@aws-sdk/client-kms 3.36.0 → 3.39.0

package/dist-types/ts3.4/commands/TagResourceCommand.d.ts

@@ -6,76 +6,11 @@ export interface TagResourceCommandInput extends TagResourceRequest {
 }
 export interface TagResourceCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Adds or edits tags on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>.</p>
- *          <note>
- *             <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.
- *       The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag
- *       value. To edit a tag, specify an existing tag key and a new tag value.</p>
- *          <p>You can use this operation to tag a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>, but you cannot
- *       tag an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services
- *         managed key</a>, an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk">Amazon Web Services owned key</a>, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#keystore-concept">custom key
- *         store</a>, or an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#alias-concept">alias</a>.</p>
- *          <p>You can also add tags to a KMS key while creating it (<a>CreateKey</a>) or
- *       replicating it (<a>ReplicateKey</a>).</p>
- *          <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
- *       tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
- *         Web Services General Reference</i>. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:TagResource</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListResourceTags</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ReplicateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UntagResource</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, TagResourceCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, TagResourceCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new TagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link TagResourceCommandInput} for command's `input` shape.
- * @see {@link TagResourceCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class TagResourceCommand extends $Command<TagResourceCommandInput, TagResourceCommandOutput, KMSClientResolvedConfig> {
     readonly input: TagResourceCommandInput;
     constructor(input: TagResourceCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<TagResourceCommandInput, TagResourceCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UntagResourceCommand.d.ts

@@ -6,72 +6,11 @@ export interface UntagResourceCommandInput extends UntagResourceRequest {
 }
 export interface UntagResourceCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Deletes tags from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>. To delete a tag,
- *       specify the tag key and the KMS key.</p>
- *          <note>
- *             <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>When it succeeds, the <code>UntagResource</code> operation doesn't return any output.
- *       Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or
- *       return a response. To confirm that the operation worked, use the <a>ListResourceTags</a> operation.</p>
- *
- *          <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
- *       tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
- *         Web Services General Reference</i>. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UntagResource</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListResourceTags</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ReplicateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>TagResource</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UntagResourceCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UntagResourceCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UntagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UntagResourceCommandInput} for command's `input` shape.
- * @see {@link UntagResourceCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UntagResourceCommand extends $Command<UntagResourceCommandInput, UntagResourceCommandOutput, KMSClientResolvedConfig> {
     readonly input: UntagResourceCommandInput;
     constructor(input: UntagResourceCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UntagResourceCommandInput, UntagResourceCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdateAliasCommand.d.ts

@@ -6,91 +6,11 @@ export interface UpdateAliasCommandInput extends UpdateAliasRequest {
 }
 export interface UpdateAliasCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Associates an existing KMS alias with a different KMS key. Each alias is associated with
- *       only one KMS key at a time, although a KMS key can have multiple aliases. The alias and the
- *       KMS key must be in the same Amazon Web Services account and Region.</p>
- *          <note>
- *             <p>Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>The current and new KMS key must be the same type (both symmetric or both asymmetric), and
- *       they must have the same key usage (<code>ENCRYPT_DECRYPT</code> or <code>SIGN_VERIFY</code>).
- *       This restriction prevents errors in code that uses aliases. If you must assign an alias to a
- *       different type of KMS key, use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to create a new alias.</p>
- *          <p>You cannot use <code>UpdateAlias</code> to change an alias name. To change an alias name,
- *       use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to
- *       create a new alias.</p>
- *          <p>Because an alias is not a property of a KMS key, you can create, update, and delete the
- *       aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the
- *       response from the <a>DescribeKey</a> operation. To get the aliases of all KMS keys
- *       in the account, use the <a>ListAliases</a> operation. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *         <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
- *          <p>
- *             <b>Required permissions</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the alias (IAM policy).</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the current KMS key (key policy).</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the new KMS key (key policy).</p>
- *             </li>
- *          </ul>
- *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListAliases</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdateAliasCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdateAliasCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdateAliasCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateAliasCommandInput} for command's `input` shape.
- * @see {@link UpdateAliasCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdateAliasCommand extends $Command<UpdateAliasCommandInput, UpdateAliasCommandOutput, KMSClientResolvedConfig> {
     readonly input: UpdateAliasCommandInput;
     constructor(input: UpdateAliasCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdateAliasCommandInput, UpdateAliasCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdateCustomKeyStoreCommand.d.ts

@@ -6,101 +6,11 @@ export interface UpdateCustomKeyStoreCommandInput extends UpdateCustomKeyStoreRe
 }
 export interface UpdateCustomKeyStoreCommandOutput extends UpdateCustomKeyStoreResponse, __MetadataBearer {
 }
-/**
- * <p>Changes the properties of a custom key store. Use the <code>CustomKeyStoreId</code>
- *       parameter to identify the custom key store you want to edit. Use the remaining parameters to
- *       change the properties of the custom key store.</p>
- *          <p>You can only update a custom key store that is disconnected. To disconnect the custom key
- *       store, use <a>DisconnectCustomKeyStore</a>. To reconnect the custom key store after
- *       the update completes, use <a>ConnectCustomKeyStore</a>. To find the connection
- *       state of a custom key store, use the <a>DescribeCustomKeyStores</a>
- *       operation.</p>
- *          <p>The <code>CustomKeyStoreId</code> parameter is required in all commands. Use the other
- *       parameters of <code>UpdateCustomKeyStore</code> to edit your key store settings.</p>
- *          <ul>
- *             <li>
- *                <p>Use the <code>NewCustomKeyStoreName</code> parameter to change the friendly name of
- *           the custom key store to the value that you specify.</p>
- *                <p> </p>
- *             </li>
- *             <li>
- *                <p>Use the <code>KeyStorePassword</code> parameter tell KMS the current password of the
- *             <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser">
- *                      <code>kmsuser</code> crypto user (CU)</a> in the associated CloudHSM cluster. You
- *           can use this parameter to <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-password">fix connection
- *             failures</a> that occur when KMS cannot log into the associated cluster because
- *           the <code>kmsuser</code> password has changed. This value does not change the password in
- *           the CloudHSM cluster.</p>
- *                <p> </p>
- *             </li>
- *             <li>
- *                <p>Use the <code>CloudHsmClusterId</code> parameter to associate the custom key store
- *           with a different, but related, CloudHSM cluster. You can use this parameter to repair a
- *           custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to
- *           create or restore a cluster from a backup. </p>
- *             </li>
- *          </ul>
- *          <p>If the operation succeeds, it returns a JSON object with no
- * properties.</p>
- *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
- * combines the convenience and extensive integration of KMS with the isolation and control of a
- * single-tenant key store.</p>
- *          <p>
- *             <b>Cross-account
- *         use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account. </p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateCustomKeyStore</a> (IAM policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>ConnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>CreateCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DescribeCustomKeyStores</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DisconnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdateCustomKeyStoreCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdateCustomKeyStoreCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdateCustomKeyStoreCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateCustomKeyStoreCommandInput} for command's `input` shape.
- * @see {@link UpdateCustomKeyStoreCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdateCustomKeyStoreCommand extends $Command<UpdateCustomKeyStoreCommandInput, UpdateCustomKeyStoreCommandOutput, KMSClientResolvedConfig> {
     readonly input: UpdateCustomKeyStoreCommandInput;
     constructor(input: UpdateCustomKeyStoreCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdateCustomKeyStoreCommandInput, UpdateCustomKeyStoreCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdateKeyDescriptionCommand.d.ts

@@ -6,52 +6,11 @@ export interface UpdateKeyDescriptionCommandInput extends UpdateKeyDescriptionRe
 }
 export interface UpdateKeyDescriptionCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Updates the description of a KMS key. To see the description of a KMS key, use <a>DescribeKey</a>. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account
- *         use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateKeyDescription</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DescribeKey</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdateKeyDescriptionCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdateKeyDescriptionCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdateKeyDescriptionCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateKeyDescriptionCommandInput} for command's `input` shape.
- * @see {@link UpdateKeyDescriptionCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdateKeyDescriptionCommand extends $Command<UpdateKeyDescriptionCommandInput, UpdateKeyDescriptionCommandOutput, KMSClientResolvedConfig> {
     readonly input: UpdateKeyDescriptionCommandInput;
     constructor(input: UpdateKeyDescriptionCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdateKeyDescriptionCommandInput, UpdateKeyDescriptionCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/UpdatePrimaryRegionCommand.d.ts

@@ -6,94 +6,11 @@ export interface UpdatePrimaryRegionCommandInput extends UpdatePrimaryRegionRequ
 }
 export interface UpdatePrimaryRegionCommandOutput extends __MetadataBearer {
 }
-/**
- * <p>Changes the primary key of a multi-Region key. </p>
- *          <p>This operation changes the replica key in the specified Region to a primary key and
- *       changes the former primary key to a replica key. For example, suppose you have a primary key
- *       in <code>us-east-1</code> and a replica key in <code>eu-west-2</code>. If you run
- *         <code>UpdatePrimaryRegion</code> with a <code>PrimaryRegion</code> value of
- *         <code>eu-west-2</code>, the primary key is now the key in <code>eu-west-2</code>, and the
- *       key in <code>us-east-1</code> becomes a replica key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-manage.html#multi-region-update">Updating the primary Region</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>This operation supports <i>multi-Region keys</i>, an KMS feature that lets you create multiple
- *       interoperable KMS keys in different Amazon Web Services Regions. Because these KMS keys have the same key ID, key
- *       material, and other metadata, you can use them interchangeably to encrypt data in one Amazon Web Services Region and decrypt
- *       it in a different Amazon Web Services Region without re-encrypting the data or making a cross-Region call. For more information about multi-Region keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html">Using multi-Region keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>The <i>primary key</i> of a multi-Region key is the source for properties
- *       that are always shared by primary and replica keys, including the key material, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id-key-id">key ID</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-spec">key spec</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-usage">key usage</a>, <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-origin">key material
- *       origin</a>, and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html">automatic
- *         key rotation</a>. It's the only key that can be replicated. You cannot <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_ScheduleKeyDeletion.html">delete the primary
- *         key</a> until all replica keys are deleted.</p>
- *          <p>The key ID and primary Region that you specify uniquely identify the replica key that will
- *       become the primary key. The primary Region must already have a replica key. This operation
- *       does not create a KMS key in the specified Region. To find the replica keys, use the <a>DescribeKey</a> operation on the primary key or any replica key. To create a replica
- *       key, use the <a>ReplicateKey</a> operation.</p>
- *          <p>You can run this operation while using the affected multi-Region keys in cryptographic
- *       operations. This operation should not delay, interrupt, or cause failures in cryptographic
- *       operations. </p>
- *          <p>Even after this operation completes, the process of updating the primary Region might
- *       still be in progress for a few more seconds. Operations such as <code>DescribeKey</code> might
- *       display both the old and new primary keys as replicas. The old and new primary keys have a
- *       transient key state of <code>Updating</code>. The original key state is restored when the
- *       update is complete. While the key state is <code>Updating</code>, you can use the keys in
- *       cryptographic operations, but you cannot replicate the new primary key or perform certain
- *       management operations, such as enabling or disabling these keys. For details about the
- *         <code>Updating</code> key state, see <a href="kms/latest/developerguide/key-state.html">Key state:
- *         Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>This operation does not return any output. To verify that primary key is changed, use the
- *         <a>DescribeKey</a> operation.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot use this operation in a
- *       different Amazon Web Services account. </p>
- *          <p>
- *             <b>Required permissions</b>: </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <code>kms:UpdatePrimaryRegion</code> on the current primary key (in the primary key's
- *           Region). Include this permission primary key's key policy.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <code>kms:UpdatePrimaryRegion</code> on the current replica key (in the replica key's
- *           Region). Include this permission in the replica key's key policy.</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ReplicateKey</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdatePrimaryRegionCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdatePrimaryRegionCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdatePrimaryRegionCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdatePrimaryRegionCommandInput} for command's `input` shape.
- * @see {@link UpdatePrimaryRegionCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class UpdatePrimaryRegionCommand extends $Command<UpdatePrimaryRegionCommandInput, UpdatePrimaryRegionCommandOutput, KMSClientResolvedConfig> {
     readonly input: UpdatePrimaryRegionCommandInput;
     constructor(input: UpdatePrimaryRegionCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<UpdatePrimaryRegionCommandInput, UpdatePrimaryRegionCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/VerifyCommand.d.ts

@@ -6,59 +6,11 @@ export interface VerifyCommandInput extends VerifyRequest {
 }
 export interface VerifyCommandOutput extends VerifyResponse, __MetadataBearer {
 }
-/**
- * <p>Verifies a digital signature that was generated by the <a>Sign</a> operation. </p>
- *          <p></p>
- *          <p>Verification confirms that an authorized user signed the message with the specified KMS
- *       key and signing algorithm, and the message hasn't changed since it was signed. If the
- *       signature is verified, the value of the <code>SignatureValid</code> field in the response is
- *         <code>True</code>. If the signature verification fails, the <code>Verify</code> operation
- *       fails with an <code>KMSInvalidSignatureException</code> exception.</p>
- *          <p>A digital signature is generated by using the private key in an asymmetric KMS key. The
- *       signature is verified by using the public key in the same asymmetric KMS key.
- *       For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>To verify a digital signature, you can use the <code>Verify</code> operation. Specify the
- *       same asymmetric KMS key, message, and signing algorithm that were used to produce the
- *       signature.</p>
- *          <p>You can also verify the digital signature by using the public key of the KMS key outside
- *       of KMS. Use the <a>GetPublicKey</a> operation to download the public key in the
- *       asymmetric KMS key and then use the public key to verify the signature outside of KMS. The
- *       advantage of using the <code>Verify</code> operation is that it is performed within KMS. As
- *       a result, it's easy to call, the operation is performed within the FIPS boundary, it is logged
- *       in CloudTrail, and you can use key policy and IAM policy to determine who is authorized to use
- *       the KMS key to verify signatures.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
- *   the key ARN or alias ARN in the value of the <code>KeyId</code> parameter. </p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:Verify</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>: <a>Sign</a>
- *          </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, VerifyCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, VerifyCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new VerifyCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link VerifyCommandInput} for command's `input` shape.
- * @see {@link VerifyCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
+
 export declare class VerifyCommand extends $Command<VerifyCommandInput, VerifyCommandOutput, KMSClientResolvedConfig> {
     readonly input: VerifyCommandInput;
     constructor(input: VerifyCommandInput);
-    /**
-     * @internal
-     */
+    
     resolveMiddleware(clientStack: MiddlewareStack<ServiceInputTypes, ServiceOutputTypes>, configuration: KMSClientResolvedConfig, options?: __HttpHandlerOptions): Handler<VerifyCommandInput, VerifyCommandOutput>;
     private serialize;
     private deserialize;

package/dist-types/ts3.4/commands/index.d.ts

@@ -0,0 +1,48 @@
+export * from "./CancelKeyDeletionCommand";
+export * from "./ConnectCustomKeyStoreCommand";
+export * from "./CreateAliasCommand";
+export * from "./CreateCustomKeyStoreCommand";
+export * from "./CreateGrantCommand";
+export * from "./CreateKeyCommand";
+export * from "./DecryptCommand";
+export * from "./DeleteAliasCommand";
+export * from "./DeleteCustomKeyStoreCommand";
+export * from "./DeleteImportedKeyMaterialCommand";
+export * from "./DescribeCustomKeyStoresCommand";
+export * from "./DescribeKeyCommand";
+export * from "./DisableKeyCommand";
+export * from "./DisableKeyRotationCommand";
+export * from "./DisconnectCustomKeyStoreCommand";
+export * from "./EnableKeyCommand";
+export * from "./EnableKeyRotationCommand";
+export * from "./EncryptCommand";
+export * from "./GenerateDataKeyCommand";
+export * from "./GenerateDataKeyPairCommand";
+export * from "./GenerateDataKeyPairWithoutPlaintextCommand";
+export * from "./GenerateDataKeyWithoutPlaintextCommand";
+export * from "./GenerateRandomCommand";
+export * from "./GetKeyPolicyCommand";
+export * from "./GetKeyRotationStatusCommand";
+export * from "./GetParametersForImportCommand";
+export * from "./GetPublicKeyCommand";
+export * from "./ImportKeyMaterialCommand";
+export * from "./ListAliasesCommand";
+export * from "./ListGrantsCommand";
+export * from "./ListKeyPoliciesCommand";
+export * from "./ListKeysCommand";
+export * from "./ListResourceTagsCommand";
+export * from "./ListRetirableGrantsCommand";
+export * from "./PutKeyPolicyCommand";
+export * from "./ReEncryptCommand";
+export * from "./ReplicateKeyCommand";
+export * from "./RetireGrantCommand";
+export * from "./RevokeGrantCommand";
+export * from "./ScheduleKeyDeletionCommand";
+export * from "./SignCommand";
+export * from "./TagResourceCommand";
+export * from "./UntagResourceCommand";
+export * from "./UpdateAliasCommand";
+export * from "./UpdateCustomKeyStoreCommand";
+export * from "./UpdateKeyDescriptionCommand";
+export * from "./UpdatePrimaryRegionCommand";
+export * from "./VerifyCommand";