npm - @aws-sdk/client-payment-cryptography - Versions diffs - 3.533.0 → 3.535.0 - Mend

@aws-sdk/client-payment-cryptography 3.533.0 → 3.535.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/dist-types/models/models_0.d.ts CHANGED Viewed

@@ -1,8 +1,8 @@
 import { ExceptionOptionType as __ExceptionOptionType } from "@smithy/smithy-client";
 import { PaymentCryptographyServiceException as __BaseException } from "./PaymentCryptographyServiceException";
 /**
- * @public
  * <p>You do not have sufficient access to perform this action.</p>
+ * @public
  */
 export declare class AccessDeniedException extends __BaseException {
     readonly name: "AccessDeniedException";
@@ -14,27 +14,27 @@ export declare class AccessDeniedException extends __BaseException {
     constructor(opts: __ExceptionOptionType<AccessDeniedException, __BaseException>);
 }
 /**
- * @public
  * <p>Contains information about an alias.</p>
+ * @public
  */
 export interface Alias {
     /**
-     * @public
      * <p>A friendly name that you can use to refer to a key. The value must begin with <code>alias/</code>.</p>
      *          <important>
      *             <p>Do not include confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output.</p>
      *          </important>
+     * @public
      */
     AliasName: string | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key associated with the alias.</p>
+     * @public
      */
     KeyArn?: string;
 }
 /**
- * @public
  * <p>This request can cause an inconsistent state for the resource.</p>
+ * @public
  */
 export declare class ConflictException extends __BaseException {
     readonly name: "ConflictException";
@@ -50,16 +50,16 @@ export declare class ConflictException extends __BaseException {
  */
 export interface CreateAliasInput {
     /**
-     * @public
      * <p>A friendly name that you can use to refer to a key. An alias must begin with <code>alias/</code> followed by a name, for example <code>alias/ExampleAlias</code>. It can contain only alphanumeric characters, forward slashes (/), underscores (_), and dashes (-).</p>
      *          <important>
      *             <p>Don't include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output.</p>
      *          </important>
+     * @public
      */
     AliasName: string | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key to associate with the alias.</p>
+     * @public
      */
     KeyArn?: string;
 }
@@ -68,14 +68,14 @@ export interface CreateAliasInput {
  */
 export interface CreateAliasOutput {
     /**
-     * @public
      * <p>The alias for the key.</p>
+     * @public
      */
     Alias: Alias | undefined;
 }
 /**
- * @public
  * <p>The request processing has failed because of an unknown error, exception, or failure.</p>
+ * @public
  */
 export declare class InternalServerException extends __BaseException {
     readonly name: "InternalServerException";
@@ -87,15 +87,15 @@ export declare class InternalServerException extends __BaseException {
     constructor(opts: __ExceptionOptionType<InternalServerException, __BaseException>);
 }
 /**
- * @public
  * <p>The request was denied due to an invalid resource error.</p>
+ * @public
  */
 export declare class ResourceNotFoundException extends __BaseException {
     readonly name: "ResourceNotFoundException";
     readonly $fault: "client";
     /**
-     * @public
      * <p>The string for the exception.</p>
+     * @public
      */
     ResourceId?: string;
     /**
@@ -104,8 +104,8 @@ export declare class ResourceNotFoundException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ResourceNotFoundException, __BaseException>);
 }
 /**
- * @public
  * <p>This request would cause a service quota to be exceeded.</p>
+ * @public
  */
 export declare class ServiceQuotaExceededException extends __BaseException {
     readonly name: "ServiceQuotaExceededException";
@@ -117,8 +117,8 @@ export declare class ServiceQuotaExceededException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ServiceQuotaExceededException, __BaseException>);
 }
 /**
- * @public
  * <p>The service cannot complete the request.</p>
+ * @public
  */
 export declare class ServiceUnavailableException extends __BaseException {
     readonly name: "ServiceUnavailableException";
@@ -130,8 +130,8 @@ export declare class ServiceUnavailableException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ServiceUnavailableException, __BaseException>);
 }
 /**
- * @public
  * <p>The request was denied due to request throttling.</p>
+ * @public
  */
 export declare class ThrottlingException extends __BaseException {
     readonly name: "ThrottlingException";
@@ -143,8 +143,8 @@ export declare class ThrottlingException extends __BaseException {
     constructor(opts: __ExceptionOptionType<ThrottlingException, __BaseException>);
 }
 /**
- * @public
  * <p>The request was denied due to an invalid request error.</p>
+ * @public
  */
 export declare class ValidationException extends __BaseException {
     readonly name: "ValidationException";
@@ -160,8 +160,8 @@ export declare class ValidationException extends __BaseException {
  */
 export interface DeleteAliasInput {
     /**
-     * @public
      * <p>A friendly name that you can use to refer Amazon Web Services Payment Cryptography key. This value must begin with <code>alias/</code> followed by a name, such as <code>alias/ExampleAlias</code>.</p>
+     * @public
      */
     AliasName: string | undefined;
 }
@@ -175,8 +175,8 @@ export interface DeleteAliasOutput {
  */
 export interface GetAliasInput {
     /**
-     * @public
      * <p>The alias of the Amazon Web Services Payment Cryptography key.</p>
+     * @public
      */
     AliasName: string | undefined;
 }
@@ -185,8 +185,8 @@ export interface GetAliasInput {
  */
 export interface GetAliasOutput {
     /**
-     * @public
      * <p>The alias of the Amazon Web Services Payment Cryptography key.</p>
+     * @public
      */
     Alias: Alias | undefined;
 }
@@ -195,14 +195,14 @@ export interface GetAliasOutput {
  */
 export interface ListAliasesInput {
     /**
-     * @public
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
+     * @public
      */
     NextToken?: string;
     /**
-     * @public
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
+     * @public
      */
     MaxResults?: number;
 }
@@ -211,13 +211,13 @@ export interface ListAliasesInput {
  */
 export interface ListAliasesOutput {
     /**
-     * @public
      * <p>The list of aliases. Each alias describes the <code>KeyArn</code> contained within.</p>
+     * @public
      */
     Aliases: Alias[] | undefined;
     /**
-     * @public
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
+     * @public
      */
     NextToken?: string;
 }
@@ -226,13 +226,13 @@ export interface ListAliasesOutput {
  */
 export interface UpdateAliasInput {
     /**
-     * @public
      * <p>The alias whose associated key is changing.</p>
+     * @public
      */
     AliasName: string | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> for the key that you are updating or removing from the alias.</p>
+     * @public
      */
     KeyArn?: string;
 }
@@ -241,8 +241,8 @@ export interface UpdateAliasInput {
  */
 export interface UpdateAliasOutput {
     /**
-     * @public
      * <p>The alias name.</p>
+     * @public
      */
     Alias: Alias | undefined;
 }
@@ -279,53 +279,53 @@ export declare const KeyClass: {
  */
 export type KeyClass = (typeof KeyClass)[keyof typeof KeyClass];
 /**
- * @public
  * <p>The list of cryptographic operations that you can perform using the key. The modes of use are deﬁned in section A.5.3 of the TR-31 spec.</p>
+ * @public
  */
 export interface KeyModesOfUse {
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to encrypt data.</p>
+     * @public
      */
     Encrypt?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to decrypt data.</p>
+     * @public
      */
     Decrypt?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to wrap other keys.</p>
+     * @public
      */
     Wrap?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to unwrap other keys.</p>
+     * @public
      */
     Unwrap?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to generate and verify other card and PIN verification keys.</p>
+     * @public
      */
     Generate?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used for signing.</p>
+     * @public
      */
     Sign?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to verify signatures.</p>
+     * @public
      */
     Verify?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key can be used to derive new keys.</p>
+     * @public
      */
     DeriveKey?: boolean;
     /**
-     * @public
      * <p>Speciﬁes whether an Amazon Web Services Payment Cryptography key has no special restrictions other than the restrictions implied by <code>KeyUsage</code>.</p>
+     * @public
      */
     NoRestrictions?: boolean;
 }
@@ -363,29 +363,29 @@ export declare const KeyUsage: {
  */
 export type KeyUsage = (typeof KeyUsage)[keyof typeof KeyUsage];
 /**
- * @public
  * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.</p>
+ * @public
  */
 export interface KeyAttributes {
     /**
-     * @public
      * <p>The cryptographic usage of an Amazon Web Services Payment Cryptography key as deﬁned in section A.5.2 of the TR-31 spec.</p>
+     * @public
      */
     KeyUsage: KeyUsage | undefined;
     /**
-     * @public
      * <p>The type of Amazon Web Services Payment Cryptography key to create, which determines the classiﬁcation of the cryptographic method and whether Amazon Web Services Payment Cryptography key contains a symmetric key or an asymmetric key pair.</p>
+     * @public
      */
     KeyClass: KeyClass | undefined;
     /**
-     * @public
      * <p>The key algorithm to be use during creation of an Amazon Web Services Payment Cryptography key.</p>
      *          <p>For symmetric keys, Amazon Web Services Payment Cryptography supports <code>AES</code> and <code>TDES</code> algorithms. For asymmetric keys, Amazon Web Services Payment Cryptography supports <code>RSA</code> and <code>ECC_NIST</code> algorithms.</p>
+     * @public
      */
     KeyAlgorithm: KeyAlgorithm | undefined;
     /**
-     * @public
      * <p>The list of cryptographic operations that you can perform using the key.</p>
+     * @public
      */
     KeyModesOfUse: KeyModesOfUse | undefined;
 }
@@ -402,18 +402,18 @@ export declare const KeyCheckValueAlgorithm: {
  */
 export type KeyCheckValueAlgorithm = (typeof KeyCheckValueAlgorithm)[keyof typeof KeyCheckValueAlgorithm];
 /**
- * @public
  * <p>A structure that contains information about a tag.</p>
+ * @public
  */
 export interface Tag {
     /**
-     * @public
      * <p>The key of the tag.</p>
+     * @public
      */
     Key: string | undefined;
     /**
-     * @public
      * <p>The value of the tag.</p>
+     * @public
      */
     Value?: string;
 }
@@ -422,28 +422,27 @@ export interface Tag {
  */
 export interface CreateKeyInput {
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
+     * @public
      */
     KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
     /**
-     * @public
      * <p>Specifies whether the key is exportable from the service.</p>
+     * @public
      */
     Exportable: boolean | undefined;
     /**
-     * @public
      * <p>Specifies whether to enable the key. If the key is enabled, it is activated for use within the service. If the key is not enabled, then it is created but not activated. The default value is enabled.</p>
+     * @public
      */
     Enabled?: boolean;
     /**
-     * @public
      * <p>Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is created. To tag an existing Amazon Web Services Payment Cryptography key, use the <a>TagResource</a> operation.</p>
      *          <p>Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. </p>
      *          <important>
@@ -452,6 +451,7 @@ export interface CreateKeyInput {
      *          <note>
      *             <p>Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.</p>
      *          </note>
+     * @public
      */
     Tags?: Tag[];
 }
@@ -482,74 +482,74 @@ export declare const KeyState: {
  */
 export type KeyState = (typeof KeyState)[keyof typeof KeyState];
 /**
- * @public
  * <p>Metadata about an Amazon Web Services Payment Cryptography key.</p>
+ * @public
  */
 export interface Key {
     /**
-     * @public
      * <p>The Amazon Resource Name (ARN) of the key.</p>
+     * @public
      */
     KeyArn: string | undefined;
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.</p>
+     * @public
      */
     KeyCheckValue: string | undefined;
     /**
-     * @public
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
+     * @public
      */
     KeyCheckValueAlgorithm: KeyCheckValueAlgorithm | undefined;
     /**
-     * @public
      * <p>Specifies whether the key is enabled. </p>
+     * @public
      */
     Enabled: boolean | undefined;
     /**
-     * @public
      * <p>Specifies whether the key is exportable. This data is immutable after the key is created.</p>
+     * @public
      */
     Exportable: boolean | undefined;
     /**
-     * @public
      * <p>The state of key that is being created or deleted.</p>
+     * @public
      */
     KeyState: KeyState | undefined;
     /**
-     * @public
      * <p>The source of the key material. For keys created within Amazon Web Services Payment Cryptography, the value is <code>AWS_PAYMENT_CRYPTOGRAPHY</code>. For keys imported into Amazon Web Services Payment Cryptography, the value is <code>EXTERNAL</code>.</p>
+     * @public
      */
     KeyOrigin: KeyOrigin | undefined;
     /**
-     * @public
      * <p>The date and time when the key was created.</p>
+     * @public
      */
     CreateTimestamp: Date | undefined;
     /**
-     * @public
      * <p>The date and time after which Amazon Web Services Payment Cryptography will start using the key material for cryptographic operations.</p>
+     * @public
      */
     UsageStartTimestamp?: Date;
     /**
-     * @public
      * <p>The date and time after which Amazon Web Services Payment Cryptography will stop using the key material for cryptographic operations.</p>
+     * @public
      */
     UsageStopTimestamp?: Date;
     /**
-     * @public
      * <p>The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when <code>KeyState</code> is <code>DELETE_PENDING</code> and the key is scheduled for deletion.</p>
+     * @public
      */
     DeletePendingTimestamp?: Date;
     /**
-     * @public
      * <p>The date and time after which Amazon Web Services Payment Cryptography will delete the key. This value is present only when when the <code>KeyState</code> is <code>DELETE_COMPLETE</code> and the Amazon Web Services Payment Cryptography key is deleted.</p>
+     * @public
      */
     DeleteTimestamp?: Date;
 }
@@ -558,8 +558,8 @@ export interface Key {
  */
 export interface CreateKeyOutput {
     /**
-     * @public
      * <p>The key material that contains all the key attributes.</p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -568,13 +568,13 @@ export interface CreateKeyOutput {
  */
 export interface DeleteKeyInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key that is scheduled for deletion.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The waiting period for key deletion. The default value is seven days.</p>
+     * @public
      */
     DeleteKeyInDays?: number;
 }
@@ -583,37 +583,37 @@ export interface DeleteKeyInput {
  */
 export interface DeleteKeyOutput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key that is scheduled for deletion.</p>
+     * @public
      */
     Key: Key | undefined;
 }
 /**
- * @public
  * <p>Parameter information for IPEK generation during export.</p>
+ * @public
  */
 export interface ExportDukptInitialKey {
     /**
-     * @public
      * <p>The KSN for IPEK generation using DUKPT. </p>
      *          <p>KSN must be padded before sending to Amazon Web Services Payment Cryptography. KSN hex length should be 20 for a TDES_2KEY key or 24 for an AES key.</p>
+     * @public
      */
     KeySerialNumber: string | undefined;
 }
 /**
- * @public
  * <p>The attributes for IPEK generation during export.</p>
+ * @public
  */
 export interface ExportAttributes {
     /**
-     * @public
      * <p>Parameter information for IPEK export.</p>
+     * @public
      */
     ExportDukptInitialKey?: ExportDukptInitialKey;
     /**
-     * @public
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity. Specify KCV for IPEK export only.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
+     * @public
      */
     KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
 }
@@ -630,34 +630,34 @@ export declare const WrappingKeySpec: {
  */
 export type WrappingKeySpec = (typeof WrappingKeySpec)[keyof typeof WrappingKeySpec];
 /**
- * @public
  * <p>Parameter information for key material export using asymmetric RSA wrap and unwrap key exchange method.</p>
+ * @public
  */
 export interface ExportKeyCryptogram {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the certificate chain that signs the wrapping key certificate during RSA wrap and unwrap key export.</p>
+     * @public
      */
     CertificateAuthorityPublicKeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The wrapping key certificate in PEM format (base64 encoded). Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export.</p>
+     * @public
      */
     WrappingKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The wrapping spec for the key under export.</p>
+     * @public
      */
     WrappingSpec?: WrappingKeySpec;
 }
 /**
- * @public
  * <p>Parameter information for key material export using symmetric TR-31 key exchange method.</p>
+ * @public
  */
 export interface ExportTr31KeyBlock {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the the wrapping key. This key encrypts or wraps the key under export for TR-31 key block generation.</p>
+     * @public
      */
     WrappingKeyIdentifier: string | undefined;
 }
@@ -673,39 +673,39 @@ export declare const Tr34KeyBlockFormat: {
  */
 export type Tr34KeyBlockFormat = (typeof Tr34KeyBlockFormat)[keyof typeof Tr34KeyBlockFormat];
 /**
- * @public
  * <p>Parameter information for key material export using the asymmetric TR-34 key exchange method.</p>
+ * @public
  */
 export interface ExportTr34KeyBlock {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the certificate chain that signs the wrapping key certificate during TR-34 key export.</p>
+     * @public
      */
     CertificateAuthorityPublicKeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the wrapping key certificate. Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export.</p>
+     * @public
      */
     WrappingKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The export token to initiate key export from Amazon Web Services Payment Cryptography. It also contains the signing key certificate that will sign the wrapped key during TR-34 key block generation. Call <a>GetParametersForExport</a> to receive an export token. It expires after 7 days. You can use the same export token to export multiple keys from the same service account.</p>
+     * @public
      */
     ExportToken: string | undefined;
     /**
-     * @public
      * <p>The format of key block that Amazon Web Services Payment Cryptography will use during key export.</p>
+     * @public
      */
     KeyBlockFormat: Tr34KeyBlockFormat | undefined;
     /**
-     * @public
      * <p>A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.</p>
+     * @public
      */
     RandomNonce?: string;
 }
 /**
- * @public
  * <p>Parameter information for key material export from Amazon Web Services Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.</p>
+ * @public
  */
 export type ExportKeyMaterial = ExportKeyMaterial.KeyCryptogramMember | ExportKeyMaterial.Tr31KeyBlockMember | ExportKeyMaterial.Tr34KeyBlockMember | ExportKeyMaterial.$UnknownMember;
 /**
@@ -713,8 +713,8 @@ export type ExportKeyMaterial = ExportKeyMaterial.KeyCryptogramMember | ExportKe
  */
 export declare namespace ExportKeyMaterial {
     /**
-     * @public
      * <p>Parameter information for key material export using symmetric TR-31 key exchange method.</p>
+     * @public
      */
     interface Tr31KeyBlockMember {
         Tr31KeyBlock: ExportTr31KeyBlock;
@@ -723,8 +723,8 @@ export declare namespace ExportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for key material export using the asymmetric TR-34 key exchange method.</p>
+     * @public
      */
     interface Tr34KeyBlockMember {
         Tr31KeyBlock?: never;
@@ -733,8 +733,8 @@ export declare namespace ExportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for key material export using asymmetric RSA wrap and unwrap key exchange method</p>
+     * @public
      */
     interface KeyCryptogramMember {
         Tr31KeyBlock?: never;
@@ -764,18 +764,18 @@ export declare namespace ExportKeyMaterial {
  */
 export interface ExportKeyInput {
     /**
-     * @public
      * <p>The key block format type, for example, TR-34 or TR-31, to use during key material export.</p>
+     * @public
      */
     KeyMaterial: ExportKeyMaterial | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key under export from Amazon Web Services Payment Cryptography.</p>
+     * @public
      */
     ExportKeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The attributes for IPEK generation during export.</p>
+     * @public
      */
     ExportAttributes?: ExportAttributes;
 }
@@ -793,34 +793,34 @@ export declare const WrappedKeyMaterialFormat: {
  */
 export type WrappedKeyMaterialFormat = (typeof WrappedKeyMaterialFormat)[keyof typeof WrappedKeyMaterialFormat];
 /**
- * @public
  * <p>Parameter information for generating a WrappedKeyBlock for key exchange.</p>
+ * @public
  */
 export interface WrappedKey {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the wrapped key.</p>
+     * @public
      */
     WrappingKeyArn: string | undefined;
     /**
-     * @public
      * <p>The key block format of a wrapped key.</p>
+     * @public
      */
     WrappedKeyMaterialFormat: WrappedKeyMaterialFormat | undefined;
     /**
-     * @public
      * <p>Parameter information for generating a wrapped key using TR-31 or TR-34 skey exchange method.</p>
+     * @public
      */
     KeyMaterial: string | undefined;
     /**
-     * @public
      * <p>The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.</p>
+     * @public
      */
     KeyCheckValue?: string;
     /**
-     * @public
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
+     * @public
      */
     KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
 }
@@ -829,8 +829,8 @@ export interface WrappedKey {
  */
 export interface ExportKeyOutput {
     /**
-     * @public
      * <p>The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock. or a RSA WrappedKeyCryptogram.</p>
+     * @public
      */
     WrappedKey?: WrappedKey;
 }
@@ -839,8 +839,8 @@ export interface ExportKeyOutput {
  */
 export interface GetKeyInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the Amazon Web Services Payment Cryptography key.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
 }
@@ -849,8 +849,8 @@ export interface GetKeyInput {
  */
 export interface GetKeyOutput {
     /**
-     * @public
      * <p>The key material, including the immutable and mutable data for the key.</p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -874,13 +874,13 @@ export type KeyMaterialType = (typeof KeyMaterialType)[keyof typeof KeyMaterialT
  */
 export interface GetParametersForExportInput {
     /**
-     * @public
      * <p>The key block format type (for example, TR-34 or TR-31) to use during key material export. Export token is only required for a TR-34 key export, <code>TR34_KEY_BLOCK</code>. Export token is not required for TR-31 key export.</p>
+     * @public
      */
     KeyMaterialType: KeyMaterialType | undefined;
     /**
-     * @public
      * <p>The signing key algorithm to generate a signing key certificate. This certificate signs the wrapped key under export within the TR-34 key block. <code>RSA_2048</code> is the only signing key algorithm allowed.</p>
+     * @public
      */
     SigningKeyAlgorithm: KeyAlgorithm | undefined;
 }
@@ -889,28 +889,28 @@ export interface GetParametersForExportInput {
  */
 export interface GetParametersForExportOutput {
     /**
-     * @public
      * <p>The signing key certificate in PEM format (base64 encoded) of the public key for signature within the TR-34 key block. The certificate expires after 7 days.</p>
+     * @public
      */
     SigningKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The root certificate authority (CA) that signed the signing key certificate in PEM format (base64 encoded).</p>
+     * @public
      */
     SigningKeyCertificateChain: string | undefined;
     /**
-     * @public
      * <p>The algorithm of the signing key certificate for use in TR-34 key block generation. <code>RSA_2048</code> is the only signing key algorithm allowed.</p>
+     * @public
      */
     SigningKeyAlgorithm: KeyAlgorithm | undefined;
     /**
-     * @public
      * <p>The export token to initiate key export from Amazon Web Services Payment Cryptography. The export token expires after 7 days. You can use the same export token to export multiple keys from the same service account.</p>
+     * @public
      */
     ExportToken: string | undefined;
     /**
-     * @public
      * <p>The validity period of the export token.</p>
+     * @public
      */
     ParametersValidUntilTimestamp: Date | undefined;
 }
@@ -919,15 +919,15 @@ export interface GetParametersForExportOutput {
  */
 export interface GetParametersForImportInput {
     /**
-     * @public
      * <p>The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (<code>TR34_KEY_BLOCK</code>) and RSA WrappedKeyCryptogram (<code>KEY_CRYPTOGRAM</code>).</p>
      *          <p>Import token is not required for TR-31, root public key cerificate or trusted public key certificate.</p>
+     * @public
      */
     KeyMaterialType: KeyMaterialType | undefined;
     /**
-     * @public
      * <p>The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import.</p>
      *          <p>At this time, <code>RSA_2048</code> is the allowed algorithm for TR-34 WrappedKeyBlock import. Additionally, <code>RSA_2048</code>, <code>RSA_3072</code>, <code>RSA_4096</code> are the allowed algorithms for RSA WrappedKeyCryptogram import.</p>
+     * @public
      */
     WrappingKeyAlgorithm: KeyAlgorithm | undefined;
 }
@@ -936,28 +936,28 @@ export interface GetParametersForImportInput {
  */
 export interface GetParametersForImportOutput {
     /**
-     * @public
      * <p>The wrapping key certificate in PEM format (base64 encoded) of the wrapping key for use within the TR-34 key block. The certificate expires in 7 days.</p>
+     * @public
      */
     WrappingKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The Amazon Web Services Payment Cryptography root certificate authority (CA) that signed the wrapping key certificate in PEM format (base64 encoded).</p>
+     * @public
      */
     WrappingKeyCertificateChain: string | undefined;
     /**
-     * @public
      * <p>The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock or RSA WrappedKeyCryptogram.</p>
+     * @public
      */
     WrappingKeyAlgorithm: KeyAlgorithm | undefined;
     /**
-     * @public
      * <p>The import token to initiate key import into Amazon Web Services Payment Cryptography. The import token expires after 7 days. You can use the same import token to import multiple keys to the same service account.</p>
+     * @public
      */
     ImportToken: string | undefined;
     /**
-     * @public
      * <p>The validity period of the import token.</p>
+     * @public
      */
     ParametersValidUntilTimestamp: Date | undefined;
 }
@@ -966,8 +966,8 @@ export interface GetParametersForImportOutput {
  */
 export interface GetPublicKeyCertificateInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the asymmetric key pair.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
 }
@@ -976,139 +976,139 @@ export interface GetPublicKeyCertificateInput {
  */
 export interface GetPublicKeyCertificateOutput {
     /**
-     * @public
      * <p>The public key component of the asymmetric key pair in a certificate PEM format (base64 encoded). It is signed by the root certificate authority (CA). The certificate expires in 90 days.</p>
+     * @public
      */
     KeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The root certificate authority (CA) that signed the public key certificate in PEM format (base64 encoded) of the asymmetric key pair.</p>
+     * @public
      */
     KeyCertificateChain: string | undefined;
 }
 /**
- * @public
  * <p>Parameter information for key material import using asymmetric RSA wrap and unwrap key exchange method.</p>
+ * @public
  */
 export interface ImportKeyCryptogram {
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>Specifies whether the key is exportable from the service.</p>
+     * @public
      */
     Exportable: boolean | undefined;
     /**
-     * @public
      * <p>The RSA wrapped key cryptogram under import.</p>
+     * @public
      */
     WrappedKeyCryptogram: string | undefined;
     /**
-     * @public
      * <p>The import token that initiates key import using the asymmetric RSA wrap and unwrap key exchange method into AWS Payment Cryptography. It expires after 7 days. You can use the same import token to import multiple keys to the same service account.</p>
+     * @public
      */
     ImportToken: string | undefined;
     /**
-     * @public
      * <p>The wrapping spec for the wrapped key cryptogram.</p>
+     * @public
      */
     WrappingSpec?: WrappingKeySpec;
 }
 /**
- * @public
  * <p>Parameter information for root public key certificate import.</p>
+ * @public
  */
 export interface RootCertificatePublicKey {
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the root public key is imported.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>Parameter information for root public key certificate import.</p>
+     * @public
      */
     PublicKeyCertificate: string | undefined;
 }
 /**
- * @public
  * <p>Parameter information for key material import using symmetric TR-31 key exchange method.</p>
+ * @public
  */
 export interface ImportTr31KeyBlock {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key that will decrypt or unwrap a TR-31 key block during import.</p>
+     * @public
      */
     WrappingKeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The TR-31 wrapped key block to import.</p>
+     * @public
      */
     WrappedKeyBlock: string | undefined;
 }
 /**
- * @public
  * <p>Parameter information for key material import using the asymmetric TR-34 key exchange method.</p>
+ * @public
  */
 export interface ImportTr34KeyBlock {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the certificate chain that signs the signing key certificate during TR-34 key import.</p>
+     * @public
      */
     CertificateAuthorityPublicKeyIdentifier: string | undefined;
     /**
-     * @public
      * <p>The public key component in PEM certificate format of the private key that signs the KDH TR-34 WrappedKeyBlock.</p>
+     * @public
      */
     SigningKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The import token that initiates key import using the asymmetric TR-34 key exchange method into Amazon Web Services Payment Cryptography. It expires after 7 days. You can use the same import token to import multiple keys to the same service account.</p>
+     * @public
      */
     ImportToken: string | undefined;
     /**
-     * @public
      * <p>The TR-34 wrapped key block to import.</p>
+     * @public
      */
     WrappedKeyBlock: string | undefined;
     /**
-     * @public
      * <p>The key block format to use during key import. The only value allowed is <code>X9_TR34_2012</code>.</p>
+     * @public
      */
     KeyBlockFormat: Tr34KeyBlockFormat | undefined;
     /**
-     * @public
      * <p>A random number value that is unique to the TR-34 key block generated using 2 pass. The operation will fail, if a random nonce value is not provided for a TR-34 key block generated using 2 pass.</p>
+     * @public
      */
     RandomNonce?: string;
 }
 /**
- * @public
  * <p>Parameter information for trusted public key certificate import.</p>
+ * @public
  */
 export interface TrustedCertificatePublicKey {
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after a trusted public key is imported.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>Parameter information for trusted public key certificate import.</p>
+     * @public
      */
     PublicKeyCertificate: string | undefined;
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the root public key certificate or certificate chain that signs the trusted public key certificate import.</p>
+     * @public
      */
     CertificateAuthorityPublicKeyIdentifier: string | undefined;
 }
 /**
- * @public
  * <p>Parameter information for key material import into Amazon Web Services Payment Cryptography using TR-31 or TR-34 or RSA wrap and unwrap key exchange method.</p>
+ * @public
  */
 export type ImportKeyMaterial = ImportKeyMaterial.KeyCryptogramMember | ImportKeyMaterial.RootCertificatePublicKeyMember | ImportKeyMaterial.Tr31KeyBlockMember | ImportKeyMaterial.Tr34KeyBlockMember | ImportKeyMaterial.TrustedCertificatePublicKeyMember | ImportKeyMaterial.$UnknownMember;
 /**
@@ -1116,8 +1116,8 @@ export type ImportKeyMaterial = ImportKeyMaterial.KeyCryptogramMember | ImportKe
  */
 export declare namespace ImportKeyMaterial {
     /**
-     * @public
      * <p>Parameter information for root public key certificate import.</p>
+     * @public
      */
     interface RootCertificatePublicKeyMember {
         RootCertificatePublicKey: RootCertificatePublicKey;
@@ -1128,8 +1128,8 @@ export declare namespace ImportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for trusted public key certificate import.</p>
+     * @public
      */
     interface TrustedCertificatePublicKeyMember {
         RootCertificatePublicKey?: never;
@@ -1140,8 +1140,8 @@ export declare namespace ImportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for key material import using symmetric TR-31 key exchange method.</p>
+     * @public
      */
     interface Tr31KeyBlockMember {
         RootCertificatePublicKey?: never;
@@ -1152,8 +1152,8 @@ export declare namespace ImportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for key material import using the asymmetric TR-34 key exchange method.</p>
+     * @public
      */
     interface Tr34KeyBlockMember {
         RootCertificatePublicKey?: never;
@@ -1164,8 +1164,8 @@ export declare namespace ImportKeyMaterial {
         $unknown?: never;
     }
     /**
-     * @public
      * <p>Parameter information for key material import using asymmetric RSA wrap and unwrap key exchange method.</p>
+     * @public
      */
     interface KeyCryptogramMember {
         RootCertificatePublicKey?: never;
@@ -1201,23 +1201,22 @@ export declare namespace ImportKeyMaterial {
  */
 export interface ImportKeyInput {
     /**
-     * @public
      * <p>The key or public key certificate type to use during key material import, for example TR-34 or RootCertificatePublicKey.</p>
+     * @public
      */
     KeyMaterial: ImportKeyMaterial | undefined;
     /**
-     * @public
      * <p>The algorithm that Amazon Web Services Payment Cryptography uses to calculate the key check value (KCV). It is used to validate the key integrity.</p>
      *          <p>For TDES keys, the KCV is computed by encrypting 8 bytes, each with value of zero, with the key to be checked and retaining the 3 highest order bytes of the encrypted result. For AES keys, the KCV is computed using a CMAC algorithm where the input data is 16 bytes of zero and retaining the 3 highest order bytes of the encrypted result.</p>
+     * @public
      */
     KeyCheckValueAlgorithm?: KeyCheckValueAlgorithm;
     /**
-     * @public
      * <p>Specifies whether import key is enabled.</p>
+     * @public
      */
     Enabled?: boolean;
     /**
-     * @public
      * <p>Assigns one or more tags to the Amazon Web Services Payment Cryptography key. Use this parameter to tag a key when it is imported. To tag an existing Amazon Web Services Payment Cryptography key, use the <a>TagResource</a> operation.</p>
      *          <p>Each tag consists of a tag key and a tag value. Both the tag key and the tag value are required, but the tag value can be an empty (null) string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. If you specify an existing tag key with a different tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the specified one.</p>
      *          <important>
@@ -1226,6 +1225,7 @@ export interface ImportKeyInput {
      *          <note>
      *             <p>Tagging or untagging an Amazon Web Services Payment Cryptography key can allow or deny permission to the key.</p>
      *          </note>
+     * @public
      */
     Tags?: Tag[];
 }
@@ -1234,8 +1234,8 @@ export interface ImportKeyInput {
  */
 export interface ImportKeyOutput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key material imported within Amazon Web Services Payment Cryptography.</p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -1244,55 +1244,55 @@ export interface ImportKeyOutput {
  */
 export interface ListKeysInput {
     /**
-     * @public
      * <p>The key state of the keys you want to list.</p>
+     * @public
      */
     KeyState?: KeyState;
     /**
-     * @public
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
+     * @public
      */
     NextToken?: string;
     /**
-     * @public
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
+     * @public
      */
     MaxResults?: number;
 }
 /**
- * @public
  * <p>Metadata about an Amazon Web Services Payment Cryptography key.</p>
+ * @public
  */
 export interface KeySummary {
     /**
-     * @public
      * <p>The Amazon Resource Name (ARN) of the key.</p>
+     * @public
      */
     KeyArn: string | undefined;
     /**
-     * @public
      * <p>The state of an Amazon Web Services Payment Cryptography that is being created or deleted.</p>
+     * @public
      */
     KeyState: KeyState | undefined;
     /**
-     * @public
      * <p>The role of the key, the algorithm it supports, and the cryptographic operations allowed with the key. This data is immutable after the key is created.</p>
+     * @public
      */
     KeyAttributes: KeyAttributes | undefined;
     /**
-     * @public
      * <p>The key check value (KCV) is used to check if all parties holding a given key have the same key or to detect that a key has changed.</p>
+     * @public
      */
     KeyCheckValue: string | undefined;
     /**
-     * @public
      * <p>Specifies whether the key is exportable. This data is immutable after the key is created.</p>
+     * @public
      */
     Exportable: boolean | undefined;
     /**
-     * @public
      * <p>Specifies whether the key is enabled. </p>
+     * @public
      */
     Enabled: boolean | undefined;
 }
@@ -1301,13 +1301,13 @@ export interface KeySummary {
  */
 export interface ListKeysOutput {
     /**
-     * @public
      * <p>The list of keys created within the caller's Amazon Web Services account and Amazon Web Services Region.</p>
+     * @public
      */
     Keys: KeySummary[] | undefined;
     /**
-     * @public
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
+     * @public
      */
     NextToken?: string;
 }
@@ -1316,8 +1316,8 @@ export interface ListKeysOutput {
  */
 export interface RestoreKeyInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key to be restored within Amazon Web Services Payment Cryptography.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
 }
@@ -1326,8 +1326,8 @@ export interface RestoreKeyInput {
  */
 export interface RestoreKeyOutput {
     /**
-     * @public
      * <p>The key material of the restored key. The <code>KeyState</code> will change to <code>CREATE_COMPLETE</code> and value for <code>DeletePendingTimestamp</code> gets removed. </p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -1336,8 +1336,8 @@ export interface RestoreKeyOutput {
  */
 export interface StartKeyUsageInput {
     /**
-     * @public
      * <p>The <code>KeyArn</code> of the key.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
 }
@@ -1346,8 +1346,8 @@ export interface StartKeyUsageInput {
  */
 export interface StartKeyUsageOutput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the Amazon Web Services Payment Cryptography key activated for use.</p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -1356,8 +1356,8 @@ export interface StartKeyUsageOutput {
  */
 export interface StopKeyUsageInput {
     /**
-     * @public
      * <p>The <code>KeyArn</code> of the key.</p>
+     * @public
      */
     KeyIdentifier: string | undefined;
 }
@@ -1366,8 +1366,8 @@ export interface StopKeyUsageInput {
  */
 export interface StopKeyUsageOutput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key.</p>
+     * @public
      */
     Key: Key | undefined;
 }
@@ -1376,19 +1376,19 @@ export interface StopKeyUsageOutput {
  */
 export interface ListTagsForResourceInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key whose tags you are getting.</p>
+     * @public
      */
     ResourceArn: string | undefined;
     /**
-     * @public
      * <p>Use this parameter in a subsequent request after you receive a response with truncated results. Set it to the value of <code>NextToken</code> from the truncated response you just received.</p>
+     * @public
      */
     NextToken?: string;
     /**
-     * @public
      * <p>Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer.</p>
      *          <p>This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.</p>
+     * @public
      */
     MaxResults?: number;
 }
@@ -1397,13 +1397,13 @@ export interface ListTagsForResourceInput {
  */
 export interface ListTagsForResourceOutput {
     /**
-     * @public
      * <p>The list of tags associated with a <code>ResourceArn</code>. Each tag will list the key-value pair contained within that tag.</p>
+     * @public
      */
     Tags: Tag[] | undefined;
     /**
-     * @public
      * <p>The token for the next set of results, or an empty or null value if there are no more results.</p>
+     * @public
      */
     NextToken?: string;
 }
@@ -1412,12 +1412,11 @@ export interface ListTagsForResourceOutput {
  */
 export interface TagResourceInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key whose tags are being updated.</p>
+     * @public
      */
     ResourceArn: string | undefined;
     /**
-     * @public
      * <p>One or more tags. Each tag consists of a tag key and a tag value. The tag value can be an empty (null) string. You can't have more than one tag on an Amazon Web Services Payment Cryptography key with the same tag key. If you specify an existing tag key with a different tag value, Amazon Web Services Payment Cryptography replaces the current tag value with the new one.</p>
      *          <important>
      *             <p>Don't include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output.</p>
@@ -1426,6 +1425,7 @@ export interface TagResourceInput {
      *          <important>
      *             <p>Don't include personal, confidential or sensitive information in this field. This field may be displayed in plaintext in CloudTrail logs and other output.</p>
      *          </important>
+     * @public
      */
     Tags: Tag[] | undefined;
 }
@@ -1439,14 +1439,14 @@ export interface TagResourceOutput {
  */
 export interface UntagResourceInput {
     /**
-     * @public
      * <p>The <code>KeyARN</code> of the key whose tags are being removed.</p>
+     * @public
      */
     ResourceArn: string | undefined;
     /**
-     * @public
      * <p>One or more tag keys. Don't include the tag values.</p>
      *          <p>If the Amazon Web Services Payment Cryptography key doesn't have the specified tag key, Amazon Web Services Payment Cryptography doesn't throw an exception or return a response. To confirm that the operation succeeded, use the <a>ListTagsForResource</a> operation.</p>
+     * @public
      */
     TagKeys: string[] | undefined;
 }