npm - @aws-sdk/client-kms - Versions diffs - 3.933.0 → 3.935.0 - Mend

@aws-sdk/client-kms 3.933.0 → 3.935.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/dist-cjs/index.js +211 -210
package/dist-es/index.js +2 -1
package/dist-es/models/enums.js +210 -0
package/dist-es/models/errors.js +577 -0
package/dist-es/models/models_0.js +1 -787
package/dist-es/schemas/schemas_0.js +1 -1
package/dist-types/index.d.ts +3 -1
package/dist-types/models/enums.d.ts +434 -0
package/dist-types/models/errors.d.ts +769 -0
package/dist-types/models/models_0.d.ts +1 -1203
package/dist-types/ts3.4/index.d.ts +3 -1
package/dist-types/ts3.4/models/enums.d.ts +256 -0
package/dist-types/ts3.4/models/errors.d.ts +381 -0
package/dist-types/ts3.4/models/models_0.d.ts +30 -637
package/package.json +12 -12
package/dist-es/models/index.js +0 -1
package/dist-types/models/index.d.ts +0 -1
package/dist-types/ts3.4/models/index.d.ts +0 -1

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -1,21 +1,4 @@
-import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
-import { KMSServiceException as __BaseException } from "./KMSServiceException";
-/**
- * @public
- * @enum
- */
-export declare const AlgorithmSpec: {
-    readonly RSAES_OAEP_SHA_1: "RSAES_OAEP_SHA_1";
-    readonly RSAES_OAEP_SHA_256: "RSAES_OAEP_SHA_256";
-    readonly RSAES_PKCS1_V1_5: "RSAES_PKCS1_V1_5";
-    readonly RSA_AES_KEY_WRAP_SHA_1: "RSA_AES_KEY_WRAP_SHA_1";
-    readonly RSA_AES_KEY_WRAP_SHA_256: "RSA_AES_KEY_WRAP_SHA_256";
-    readonly SM2PKE: "SM2PKE";
-};
-/**
- * @public
- */
-export type AlgorithmSpec = (typeof AlgorithmSpec)[keyof typeof AlgorithmSpec];
+import { AlgorithmSpec, ConnectionErrorCodeType, ConnectionStateType, CustomerMasterKeySpec, CustomKeyStoreType, DataKeyPairSpec, DataKeySpec, EncryptionAlgorithmSpec, ExpirationModelType, GrantOperation, ImportState, ImportType, IncludeKeyMaterial, KeyAgreementAlgorithmSpec, KeyEncryptionMechanism, KeyManagerType, KeyMaterialState, KeySpec, KeyState, KeyUsageType, MacAlgorithmSpec, MessageType, MultiRegionKeyType, OriginType, RotationType, SigningAlgorithmSpec, WrappingKeySpec, XksProxyConnectivityType } from "./enums";
 /**
  * <p>Contains information about an alias.</p>
  * @public
@@ -49,19 +32,6 @@ export interface AliasListEntry {
      */
     LastUpdatedDate?: Date | undefined;
 }
-/**
- * <p>The request was rejected because it attempted to create a resource that already
- *       exists.</p>
- * @public
- */
-export declare class AlreadyExistsException extends __BaseException {
-    readonly name: "AlreadyExistsException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<AlreadyExistsException, __BaseException>);
-}
 /**
  * @public
  */
@@ -95,207 +65,6 @@ export interface CancelKeyDeletionResponse {
      */
     KeyId?: string | undefined;
 }
-/**
- * <p>The system timed out while trying to fulfill the request. You can retry the
- *       request.</p>
- * @public
- */
-export declare class DependencyTimeoutException extends __BaseException {
-    readonly name: "DependencyTimeoutException";
-    readonly $fault: "server";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<DependencyTimeoutException, __BaseException>);
-}
-/**
- * <p>The request was rejected because a specified ARN, or an ARN in a key policy, is not
- *       valid.</p>
- * @public
- */
-export declare class InvalidArnException extends __BaseException {
-    readonly name: "InvalidArnException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidArnException, __BaseException>);
-}
-/**
- * <p>The request was rejected because an internal exception occurred. The request can be
- *       retried.</p>
- * @public
- */
-export declare class KMSInternalException extends __BaseException {
-    readonly name: "KMSInternalException";
-    readonly $fault: "server";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<KMSInternalException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the state of the specified resource is not valid for this
- *       request.</p>
- *          <p>This exceptions means one of the following:</p>
- *          <ul>
- *             <li>
- *                <p>The key state of the KMS key is not compatible with the operation. </p>
- *                <p>To find the key state, use the <a>DescribeKey</a> operation. For more
- *           information about which key states are compatible with each KMS operation, see
- *           <a href="https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html">Key states of KMS keys</a> in the <i>
- *                      <i>Key Management Service Developer Guide</i>
- *                   </i>.</p>
- *             </li>
- *             <li>
- *                <p>For cryptographic operations on KMS keys in custom key stores, this exception
- *           represents a general failure with many possible causes. To identify the cause, see the
- *           error message that accompanies the exception.</p>
- *             </li>
- *          </ul>
- * @public
- */
-export declare class KMSInvalidStateException extends __BaseException {
-    readonly name: "KMSInvalidStateException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<KMSInvalidStateException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified entity or resource could not be
- *       found.</p>
- * @public
- */
-export declare class NotFoundException extends __BaseException {
-    readonly name: "NotFoundException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<NotFoundException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified CloudHSM cluster is already associated with an
- *       CloudHSM key store in the account, or it shares a backup history with an CloudHSM key store in the
- *       account. Each CloudHSM key store in the account must be associated with a different CloudHSM
- *       cluster.</p>
- *          <p>CloudHSM clusters that share a backup history have the same cluster certificate. To view the
- *       cluster certificate of an CloudHSM cluster, use the <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html">DescribeClusters</a> operation.</p>
- * @public
- */
-export declare class CloudHsmClusterInUseException extends __BaseException {
-    readonly name: "CloudHsmClusterInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CloudHsmClusterInUseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the associated CloudHSM cluster did not meet the
- *       configuration requirements for an CloudHSM key store.</p>
- *          <ul>
- *             <li>
- *                <p>The CloudHSM cluster must be configured with private subnets in at least two different
- *           Availability Zones in the Region.</p>
- *             </li>
- *             <li>
- *                <p>The <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html">security group for
- *             the cluster</a> (cloudhsm-cluster-<i><cluster-id></i>-sg) must
- *           include inbound rules and outbound rules that allow TCP traffic on ports 2223-2225. The
- *             <b>Source</b> in the inbound rules and the <b>Destination</b> in the outbound rules must match the security group
- *           ID. These rules are set by default when you create the CloudHSM cluster. Do not delete or
- *           change them. To get information about a particular security group, use the <a href="https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeSecurityGroups.html">DescribeSecurityGroups</a> operation.</p>
- *             </li>
- *             <li>
- *                <p>The CloudHSM cluster must contain at least as many HSMs as the operation requires. To add
- *           HSMs, use the CloudHSM <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_CreateHsm.html">CreateHsm</a> operation.</p>
- *                <p>For the <a>CreateCustomKeyStore</a>, <a>UpdateCustomKeyStore</a>, and <a>CreateKey</a> operations, the CloudHSM cluster must have at least two
- *           active HSMs, each in a different Availability Zone. For the <a>ConnectCustomKeyStore</a> operation, the CloudHSM must contain at least one active
- *           HSM.</p>
- *             </li>
- *          </ul>
- *          <p>For information about the requirements for an CloudHSM cluster that is associated with an
- *       CloudHSM key store, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/create-keystore.html#before-keystore">Assemble the Prerequisites</a>
- *       in the <i>Key Management Service Developer Guide</i>. For information about creating a private subnet for an CloudHSM cluster,
- *       see <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/create-subnets.html">Create a Private
- *         Subnet</a> in the <i>CloudHSM User Guide</i>. For information about cluster security groups, see
- *         <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/configure-sg.html">Configure a Default Security
- *         Group</a> in the <i>
- *                <i>CloudHSM User Guide</i>
- *             </i>. </p>
- * @public
- */
-export declare class CloudHsmClusterInvalidConfigurationException extends __BaseException {
-    readonly name: "CloudHsmClusterInvalidConfigurationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CloudHsmClusterInvalidConfigurationException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the CloudHSM cluster associated with the CloudHSM key store is
- *       not active. Initialize and activate the cluster and try the command again. For detailed
- *       instructions, see <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/getting-started.html">Getting
- *         Started</a> in the <i>CloudHSM User Guide</i>.</p>
- * @public
- */
-export declare class CloudHsmClusterNotActiveException extends __BaseException {
-    readonly name: "CloudHsmClusterNotActiveException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CloudHsmClusterNotActiveException, __BaseException>);
-}
-/**
- * <p>The request was rejected because KMS cannot find the CloudHSM cluster with the specified
- *       cluster ID. Retry the request with a different cluster ID.</p>
- * @public
- */
-export declare class CloudHsmClusterNotFoundException extends __BaseException {
-    readonly name: "CloudHsmClusterNotFoundException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CloudHsmClusterNotFoundException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified CloudHSM cluster has a different cluster
- *       certificate than the original cluster. You cannot use the operation to specify an unrelated
- *       cluster for an CloudHSM key store.</p>
- *          <p>Specify an CloudHSM cluster that shares a backup history with the original cluster. This
- *       includes clusters that were created from a backup of the current cluster, and clusters that
- *       were created from the same backup that produced the current cluster.</p>
- *          <p>CloudHSM clusters that share a backup history have the same cluster certificate. To view the
- *       cluster certificate of an CloudHSM cluster, use the <a href="https://docs.aws.amazon.com/cloudhsm/latest/APIReference/API_DescribeClusters.html">DescribeClusters</a> operation.</p>
- * @public
- */
-export declare class CloudHsmClusterNotRelatedException extends __BaseException {
-    readonly name: "CloudHsmClusterNotRelatedException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CloudHsmClusterNotRelatedException, __BaseException>);
-}
-/**
- * <p>The request was rejected because an automatic rotation of this key is currently in
- *       progress or scheduled to begin within the next 20 minutes. </p>
- * @public
- */
-export declare class ConflictException extends __BaseException {
-    readonly name: "ConflictException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<ConflictException, __BaseException>);
-}
 /**
  * @public
  */
@@ -312,107 +81,6 @@ export interface ConnectCustomKeyStoreRequest {
  */
 export interface ConnectCustomKeyStoreResponse {
 }
-/**
- * <p>The request was rejected because of the <code>ConnectionState</code> of the custom key
- *       store. To get the <code>ConnectionState</code> of a custom key store, use the <a>DescribeCustomKeyStores</a> operation.</p>
- *          <p>This exception is thrown under the following conditions:</p>
- *          <ul>
- *             <li>
- *                <p>You requested the <a>ConnectCustomKeyStore</a> operation on a custom key
- *           store with a <code>ConnectionState</code> of <code>DISCONNECTING</code> or
- *             <code>FAILED</code>. This operation is valid for all other <code>ConnectionState</code>
- *           values. To reconnect a custom key store in a <code>FAILED</code> state, disconnect it
- *             (<a>DisconnectCustomKeyStore</a>), then connect it
- *             (<code>ConnectCustomKeyStore</code>).</p>
- *             </li>
- *             <li>
- *                <p>You requested the <a>CreateKey</a> operation in a custom key store that is
- *           not connected. This operations is valid only when the custom key store
- *             <code>ConnectionState</code> is <code>CONNECTED</code>.</p>
- *             </li>
- *             <li>
- *                <p>You requested the <a>DisconnectCustomKeyStore</a> operation on a custom key
- *           store with a <code>ConnectionState</code> of <code>DISCONNECTING</code> or
- *             <code>DISCONNECTED</code>. This operation is valid for all other
- *             <code>ConnectionState</code> values.</p>
- *             </li>
- *             <li>
- *                <p>You requested the <a>UpdateCustomKeyStore</a> or <a>DeleteCustomKeyStore</a> operation on a custom key store that is not
- *           disconnected. This operation is valid only when the custom key store
- *             <code>ConnectionState</code> is <code>DISCONNECTED</code>.</p>
- *             </li>
- *             <li>
- *                <p>You requested the <a>GenerateRandom</a> operation in an CloudHSM key store
- *           that is not connected. This operation is valid only when the CloudHSM key store
- *             <code>ConnectionState</code> is <code>CONNECTED</code>. </p>
- *             </li>
- *          </ul>
- * @public
- */
-export declare class CustomKeyStoreInvalidStateException extends __BaseException {
-    readonly name: "CustomKeyStoreInvalidStateException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CustomKeyStoreInvalidStateException, __BaseException>);
-}
-/**
- * <p>The request was rejected because KMS cannot find a custom key store with the specified
- *       key store name or ID.</p>
- * @public
- */
-export declare class CustomKeyStoreNotFoundException extends __BaseException {
-    readonly name: "CustomKeyStoreNotFoundException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CustomKeyStoreNotFoundException, __BaseException>);
-}
-/**
- * @public
- * @enum
- */
-export declare const ConnectionErrorCodeType: {
-    readonly CLUSTER_NOT_FOUND: "CLUSTER_NOT_FOUND";
-    readonly INSUFFICIENT_CLOUDHSM_HSMS: "INSUFFICIENT_CLOUDHSM_HSMS";
-    readonly INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET: "INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET";
-    readonly INTERNAL_ERROR: "INTERNAL_ERROR";
-    readonly INVALID_CREDENTIALS: "INVALID_CREDENTIALS";
-    readonly NETWORK_ERRORS: "NETWORK_ERRORS";
-    readonly SUBNET_NOT_FOUND: "SUBNET_NOT_FOUND";
-    readonly USER_LOCKED_OUT: "USER_LOCKED_OUT";
-    readonly USER_LOGGED_IN: "USER_LOGGED_IN";
-    readonly USER_NOT_FOUND: "USER_NOT_FOUND";
-    readonly XKS_PROXY_ACCESS_DENIED: "XKS_PROXY_ACCESS_DENIED";
-    readonly XKS_PROXY_INVALID_CONFIGURATION: "XKS_PROXY_INVALID_CONFIGURATION";
-    readonly XKS_PROXY_INVALID_RESPONSE: "XKS_PROXY_INVALID_RESPONSE";
-    readonly XKS_PROXY_INVALID_TLS_CONFIGURATION: "XKS_PROXY_INVALID_TLS_CONFIGURATION";
-    readonly XKS_PROXY_NOT_REACHABLE: "XKS_PROXY_NOT_REACHABLE";
-    readonly XKS_PROXY_TIMED_OUT: "XKS_PROXY_TIMED_OUT";
-    readonly XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION: "XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION";
-    readonly XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND: "XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND";
-};
-/**
- * @public
- */
-export type ConnectionErrorCodeType = (typeof ConnectionErrorCodeType)[keyof typeof ConnectionErrorCodeType];
-/**
- * @public
- * @enum
- */
-export declare const ConnectionStateType: {
-    readonly CONNECTED: "CONNECTED";
-    readonly CONNECTING: "CONNECTING";
-    readonly DISCONNECTED: "DISCONNECTED";
-    readonly DISCONNECTING: "DISCONNECTING";
-    readonly FAILED: "FAILED";
-};
-/**
- * @public
- */
-export type ConnectionStateType = (typeof ConnectionStateType)[keyof typeof ConnectionStateType];
 /**
  * @public
  */
@@ -457,44 +125,6 @@ export interface CreateAliasRequest {
      */
     TargetKeyId: string | undefined;
 }
-/**
- * <p>The request was rejected because the specified alias name is not valid.</p>
- * @public
- */
-export declare class InvalidAliasNameException extends __BaseException {
-    readonly name: "InvalidAliasNameException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidAliasNameException, __BaseException>);
-}
-/**
- * <p>The request was rejected because a length constraint or quota was exceeded. For more
- *       information, see <a href="https://docs.aws.amazon.com/kms/latest/developerguide/limits.html">Quotas</a> in
- *       the <i>Key Management Service Developer Guide</i>.</p>
- * @public
- */
-export declare class LimitExceededException extends __BaseException {
-    readonly name: "LimitExceededException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<LimitExceededException, __BaseException>);
-}
-/**
- * @public
- * @enum
- */
-export declare const CustomKeyStoreType: {
-    readonly AWS_CLOUDHSM: "AWS_CLOUDHSM";
-    readonly EXTERNAL_KEY_STORE: "EXTERNAL_KEY_STORE";
-};
-/**
- * @public
- */
-export type CustomKeyStoreType = (typeof CustomKeyStoreType)[keyof typeof CustomKeyStoreType];
 /**
  * <p>KMS uses the authentication credential to sign requests that it sends to the external
  *       key store proxy (XKS proxy) on your behalf. You establish these credentials on your external
@@ -515,18 +145,6 @@ export interface XksProxyAuthenticationCredentialType {
      */
     RawSecretAccessKey: string | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const XksProxyConnectivityType: {
-    readonly PUBLIC_ENDPOINT: "PUBLIC_ENDPOINT";
-    readonly VPC_ENDPOINT_SERVICE: "VPC_ENDPOINT_SERVICE";
-};
-/**
- * @public
- */
-export type XksProxyConnectivityType = (typeof XksProxyConnectivityType)[keyof typeof XksProxyConnectivityType];
 /**
  * @public
  */
@@ -716,169 +334,6 @@ export interface CreateCustomKeyStoreResponse {
      */
     CustomKeyStoreId?: string | undefined;
 }
-/**
- * <p>The request was rejected because the specified custom key store name is already assigned
- *       to another custom key store in the account. Try again with a custom key store name that is
- *       unique in the account.</p>
- * @public
- */
-export declare class CustomKeyStoreNameInUseException extends __BaseException {
-    readonly name: "CustomKeyStoreNameInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CustomKeyStoreNameInUseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the trust anchor certificate in the request to create an
- *       CloudHSM key store is not the trust anchor certificate for the specified CloudHSM cluster.</p>
- *          <p>When you <a href="https://docs.aws.amazon.com/cloudhsm/latest/userguide/initialize-cluster.html#sign-csr">initialize the CloudHSM cluster</a>, you create the trust anchor certificate and save it
- *       in the <code>customerCA.crt</code> file.</p>
- * @public
- */
-export declare class IncorrectTrustAnchorException extends __BaseException {
-    readonly name: "IncorrectTrustAnchorException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<IncorrectTrustAnchorException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the proxy credentials failed to authenticate to the
- *       specified external key store proxy. The specified external key store proxy rejected a status
- *       request from KMS due to invalid credentials. This can indicate an error in the credentials
- *       or in the identification of the external key store proxy.</p>
- * @public
- */
-export declare class XksProxyIncorrectAuthenticationCredentialException extends __BaseException {
-    readonly name: "XksProxyIncorrectAuthenticationCredentialException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyIncorrectAuthenticationCredentialException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the external key store proxy is not configured correctly.
- *       To identify the cause, see the error message that accompanies the exception.</p>
- * @public
- */
-export declare class XksProxyInvalidConfigurationException extends __BaseException {
-    readonly name: "XksProxyInvalidConfigurationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyInvalidConfigurationException, __BaseException>);
-}
-/**
- * <p></p>
- *          <p>KMS cannot interpret the response it received from the external key store proxy. The
- *       problem might be a poorly constructed response, but it could also be a transient network
- *       issue. If you see this error repeatedly, report it to the proxy vendor.</p>
- * @public
- */
-export declare class XksProxyInvalidResponseException extends __BaseException {
-    readonly name: "XksProxyInvalidResponseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyInvalidResponseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the <code>XksProxyUriEndpoint</code> is already
- *       associated with another external key store in this Amazon Web Services Region. To identify the cause, see
- *       the error message that accompanies the exception. </p>
- * @public
- */
-export declare class XksProxyUriEndpointInUseException extends __BaseException {
-    readonly name: "XksProxyUriEndpointInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyUriEndpointInUseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the concatenation of the <code>XksProxyUriEndpoint</code>
- *       and <code>XksProxyUriPath</code> is already associated with another external key store in this
- *       Amazon Web Services Region. Each external key store in a Region must use a unique external key store proxy
- *       API address.</p>
- * @public
- */
-export declare class XksProxyUriInUseException extends __BaseException {
-    readonly name: "XksProxyUriInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyUriInUseException, __BaseException>);
-}
-/**
- * <p>KMS was unable to reach the specified <code>XksProxyUriPath</code>. The path must be
- *       reachable before you create the external key store or update its settings.</p>
- *          <p>This exception is also thrown when the external key store proxy response to a
- *         <code>GetHealthStatus</code> request indicates that all external key manager instances are
- *       unavailable.</p>
- * @public
- */
-export declare class XksProxyUriUnreachableException extends __BaseException {
-    readonly name: "XksProxyUriUnreachableException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyUriUnreachableException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified Amazon VPC endpoint service is already
- *       associated with another external key store in this Amazon Web Services Region. Each external key store in a
- *       Region must use a different Amazon VPC endpoint service.</p>
- * @public
- */
-export declare class XksProxyVpcEndpointServiceInUseException extends __BaseException {
-    readonly name: "XksProxyVpcEndpointServiceInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyVpcEndpointServiceInUseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the Amazon VPC endpoint service configuration does not fulfill
- *       the requirements for an external key store. To identify the cause, see the error message that
- *       accompanies the exception and <a href="https://docs.aws.amazon.com/kms/latest/developerguide/vpc-connectivity.html#xks-vpc-requirements">review the
- *         requirements</a> for Amazon VPC endpoint service connectivity for an external key
- *       store.</p>
- * @public
- */
-export declare class XksProxyVpcEndpointServiceInvalidConfigurationException extends __BaseException {
-    readonly name: "XksProxyVpcEndpointServiceInvalidConfigurationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyVpcEndpointServiceInvalidConfigurationException, __BaseException>);
-}
-/**
- * <p>The request was rejected because KMS could not find the specified VPC endpoint service.
- *       Use <a>DescribeCustomKeyStores</a> to verify the VPC endpoint service name for the
- *       external key store. Also, confirm that the <code>Allow principals</code> list for the VPC
- *       endpoint service includes the KMS service principal for the Region, such as
- *         <code>cks.kms.us-east-1.amazonaws.com</code>.</p>
- * @public
- */
-export declare class XksProxyVpcEndpointServiceNotFoundException extends __BaseException {
-    readonly name: "XksProxyVpcEndpointServiceNotFoundException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksProxyVpcEndpointServiceNotFoundException, __BaseException>);
-}
 /**
  * <p>Use this structure to allow <a href="https://docs.aws.amazon.com/kms/latest/developerguide/kms-cryptography.html#cryptographic-operations">cryptographic operations</a> in the grant only when the operation request
  *       includes the specified <a href="https://docs.aws.amazon.com/kms/latest/developerguide/encrypt_context.html">encryption context</a>. </p>
@@ -919,33 +374,6 @@ export interface GrantConstraints {
      */
     EncryptionContextEquals?: Record<string, string> | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const GrantOperation: {
-    readonly CreateGrant: "CreateGrant";
-    readonly Decrypt: "Decrypt";
-    readonly DeriveSharedSecret: "DeriveSharedSecret";
-    readonly DescribeKey: "DescribeKey";
-    readonly Encrypt: "Encrypt";
-    readonly GenerateDataKey: "GenerateDataKey";
-    readonly GenerateDataKeyPair: "GenerateDataKeyPair";
-    readonly GenerateDataKeyPairWithoutPlaintext: "GenerateDataKeyPairWithoutPlaintext";
-    readonly GenerateDataKeyWithoutPlaintext: "GenerateDataKeyWithoutPlaintext";
-    readonly GenerateMac: "GenerateMac";
-    readonly GetPublicKey: "GetPublicKey";
-    readonly ReEncryptFrom: "ReEncryptFrom";
-    readonly ReEncryptTo: "ReEncryptTo";
-    readonly RetireGrant: "RetireGrant";
-    readonly Sign: "Sign";
-    readonly Verify: "Verify";
-    readonly VerifyMac: "VerifyMac";
-};
-/**
- * @public
- */
-export type GrantOperation = (typeof GrantOperation)[keyof typeof GrantOperation];
 /**
  * @public
  */
@@ -1087,120 +515,6 @@ export interface CreateGrantResponse {
      */
     GrantId?: string | undefined;
 }
-/**
- * <p>The request was rejected because the specified KMS key is not enabled.</p>
- * @public
- */
-export declare class DisabledException extends __BaseException {
-    readonly name: "DisabledException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<DisabledException, __BaseException>);
-}
-/**
- * <p> The request was rejected because the DryRun parameter was specified. </p>
- * @public
- */
-export declare class DryRunOperationException extends __BaseException {
-    readonly name: "DryRunOperationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<DryRunOperationException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified grant token is not valid.</p>
- * @public
- */
-export declare class InvalidGrantTokenException extends __BaseException {
-    readonly name: "InvalidGrantTokenException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidGrantTokenException, __BaseException>);
-}
-/**
- * @public
- * @enum
- */
-export declare const CustomerMasterKeySpec: {
-    readonly ECC_NIST_P256: "ECC_NIST_P256";
-    readonly ECC_NIST_P384: "ECC_NIST_P384";
-    readonly ECC_NIST_P521: "ECC_NIST_P521";
-    readonly ECC_SECG_P256K1: "ECC_SECG_P256K1";
-    readonly HMAC_224: "HMAC_224";
-    readonly HMAC_256: "HMAC_256";
-    readonly HMAC_384: "HMAC_384";
-    readonly HMAC_512: "HMAC_512";
-    readonly RSA_2048: "RSA_2048";
-    readonly RSA_3072: "RSA_3072";
-    readonly RSA_4096: "RSA_4096";
-    readonly SM2: "SM2";
-    readonly SYMMETRIC_DEFAULT: "SYMMETRIC_DEFAULT";
-};
-/**
- * @public
- */
-export type CustomerMasterKeySpec = (typeof CustomerMasterKeySpec)[keyof typeof CustomerMasterKeySpec];
-/**
- * @public
- * @enum
- */
-export declare const KeySpec: {
-    readonly ECC_NIST_EDWARDS25519: "ECC_NIST_EDWARDS25519";
-    readonly ECC_NIST_P256: "ECC_NIST_P256";
-    readonly ECC_NIST_P384: "ECC_NIST_P384";
-    readonly ECC_NIST_P521: "ECC_NIST_P521";
-    readonly ECC_SECG_P256K1: "ECC_SECG_P256K1";
-    readonly HMAC_224: "HMAC_224";
-    readonly HMAC_256: "HMAC_256";
-    readonly HMAC_384: "HMAC_384";
-    readonly HMAC_512: "HMAC_512";
-    readonly ML_DSA_44: "ML_DSA_44";
-    readonly ML_DSA_65: "ML_DSA_65";
-    readonly ML_DSA_87: "ML_DSA_87";
-    readonly RSA_2048: "RSA_2048";
-    readonly RSA_3072: "RSA_3072";
-    readonly RSA_4096: "RSA_4096";
-    readonly SM2: "SM2";
-    readonly SYMMETRIC_DEFAULT: "SYMMETRIC_DEFAULT";
-};
-/**
- * @public
- */
-export type KeySpec = (typeof KeySpec)[keyof typeof KeySpec];
-/**
- * @public
- * @enum
- */
-export declare const KeyUsageType: {
-    readonly ENCRYPT_DECRYPT: "ENCRYPT_DECRYPT";
-    readonly GENERATE_VERIFY_MAC: "GENERATE_VERIFY_MAC";
-    readonly KEY_AGREEMENT: "KEY_AGREEMENT";
-    readonly SIGN_VERIFY: "SIGN_VERIFY";
-};
-/**
- * @public
- */
-export type KeyUsageType = (typeof KeyUsageType)[keyof typeof KeyUsageType];
-/**
- * @public
- * @enum
- */
-export declare const OriginType: {
-    readonly AWS_CLOUDHSM: "AWS_CLOUDHSM";
-    readonly AWS_KMS: "AWS_KMS";
-    readonly EXTERNAL: "EXTERNAL";
-    readonly EXTERNAL_KEY_STORE: "EXTERNAL_KEY_STORE";
-};
-/**
- * @public
- */
-export type OriginType = (typeof OriginType)[keyof typeof OriginType];
 /**
  * <p>A key-value pair. A tag consists of a tag key and a tag value. Tag keys and tag values are
  *       both required, but tag values can be empty (null) strings.</p>
@@ -1598,99 +912,6 @@ export interface CreateKeyRequest {
      */
     XksKeyId?: string | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const EncryptionAlgorithmSpec: {
-    readonly RSAES_OAEP_SHA_1: "RSAES_OAEP_SHA_1";
-    readonly RSAES_OAEP_SHA_256: "RSAES_OAEP_SHA_256";
-    readonly SM2PKE: "SM2PKE";
-    readonly SYMMETRIC_DEFAULT: "SYMMETRIC_DEFAULT";
-};
-/**
- * @public
- */
-export type EncryptionAlgorithmSpec = (typeof EncryptionAlgorithmSpec)[keyof typeof EncryptionAlgorithmSpec];
-/**
- * @public
- * @enum
- */
-export declare const ExpirationModelType: {
-    readonly KEY_MATERIAL_DOES_NOT_EXPIRE: "KEY_MATERIAL_DOES_NOT_EXPIRE";
-    readonly KEY_MATERIAL_EXPIRES: "KEY_MATERIAL_EXPIRES";
-};
-/**
- * @public
- */
-export type ExpirationModelType = (typeof ExpirationModelType)[keyof typeof ExpirationModelType];
-/**
- * @public
- * @enum
- */
-export declare const KeyAgreementAlgorithmSpec: {
-    readonly ECDH: "ECDH";
-};
-/**
- * @public
- */
-export type KeyAgreementAlgorithmSpec = (typeof KeyAgreementAlgorithmSpec)[keyof typeof KeyAgreementAlgorithmSpec];
-/**
- * @public
- * @enum
- */
-export declare const KeyManagerType: {
-    readonly AWS: "AWS";
-    readonly CUSTOMER: "CUSTOMER";
-};
-/**
- * @public
- */
-export type KeyManagerType = (typeof KeyManagerType)[keyof typeof KeyManagerType];
-/**
- * @public
- * @enum
- */
-export declare const KeyState: {
-    readonly Creating: "Creating";
-    readonly Disabled: "Disabled";
-    readonly Enabled: "Enabled";
-    readonly PendingDeletion: "PendingDeletion";
-    readonly PendingImport: "PendingImport";
-    readonly PendingReplicaDeletion: "PendingReplicaDeletion";
-    readonly Unavailable: "Unavailable";
-    readonly Updating: "Updating";
-};
-/**
- * @public
- */
-export type KeyState = (typeof KeyState)[keyof typeof KeyState];
-/**
- * @public
- * @enum
- */
-export declare const MacAlgorithmSpec: {
-    readonly HMAC_SHA_224: "HMAC_SHA_224";
-    readonly HMAC_SHA_256: "HMAC_SHA_256";
-    readonly HMAC_SHA_384: "HMAC_SHA_384";
-    readonly HMAC_SHA_512: "HMAC_SHA_512";
-};
-/**
- * @public
- */
-export type MacAlgorithmSpec = (typeof MacAlgorithmSpec)[keyof typeof MacAlgorithmSpec];
-/**
- * @public
- * @enum
- */
-export declare const MultiRegionKeyType: {
-    readonly PRIMARY: "PRIMARY";
-    readonly REPLICA: "REPLICA";
-};
-/**
- * @public
- */
-export type MultiRegionKeyType = (typeof MultiRegionKeyType)[keyof typeof MultiRegionKeyType];
 /**
  * <p>Describes the primary or replica key in a multi-Region key.</p>
  * @public
@@ -1734,29 +955,6 @@ export interface MultiRegionConfiguration {
      */
     ReplicaKeys?: MultiRegionKey[] | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const SigningAlgorithmSpec: {
-    readonly ECDSA_SHA_256: "ECDSA_SHA_256";
-    readonly ECDSA_SHA_384: "ECDSA_SHA_384";
-    readonly ECDSA_SHA_512: "ECDSA_SHA_512";
-    readonly ED25519_PH_SHA_512: "ED25519_PH_SHA_512";
-    readonly ED25519_SHA_512: "ED25519_SHA_512";
-    readonly ML_DSA_SHAKE_256: "ML_DSA_SHAKE_256";
-    readonly RSASSA_PKCS1_V1_5_SHA_256: "RSASSA_PKCS1_V1_5_SHA_256";
-    readonly RSASSA_PKCS1_V1_5_SHA_384: "RSASSA_PKCS1_V1_5_SHA_384";
-    readonly RSASSA_PKCS1_V1_5_SHA_512: "RSASSA_PKCS1_V1_5_SHA_512";
-    readonly RSASSA_PSS_SHA_256: "RSASSA_PSS_SHA_256";
-    readonly RSASSA_PSS_SHA_384: "RSASSA_PSS_SHA_384";
-    readonly RSASSA_PSS_SHA_512: "RSASSA_PSS_SHA_512";
-    readonly SM2DSA: "SM2DSA";
-};
-/**
- * @public
- */
-export type SigningAlgorithmSpec = (typeof SigningAlgorithmSpec)[keyof typeof SigningAlgorithmSpec];
 /**
  * <p>Information about the <a href="https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key">external key </a>that is
  *       associated with a KMS key in an external key store. </p>
@@ -2002,106 +1200,6 @@ export interface CreateKeyResponse {
      */
     KeyMetadata?: KeyMetadata | undefined;
 }
-/**
- * <p>The request was rejected because the specified policy is not syntactically or semantically
- *       correct.</p>
- * @public
- */
-export declare class MalformedPolicyDocumentException extends __BaseException {
-    readonly name: "MalformedPolicyDocumentException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<MalformedPolicyDocumentException, __BaseException>);
-}
-/**
- * <p>The request was rejected because one or more tags are not valid.</p>
- * @public
- */
-export declare class TagException extends __BaseException {
-    readonly name: "TagException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<TagException, __BaseException>);
-}
-/**
- * <p>The request was rejected because a specified parameter is not supported or a specified
- *       resource is not valid for this operation.</p>
- * @public
- */
-export declare class UnsupportedOperationException extends __BaseException {
-    readonly name: "UnsupportedOperationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<UnsupportedOperationException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the (<code>XksKeyId</code>) is already associated with
- *       another KMS key in this external key store. Each KMS key in an external key store must be
- *       associated with a different external key.</p>
- * @public
- */
-export declare class XksKeyAlreadyInUseException extends __BaseException {
-    readonly name: "XksKeyAlreadyInUseException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksKeyAlreadyInUseException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the external key specified by the <code>XksKeyId</code>
- *       parameter did not meet the configuration requirements for an external key store.</p>
- *          <p>The external key must be an AES-256 symmetric key that is enabled and performs encryption
- *       and decryption.</p>
- * @public
- */
-export declare class XksKeyInvalidConfigurationException extends __BaseException {
-    readonly name: "XksKeyInvalidConfigurationException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksKeyInvalidConfigurationException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the external key store proxy could not find the external
- *       key. This exception is thrown when the value of the <code>XksKeyId</code> parameter doesn't
- *       identify a key in the external key manager associated with the external key proxy.</p>
- *          <p>Verify that the <code>XksKeyId</code> represents an existing key in the external key
- *       manager. Use the key identifier that the external key store proxy uses to identify the key.
- *       For details, see the documentation provided with your external key store proxy or key
- *       manager.</p>
- * @public
- */
-export declare class XksKeyNotFoundException extends __BaseException {
-    readonly name: "XksKeyNotFoundException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<XksKeyNotFoundException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the custom key store contains KMS keys. After verifying
- *       that you do not need to use the KMS keys, use the <a>ScheduleKeyDeletion</a>
- *       operation to delete the KMS keys. After they are deleted, you can delete the custom key
- *       store.</p>
- * @public
- */
-export declare class CustomKeyStoreHasCMKsException extends __BaseException {
-    readonly name: "CustomKeyStoreHasCMKsException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<CustomKeyStoreHasCMKsException, __BaseException>);
-}
 /**
  * <p>Detailed information about the external key store proxy (XKS proxy). Your external key
  *       store proxy translates KMS requests into a format that your external key manager can
@@ -2414,48 +1512,6 @@ export interface CustomKeyStoresListEntry {
      */
     XksProxyConfiguration?: XksProxyConfigurationType | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const DataKeyPairSpec: {
-    readonly ECC_NIST_EDWARDS25519: "ECC_NIST_EDWARDS25519";
-    readonly ECC_NIST_P256: "ECC_NIST_P256";
-    readonly ECC_NIST_P384: "ECC_NIST_P384";
-    readonly ECC_NIST_P521: "ECC_NIST_P521";
-    readonly ECC_SECG_P256K1: "ECC_SECG_P256K1";
-    readonly RSA_2048: "RSA_2048";
-    readonly RSA_3072: "RSA_3072";
-    readonly RSA_4096: "RSA_4096";
-    readonly SM2: "SM2";
-};
-/**
- * @public
- */
-export type DataKeyPairSpec = (typeof DataKeyPairSpec)[keyof typeof DataKeyPairSpec];
-/**
- * @public
- * @enum
- */
-export declare const DataKeySpec: {
-    readonly AES_128: "AES_128";
-    readonly AES_256: "AES_256";
-};
-/**
- * @public
- */
-export type DataKeySpec = (typeof DataKeySpec)[keyof typeof DataKeySpec];
-/**
- * @public
- * @enum
- */
-export declare const KeyEncryptionMechanism: {
-    readonly RSAES_OAEP_SHA_256: "RSAES_OAEP_SHA_256";
-};
-/**
- * @public
- */
-export type KeyEncryptionMechanism = (typeof KeyEncryptionMechanism)[keyof typeof KeyEncryptionMechanism];
 /**
  * <p>Contains information about the party that receives the response from the API
  *       operation.</p>
@@ -2609,82 +1665,6 @@ export interface DecryptResponse {
      */
     KeyMaterialId?: string | undefined;
 }
-/**
- * <p>The request was rejected because the specified KMS key cannot decrypt the data. The
- *         <code>KeyId</code> in a <a>Decrypt</a> request and the <code>SourceKeyId</code>
- *       in a <a>ReEncrypt</a> request must identify the same KMS key that was used to
- *       encrypt the ciphertext.</p>
- * @public
- */
-export declare class IncorrectKeyException extends __BaseException {
-    readonly name: "IncorrectKeyException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<IncorrectKeyException, __BaseException>);
-}
-/**
- * <p>From the <a>Decrypt</a> or <a>ReEncrypt</a> operation, the request
- *       was rejected because the specified ciphertext, or additional authenticated data incorporated
- *       into the ciphertext, such as the encryption context, is corrupted, missing, or otherwise
- *       invalid.</p>
- *          <p>From the <a>ImportKeyMaterial</a> operation, the request was rejected because
- *       KMS could not decrypt the encrypted (wrapped) key material. </p>
- * @public
- */
-export declare class InvalidCiphertextException extends __BaseException {
-    readonly name: "InvalidCiphertextException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidCiphertextException, __BaseException>);
-}
-/**
- * <p>The request was rejected for one of the following reasons: </p>
- *          <ul>
- *             <li>
- *                <p>The <code>KeyUsage</code> value of the KMS key is incompatible with the API
- *           operation.</p>
- *             </li>
- *             <li>
- *                <p>The encryption algorithm or signing algorithm specified for the operation is
- *           incompatible with the type of key material in the KMS key <code>(KeySpec</code>).</p>
- *             </li>
- *          </ul>
- *          <p>For encrypting, decrypting, re-encrypting, and generating data keys, the
- *         <code>KeyUsage</code> must be <code>ENCRYPT_DECRYPT</code>. For signing and verifying
- *       messages, the <code>KeyUsage</code> must be <code>SIGN_VERIFY</code>. For generating and
- *       verifying message authentication codes (MACs), the <code>KeyUsage</code> must be
- *         <code>GENERATE_VERIFY_MAC</code>. For deriving key agreement secrets, the
- *         <code>KeyUsage</code> must be <code>KEY_AGREEMENT</code>. To find the <code>KeyUsage</code>
- *       of a KMS key, use the <a>DescribeKey</a> operation.</p>
- *          <p>To find the encryption or signing algorithms supported for a particular KMS key, use the
- *         <a>DescribeKey</a> operation.</p>
- * @public
- */
-export declare class InvalidKeyUsageException extends __BaseException {
-    readonly name: "InvalidKeyUsageException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidKeyUsageException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the specified KMS key was not available. You can retry
- *       the request.</p>
- * @public
- */
-export declare class KeyUnavailableException extends __BaseException {
-    readonly name: "KeyUnavailableException";
-    readonly $fault: "server";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<KeyUnavailableException, __BaseException>);
-}
 /**
  * @public
  */
@@ -2958,19 +1938,6 @@ export interface DescribeCustomKeyStoresResponse {
      */
     Truncated?: boolean | undefined;
 }
-/**
- * <p>The request was rejected because the marker that specifies where pagination should next
- *       begin is not valid.</p>
- * @public
- */
-export declare class InvalidMarkerException extends __BaseException {
-    readonly name: "InvalidMarkerException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidMarkerException, __BaseException>);
-}
 /**
  * @public
  */
@@ -3241,19 +2208,6 @@ export interface EncryptResponse {
      */
     EncryptionAlgorithm?: EncryptionAlgorithmSpec | undefined;
 }
-/**
- * <p>The request was rejected because the specified import token is expired. Use <a>GetParametersForImport</a> to get a new import token and public key, use the new
- *       public key to encrypt the key material, and then try the request again.</p>
- * @public
- */
-export declare class ExpiredImportTokenException extends __BaseException {
-    readonly name: "ExpiredImportTokenException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<ExpiredImportTokenException, __BaseException>);
-}
 /**
  * @public
  */
@@ -3931,20 +2885,6 @@ export interface GetKeyRotationStatusResponse {
      */
     OnDemandRotationStartDate?: Date | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const WrappingKeySpec: {
-    readonly RSA_2048: "RSA_2048";
-    readonly RSA_3072: "RSA_3072";
-    readonly RSA_4096: "RSA_4096";
-    readonly SM2: "SM2";
-};
-/**
- * @public
- */
-export type WrappingKeySpec = (typeof WrappingKeySpec)[keyof typeof WrappingKeySpec];
 /**
  * @public
  */
@@ -4211,18 +3151,6 @@ export interface GrantListEntry {
      */
     Constraints?: GrantConstraints | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const ImportType: {
-    readonly EXISTING_KEY_MATERIAL: "EXISTING_KEY_MATERIAL";
-    readonly NEW_KEY_MATERIAL: "NEW_KEY_MATERIAL";
-};
-/**
- * @public
- */
-export type ImportType = (typeof ImportType)[keyof typeof ImportType];
 /**
  * @public
  */
@@ -4350,70 +3278,6 @@ export interface ImportKeyMaterialResponse {
      */
     KeyMaterialId?: string | undefined;
 }
-/**
- * <p>The request was rejected because the key material in the request is, expired, invalid, or
- *       does not meet expectations. For example, it is not the same key material that was previously
- *       imported or KMS expected new key material but the key material being imported is already
- *       associated with the KMS key.</p>
- * @public
- */
-export declare class IncorrectKeyMaterialException extends __BaseException {
-    readonly name: "IncorrectKeyMaterialException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<IncorrectKeyMaterialException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the provided import token is invalid or is associated
- *       with a different KMS key.</p>
- * @public
- */
-export declare class InvalidImportTokenException extends __BaseException {
-    readonly name: "InvalidImportTokenException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidImportTokenException, __BaseException>);
-}
-/**
- * @public
- * @enum
- */
-export declare const ImportState: {
-    readonly IMPORTED: "IMPORTED";
-    readonly PENDING_IMPORT: "PENDING_IMPORT";
-};
-/**
- * @public
- */
-export type ImportState = (typeof ImportState)[keyof typeof ImportState];
-/**
- * @public
- * @enum
- */
-export declare const IncludeKeyMaterial: {
-    readonly ALL_KEY_MATERIAL: "ALL_KEY_MATERIAL";
-    readonly ROTATIONS_ONLY: "ROTATIONS_ONLY";
-};
-/**
- * @public
- */
-export type IncludeKeyMaterial = (typeof IncludeKeyMaterial)[keyof typeof IncludeKeyMaterial];
-/**
- * <p>The request was rejected because the specified <code>GrantId</code> is not valid.</p>
- * @public
- */
-export declare class InvalidGrantIdException extends __BaseException {
-    readonly name: "InvalidGrantIdException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<InvalidGrantIdException, __BaseException>);
-}
 /**
  * <p>Contains information about each entry in the key list.</p>
  * @public
@@ -4430,47 +3294,6 @@ export interface KeyListEntry {
      */
     KeyArn?: string | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const KeyMaterialState: {
-    readonly CURRENT: "CURRENT";
-    readonly NON_CURRENT: "NON_CURRENT";
-    readonly PENDING_ROTATION: "PENDING_ROTATION";
-};
-/**
- * @public
- */
-export type KeyMaterialState = (typeof KeyMaterialState)[keyof typeof KeyMaterialState];
-/**
- * <p>The request was rejected because the HMAC verification failed. HMAC verification fails
- *       when the HMAC computed by using the specified message, HMAC KMS key, and MAC algorithm does
- *       not match the HMAC specified in the request.</p>
- * @public
- */
-export declare class KMSInvalidMacException extends __BaseException {
-    readonly name: "KMSInvalidMacException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<KMSInvalidMacException, __BaseException>);
-}
-/**
- * <p>The request was rejected because the signature verification failed. Signature verification
- *       fails when it cannot confirm that signature was produced by signing the specified message with
- *       the specified KMS key and signing algorithm.</p>
- * @public
- */
-export declare class KMSInvalidSignatureException extends __BaseException {
-    readonly name: "KMSInvalidSignatureException";
-    readonly $fault: "client";
-    /**
-     * @internal
-     */
-    constructor(opts: __ExceptionOptionType<KMSInvalidSignatureException, __BaseException>);
-}
 /**
  * @public
  */
@@ -4727,18 +3550,6 @@ export interface ListKeyRotationsRequest {
      */
     Marker?: string | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const RotationType: {
-    readonly AUTOMATIC: "AUTOMATIC";
-    readonly ON_DEMAND: "ON_DEMAND";
-};
-/**
- * @public
- */
-export type RotationType = (typeof RotationType)[keyof typeof RotationType];
 /**
  * <p>Each entry contains information about one of the key materials associated with a KMS
  *       key.</p>
@@ -4987,19 +3798,6 @@ export interface ListRetirableGrantsRequest {
      */
     RetiringPrincipal: string | undefined;
 }
-/**
- * @public
- * @enum
- */
-export declare const MessageType: {
-    readonly DIGEST: "DIGEST";
-    readonly EXTERNAL_MU: "EXTERNAL_MU";
-    readonly RAW: "RAW";
-};
-/**
- * @public
- */
-export type MessageType = (typeof MessageType)[keyof typeof MessageType];
 /**
  * @public
  */