@aws-sdk/client-kms 3.36.0 → 3.39.0

package/dist-cjs/commands/RevokeGrantCommand.js

@@ -5,78 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Deletes the specified grant. You revoke a grant to terminate the permissions that the
- *       grant allows. For more information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/managing-grants.html#grant-delete">Retiring and revoking grants</a> in
- *       the <i>
- *                <i>Key Management Service Developer Guide</i>
- *             </i>.</p>
- *          <p>When you create, retire, or revoke a grant, there might be a brief delay, usually less than five minutes, until the grant is available throughout KMS. This state is known as <i>eventual consistency</i>. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-eventual-consistency">Eventual consistency</a> in
- *       the <i>
- *                <i>Key Management Service Developer Guide</i>
- *             </i>. </p>
- *          <p>For detailed information about grants, including grant terminology, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html">Using grants</a> in the
- *         <i>
- *                <i>Key Management Service Developer Guide</i>
- *             </i>. For examples of working with grants in several
- *       programming languages, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/programming-grants.html">Programming grants</a>. </p>
- *          <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation on a KMS key in a different Amazon Web Services account, specify the key
- *   ARN in the value of the <code>KeyId</code> parameter.</p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:RevokeGrant</a> (key policy).</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateGrant</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListGrants</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListRetirableGrants</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>RetireGrant</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, RevokeGrantCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, RevokeGrantCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new RevokeGrantCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link RevokeGrantCommandInput} for command's `input` shape.
- * @see {@link RevokeGrantCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class RevokeGrantCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/ScheduleKeyDeletionCommand.js

@@ -5,89 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Schedules the deletion of a KMS key. By default, KMS applies a waiting period of 30
- *       days, but you can specify a waiting period of 7-30 days. When this operation is successful,
- *       the key state of the KMS key changes to <code>PendingDeletion</code> and the key can't be used
- *       in any cryptographic operations. It remains in this state for the duration of the waiting
- *       period. Before the waiting period ends, you can use <a>CancelKeyDeletion</a> to
- *       cancel the deletion of the KMS key. After the waiting period ends, KMS deletes the KMS key,
- *       its key material, and all KMS data associated with it, including all aliases that refer to
- *       it.</p>
- *          <important>
- *             <p>Deleting a KMS key is a destructive and potentially dangerous operation. When a KMS key
- *         is deleted, all data that was encrypted under the KMS key is unrecoverable. (The only
- *         exception is a multi-Region replica key.) To prevent the use of a KMS key without deleting
- *         it, use <a>DisableKey</a>. </p>
- *          </important>
- *          <p>If you schedule deletion of a KMS key from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>, when the waiting period
- *       expires, <code>ScheduleKeyDeletion</code> deletes the KMS key from KMS. Then KMS makes a
- *       best effort to delete the key material from the associated CloudHSM cluster. However, you might
- *       need to manually <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-orphaned-key">delete the orphaned key
- *         material</a> from the cluster and its backups.</p>
- *          <p>You can schedule the deletion of a multi-Region primary key and its replica keys at any
- *       time. However, KMS will not delete a multi-Region primary key with existing replica keys. If
- *       you schedule the deletion of a primary key with replicas, its key state changes to
- *         <code>PendingReplicaDeletion</code> and it cannot be replicated or used in cryptographic
- *       operations. This status can continue indefinitely. When the last of its replicas keys is
- *       deleted (not just scheduled), the key state of the primary key changes to
- *         <code>PendingDeletion</code> and its waiting period (<code>PendingWindowInDays</code>)
- *       begins. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-delete.html">Deleting multi-Region keys</a> in the
- *       <i>Key Management Service Developer Guide</i>. </p>
- *          <p>For more information about scheduling a KMS key for deletion, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/deleting-keys.html">Deleting KMS keys</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account
- *         use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *
- *          <p>
- *             <b>Required permissions</b>: kms:ScheduleKeyDeletion (key
- *       policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CancelKeyDeletion</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DisableKey</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, ScheduleKeyDeletionCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, ScheduleKeyDeletionCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new ScheduleKeyDeletionCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link ScheduleKeyDeletionCommandInput} for command's `input` shape.
- * @see {@link ScheduleKeyDeletionCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class ScheduleKeyDeletionCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/SignCommand.js

@@ -5,80 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Creates a <a href="https://en.wikipedia.org/wiki/Digital_signature">digital
- *         signature</a> for a message or message digest by using the private key in an asymmetric
- *       KMS key. To verify the signature, use the <a>Verify</a> operation, or use the
- *       public key in the same asymmetric KMS key outside of KMS. For information about symmetric and asymmetric KMS keys, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html">Using Symmetric and Asymmetric KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>Digital signatures are generated and verified by using asymmetric key pair, such as an RSA
- *       or ECC pair that is represented by an asymmetric KMS key. The key owner (or an authorized
- *       user) uses their private key to sign a message. Anyone with the public key can verify that the
- *       message was signed with that particular private key and that the message hasn't changed since
- *       it was signed. </p>
- *          <p>To use the <code>Sign</code> operation, provide the following information:</p>
- *          <ul>
- *             <li>
- *                <p>Use the <code>KeyId</code> parameter to identify an asymmetric KMS key with a
- *             <code>KeyUsage</code> value of <code>SIGN_VERIFY</code>. To get the
- *             <code>KeyUsage</code> value of a KMS key, use the <a>DescribeKey</a>
- *           operation. The caller must have <code>kms:Sign</code> permission on the KMS key.</p>
- *             </li>
- *             <li>
- *                <p>Use the <code>Message</code> parameter to specify the message or message digest to
- *           sign. You can submit messages of up to 4096 bytes. To sign a larger message, generate a
- *           hash digest of the message, and then provide the hash digest in the <code>Message</code>
- *           parameter. To indicate whether the message is a full message or a digest, use the
- *             <code>MessageType</code> parameter.</p>
- *             </li>
- *             <li>
- *                <p>Choose a signing algorithm that is compatible with the KMS key. </p>
- *             </li>
- *          </ul>
- *          <important>
- *             <p>When signing a message, be sure to record the KMS key and the signing algorithm. This
- *         information is required to verify the signature.</p>
- *          </important>
- *          <p>To verify the signature that this operation generates, use the <a>Verify</a>
- *       operation. Or use the <a>GetPublicKey</a> operation to download the public key and
- *       then use the public key to verify the signature outside of KMS. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *         <p>
- *             <b>Cross-account use</b>: Yes. To perform this operation with a KMS key in a different Amazon Web Services account, specify
- *   the key ARN or alias ARN in the value of the <code>KeyId</code> parameter.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:Sign</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>: <a>Verify</a>
- *          </p>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, SignCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, SignCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new SignCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link SignCommandInput} for command's `input` shape.
- * @see {@link SignCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class SignCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/TagResourceCommand.js

@@ -5,82 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Adds or edits tags on a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>.</p>
- *          <note>
- *             <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>Each tag consists of a tag key and a tag value, both of which are case-sensitive strings.
- *       The tag value can be an empty (null) string. To add a tag, specify a new tag key and a tag
- *       value. To edit a tag, specify an existing tag key and a new tag value.</p>
- *          <p>You can use this operation to tag a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>, but you cannot
- *       tag an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk">Amazon Web Services
- *         managed key</a>, an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk">Amazon Web Services owned key</a>, a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#keystore-concept">custom key
- *         store</a>, or an <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#alias-concept">alias</a>.</p>
- *          <p>You can also add tags to a KMS key while creating it (<a>CreateKey</a>) or
- *       replicating it (<a>ReplicateKey</a>).</p>
- *          <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
- *       tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
- *         Web Services General Reference</i>. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:TagResource</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListResourceTags</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ReplicateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>UntagResource</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, TagResourceCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, TagResourceCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new TagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link TagResourceCommandInput} for command's `input` shape.
- * @see {@link TagResourceCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class TagResourceCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/UntagResourceCommand.js

@@ -5,78 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Deletes tags from a <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk">customer managed key</a>. To delete a tag,
- *       specify the tag key and the KMS key.</p>
- *          <note>
- *             <p>Tagging or untagging a KMS key can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>When it succeeds, the <code>UntagResource</code> operation doesn't return any output.
- *       Also, if the specified tag key isn't found on the KMS key, it doesn't throw an exception or
- *       return a response. To confirm that the operation worked, use the <a>ListResourceTags</a> operation.</p>
- *
- *          <p>For information about using tags in KMS, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html">Tagging keys</a>. For general information about
- *       tags, including the format and syntax, see <a href="https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html">Tagging Amazon Web Services resources</a> in the <i>Amazon
- *         Web Services General Reference</i>. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account.</p>
- *
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UntagResource</a> (key policy)</p>
- *          <p>
- *             <b>Related operations</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListResourceTags</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ReplicateKey</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>TagResource</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UntagResourceCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UntagResourceCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UntagResourceCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UntagResourceCommandInput} for command's `input` shape.
- * @see {@link UntagResourceCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class UntagResourceCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/UpdateAliasCommand.js

@@ -5,97 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Associates an existing KMS alias with a different KMS key. Each alias is associated with
- *       only one KMS key at a time, although a KMS key can have multiple aliases. The alias and the
- *       KMS key must be in the same Amazon Web Services account and Region.</p>
- *          <note>
- *             <p>Adding, deleting, or updating an alias can allow or deny permission to the KMS key. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/abac.html">Using ABAC in KMS</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *          </note>
- *          <p>The current and new KMS key must be the same type (both symmetric or both asymmetric), and
- *       they must have the same key usage (<code>ENCRYPT_DECRYPT</code> or <code>SIGN_VERIFY</code>).
- *       This restriction prevents errors in code that uses aliases. If you must assign an alias to a
- *       different type of KMS key, use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to create a new alias.</p>
- *          <p>You cannot use <code>UpdateAlias</code> to change an alias name. To change an alias name,
- *       use <a>DeleteAlias</a> to delete the old alias and <a>CreateAlias</a> to
- *       create a new alias.</p>
- *          <p>Because an alias is not a property of a KMS key, you can create, update, and delete the
- *       aliases of a KMS key without affecting the KMS key. Also, aliases do not appear in the
- *       response from the <a>DescribeKey</a> operation. To get the aliases of all KMS keys
- *       in the account, use the <a>ListAliases</a> operation. </p>
- *          <p>The KMS key that you use for this operation must be in a compatible key state. For
- * details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key state: Effect on your KMS key</a> in the <i>Key Management Service Developer Guide</i>.</p>
- *         <p>
- *             <b>Cross-account use</b>: No. You cannot perform this operation on a KMS key in a different Amazon Web Services account. </p>
- *          <p>
- *             <b>Required permissions</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the alias (IAM policy).</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the current KMS key (key policy).</p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateAlias</a> on
- *           the new KMS key (key policy).</p>
- *             </li>
- *          </ul>
- *          <p>For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-alias.html#alias-access">Controlling access to aliases</a> in the
- *       <i>Key Management Service Developer Guide</i>.</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>CreateAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteAlias</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>ListAliases</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdateAliasCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdateAliasCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdateAliasCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateAliasCommandInput} for command's `input` shape.
- * @see {@link UpdateAliasCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class UpdateAliasCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);

package/dist-cjs/commands/UpdateCustomKeyStoreCommand.js

@@ -5,107 +5,11 @@ const middleware_serde_1 = require("@aws-sdk/middleware-serde");
 const smithy_client_1 = require("@aws-sdk/smithy-client");
 const models_0_1 = require("../models/models_0");
 const Aws_json1_1_1 = require("../protocols/Aws_json1_1");
-/**
- * <p>Changes the properties of a custom key store. Use the <code>CustomKeyStoreId</code>
- *       parameter to identify the custom key store you want to edit. Use the remaining parameters to
- *       change the properties of the custom key store.</p>
- *          <p>You can only update a custom key store that is disconnected. To disconnect the custom key
- *       store, use <a>DisconnectCustomKeyStore</a>. To reconnect the custom key store after
- *       the update completes, use <a>ConnectCustomKeyStore</a>. To find the connection
- *       state of a custom key store, use the <a>DescribeCustomKeyStores</a>
- *       operation.</p>
- *          <p>The <code>CustomKeyStoreId</code> parameter is required in all commands. Use the other
- *       parameters of <code>UpdateCustomKeyStore</code> to edit your key store settings.</p>
- *          <ul>
- *             <li>
- *                <p>Use the <code>NewCustomKeyStoreName</code> parameter to change the friendly name of
- *           the custom key store to the value that you specify.</p>
- *                <p> </p>
- *             </li>
- *             <li>
- *                <p>Use the <code>KeyStorePassword</code> parameter tell KMS the current password of the
- *             <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-store-concepts.html#concept-kmsuser">
- *                      <code>kmsuser</code> crypto user (CU)</a> in the associated CloudHSM cluster. You
- *           can use this parameter to <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html#fix-keystore-password">fix connection
- *             failures</a> that occur when KMS cannot log into the associated cluster because
- *           the <code>kmsuser</code> password has changed. This value does not change the password in
- *           the CloudHSM cluster.</p>
- *                <p> </p>
- *             </li>
- *             <li>
- *                <p>Use the <code>CloudHsmClusterId</code> parameter to associate the custom key store
- *           with a different, but related, CloudHSM cluster. You can use this parameter to repair a
- *           custom key store if its CloudHSM cluster becomes corrupted or is deleted, or when you need to
- *           create or restore a cluster from a backup. </p>
- *             </li>
- *          </ul>
- *          <p>If the operation succeeds, it returns a JSON object with no
- * properties.</p>
- *          <p>This operation is part of the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">Custom Key Store feature</a> feature in KMS, which
- * combines the convenience and extensive integration of KMS with the isolation and control of a
- * single-tenant key store.</p>
- *          <p>
- *             <b>Cross-account
- *         use</b>: No. You cannot perform this operation on a custom key store in a different Amazon Web Services account. </p>
- *          <p>
- *             <b>Required permissions</b>: <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html">kms:UpdateCustomKeyStore</a> (IAM policy)</p>
- *          <p>
- *             <b>Related operations:</b>
- *          </p>
- *          <ul>
- *             <li>
- *                <p>
- *                   <a>ConnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>CreateCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DeleteCustomKeyStore</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DescribeCustomKeyStores</a>
- *                </p>
- *             </li>
- *             <li>
- *                <p>
- *                   <a>DisconnectCustomKeyStore</a>
- *                </p>
- *             </li>
- *          </ul>
- * @example
- * Use a bare-bones client and the command you need to make an API call.
- * ```javascript
- * import { KMSClient, UpdateCustomKeyStoreCommand } from "@aws-sdk/client-kms"; // ES Modules import
- * // const { KMSClient, UpdateCustomKeyStoreCommand } = require("@aws-sdk/client-kms"); // CommonJS import
- * const client = new KMSClient(config);
- * const command = new UpdateCustomKeyStoreCommand(input);
- * const response = await client.send(command);
- * ```
- *
- * @see {@link UpdateCustomKeyStoreCommandInput} for command's `input` shape.
- * @see {@link UpdateCustomKeyStoreCommandOutput} for command's `response` shape.
- * @see {@link KMSClientResolvedConfig | config} for command's `input` shape.
- *
- */
 class UpdateCustomKeyStoreCommand extends smithy_client_1.Command {
-    // Start section: command_properties
-    // End section: command_properties
     constructor(input) {
-        // Start section: command_constructor
         super();
         this.input = input;
-        // End section: command_constructor
     }
-    /**
-     * @internal
-     */
     resolveMiddleware(clientStack, configuration, options) {
         this.middlewareStack.use(middleware_serde_1.getSerdePlugin(configuration, this.serialize, this.deserialize));
         const stack = clientStack.concat(this.middlewareStack);