     urlParser?: __UrlParser;
-    /**
-     * A function that can calculate the length of a request body.
-     * @internal
-     */
+    
     bodyLengthChecker?: (body: any) => number | undefined;
-    /**
-     * A function that converts a stream into an array of bytes.
-     * @internal
-     */
+    
     streamCollector?: __StreamCollector;
-    /**
-     * The function that will be used to convert a base64-encoded string to a byte array.
-     * @internal
-     */
+    
     base64Decoder?: __Decoder;
-    /**
-     * The function that will be used to convert binary data to a base64-encoded string.
-     * @internal
-     */
+    
     base64Encoder?: __Encoder;
-    /**
-     * The function that will be used to convert a UTF8-encoded string to a byte array.
-     * @internal
-     */
+    
     utf8Decoder?: __Decoder;
-    /**
-     * The function that will be used to convert binary data to a UTF-8 encoded string.
-     * @internal
-     */
+    
     utf8Encoder?: __Encoder;
-    /**
-     * The runtime environment.
-     * @internal
-     */
+    
     runtime?: string;
-    /**
-     * Disable dyanamically changing the endpoint of the client based on the hostPrefix
-     * trait of an operation.
-     */
+    
     disableHostPrefix?: boolean;
-    /**
-     * Value for how many times a request will be made at most in case of retry.
-     */
+    
     maxAttempts?: number | __Provider<number>;
-    /**
-     * Specifies which retry algorithm to use.
-     */
+    
     retryMode?: string | __Provider<string>;
-    /**
-     * Optional logger for logging debug/info/warn/error.
-     */
+    
     logger?: __Logger;
-    /**
-     * Unique service identifier.
-     * @internal
-     */
+    
     serviceId?: string;
-    /**
-     * The AWS region to which this client will send requests
-     */
+    
     region?: string | __Provider<string>;
-    /**
-     * Default credentials provider; Not available in browser runtime.
-     * @internal
-     */
+    
     credentialDefaultProvider?: (input: any) => __Provider<__Credentials>;
-    /**
-     * Fetch related hostname, signing name or signing region with given region.
-     * @internal
-     */
+    
     regionInfoProvider?: RegionInfoProvider;
-    /**
-     * The provider populating default tracking information to be sent with `user-agent`, `x-amz-user-agent` header
-     * @internal
-     */
+    
     defaultUserAgentProvider?: Provider<__UserAgent>;
 }
 declare type KMSClientConfigType = Partial<__SmithyConfiguration<__HttpHandlerOptions>> & ClientDefaults & RegionInputConfig & EndpointsInputConfig & RetryInputConfig & HostHeaderInputConfig & AwsAuthInputConfig & UserAgentInputConfig;
-/**
- * The configuration interface of KMSClient class constructor that set the region, credentials and other options.
- */
+
 export interface KMSClientConfig extends KMSClientConfigType {
 }
 declare type KMSClientResolvedConfigType = __SmithyResolvedConfiguration<__HttpHandlerOptions> & Required<ClientDefaults> & RegionResolvedConfig & EndpointsResolvedConfig & RetryResolvedConfig & HostHeaderResolvedConfig & AwsAuthResolvedConfig & UserAgentResolvedConfig;
-/**
- * The resolved configuration interface of KMSClient class. This is resolved and normalized from the {@link KMSClientConfig | constructor configuration interface}.
- */
+
 export interface KMSClientResolvedConfig extends KMSClientResolvedConfigType {
 }
-/**
- * <fullname>Key Management Service</fullname>
- *          <p>Key Management Service (KMS) is an encryption and key management web service. This guide describes
- *       the KMS operations that you can call programmatically. For general information about KMS,
- *       see the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/">
- *                <i>Key Management Service Developer Guide</i>
- *             </a>.</p>
- *          <note>
- *             <p>KMS is replacing the term <i>customer master key (CMK)</i> with <i>KMS key</i> and <i>KMS key</i>. The concept has not changed. To prevent breaking changes, KMS is keeping some variations of this term.</p>
- *             <p>Amazon Web Services provides SDKs that consist of libraries and sample code for various programming
- *         languages and platforms (Java, Ruby, .Net, macOS, Android, etc.). The SDKs provide a
- *         convenient way to create programmatic access to KMS and other Amazon Web Services services. For example,
- *         the SDKs take care of tasks such as signing requests (see below), managing errors, and
- *         retrying requests automatically. For more information about the Amazon Web Services SDKs, including how to
- *         download and install them, see <a href="http://aws.amazon.com/tools/">Tools for Amazon Web
- *           Services</a>.</p>
- *          </note>
- *          <p>We recommend that you use the Amazon Web Services SDKs to make programmatic API calls to KMS.</p>
- *          <p>Clients must support TLS (Transport Layer Security) 1.0. We recommend TLS 1.2. Clients
- *       must also support cipher suites with Perfect Forward Secrecy (PFS) such as Ephemeral
- *       Diffie-Hellman (DHE) or Elliptic Curve Ephemeral Diffie-Hellman (ECDHE). Most modern systems
- *       such as Java 7 and later support these modes.</p>
- *          <p>
- *             <b>Signing Requests</b>
- *          </p>
- *          <p>Requests must be signed by using an access key ID and a secret access key. We strongly
- *       recommend that you <i>do not</i> use your Amazon Web Services account (root) access key ID and
- *       secret key for everyday work with KMS. Instead, use the access key ID and secret access key
- *       for an IAM user. You can also use the Amazon Web Services Security Token Service to generate temporary
- *       security credentials that you can use to sign requests.</p>
- *          <p>All KMS operations require <a href="https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Signature Version 4</a>.</p>
- *          <p>
- *             <b>Logging API Requests</b>
- *          </p>
- *          <p>KMS supports CloudTrail, a service that logs Amazon Web Services API calls and related events for your
- *       Amazon Web Services account and delivers them to an Amazon S3 bucket that you specify. By using the
- *       information collected by CloudTrail, you can determine what requests were made to KMS, who made
- *       the request, when it was made, and so on. To learn more about CloudTrail, including how to turn it
- *       on and find your log files, see the <a href="https://docs.aws.amazon.com/awscloudtrail/latest/userguide/">CloudTrail User Guide</a>.</p>
- *          <p>
- *             <b>Additional Resources</b>
- *          </p>
- *          <p>For more information about credentials and request signing, see the following:</p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html">Amazon Web Services
- *             Security Credentials</a> - This topic provides general information about the types
- *           of credentials used to access Amazon Web Services.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html">Temporary
- *             Security Credentials</a> - This section of the <i>IAM User Guide</i>
- *           describes how to create and use temporary security credentials.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html">Signature Version
- *             4 Signing Process</a> - This set of topics walks you through the process of signing
- *           a request using an access key ID and a secret access key.</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Commonly Used API Operations</b>
- *          </p>
- *          <p>Of the API operations discussed in this guide, the following will prove the most useful
- *       for most applications. You will likely perform operations other than these, such as creating
- *       keys and assigning policies, by using the console.</p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>Encrypt</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>Decrypt</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>GenerateDataKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>GenerateDataKeyWithoutPlaintext</a>
- *                </p>
- *             </li>
- *          </ul>
- */
+
 export declare class KMSClient extends __Client<__HttpHandlerOptions, ServiceInputTypes, ServiceOutputTypes, KMSClientResolvedConfig> {
-    /**
-     * The resolved configuration of KMSClient class. This is resolved and normalized from the {@link KMSClientConfig | constructor configuration interface}.
-     */
+    
     readonly config: KMSClientResolvedConfig;
     constructor(configuration: KMSClientConfig);
-    /**
-     * Destroy underlying resources, like sockets. It's usually not necessary to do this.
-     * However in Node.js, it's best to explicitly shut down the client's agent when it is no longer needed.
-     * Otherwise, sockets might stay open for quite a long time before the server terminates them.
-     */
+    
     destroy(): void;
 }
 export {};

package/dist-types/ts3.4/commands/CancelKeyDeletionCommand.d.ts

@@ -6,42 +6,11 @@ export interface CancelKeyDeletionCommandInput extends CancelKeyDeletionRequest
 }
 export interface CancelKeyDeletionCommandOutput extends CancelKeyDeletionResponse, __MetadataBearer {
 }
-/**
- * <p>Cancels the deletion of a KMS key. When this operation succeeds, the key state of the KMS
- *       key is <code>Disabled</code>. To enable the KMS key, use <a>EnableKey</a>. </p>
- *          <p>For more information about scheduling and canceling deletion of a KMS key, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html">Deleting KMS keys</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account
- *         use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CancelKeyDeletion</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>: <a>ScheduleKeyDeletion</a>
- *          </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, CancelKeyDeletionCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, CancelKeyDeletionCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new CancelKeyDeletionCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link CancelKeyDeletionCommandInput} for command's `input` shape.
- * @see {@link CancelKeyDeletionCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class CancelKeyDeletionCommand extends $Command<CancelKeyDeletionCommandInput, CancelKeyDeletionCommandOutput, KMSClientResolvedConfig> {
     readonly input: CancelKeyDeletionCommandInput;
     constructor(input: CancelKeyDeletionCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CancelKeyDeletionCommandInput, CancelKeyDeletionCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/ConnectCustomKeyStoreCommand.d.ts

@@ -6,90 +6,11 @@ export interface ConnectCustomKeyStoreCommandInput extends ConnectCustomKeyStore
 }
 export interface ConnectCustomKeyStoreCommandOutput extends ConnectCustomKeyStoreResponse, __MetadataBearer {
 }
-/**
- * <p>Connects or reconnects a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a> to its associated CloudHSM cluster.</p>
- *          <p>The custom key store must be connected before you can create KMS keys in the key store or
- *       use the KMS keys it contains. You can disconnect and reconnect a custom key store at any
- *       time.</p>
- *          <p>To connect a custom key store, its associated CloudHSM cluster must have at least one active
- *       HSM. To get the number of active HSMs in a cluster, use the <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html">DescribeClusters</a> operation. To add HSMs
- *       to the cluster, use the <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html">CreateHsm</a> operation. Also, the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser">
- *                <code>kmsuser</code> crypto
- *         user</a> (CU) must not be logged into the cluster. This prevents KMS from using this
- *       account to log in.</p>
- *          <p>The connection process can take an extended amount of time to complete; up to 20 minutes.
- *       This operation starts the connection process, but it does not wait for it to complete. When it
- *       succeeds, this operation quickly returns an HTTP 200 response and a JSON object with no
- *       properties. However, this response does not indicate that the custom key store is connected.
- *       To get the connection state of the custom key store, use the <a>DescribeCustomKeyStores</a> operation.</p>
- *          <p>During the connection process, KMS finds the CloudHSM cluster that is associated with the
- *       custom key store, creates the connection infrastructure, connects to the cluster, logs into
- *       the CloudHSM client as the <code>kmsuser</code> CU, and rotates its password.</p>
- *          <p>The <code>ConnectCustomKeyStore</code> operation might fail for various reasons. To find
- *       the reason, use the <a>DescribeCustomKeyStores</a> operation and see the
- *         <code>ConnectionErrorCode</code> in the response. For help interpreting the
- *         <code>ConnectionErrorCode</code>, see <a>CustomKeyStoresListEntry</a>.</p>
- *          <p>To fix the failure, use the <a>DisconnectCustomKeyStore</a> operation to
- *       disconnect the custom key store, correct the error, use the <a>UpdateCustomKeyStore</a> operation if necessary, and then use
- *         <code>ConnectCustomKeyStore</code> again.</p>
- *          <p>If you are having trouble connecting or disconnecting a custom key store, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html">Troubleshooting a Custom Key
- *         Store</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ConnectCustomKeyStore</a> (IAM policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DescribeCustomKeyStores</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DisconnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UpdateCustomKeyStore</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ConnectCustomKeyStoreCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ConnectCustomKeyStoreCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ConnectCustomKeyStoreCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ConnectCustomKeyStoreCommandInput} for command's `input` shape.
- * @see {@link ConnectCustomKeyStoreCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class ConnectCustomKeyStoreCommand extends $Command<ConnectCustomKeyStoreCommandInput, ConnectCustomKeyStoreCommandOutput, KMSClientResolvedConfig> {
     readonly input: ConnectCustomKeyStoreCommandInput;
     constructor(input: ConnectCustomKeyStoreCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<ConnectCustomKeyStoreCommandInput, ConnectCustomKeyStoreCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/CreateAliasCommand.d.ts

@@ -6,86 +6,11 @@ export interface CreateAliasCommandInput extends CreateAliasRequest {
 }
 export interface CreateAliasCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Creates a friendly name for a KMS key. </p>
- *          <note>
- *             <p>Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>You can use an alias to identify a KMS key in the KMS console, in the <a>DescribeKey</a> operation and in <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations">cryptographic operations</a>, such as <a>Encrypt</a> and
- *         <a>GenerateDataKey</a>. You can also change the KMS key that's associated with
- *       the alias (<a>UpdateAlias</a>) or delete the alias (<a>DeleteAlias</a>)
- *       at any time. These operations don't affect the underlying KMS key. </p>
- *          <p>You can associate the alias with any customer managed key in the same Amazon Web Services Region. Each
- *       alias is associated with only one KMS key at a time, but a KMS key can have multiple aliases.
- *       A valid KMS key is required. You can't create an alias without a KMS key.</p>
- *          <p>The alias must be unique in the account and Region, but you can have aliases with the same
- *       name in different Regions. For detailed information about aliases, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html">Using aliases</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>This operation does not return a response. To get the alias that you created, use the
- *         <a>ListAliases</a> operation.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on an alias in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CreateAlias</a> on
- *           the alias (IAM policy).</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CreateAlias</a> on
- *           the KMS key (key policy).</p>
- *             </li>
- *          </ul>
- *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>DeleteAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListAliases</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UpdateAlias</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, CreateAliasCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, CreateAliasCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new CreateAliasCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link CreateAliasCommandInput} for command's `input` shape.
- * @see {@link CreateAliasCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class CreateAliasCommand extends $Command<CreateAliasCommandInput, CreateAliasCommandOutput, KMSClientResolvedConfig> {
     readonly input: CreateAliasCommandInput;
     constructor(input: CreateAliasCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CreateAliasCommandInput, CreateAliasCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/CreateCustomKeyStoreCommand.d.ts

@@ -6,78 +6,11 @@ export interface CreateCustomKeyStoreCommandInput extends CreateCustomKeyStoreRe
 }
 export interface CreateCustomKeyStoreCommandOutput extends CreateCustomKeyStoreResponse, __MetadataBearer {
 }
-/**
- * <p>Creates a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a> that is associated with an <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/clusters.html">CloudHSM cluster</a> that you own and
- *     manage.</p>
- *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
- * combines the convenience and extensive integration of KMS with the isolation and control of a
- * single-tenant key store.</p>
- *          <p>Before you create the custom key store, you must assemble
- *       the required elements, including an CloudHSM cluster that fulfills the requirements for a custom
- *       key store. For details about the required elements, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore">Assemble the Prerequisites</a>
- *       in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>When the operation completes successfully, it returns the ID of the new custom key store.
- *       Before you can use your new custom key store, you need to use the <a>ConnectCustomKeyStore</a> operation to connect the new key store to its CloudHSM
- *       cluster. Even if you are not going to use your custom key store immediately, you might want to
- *       connect it to verify that all settings are correct and then disconnect it until you are ready
- *       to use it.</p>
- *          <p>For help with failures, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html">Troubleshooting a Custom Key Store</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account.</p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CreateCustomKeyStore</a> (IAM policy).</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>ConnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DescribeCustomKeyStores</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DisconnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UpdateCustomKeyStore</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, CreateCustomKeyStoreCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, CreateCustomKeyStoreCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new CreateCustomKeyStoreCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link CreateCustomKeyStoreCommandInput} for command's `input` shape.
- * @see {@link CreateCustomKeyStoreCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class CreateCustomKeyStoreCommand extends $Command<CreateCustomKeyStoreCommandInput, CreateCustomKeyStoreCommandOutput, KMSClientResolvedConfig> {
     readonly input: CreateCustomKeyStoreCommandInput;
     constructor(input: CreateCustomKeyStoreCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CreateCustomKeyStoreCommandInput, CreateCustomKeyStoreCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/CreateGrantCommand.d.ts

@@ -6,91 +6,11 @@ export interface CreateGrantCommandInput extends CreateGrantRequest {
 }
 export interface CreateGrantCommandOutput extends CreateGrantResponse, __MetadataBearer {
 }
-/**
- * <p>Adds a grant to a KMS key. </p>
- *          <p>A <i>grant</i> is a policy instrument that allows Amazon Web Services principals to use
- *       KMS keys in cryptographic operations. It also can allow them to view a KMS key (<a>DescribeKey</a>) and create and manage grants. When authorizing access to a KMS key,
- *       grants are considered along with key policies and IAM policies. Grants are often used for
- *       temporary permissions because you can create one, use its permissions, and delete it without
- *       changing your key policies or IAM policies. </p>
- *          <p>For detailed information about grants, including grant terminology, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html">Using grants</a> in the
- *         <i>
- *                <i>Key Management Service Developer Guide</i>
- *             </i>. For examples of working with grants in several
- *       programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>. </p>
- *          <p>The <code>CreateGrant</code> operation returns a <code>GrantToken</code> and a
- *         <code>GrantId</code>.</p>
- *          <ul>
- *             <li>
- *                <p>When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as <i>eventual consistency</i>. Once the grant has achieved eventual consistency, the grantee
- *           principal can use the permissions in the grant without identifying the grant. </p>
- *                <p>However, to use the permissions in the grant immediately, use the
- *             <code>GrantToken</code> that <code>CreateGrant</code> returns. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grant-manage.html#using-grant-token">Using a
- *             grant token</a> in the <i>
- *                      <i>Key Management Service Developer Guide</i>
- *                   </i>.</p>
- *             </li>
- *             <li>
- *                <p>The <code>CreateGrant</code> operation also returns a <code>GrantId</code>. You can
- *           use the <code>GrantId</code> and a key identifier to identify the grant in the <a>RetireGrant</a> and <a>RevokeGrant</a> operations. To find the grant
- *           ID, use the <a>ListGrants</a> or <a>ListRetirableGrants</a>
- *           operations.</p>
- *             </li>
- *          </ul>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: Yes.
- *       To perform this operation on a KMS key in a different Amazon Web Services account, specify the key
- *   ARN in the value of the <code>KeyId</code> parameter. </p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:CreateGrant</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>ListGrants</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListRetirableGrants</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>RetireGrant</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>RevokeGrant</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, CreateGrantCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, CreateGrantCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new CreateGrantCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link CreateGrantCommandInput} for command's `input` shape.
- * @see {@link CreateGrantCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class CreateGrantCommand extends $Command<CreateGrantCommandInput, CreateGrantCommandOutput, KMSClientResolvedConfig> {
     readonly input: CreateGrantCommandInput;
     constructor(input: CreateGrantCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<CreateGrantCommandInput, CreateGrantCommandOutput>;
     private serialize;
     private deserialize;