@aws-sdk/client-kms 3.36.0 → 3.39.0

package/dist-cjs/commands/GenerateRandomCommand.js

@@ -5,44 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Returns a random byte string that is cryptographically secure.</p>
- *          <p>By default, the random byte string is generated in KMS. To generate the byte string in
- *       the CloudHSM cluster that is associated with a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, specify the custom key store
- *       ID.</p>
- *          <p>Applications in Amazon Web Services Nitro Enclaves can call this operation by using the <a href="https://github.com/aws/aws-nitro-enclaves-sdk-c">Amazon Web Services Nitro Enclaves Development Kit</a>. For information about the supporting parameters, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/services-nitro-enclaves.html">How Amazon Web Services Nitro Enclaves use KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>For more information about entropy and random number generation, see
- *       <a href="https://docs.aws.amazon.com/kms/latest/cryptographic-details/">Key Management Service Cryptographic Details</a>.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:GenerateRandom</a> (IAM policy)</p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, GenerateRandomCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, GenerateRandomCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new GenerateRandomCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link GenerateRandomCommandInput} for command's `input` shape.
- * @see {@link GenerateRandomCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class GenerateRandomCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/GetKeyPolicyCommand.js

@@ -5,43 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Gets a key policy attached to the specified KMS key.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:GetKeyPolicy</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>: <a>PutKeyPolicy</a>
- *          </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, GetKeyPolicyCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, GetKeyPolicyCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new GetKeyPolicyCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link GetKeyPolicyCommandInput} for command's `input` shape.
- * @see {@link GetKeyPolicyCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class GetKeyPolicyCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/GetKeyRotationStatusCommand.js

@@ -5,72 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Gets a Boolean value that indicates whether <a href="https://docs.aws.amazon.com/kms/latest/developerguide/rotate-keys.html">automatic rotation of the key material</a> is
- *       enabled for the specified KMS key.</p>
- *          <p>You cannot enable automatic rotation of <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html#asymmetric-cmks">asymmetric KMS keys</a>, KMS keys with <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">imported key material</a>, or KMS keys in a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. To enable or disable automatic rotation of a set of related <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html#mrk-replica-key">multi-Region keys</a>, set the property on the primary key. The key rotation status for these KMS keys is always
- *       <code>false</code>.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <ul>
- *             <li>
- *                <p>Disabled: The key rotation status does not change when you disable a KMS key. However,
- *           while the KMS key is disabled, KMS does not rotate the key material.</p>
- *             </li>
- *             <li>
- *                <p>Pending deletion: While a KMS key is pending deletion, its key rotation status is
- *             <code>false</code> and KMS does not rotate the key material. If you cancel the
- *           deletion, the original key rotation status is restored.</p>
- *             </li>
- *          </ul>
- *          <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key
- *   ARN in the value of the <code>KeyId</code> parameter.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:GetKeyRotationStatus</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>DisableKeyRotation</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>EnableKeyRotation</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, GetKeyRotationStatusCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, GetKeyRotationStatusCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new GetKeyRotationStatusCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link GetKeyRotationStatusCommandInput} for command's `input` shape.
- * @see {@link GetKeyRotationStatusCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class GetKeyRotationStatusCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/GetParametersForImportCommand.js

@@ -5,69 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Returns the items you need to import key material into a symmetric, customer managed KMS
- *       key. For more information about importing key material into KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">Importing Key Material</a>
- *       in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>This operation returns a public key and an import token. Use the public key to encrypt the
- *       symmetric key material. Store the import token to send with a subsequent <a>ImportKeyMaterial</a> request.</p>
- *          <p>You must specify the key ID of the symmetric KMS key into which you will import key
- *       material. This KMS key's <code>Origin</code> must be <code>EXTERNAL</code>. You must also
- *       specify the wrapping algorithm and type of wrapping key (public key) that you will use to
- *       encrypt the key material. You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account.</p>
- *          <p>To import key material, you must use the public key and import token from the same
- *       response. These items are valid for 24 hours. The expiration date and time appear in the
- *         <code>GetParametersForImport</code> response. You cannot use an expired token in an <a>ImportKeyMaterial</a> request. If your key and token expire, send another
- *         <code>GetParametersForImport</code> request.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:GetParametersForImport</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>ImportKeyMaterial</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteImportedKeyMaterial</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, GetParametersForImportCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, GetParametersForImportCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new GetParametersForImportCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link GetParametersForImportCommandInput} for command's `input` shape.
- * @see {@link GetParametersForImportCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class GetParametersForImportCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/GetPublicKeyCommand.js

@@ -5,81 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Returns the public key of an asymmetric KMS key. Unlike the private key of a asymmetric
- *       KMS key, which never leaves KMS unencrypted, callers with <code>kms:GetPublicKey</code>
- *       permission can download the public key of an asymmetric KMS key. You can share the public key
- *       to allow others to encrypt messages and verify signatures outside of KMS.
- *       For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>You do not need to download the public key. Instead, you can use the public key within
- *       KMS by calling the <a>Encrypt</a>, <a>ReEncrypt</a>, or <a>Verify</a> operations with the identifier of an asymmetric KMS key. When you use the
- *       public key within KMS, you benefit from the authentication, authorization, and logging that
- *       are part of every KMS operation. You also reduce of risk of encrypting data that cannot be
- *       decrypted. These features are not effective outside of KMS. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/download-public-key.html#download-public-key-considerations">Special
- *         Considerations for Downloading Public Keys</a>.</p>
- *          <p>To help you use the public key safely outside of KMS, <code>GetPublicKey</code> returns
- *       important information about the public key in the response, including:</p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeySpec">KeySpec</a>: The type of key material in the public key, such as
- *             <code>RSA_4096</code> or <code>ECC_NIST_P521</code>.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-KeyUsage">KeyUsage</a>: Whether the key is used for encryption or signing.</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-EncryptionAlgorithms">EncryptionAlgorithms</a> or <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_GetPublicKey.html#KMS-GetPublicKey-response-SigningAlgorithms">SigningAlgorithms</a>: A list of the encryption algorithms or the signing
- *           algorithms for the key.</p>
- *             </li>
- *          </ul>
- *          <p>Although KMS cannot enforce these restrictions on external operations, it is crucial
- *       that you use this information to prevent the public key from being used improperly. For
- *       example, you can prevent a public signing key from being used encrypt data, or prevent a
- *       public key from being used with an encryption algorithm that is not supported by KMS. You
- *       can also avoid errors, such as using the wrong signing algorithm in a verification
- *       operation.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>:
- *       Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
- *   the key ARN or alias ARN in the value of the <code>KeyId</code> parameter.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:GetPublicKey</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>: <a>CreateKey</a>
- *          </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, GetPublicKeyCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, GetPublicKeyCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new GetPublicKeyCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link GetPublicKeyCommandInput} for command's `input` shape.
- * @see {@link GetPublicKeyCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class GetPublicKeyCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/ImportKeyMaterialCommand.js

@@ -5,98 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Imports key material into an existing symmetric KMS KMS key that was created without key
- *       material. After you successfully import key material into a KMS key, you can <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#reimport-key-material">reimport
- *         the same key material</a> into that KMS key, but you cannot import different key
- *       material. </p>
- *          <p>You cannot perform this operation on an asymmetric KMS key or on any KMS key in a different Amazon Web Services account. For more information about creating KMS keys with no key material
- *       and then importing key material, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html">Importing Key Material</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>Before using this operation, call <a>GetParametersForImport</a>. Its response
- *       includes a public key and an import token. Use the public key to encrypt the key material.
- *       Then, submit the import token from the same <code>GetParametersForImport</code>
- *       response.</p>
- *          <p>When calling this operation, you must specify the following values:</p>
- *          <ul>
- *             <li>
- *                <p>The key ID or key ARN of a KMS key with no key material. Its <code>Origin</code> must
- *           be <code>EXTERNAL</code>.</p>
- *                <p>To create a KMS key with no key material, call <a>CreateKey</a> and set the
- *           value of its <code>Origin</code> parameter to <code>EXTERNAL</code>. To get the
- *             <code>Origin</code> of a KMS key, call <a>DescribeKey</a>.)</p>
- *             </li>
- *             <li>
- *                <p>The encrypted key material. To get the public key to encrypt the key material, call
- *             <a>GetParametersForImport</a>.</p>
- *             </li>
- *             <li>
- *                <p>The import token that <a>GetParametersForImport</a> returned. You must use
- *           a public key and token from the same <code>GetParametersForImport</code> response.</p>
- *             </li>
- *             <li>
- *                <p>Whether the key material expires and if so, when. If you set an expiration date, KMS
- *           deletes the key material from the KMS key on the specified date, and the KMS key becomes
- *           unusable. To use the KMS key again, you must reimport the same key material. The only way
- *           to change an expiration date is by reimporting the same key material and specifying a new
- *           expiration date. </p>
- *             </li>
- *          </ul>
- *          <p>When this operation is successful, the key state of the KMS key changes from
- *         <code>PendingImport</code> to <code>Enabled</code>, and you can use the KMS key.</p>
- *          <p>If this operation fails, use the exception to help determine the problem. If the error is
- *       related to the key material, the import token, or wrapping key, use <a>GetParametersForImport</a> to get a new public key and import token for the KMS key
- *       and repeat the import procedure. For help, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html#importing-keys-overview">How To Import Key
- *         Material</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ImportKeyMaterial</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>DeleteImportedKeyMaterial</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>GetParametersForImport</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ImportKeyMaterialCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ImportKeyMaterialCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ImportKeyMaterialCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ImportKeyMaterialCommandInput} for command's `input` shape.
- * @see {@link ImportKeyMaterialCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class ImportKeyMaterialCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/ListAliasesCommand.js

@@ -5,77 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Gets a list of aliases in the caller's Amazon Web Services account and region. For more information
- *       about aliases, see <a>CreateAlias</a>.</p>
- *          <p>By default, the <code>ListAliases</code> operation returns all aliases in the account and
- *       region. To get only the aliases associated with a particular KMS key, use the
- *         <code>KeyId</code> parameter.</p>
- *          <p>The <code>ListAliases</code> response can include aliases that you created and associated
- *       with your customer managed keys, and aliases that Amazon Web Services created and associated with Amazon Web Services
- *       managed keys in your account. You can recognize Amazon Web Services aliases because their names have the
- *       format <code>aws/<service-name></code>, such as <code>aws/dynamodb</code>.</p>
- *          <p>The response might also include aliases that have no <code>TargetKeyId</code> field. These
- *       are predefined aliases that Amazon Web Services has created but has not yet associated with a KMS key.
- *       Aliases that Amazon Web Services creates in your account, including predefined aliases, do not count against
- *       your <a href="https://docs.aws.amazon.com/kms/latest/developerguide/limits.html#aliases-limit">KMS aliases
- *         quota</a>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. <code>ListAliases</code> does not
- *       return aliases in other Amazon Web Services accounts.</p>
- *
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ListAliases</a> (IAM policy)</p>
- *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UpdateAlias</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ListAliasesCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ListAliasesCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ListAliasesCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ListAliasesCommandInput} for command's `input` shape.
- * @see {@link ListAliasesCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class ListAliasesCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/ListGrantsCommand.js

@@ -5,80 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Gets a list of all grants for the specified KMS key. </p>
- *          <p>You must specify the KMS key in all requests. You can filter the grant list by grant ID or
- *       grantee principal.</p>
- *          <p>For detailed information about grants, including grant terminology, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html">Using grants</a> in the
- *         <i>
- *                <i>Key Management Service Developer Guide</i>
- *             </i>. For examples of working with grants in several
- *       programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>. </p>
- *          <note>
- *             <p>The <code>GranteePrincipal</code> field in the <code>ListGrants</code> response usually contains the
- *         user or role designated as the grantee principal in the grant. However, when the grantee
- *         principal in the grant is an Amazon Web Services service, the <code>GranteePrincipal</code> field contains
- *         the <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html#principal-services">service
- *           principal</a>, which might represent several different grantee principals.</p>
- *          </note>
- *          <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key
- *   ARN in the value of the <code>KeyId</code> parameter.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ListGrants</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateGrant</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListRetirableGrants</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>RetireGrant</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>RevokeGrant</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ListGrantsCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ListGrantsCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ListGrantsCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ListGrantsCommandInput} for command's `input` shape.
- * @see {@link ListGrantsCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class ListGrantsCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/ListKeyPoliciesCommand.js

@@ -5,57 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Gets the names of the key policies that are attached to a KMS key. This operation is
- *       designed to get policy names that you can use in a <a>GetKeyPolicy</a> operation.
- *       However, the only valid policy name is <code>default</code>. </p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:ListKeyPolicies</a> (key policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>GetKeyPolicy</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>PutKeyPolicy</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ListKeyPoliciesCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ListKeyPoliciesCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ListKeyPoliciesCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ListKeyPoliciesCommandInput} for command's `input` shape.
- * @see {@link ListKeyPoliciesCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class ListKeyPoliciesCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);