@aws-sdk/client-kms 3.427.0 → 3.429.0

package/dist-types/models/models_0.d.ts

@@ -565,7 +565,7 @@ export interface CreateCustomKeyStoreRequest {
      *       of Amazon Web Services, enter <code>EXTERNAL_KEY_STORE</code>. You cannot change this property after the key
      *       store is created.</p>
      */
-    CustomKeyStoreType?: CustomKeyStoreType | string;
+    CustomKeyStoreType?: CustomKeyStoreType;
     /**
      * @public
      * <p>Specifies the endpoint that KMS uses to send requests to the external key store proxy
@@ -682,7 +682,7 @@ export interface CreateCustomKeyStoreRequest {
      *       VPC endpoint service, the proxy can be hosted within the VPC or outside of Amazon Web Services such as in
      *       your corporate data center.</p>
      */
-    XksProxyConnectivity?: XksProxyConnectivityType | string;
+    XksProxyConnectivity?: XksProxyConnectivityType;
 }
 /**
  * @public
@@ -985,7 +985,7 @@ export interface CreateGrantRequest {
      *       KMS returns a <code>ValidationError</code> exception. For details, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/grants.html#terms-grant-operations">Grant
      *         operations</a> in the <i>Key Management Service Developer Guide</i>.</p>
      */
-    Operations: (GrantOperation | string)[] | undefined;
+    Operations: GrantOperation[] | undefined;
     /**
      * @public
      * <p>Specifies a grant constraint.</p>
@@ -1270,7 +1270,7 @@ export interface CreateKeyRequest {
      *             </li>
      *          </ul>
      */
-    KeyUsage?: KeyUsageType | string;
+    KeyUsage?: KeyUsageType;
     /**
      * @public
      * @deprecated
@@ -1280,7 +1280,7 @@ export interface CreateKeyRequest {
      *       way. Only the names differ. We recommend that you use <code>KeySpec</code> parameter in your
      *       code. However, to avoid breaking changes, KMS supports both parameters.</p>
      */
-    CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
+    CustomerMasterKeySpec?: CustomerMasterKeySpec;
     /**
      * @public
      * <p>Specifies the type of KMS key to create. The default value,
@@ -1398,7 +1398,7 @@ export interface CreateKeyRequest {
      *             </li>
      *          </ul>
      */
-    KeySpec?: KeySpec | string;
+    KeySpec?: KeySpec;
     /**
      * @public
      * <p>The source of the key material for the KMS key. You cannot change the origin after you
@@ -1421,7 +1421,7 @@ export interface CreateKeyRequest {
      *       the <code>XksKeyId</code> parameter to identify the associated external key. The
      *         <code>KeySpec</code> value must be <code>SYMMETRIC_DEFAULT</code>.</p>
      */
-    Origin?: OriginType | string;
+    Origin?: OriginType;
     /**
      * @public
      * <p>Creates the KMS key in the specified <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a>. The <code>ConnectionState</code> of
@@ -1621,7 +1621,7 @@ export interface MultiRegionConfiguration {
      * <p>Indicates whether the KMS key is a <code>PRIMARY</code> or <code>REPLICA</code>
      *       key.</p>
      */
-    MultiRegionKeyType?: MultiRegionKeyType | string;
+    MultiRegionKeyType?: MultiRegionKeyType;
     /**
      * @public
      * <p>Displays the key ARN and Region of the primary key. This field includes the current KMS
@@ -1717,14 +1717,14 @@ export interface KeyMetadata {
      * @public
      * <p>The <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations">cryptographic operations</a> for which you can use the KMS key.</p>
      */
-    KeyUsage?: KeyUsageType | string;
+    KeyUsage?: KeyUsageType;
     /**
      * @public
      * <p>The current status of the KMS key.</p>
      *          <p>For more information about how key state affects the use of a KMS key, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key states of KMS keys</a> in
      *       the <i>Key Management Service Developer Guide</i>.</p>
      */
-    KeyState?: KeyState | string;
+    KeyState?: KeyState;
     /**
      * @public
      * <p>The date and time after which KMS deletes this KMS key. This value is present only when
@@ -1751,7 +1751,7 @@ export interface KeyMetadata {
      *         <code>AWS_CLOUDHSM</code>, the key material was created in the CloudHSM cluster associated with
      *       a custom key store.</p>
      */
-    Origin?: OriginType | string;
+    Origin?: OriginType;
     /**
      * @public
      * <p>A unique identifier for the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html">custom key store</a> that contains the KMS key. This field is
@@ -1771,13 +1771,13 @@ export interface KeyMetadata {
      * <p>Specifies whether the KMS key's key material expires. This value is present only when
      *         <code>Origin</code> is <code>EXTERNAL</code>, otherwise this value is omitted.</p>
      */
-    ExpirationModel?: ExpirationModelType | string;
+    ExpirationModel?: ExpirationModelType;
     /**
      * @public
      * <p>The manager of the KMS key. KMS keys in your Amazon Web Services account are either customer managed or
      *       Amazon Web Services managed. For more information about the difference, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys">KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
      */
-    KeyManager?: KeyManagerType | string;
+    KeyManager?: KeyManagerType;
     /**
      * @public
      * @deprecated
@@ -1787,12 +1787,12 @@ export interface KeyMetadata {
      *       value. We recommend that you use the <code>KeySpec</code> field in your code. However, to
      *       avoid breaking changes, KMS supports both fields.</p>
      */
-    CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
+    CustomerMasterKeySpec?: CustomerMasterKeySpec;
     /**
      * @public
      * <p>Describes the type of key material in the KMS key.</p>
      */
-    KeySpec?: KeySpec | string;
+    KeySpec?: KeySpec;
     /**
      * @public
      * <p>The encryption algorithms that the KMS key supports. You cannot use the KMS key with other
@@ -1800,7 +1800,7 @@ export interface KeyMetadata {
      *          <p>This value is present only when the <code>KeyUsage</code> of the KMS key is
      *         <code>ENCRYPT_DECRYPT</code>.</p>
      */
-    EncryptionAlgorithms?: (EncryptionAlgorithmSpec | string)[];
+    EncryptionAlgorithms?: EncryptionAlgorithmSpec[];
     /**
      * @public
      * <p>The signing algorithms that the KMS key supports. You cannot use the KMS key with other
@@ -1808,7 +1808,7 @@ export interface KeyMetadata {
      *          <p>This field appears only when the <code>KeyUsage</code> of the KMS key is
      *         <code>SIGN_VERIFY</code>.</p>
      */
-    SigningAlgorithms?: (SigningAlgorithmSpec | string)[];
+    SigningAlgorithms?: SigningAlgorithmSpec[];
     /**
      * @public
      * <p>Indicates whether the KMS key is a multi-Region (<code>True</code>) or regional
@@ -1864,7 +1864,7 @@ export interface KeyMetadata {
      *          <p>This value is present only when the <code>KeyUsage</code> of the KMS key is
      *         <code>GENERATE_VERIFY_MAC</code>.</p>
      */
-    MacAlgorithms?: (MacAlgorithmSpec | string)[];
+    MacAlgorithms?: MacAlgorithmSpec[];
     /**
      * @public
      * <p>Information about the external key that is associated with a KMS key in an external key
@@ -1997,7 +1997,7 @@ export interface XksProxyConfigurationType {
      * <p>Indicates whether the external key store proxy uses a public endpoint or an Amazon VPC endpoint
      *       service to communicate with KMS.</p>
      */
-    Connectivity?: XksProxyConnectivityType | string;
+    Connectivity?: XksProxyConnectivityType;
     /**
      * @public
      * <p>The part of the external key store <a href="https://docs.aws.amazon.com/kms/latest/APIReference/API_CreateCustomKeyStore.html#KMS-CreateCustomKeyStore-request-XksProxyAuthenticationCredential">proxy authentication credential</a> that uniquely identifies the secret access
@@ -2078,7 +2078,7 @@ export interface CustomKeyStoresListEntry {
      *       For help resolving a connection failure, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/fix-keystore.html">Troubleshooting a custom key store</a> in the
      *       <i>Key Management Service Developer Guide</i>.</p>
      */
-    ConnectionState?: ConnectionStateType | string;
+    ConnectionState?: ConnectionStateType;
     /**
      * @public
      * <p>Describes the connection error. This field appears in the response only when the
@@ -2265,7 +2265,7 @@ export interface CustomKeyStoresListEntry {
      *             </li>
      *          </ul>
      */
-    ConnectionErrorCode?: ConnectionErrorCodeType | string;
+    ConnectionErrorCode?: ConnectionErrorCodeType;
     /**
      * @public
      * <p>The date and time when the custom key store was created.</p>
@@ -2277,7 +2277,7 @@ export interface CustomKeyStoresListEntry {
      *       key store backed by an CloudHSM cluster. <code>EXTERNAL_KEY_STORE</code> indicates a custom key
      *       store backed by an external key store proxy and external key manager outside of Amazon Web Services.</p>
      */
-    CustomKeyStoreType?: CustomKeyStoreType | string;
+    CustomKeyStoreType?: CustomKeyStoreType;
     /**
      * @public
      * <p>Configuration settings for the external key store proxy (XKS proxy). The external key
@@ -2344,7 +2344,7 @@ export interface RecipientInfo {
      *       Enclave to encrypt plaintext values for the response. The only valid value is
      *         <code>RSAES_OAEP_SHA_256</code>.</p>
      */
-    KeyEncryptionAlgorithm?: KeyEncryptionMechanism | string;
+    KeyEncryptionAlgorithm?: KeyEncryptionMechanism;
     /**
      * @public
      * <p>The attestation document for an Amazon Web Services Nitro Enclave. This document includes the enclave's
@@ -2421,7 +2421,7 @@ export interface DecryptRequest {
      *       key. The default value, <code>SYMMETRIC_DEFAULT</code>, represents the only supported
      *       algorithm that is valid for symmetric encryption KMS keys.</p>
      */
-    EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    EncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>A signed <a href="https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitro-enclave-how.html#term-attestdoc">attestation document</a> from
@@ -2464,7 +2464,7 @@ export interface DecryptResponse {
      * @public
      * <p>The encryption algorithm that was used to decrypt the ciphertext.</p>
      */
-    EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    EncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>The plaintext data encrypted with the public key in the attestation document. </p>
@@ -2902,7 +2902,7 @@ export interface EncryptRequest {
      *       you are using an asymmetric KMS key, we recommend RSAES_OAEP_SHA_256.</p>
      *          <p>The SM2PKE algorithm is only available in China Regions.</p>
      */
-    EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    EncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>Checks if your request will succeed. <code>DryRun</code> is an optional parameter. </p>
@@ -2928,7 +2928,7 @@ export interface EncryptResponse {
      * @public
      * <p>The encryption algorithm that was used to encrypt the plaintext.</p>
      */
-    EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    EncryptionAlgorithm?: EncryptionAlgorithmSpec;
 }
 /**
  * @public
@@ -3004,7 +3004,7 @@ export interface GenerateDataKeyRequest {
      *          <p>You must specify either the <code>KeySpec</code> or the <code>NumberOfBytes</code>
      *       parameter (but not both) in every <code>GenerateDataKey</code> request.</p>
      */
-    KeySpec?: DataKeySpec | string;
+    KeySpec?: DataKeySpec;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -3119,7 +3119,7 @@ export interface GenerateDataKeyPairRequest {
      * <p>Determines the type of data key pair that is generated. </p>
      *          <p>The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS. The SM2 key spec is only available in China Regions.</p>
      */
-    KeyPairSpec: DataKeyPairSpec | string | undefined;
+    KeyPairSpec: DataKeyPairSpec | undefined;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -3181,7 +3181,7 @@ export interface GenerateDataKeyPairResponse {
      * @public
      * <p>The type of data key pair that was generated.</p>
      */
-    KeyPairSpec?: DataKeyPairSpec | string;
+    KeyPairSpec?: DataKeyPairSpec;
     /**
      * @public
      * <p>The plaintext private data key encrypted with the public key from the Nitro enclave. This
@@ -3243,7 +3243,7 @@ export interface GenerateDataKeyPairWithoutPlaintextRequest {
      * <p>Determines the type of data key pair that is generated.</p>
      *          <p>The KMS rule that restricts the use of asymmetric RSA and SM2 KMS keys to encrypt and decrypt or to sign and verify (but not both), and the rule that permits you to use ECC KMS keys only to sign and verify, are not effective on data key pairs, which are used outside of KMS. The SM2 key spec is only available in China Regions.</p>
      */
-    KeyPairSpec: DataKeyPairSpec | string | undefined;
+    KeyPairSpec: DataKeyPairSpec | undefined;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -3281,7 +3281,7 @@ export interface GenerateDataKeyPairWithoutPlaintextResponse {
      * @public
      * <p>The type of data key pair that was generated.</p>
      */
-    KeyPairSpec?: DataKeyPairSpec | string;
+    KeyPairSpec?: DataKeyPairSpec;
 }
 /**
  * @public
@@ -3333,7 +3333,7 @@ export interface GenerateDataKeyWithoutPlaintextRequest {
      * <p>The length of the data key. Use <code>AES_128</code> to generate a 128-bit symmetric key,
      *       or <code>AES_256</code> to generate a 256-bit symmetric key.</p>
      */
-    KeySpec?: DataKeySpec | string;
+    KeySpec?: DataKeySpec;
     /**
      * @public
      * <p>The length of the data key in bytes. For example, use the value 64 to generate a 512-bit
@@ -3398,7 +3398,7 @@ export interface GenerateMacRequest {
      *       algorithms that your HMAC KMS key supports, use the <a>DescribeKey</a> operation
      *       and see the <code>MacAlgorithms</code> field in the <code>DescribeKey</code> response.</p>
      */
-    MacAlgorithm: MacAlgorithmSpec | string | undefined;
+    MacAlgorithm: MacAlgorithmSpec | undefined;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -3428,7 +3428,7 @@ export interface GenerateMacResponse {
      * @public
      * <p>The MAC algorithm that was used to generate the HMAC.</p>
      */
-    MacAlgorithm?: MacAlgorithmSpec | string;
+    MacAlgorithm?: MacAlgorithmSpec;
     /**
      * @public
      * <p>The HMAC KMS key used in the operation.</p>
@@ -3642,7 +3642,7 @@ export interface GetParametersForImportRequest {
      *             </li>
      *          </ul>
      */
-    WrappingAlgorithm: AlgorithmSpec | string | undefined;
+    WrappingAlgorithm: AlgorithmSpec | undefined;
     /**
      * @public
      * <p>The type of RSA public key to return in the response. You will use this wrapping key with
@@ -3651,7 +3651,7 @@ export interface GetParametersForImportRequest {
      *          <p>You cannot use an RSA_2048 public key to directly wrap an ECC_NIST_P521 private key.
      *       Instead, use an RSA_AES wrapping algorithm or choose a longer RSA public key.</p>
      */
-    WrappingKeySpec: WrappingKeySpec | string | undefined;
+    WrappingKeySpec: WrappingKeySpec | undefined;
 }
 /**
  * @public
@@ -3748,12 +3748,12 @@ export interface GetPublicKeyResponse {
      *       value. We recommend that you use the <code>KeySpec</code> field in your code. However, to
      *       avoid breaking changes, KMS supports both fields.</p>
      */
-    CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
+    CustomerMasterKeySpec?: CustomerMasterKeySpec;
     /**
      * @public
      * <p>The type of the of the public key that was downloaded.</p>
      */
-    KeySpec?: KeySpec | string;
+    KeySpec?: KeySpec;
     /**
      * @public
      * <p>The permitted use of the public key. Valid values are <code>ENCRYPT_DECRYPT</code> or
@@ -3761,7 +3761,7 @@ export interface GetPublicKeyResponse {
      *          <p>This information is critical. If a public key with <code>SIGN_VERIFY</code> key usage
      *       encrypts data outside of KMS, the ciphertext cannot be decrypted. </p>
      */
-    KeyUsage?: KeyUsageType | string;
+    KeyUsage?: KeyUsageType;
     /**
      * @public
      * <p>The encryption algorithms that KMS supports for this key. </p>
@@ -3770,14 +3770,14 @@ export interface GetPublicKeyResponse {
      *          <p>This field appears in the response only when the <code>KeyUsage</code> of the public key
      *       is <code>ENCRYPT_DECRYPT</code>.</p>
      */
-    EncryptionAlgorithms?: (EncryptionAlgorithmSpec | string)[];
+    EncryptionAlgorithms?: EncryptionAlgorithmSpec[];
     /**
      * @public
      * <p>The signing algorithms that KMS supports for this key.</p>
      *          <p>This field appears in the response only when the <code>KeyUsage</code> of the public key
      *       is <code>SIGN_VERIFY</code>.</p>
      */
-    SigningAlgorithms?: (SigningAlgorithmSpec | string)[];
+    SigningAlgorithms?: SigningAlgorithmSpec[];
 }
 /**
  * @public
@@ -3828,7 +3828,7 @@ export interface GrantListEntry {
      * @public
      * <p>The list of operations permitted by the grant.</p>
      */
-    Operations?: (GrantOperation | string)[];
+    Operations?: GrantOperation[];
     /**
      * @public
      * <p>A list of key-value pairs that must be present in the encryption context of certain
@@ -3905,7 +3905,7 @@ export interface ImportKeyMaterialRequest {
      *       current import after the request completes. To change either value, you must reimport the key
      *       material.</p>
      */
-    ExpirationModel?: ExpirationModelType | string;
+    ExpirationModel?: ExpirationModelType;
 }
 /**
  * @public
@@ -4546,7 +4546,7 @@ export interface ReEncryptRequest {
      *          <p>This parameter is required only when the ciphertext was encrypted under an asymmetric KMS
      *       key.</p>
      */
-    SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>Specifies the encryption algorithm that KMS will use to reecrypt the data after it has
@@ -4555,7 +4555,7 @@ export interface ReEncryptRequest {
      *          <p>This parameter is required only when the destination KMS key is an asymmetric KMS
      *       key.</p>
      */
-    DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -4594,12 +4594,12 @@ export interface ReEncryptResponse {
      * <p>The encryption algorithm that was used to decrypt the ciphertext before it was
      *       reencrypted.</p>
      */
-    SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec;
     /**
      * @public
      * <p>The encryption algorithm that was used to reencrypt the data.</p>
      */
-    DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+    DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec;
 }
 /**
  * @public
@@ -4899,7 +4899,7 @@ export interface ScheduleKeyDeletionResponse {
      *          <p>For more information about how key state affects the use of a KMS key, see
      *       <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key states of KMS keys</a> in the <i>Key Management Service Developer Guide</i>.</p>
      */
-    KeyState?: KeyState | string;
+    KeyState?: KeyState;
     /**
      * @public
      * <p>The waiting period before the KMS key is deleted. </p>
@@ -4986,7 +4986,7 @@ export interface SignRequest {
      *             </li>
      *          </ul>
      */
-    MessageType?: MessageType | string;
+    MessageType?: MessageType;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -5001,7 +5001,7 @@ export interface SignRequest {
      *       KMS key. When signing with RSA key pairs, RSASSA-PSS algorithms are preferred. We include
      *       RSASSA-PKCS1-v1_5 algorithms for compatibility with existing applications.</p>
      */
-    SigningAlgorithm: SigningAlgorithmSpec | string | undefined;
+    SigningAlgorithm: SigningAlgorithmSpec | undefined;
     /**
      * @public
      * <p>Checks if your request will succeed. <code>DryRun</code> is an optional parameter. </p>
@@ -5042,7 +5042,7 @@ export interface SignResponse {
      * @public
      * <p>The signing algorithm that was used to sign the message.</p>
      */
-    SigningAlgorithm?: SigningAlgorithmSpec | string;
+    SigningAlgorithm?: SigningAlgorithmSpec;
 }
 /**
  * @public
@@ -5257,7 +5257,7 @@ export interface UpdateCustomKeyStoreRequest {
      *       the <code>XksProxyVpcEndpointServiceName</code> value.</p>
      *          <p>To change this value, the external key store must be disconnected.</p>
      */
-    XksProxyConnectivity?: XksProxyConnectivityType | string;
+    XksProxyConnectivity?: XksProxyConnectivityType;
 }
 /**
  * @public
@@ -5408,7 +5408,7 @@ export interface VerifyRequest {
      *             </li>
      *          </ul>
      */
-    MessageType?: MessageType | string;
+    MessageType?: MessageType;
     /**
      * @public
      * <p>The signature that the <code>Sign</code> operation generated.</p>
@@ -5419,7 +5419,7 @@ export interface VerifyRequest {
      * <p>The signing algorithm that was used to sign the message. If you submit a different
      *       algorithm, the signature verification fails.</p>
      */
-    SigningAlgorithm: SigningAlgorithmSpec | string | undefined;
+    SigningAlgorithm: SigningAlgorithmSpec | undefined;
     /**
      * @public
      * <p>A list of grant tokens.</p>
@@ -5456,7 +5456,7 @@ export interface VerifyResponse {
      * @public
      * <p>The signing algorithm that was used to verify the signature.</p>
      */
-    SigningAlgorithm?: SigningAlgorithmSpec | string;
+    SigningAlgorithm?: SigningAlgorithmSpec;
 }
 /**
  * @public
@@ -5485,7 +5485,7 @@ export interface VerifyMacRequest {
      *       was used to compute the HMAC. This algorithm must be supported by the HMAC KMS key identified
      *       by the <code>KeyId</code> parameter.</p>
      */
-    MacAlgorithm: MacAlgorithmSpec | string | undefined;
+    MacAlgorithm: MacAlgorithmSpec | undefined;
     /**
      * @public
      * <p>The HMAC to verify. Enter the HMAC that was generated by the <a>GenerateMac</a>
@@ -5531,7 +5531,7 @@ export interface VerifyMacResponse {
      * @public
      * <p>The MAC algorithm used in the verification.</p>
      */
-    MacAlgorithm?: MacAlgorithmSpec | string;
+    MacAlgorithm?: MacAlgorithmSpec;
 }
 /**
  * @internal

package/dist-types/ts3.4/models/models_0.d.ts

@@ -202,12 +202,12 @@ export interface CreateCustomKeyStoreRequest {
   CloudHsmClusterId?: string;
   TrustAnchorCertificate?: string;
   KeyStorePassword?: string;
-  CustomKeyStoreType?: CustomKeyStoreType | string;
+  CustomKeyStoreType?: CustomKeyStoreType;
   XksProxyUriEndpoint?: string;
   XksProxyUriPath?: string;
   XksProxyVpcEndpointServiceName?: string;
   XksProxyAuthenticationCredential?: XksProxyAuthenticationCredentialType;
-  XksProxyConnectivity?: XksProxyConnectivityType | string;
+  XksProxyConnectivity?: XksProxyConnectivityType;
 }
 export interface CreateCustomKeyStoreResponse {
   CustomKeyStoreId?: string;
@@ -344,7 +344,7 @@ export interface CreateGrantRequest {
   KeyId: string | undefined;
   GranteePrincipal: string | undefined;
   RetiringPrincipal?: string;
-  Operations: (GrantOperation | string)[] | undefined;
+  Operations: GrantOperation[] | undefined;
   Constraints?: GrantConstraints;
   GrantTokens?: string[];
   Name?: string;
@@ -426,10 +426,10 @@ export interface Tag {
 export interface CreateKeyRequest {
   Policy?: string;
   Description?: string;
-  KeyUsage?: KeyUsageType | string;
-  CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
-  KeySpec?: KeySpec | string;
-  Origin?: OriginType | string;
+  KeyUsage?: KeyUsageType;
+  CustomerMasterKeySpec?: CustomerMasterKeySpec;
+  KeySpec?: KeySpec;
+  Origin?: OriginType;
   CustomKeyStoreId?: string;
   BypassPolicyLockoutSafetyCheck?: boolean;
   Tags?: Tag[];
@@ -486,7 +486,7 @@ export interface MultiRegionKey {
   Region?: string;
 }
 export interface MultiRegionConfiguration {
-  MultiRegionKeyType?: MultiRegionKeyType | string;
+  MultiRegionKeyType?: MultiRegionKeyType;
   PrimaryKey?: MultiRegionKey;
   ReplicaKeys?: MultiRegionKey[];
 }
@@ -514,23 +514,23 @@ export interface KeyMetadata {
   CreationDate?: Date;
   Enabled?: boolean;
   Description?: string;
-  KeyUsage?: KeyUsageType | string;
-  KeyState?: KeyState | string;
+  KeyUsage?: KeyUsageType;
+  KeyState?: KeyState;
   DeletionDate?: Date;
   ValidTo?: Date;
-  Origin?: OriginType | string;
+  Origin?: OriginType;
   CustomKeyStoreId?: string;
   CloudHsmClusterId?: string;
-  ExpirationModel?: ExpirationModelType | string;
-  KeyManager?: KeyManagerType | string;
-  CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
-  KeySpec?: KeySpec | string;
-  EncryptionAlgorithms?: (EncryptionAlgorithmSpec | string)[];
-  SigningAlgorithms?: (SigningAlgorithmSpec | string)[];
+  ExpirationModel?: ExpirationModelType;
+  KeyManager?: KeyManagerType;
+  CustomerMasterKeySpec?: CustomerMasterKeySpec;
+  KeySpec?: KeySpec;
+  EncryptionAlgorithms?: EncryptionAlgorithmSpec[];
+  SigningAlgorithms?: SigningAlgorithmSpec[];
   MultiRegion?: boolean;
   MultiRegionConfiguration?: MultiRegionConfiguration;
   PendingDeletionWindowInDays?: number;
-  MacAlgorithms?: (MacAlgorithmSpec | string)[];
+  MacAlgorithms?: MacAlgorithmSpec[];
   XksKeyConfiguration?: XksKeyConfigurationType;
 }
 export interface CreateKeyResponse {
@@ -590,7 +590,7 @@ export declare class CustomKeyStoreHasCMKsException extends __BaseException {
   );
 }
 export interface XksProxyConfigurationType {
-  Connectivity?: XksProxyConnectivityType | string;
+  Connectivity?: XksProxyConnectivityType;
   AccessKeyId?: string;
   UriEndpoint?: string;
   UriPath?: string;
@@ -601,10 +601,10 @@ export interface CustomKeyStoresListEntry {
   CustomKeyStoreName?: string;
   CloudHsmClusterId?: string;
   TrustAnchorCertificate?: string;
-  ConnectionState?: ConnectionStateType | string;
-  ConnectionErrorCode?: ConnectionErrorCodeType | string;
+  ConnectionState?: ConnectionStateType;
+  ConnectionErrorCode?: ConnectionErrorCodeType;
   CreationDate?: Date;
-  CustomKeyStoreType?: CustomKeyStoreType | string;
+  CustomKeyStoreType?: CustomKeyStoreType;
   XksProxyConfiguration?: XksProxyConfigurationType;
 }
 export declare const DataKeyPairSpec: {
@@ -630,7 +630,7 @@ export declare const KeyEncryptionMechanism: {
 export type KeyEncryptionMechanism =
   (typeof KeyEncryptionMechanism)[keyof typeof KeyEncryptionMechanism];
 export interface RecipientInfo {
-  KeyEncryptionAlgorithm?: KeyEncryptionMechanism | string;
+  KeyEncryptionAlgorithm?: KeyEncryptionMechanism;
   AttestationDocument?: Uint8Array;
 }
 export interface DecryptRequest {
@@ -638,14 +638,14 @@ export interface DecryptRequest {
   EncryptionContext?: Record<string, string>;
   GrantTokens?: string[];
   KeyId?: string;
-  EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  EncryptionAlgorithm?: EncryptionAlgorithmSpec;
   Recipient?: RecipientInfo;
   DryRun?: boolean;
 }
 export interface DecryptResponse {
   KeyId?: string;
   Plaintext?: Uint8Array;
-  EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  EncryptionAlgorithm?: EncryptionAlgorithmSpec;
   CiphertextForRecipient?: Uint8Array;
 }
 export declare class IncorrectKeyException extends __BaseException {
@@ -732,13 +732,13 @@ export interface EncryptRequest {
   Plaintext: Uint8Array | undefined;
   EncryptionContext?: Record<string, string>;
   GrantTokens?: string[];
-  EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  EncryptionAlgorithm?: EncryptionAlgorithmSpec;
   DryRun?: boolean;
 }
 export interface EncryptResponse {
   CiphertextBlob?: Uint8Array;
   KeyId?: string;
-  EncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  EncryptionAlgorithm?: EncryptionAlgorithmSpec;
 }
 export declare class ExpiredImportTokenException extends __BaseException {
   readonly name: "ExpiredImportTokenException";
@@ -751,7 +751,7 @@ export interface GenerateDataKeyRequest {
   KeyId: string | undefined;
   EncryptionContext?: Record<string, string>;
   NumberOfBytes?: number;
-  KeySpec?: DataKeySpec | string;
+  KeySpec?: DataKeySpec;
   GrantTokens?: string[];
   Recipient?: RecipientInfo;
   DryRun?: boolean;
@@ -765,7 +765,7 @@ export interface GenerateDataKeyResponse {
 export interface GenerateDataKeyPairRequest {
   EncryptionContext?: Record<string, string>;
   KeyId: string | undefined;
-  KeyPairSpec: DataKeyPairSpec | string | undefined;
+  KeyPairSpec: DataKeyPairSpec | undefined;
   GrantTokens?: string[];
   Recipient?: RecipientInfo;
   DryRun?: boolean;
@@ -775,13 +775,13 @@ export interface GenerateDataKeyPairResponse {
   PrivateKeyPlaintext?: Uint8Array;
   PublicKey?: Uint8Array;
   KeyId?: string;
-  KeyPairSpec?: DataKeyPairSpec | string;
+  KeyPairSpec?: DataKeyPairSpec;
   CiphertextForRecipient?: Uint8Array;
 }
 export interface GenerateDataKeyPairWithoutPlaintextRequest {
   EncryptionContext?: Record<string, string>;
   KeyId: string | undefined;
-  KeyPairSpec: DataKeyPairSpec | string | undefined;
+  KeyPairSpec: DataKeyPairSpec | undefined;
   GrantTokens?: string[];
   DryRun?: boolean;
 }
@@ -789,12 +789,12 @@ export interface GenerateDataKeyPairWithoutPlaintextResponse {
   PrivateKeyCiphertextBlob?: Uint8Array;
   PublicKey?: Uint8Array;
   KeyId?: string;
-  KeyPairSpec?: DataKeyPairSpec | string;
+  KeyPairSpec?: DataKeyPairSpec;
 }
 export interface GenerateDataKeyWithoutPlaintextRequest {
   KeyId: string | undefined;
   EncryptionContext?: Record<string, string>;
-  KeySpec?: DataKeySpec | string;
+  KeySpec?: DataKeySpec;
   NumberOfBytes?: number;
   GrantTokens?: string[];
   DryRun?: boolean;
@@ -806,13 +806,13 @@ export interface GenerateDataKeyWithoutPlaintextResponse {
 export interface GenerateMacRequest {
   Message: Uint8Array | undefined;
   KeyId: string | undefined;
-  MacAlgorithm: MacAlgorithmSpec | string | undefined;
+  MacAlgorithm: MacAlgorithmSpec | undefined;
   GrantTokens?: string[];
   DryRun?: boolean;
 }
 export interface GenerateMacResponse {
   Mac?: Uint8Array;
-  MacAlgorithm?: MacAlgorithmSpec | string;
+  MacAlgorithm?: MacAlgorithmSpec;
   KeyId?: string;
 }
 export interface GenerateRandomRequest {
@@ -846,8 +846,8 @@ export type WrappingKeySpec =
   (typeof WrappingKeySpec)[keyof typeof WrappingKeySpec];
 export interface GetParametersForImportRequest {
   KeyId: string | undefined;
-  WrappingAlgorithm: AlgorithmSpec | string | undefined;
-  WrappingKeySpec: WrappingKeySpec | string | undefined;
+  WrappingAlgorithm: AlgorithmSpec | undefined;
+  WrappingKeySpec: WrappingKeySpec | undefined;
 }
 export interface GetParametersForImportResponse {
   KeyId?: string;
@@ -862,11 +862,11 @@ export interface GetPublicKeyRequest {
 export interface GetPublicKeyResponse {
   KeyId?: string;
   PublicKey?: Uint8Array;
-  CustomerMasterKeySpec?: CustomerMasterKeySpec | string;
-  KeySpec?: KeySpec | string;
-  KeyUsage?: KeyUsageType | string;
-  EncryptionAlgorithms?: (EncryptionAlgorithmSpec | string)[];
-  SigningAlgorithms?: (SigningAlgorithmSpec | string)[];
+  CustomerMasterKeySpec?: CustomerMasterKeySpec;
+  KeySpec?: KeySpec;
+  KeyUsage?: KeyUsageType;
+  EncryptionAlgorithms?: EncryptionAlgorithmSpec[];
+  SigningAlgorithms?: SigningAlgorithmSpec[];
 }
 export interface GrantListEntry {
   KeyId?: string;
@@ -876,7 +876,7 @@ export interface GrantListEntry {
   GranteePrincipal?: string;
   RetiringPrincipal?: string;
   IssuingAccount?: string;
-  Operations?: (GrantOperation | string)[];
+  Operations?: GrantOperation[];
   Constraints?: GrantConstraints;
 }
 export interface ImportKeyMaterialRequest {
@@ -884,7 +884,7 @@ export interface ImportKeyMaterialRequest {
   ImportToken: Uint8Array | undefined;
   EncryptedKeyMaterial: Uint8Array | undefined;
   ValidTo?: Date;
-  ExpirationModel?: ExpirationModelType | string;
+  ExpirationModel?: ExpirationModelType;
 }
 export interface ImportKeyMaterialResponse {}
 export declare class IncorrectKeyMaterialException extends __BaseException {
@@ -999,8 +999,8 @@ export interface ReEncryptRequest {
   SourceKeyId?: string;
   DestinationKeyId: string | undefined;
   DestinationEncryptionContext?: Record<string, string>;
-  SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
-  DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec;
+  DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec;
   GrantTokens?: string[];
   DryRun?: boolean;
 }
@@ -1008,8 +1008,8 @@ export interface ReEncryptResponse {
   CiphertextBlob?: Uint8Array;
   SourceKeyId?: string;
   KeyId?: string;
-  SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
-  DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec | string;
+  SourceEncryptionAlgorithm?: EncryptionAlgorithmSpec;
+  DestinationEncryptionAlgorithm?: EncryptionAlgorithmSpec;
 }
 export interface ReplicateKeyRequest {
   KeyId: string | undefined;
@@ -1042,21 +1042,21 @@ export interface ScheduleKeyDeletionRequest {
 export interface ScheduleKeyDeletionResponse {
   KeyId?: string;
   DeletionDate?: Date;
-  KeyState?: KeyState | string;
+  KeyState?: KeyState;
   PendingWindowInDays?: number;
 }
 export interface SignRequest {
   KeyId: string | undefined;
   Message: Uint8Array | undefined;
-  MessageType?: MessageType | string;
+  MessageType?: MessageType;
   GrantTokens?: string[];
-  SigningAlgorithm: SigningAlgorithmSpec | string | undefined;
+  SigningAlgorithm: SigningAlgorithmSpec | undefined;
   DryRun?: boolean;
 }
 export interface SignResponse {
   KeyId?: string;
   Signature?: Uint8Array;
-  SigningAlgorithm?: SigningAlgorithmSpec | string;
+  SigningAlgorithm?: SigningAlgorithmSpec;
 }
 export interface TagResourceRequest {
   KeyId: string | undefined;
@@ -1079,7 +1079,7 @@ export interface UpdateCustomKeyStoreRequest {
   XksProxyUriPath?: string;
   XksProxyVpcEndpointServiceName?: string;
   XksProxyAuthenticationCredential?: XksProxyAuthenticationCredentialType;
-  XksProxyConnectivity?: XksProxyConnectivityType | string;
+  XksProxyConnectivity?: XksProxyConnectivityType;
 }
 export interface UpdateCustomKeyStoreResponse {}
 export interface UpdateKeyDescriptionRequest {
@@ -1093,21 +1093,21 @@ export interface UpdatePrimaryRegionRequest {
 export interface VerifyRequest {
   KeyId: string | undefined;
   Message: Uint8Array | undefined;
-  MessageType?: MessageType | string;
+  MessageType?: MessageType;
   Signature: Uint8Array | undefined;
-  SigningAlgorithm: SigningAlgorithmSpec | string | undefined;
+  SigningAlgorithm: SigningAlgorithmSpec | undefined;
   GrantTokens?: string[];
   DryRun?: boolean;
 }
 export interface VerifyResponse {
   KeyId?: string;
   SignatureValid?: boolean;
-  SigningAlgorithm?: SigningAlgorithmSpec | string;
+  SigningAlgorithm?: SigningAlgorithmSpec;
 }
 export interface VerifyMacRequest {
   Message: Uint8Array | undefined;
   KeyId: string | undefined;
-  MacAlgorithm: MacAlgorithmSpec | string | undefined;
+  MacAlgorithm: MacAlgorithmSpec | undefined;
   Mac: Uint8Array | undefined;
   GrantTokens?: string[];
   DryRun?: boolean;
@@ -1115,7 +1115,7 @@ export interface VerifyMacRequest {
 export interface VerifyMacResponse {
   KeyId?: string;
   MacValid?: boolean;
-  MacAlgorithm?: MacAlgorithmSpec | string;
+  MacAlgorithm?: MacAlgorithmSpec;
 }
 export declare const XksProxyAuthenticationCredentialTypeFilterSensitiveLog: (
   obj: XksProxyAuthenticationCredentialType

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@aws-sdk/client-kms",
   "description": "AWS SDK for JavaScript Kms Client for Node.js, Browser and React Native",
-  "version": "3.427.0",
+  "version": "3.429.0",
   "scripts": {
     "build": "concurrently 'yarn:build:cjs' 'yarn:build:es' 'yarn:build:types'",
     "build:cjs": "tsc -p tsconfig.cjs.json",
@@ -21,39 +21,39 @@
   "dependencies": {
     "@aws-crypto/sha256-browser": "3.0.0",
     "@aws-crypto/sha256-js": "3.0.0",
-    "@aws-sdk/client-sts": "3.427.0",
-    "@aws-sdk/credential-provider-node": "3.427.0",
-    "@aws-sdk/middleware-host-header": "3.425.0",
-    "@aws-sdk/middleware-logger": "3.425.0",
-    "@aws-sdk/middleware-recursion-detection": "3.425.0",
-    "@aws-sdk/middleware-signing": "3.425.0",
-    "@aws-sdk/middleware-user-agent": "3.427.0",
-    "@aws-sdk/region-config-resolver": "3.425.0",
-    "@aws-sdk/types": "3.425.0",
-    "@aws-sdk/util-endpoints": "3.427.0",
-    "@aws-sdk/util-user-agent-browser": "3.425.0",
-    "@aws-sdk/util-user-agent-node": "3.425.0",
-    "@smithy/config-resolver": "^2.0.11",
-    "@smithy/fetch-http-handler": "^2.2.1",
-    "@smithy/hash-node": "^2.0.10",
-    "@smithy/invalid-dependency": "^2.0.10",
-    "@smithy/middleware-content-length": "^2.0.12",
-    "@smithy/middleware-endpoint": "^2.0.10",
-    "@smithy/middleware-retry": "^2.0.13",
-    "@smithy/middleware-serde": "^2.0.10",
-    "@smithy/middleware-stack": "^2.0.4",
-    "@smithy/node-config-provider": "^2.0.13",
-    "@smithy/node-http-handler": "^2.1.6",
-    "@smithy/protocol-http": "^3.0.6",
-    "@smithy/smithy-client": "^2.1.9",
-    "@smithy/types": "^2.3.4",
-    "@smithy/url-parser": "^2.0.10",
+    "@aws-sdk/client-sts": "3.429.0",
+    "@aws-sdk/credential-provider-node": "3.429.0",
+    "@aws-sdk/middleware-host-header": "3.429.0",
+    "@aws-sdk/middleware-logger": "3.428.0",
+    "@aws-sdk/middleware-recursion-detection": "3.428.0",
+    "@aws-sdk/middleware-signing": "3.428.0",
+    "@aws-sdk/middleware-user-agent": "3.428.0",
+    "@aws-sdk/region-config-resolver": "3.428.0",
+    "@aws-sdk/types": "3.428.0",
+    "@aws-sdk/util-endpoints": "3.428.0",
+    "@aws-sdk/util-user-agent-browser": "3.428.0",
+    "@aws-sdk/util-user-agent-node": "3.428.0",
+    "@smithy/config-resolver": "^2.0.14",
+    "@smithy/fetch-http-handler": "^2.2.3",
+    "@smithy/hash-node": "^2.0.11",
+    "@smithy/invalid-dependency": "^2.0.11",
+    "@smithy/middleware-content-length": "^2.0.13",
+    "@smithy/middleware-endpoint": "^2.1.1",
+    "@smithy/middleware-retry": "^2.0.16",
+    "@smithy/middleware-serde": "^2.0.11",
+    "@smithy/middleware-stack": "^2.0.5",
+    "@smithy/node-config-provider": "^2.1.1",
+    "@smithy/node-http-handler": "^2.1.7",
+    "@smithy/protocol-http": "^3.0.7",
+    "@smithy/smithy-client": "^2.1.11",
+    "@smithy/types": "^2.3.5",
+    "@smithy/url-parser": "^2.0.11",
     "@smithy/util-base64": "^2.0.0",
     "@smithy/util-body-length-browser": "^2.0.0",
     "@smithy/util-body-length-node": "^2.1.0",
-    "@smithy/util-defaults-mode-browser": "^2.0.13",
-    "@smithy/util-defaults-mode-node": "^2.0.15",
-    "@smithy/util-retry": "^2.0.3",
+    "@smithy/util-defaults-mode-browser": "^2.0.15",
+    "@smithy/util-defaults-mode-node": "^2.0.19",
+    "@smithy/util-retry": "^2.0.4",
     "@smithy/util-utf8": "^2.0.0",
     "tslib": "^2.5.0"
   },