cdk-lambda-subminute 2.0.353 → 2.0.355
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.jsii +3 -3
- package/lib/cdk-lambda-subminute.js +3 -3
- package/node_modules/aws-sdk/README.md +1 -1
- package/node_modules/aws-sdk/apis/iotfleetwise-2021-06-17.min.json +15 -11
- package/node_modules/aws-sdk/apis/keyspaces-2022-02-10.min.json +159 -16
- package/node_modules/aws-sdk/apis/metadata.json +0 -8
- package/node_modules/aws-sdk/apis/payment-cryptography-2021-09-14.min.json +45 -11
- package/node_modules/aws-sdk/apis/rekognition-2016-06-27.min.json +114 -93
- package/node_modules/aws-sdk/clients/all.d.ts +0 -2
- package/node_modules/aws-sdk/clients/all.js +0 -2
- package/node_modules/aws-sdk/clients/dynamodb.d.ts +1 -1
- package/node_modules/aws-sdk/clients/iot.d.ts +1 -1
- package/node_modules/aws-sdk/clients/iotfleetwise.d.ts +10 -1
- package/node_modules/aws-sdk/clients/keyspaces.d.ts +165 -4
- package/node_modules/aws-sdk/clients/macie2.d.ts +13 -13
- package/node_modules/aws-sdk/clients/paymentcryptography.d.ts +55 -12
- package/node_modules/aws-sdk/clients/personalize.d.ts +6 -6
- package/node_modules/aws-sdk/clients/rekognition.d.ts +32 -3
- package/node_modules/aws-sdk/clients/securityhub.d.ts +1 -1
- package/node_modules/aws-sdk/dist/aws-sdk-core-react-native.js +7 -4
- package/node_modules/aws-sdk/dist/aws-sdk-react-native.js +122 -218
- package/node_modules/aws-sdk/dist/aws-sdk.js +117 -104
- package/node_modules/aws-sdk/dist/aws-sdk.min.js +38 -38
- package/node_modules/aws-sdk/dist-tools/service-collector.js +1 -1
- package/node_modules/aws-sdk/lib/config_service_placeholders.d.ts +0 -4
- package/node_modules/aws-sdk/lib/core.js +1 -1
- package/node_modules/aws-sdk/lib/dynamodb/document_client.d.ts +1 -1
- package/node_modules/aws-sdk/package.json +1 -1
- package/node_modules/aws-sdk/scripts/console +3 -3
- package/package.json +3 -3
- package/node_modules/aws-sdk/apis/cloudfront-keyvaluestore-2022-07-26.examples.json +0 -5
- package/node_modules/aws-sdk/apis/cloudfront-keyvaluestore-2022-07-26.min.json +0 -359
- package/node_modules/aws-sdk/apis/cloudfront-keyvaluestore-2022-07-26.paginators.json +0 -10
- package/node_modules/aws-sdk/apis/neptune-graph-2023-11-29.examples.json +0 -5
- package/node_modules/aws-sdk/apis/neptune-graph-2023-11-29.min.json +0 -1286
- package/node_modules/aws-sdk/apis/neptune-graph-2023-11-29.paginators.json +0 -28
- package/node_modules/aws-sdk/apis/neptune-graph-2023-11-29.waiters2.json +0 -168
- package/node_modules/aws-sdk/clients/cloudfrontkeyvaluestore.d.ts +0 -294
- package/node_modules/aws-sdk/clients/cloudfrontkeyvaluestore.js +0 -18
- package/node_modules/aws-sdk/clients/neptunegraph.d.ts +0 -1459
- package/node_modules/aws-sdk/clients/neptunegraph.js +0 -20
- package/node_modules/aws-sdk/lib/services/neptunegraph.js +0 -14
|
@@ -44,11 +44,11 @@ declare class PaymentCryptography extends Service {
|
|
|
44
44
|
*/
|
|
45
45
|
deleteKey(callback?: (err: AWSError, data: PaymentCryptography.Types.DeleteKeyOutput) => void): Request<PaymentCryptography.Types.DeleteKeyOutput, AWSError>;
|
|
46
46
|
/**
|
|
47
|
-
* Exports a key from Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export. To export KEK or IPEK using TR-34 Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key. To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days. Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate. ExportToken: Obtained from KDH by calling GetParametersForImport. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export
|
|
47
|
+
* Exports a key from Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanism. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import. You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export. To export initial keys (KEK) or IPEK using TR-34 Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key. To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days. Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate. ExportToken: Obtained from KDH by calling GetParametersForImport. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export initial keys (KEK) or IPEK using RSA Wrap and Unwrap Using this operation, you can export initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate export, generate an asymmetric key pair on the receiving HSM and obtain the public key certificate in PEM format (base64 encoded) for the purpose of wrapping and the root certifiate chain. Import the root certificate into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. Next call ExportKey and set the following parameters: CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed wrapping key certificate. KeyMaterial: Set to KeyCryptogram. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) obtained by the receiving HSM and signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. The receiving HSM uses its private key component to unwrap the WrappedKeyCryptogram. When this operation is successful, Amazon Web Services Payment Cryptography returns the WrappedKeyCryptogram. To export working keys or IPEK using TR-31 Using this operation, you can export working keys or IPEK using TR-31 symmetric key exchange. In TR-31, you must use an initial key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use CreateKey or ImportKey. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr31KeyBlock parameters. When this operation is successful, Amazon Web Services Payment Cryptography returns the working key or IPEK as a TR-31 WrappedKeyBlock. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
48
48
|
*/
|
|
49
49
|
exportKey(params: PaymentCryptography.Types.ExportKeyInput, callback?: (err: AWSError, data: PaymentCryptography.Types.ExportKeyOutput) => void): Request<PaymentCryptography.Types.ExportKeyOutput, AWSError>;
|
|
50
50
|
/**
|
|
51
|
-
* Exports a key from Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export. To export KEK or IPEK using TR-34 Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key. To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days. Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate. ExportToken: Obtained from KDH by calling GetParametersForImport. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export
|
|
51
|
+
* Exports a key from Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ExportKey you can export symmetric keys using either symmetric and asymmetric key exchange mechanisms. Using this operation, you can share your Amazon Web Services Payment Cryptography generated keys with other service partners to perform cryptographic operations outside of Amazon Web Services Payment Cryptography For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanism. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK). After which you can export working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import. You can also use ExportKey functionality to generate and export an IPEK (Initial Pin Encryption Key) from Amazon Web Services Payment Cryptography using either TR-31 or TR-34 export key exchange. IPEK is generated from BDK (Base Derivation Key) and ExportDukptInitialKey attribute KSN (KeySerialNumber). The generated IPEK does not persist within Amazon Web Services Payment Cryptography and has to be re-generated each time during export. To export initial keys (KEK) or IPEK using TR-34 Using this operation, you can export initial key using TR-34 asymmetric key exchange. You can only export KEK generated within Amazon Web Services Payment Cryptography. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During key export process, KDH is Amazon Web Services Payment Cryptography which initiates key export and KRD is the user receiving the key. To initiate TR-34 key export, the KRD must obtain an export token by calling GetParametersForExport. This operation also generates a key pair for the purpose of key export, signs the key and returns back the signing public key certificate (also known as KDH signing certificate) and root certificate chain. The KDH uses the private key to sign the the export payload and the signing public key certificate is provided to KRD to verify the signature. The KRD can import the root certificate into its Hardware Security Module (HSM), as required. The export token and the associated KDH signing certificate expires after 7 days. Next the KRD generates a key pair for the the purpose of encrypting the KDH key and provides the public key cerificate (also known as KRD wrapping certificate) back to KDH. The KRD will also import the root cerificate chain into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. The KDH, Amazon Web Services Payment Cryptography, will use the KRD wrapping cerificate to encrypt (wrap) the key under export and signs it with signing private key to generate a TR-34 WrappedKeyBlock. For more information on TR-34 key export, see section Exporting symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KRD wrapping key certificate. ExportToken: Obtained from KDH by calling GetParametersForImport. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KRD wrapping key Amazon Web Services Payment Cryptography uses for encryption of the TR-34 export payload. This certificate must be signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. When this operation is successful, Amazon Web Services Payment Cryptography returns the KEK or IPEK as a TR-34 WrappedKeyBlock. To export initial keys (KEK) or IPEK using RSA Wrap and Unwrap Using this operation, you can export initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate export, generate an asymmetric key pair on the receiving HSM and obtain the public key certificate in PEM format (base64 encoded) for the purpose of wrapping and the root certifiate chain. Import the root certificate into Amazon Web Services Payment Cryptography by calling ImportKey for RootCertificatePublicKey. Next call ExportKey and set the following parameters: CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed wrapping key certificate. KeyMaterial: Set to KeyCryptogram. WrappingKeyCertificate: The public key certificate in PEM format (base64 encoded) obtained by the receiving HSM and signed by the root certificate (CertificateAuthorityPublicKeyIdentifier) imported into Amazon Web Services Payment Cryptography. The receiving HSM uses its private key component to unwrap the WrappedKeyCryptogram. When this operation is successful, Amazon Web Services Payment Cryptography returns the WrappedKeyCryptogram. To export working keys or IPEK using TR-31 Using this operation, you can export working keys or IPEK using TR-31 symmetric key exchange. In TR-31, you must use an initial key such as KEK to encrypt or wrap the key under export. To establish a KEK, you can use CreateKey or ImportKey. Set the following parameters: ExportAttributes: Specify export attributes in case of IPEK export. This parameter is optional for KEK export. ExportKeyIdentifier: The KeyARN of the KEK or BDK (in case of IPEK) under export. KeyMaterial: Use Tr31KeyBlock parameters. When this operation is successful, Amazon Web Services Payment Cryptography returns the working key or IPEK as a TR-31 WrappedKeyBlock. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
52
52
|
*/
|
|
53
53
|
exportKey(callback?: (err: AWSError, data: PaymentCryptography.Types.ExportKeyOutput) => void): Request<PaymentCryptography.Types.ExportKeyOutput, AWSError>;
|
|
54
54
|
/**
|
|
@@ -76,11 +76,11 @@ declare class PaymentCryptography extends Service {
|
|
|
76
76
|
*/
|
|
77
77
|
getParametersForExport(callback?: (err: AWSError, data: PaymentCryptography.Types.GetParametersForExportOutput) => void): Request<PaymentCryptography.Types.GetParametersForExportOutput, AWSError>;
|
|
78
78
|
/**
|
|
79
|
-
* Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock. The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
79
|
+
* Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography. The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
80
80
|
*/
|
|
81
81
|
getParametersForImport(params: PaymentCryptography.Types.GetParametersForImportInput, callback?: (err: AWSError, data: PaymentCryptography.Types.GetParametersForImportOutput) => void): Request<PaymentCryptography.Types.GetParametersForImportOutput, AWSError>;
|
|
82
82
|
/**
|
|
83
|
-
* Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock. The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
83
|
+
* Gets the import token and the wrapping key certificate in PEM format (base64 encoded) to initiate a TR-34 WrappedKeyBlock or a RSA WrappedKeyCryptogram import into Amazon Web Services Payment Cryptography. The wrapping key certificate wraps the key under import. The import token and wrapping key certificate must be in place and operational before calling ImportKey. The import token expires in 7 days. You can use the same import token to import multiple keys into your service account. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: GetParametersForExport ImportKey
|
|
84
84
|
*/
|
|
85
85
|
getParametersForImport(callback?: (err: AWSError, data: PaymentCryptography.Types.GetParametersForImportOutput) => void): Request<PaymentCryptography.Types.GetParametersForImportOutput, AWSError>;
|
|
86
86
|
/**
|
|
@@ -92,11 +92,11 @@ declare class PaymentCryptography extends Service {
|
|
|
92
92
|
*/
|
|
93
93
|
getPublicKeyCertificate(callback?: (err: AWSError, data: PaymentCryptography.Types.GetPublicKeyCertificateOutput) => void): Request<PaymentCryptography.Types.GetPublicKeyCertificateOutput, AWSError>;
|
|
94
94
|
/**
|
|
95
|
-
* Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms. For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account. Set the following parameters: KeyMaterial: RootCertificatePublicKey KeyClass: PUBLIC_KEY KeyModesOfUse: Verify KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import. To import a trusted public key certificate The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters: KeyMaterial: TrustedCertificatePublicKey CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey. KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform. PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import. To import KEK or ZMK using TR-34 Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key. To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days. Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate. ImportToken: Obtained from KRD by calling GetParametersForImport. WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography. SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography. To import
|
|
95
|
+
* Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms. For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanisms. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import. You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account. Set the following parameters: KeyMaterial: RootCertificatePublicKey KeyClass: PUBLIC_KEY KeyModesOfUse: Verify KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import. To import a trusted public key certificate The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters: KeyMaterial: TrustedCertificatePublicKey CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey. KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform. PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import. To import initial keys (KEK or ZMK or similar) using TR-34 Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key. To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days. Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate. ImportToken: Obtained from KRD by calling GetParametersForImport. WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography. SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography. To import initial keys (KEK or ZMK or similar) using RSA Wrap and Unwrap Using this operation, you can import initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate import, call GetParametersForImport with KeyMaterial set to KEY_CRYPTOGRAM to generate an import token. This operation also generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate in PEM format (base64 encoded) and its root certificate chain. The import token and associated KRD wrapping certificate expires after 7 days. You must trust and install the wrapping certificate and its certificate chain on the sending HSM and use it to wrap the key under export for WrappedKeyCryptogram generation. Next call ImportKey with KeyMaterial set to KEY_CRYPTOGRAM and provide the ImportToken and KeyAttributes for the key under import. To import working keys using TR-31 Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange norm to import working keys. A KEK must be established within Amazon Web Services Payment Cryptography by using TR-34 key import or by using CreateKey. To initiate a TR-31 key import, set the following parameters: KeyMaterial: Use Tr31KeyBlock parameters. WrappedKeyBlock: The TR-31 wrapped key material. It contains the key under import, encrypted using KEK. The TR-31 key block is typically generated by a HSM outside of Amazon Web Services Payment Cryptography. WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment Cryptography uses to decrypt or unwrap the key under import. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: ExportKey GetParametersForImport
|
|
96
96
|
*/
|
|
97
97
|
importKey(params: PaymentCryptography.Types.ImportKeyInput, callback?: (err: AWSError, data: PaymentCryptography.Types.ImportKeyOutput) => void): Request<PaymentCryptography.Types.ImportKeyOutput, AWSError>;
|
|
98
98
|
/**
|
|
99
|
-
* Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms. For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm . Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account. Set the following parameters: KeyMaterial: RootCertificatePublicKey KeyClass: PUBLIC_KEY KeyModesOfUse: Verify KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import. To import a trusted public key certificate The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters: KeyMaterial: TrustedCertificatePublicKey CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey. KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform. PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import. To import KEK or ZMK using TR-34 Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key. To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days. Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate. ImportToken: Obtained from KRD by calling GetParametersForImport. WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography. SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography. To import
|
|
99
|
+
* Imports symmetric keys and public key certificates in PEM format (base64 encoded) into Amazon Web Services Payment Cryptography. Amazon Web Services Payment Cryptography simplifies key exchange by replacing the existing paper-based approach with a modern electronic approach. With ImportKey you can import symmetric keys using either symmetric and asymmetric key exchange mechanisms. For symmetric key exchange, Amazon Web Services Payment Cryptography uses the ANSI X9 TR-31 norm in accordance with PCI PIN guidelines. And for asymmetric key exchange, Amazon Web Services Payment Cryptography supports ANSI X9 TR-34 norm and RSA wrap and unwrap key exchange mechanisms. Asymmetric key exchange methods are typically used to establish bi-directional trust between the two parties exhanging keys and are used for initial key exchange such as Key Encryption Key (KEK) or Zone Master Key (ZMK). After which you can import working keys using symmetric method to perform various cryptographic operations within Amazon Web Services Payment Cryptography. The TR-34 norm is intended for exchanging 3DES keys only and keys are imported in a WrappedKeyBlock format. Key attributes (such as KeyUsage, KeyAlgorithm, KeyModesOfUse, Exportability) are contained within the key block. With RSA wrap and unwrap, you can exchange both 3DES and AES-128 keys. The keys are imported in a WrappedKeyCryptogram format and you will need to specify the key attributes during import. You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate You can also import a root public key certificate, used to sign other public key certificates, or a trusted public key certificate under an already established root public key certificate. To import a public root key certificate Using this operation, you can import the public component (in PEM cerificate format) of your private root key. You can use the imported public root key certificate for digital signatures, for example signing wrapping key or signing key in TR-34, within your Amazon Web Services Payment Cryptography account. Set the following parameters: KeyMaterial: RootCertificatePublicKey KeyClass: PUBLIC_KEY KeyModesOfUse: Verify KeyUsage: TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE PublicKeyCertificate: The public key certificate in PEM format (base64 encoded) of the private root key under import. To import a trusted public key certificate The root public key certificate must be in place and operational before you import a trusted public key certificate. Set the following parameters: KeyMaterial: TrustedCertificatePublicKey CertificateAuthorityPublicKeyIdentifier: KeyArn of the RootCertificatePublicKey. KeyModesOfUse and KeyUsage: Corresponding to the cryptographic operations such as wrap, sign, or encrypt that you will allow the trusted public key certificate to perform. PublicKeyCertificate: The trusted public key certificate in PEM format (base64 encoded) under import. To import initial keys (KEK or ZMK or similar) using TR-34 Using this operation, you can import initial key using TR-34 asymmetric key exchange. In TR-34 terminology, the sending party of the key is called Key Distribution Host (KDH) and the receiving party of the key is called Key Receiving Device (KRD). During the key import process, KDH is the user who initiates the key import and KRD is Amazon Web Services Payment Cryptography who receives the key. To initiate TR-34 key import, the KDH must obtain an import token by calling GetParametersForImport. This operation generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate (also known as KRD wrapping certificate) and the root certificate chain. The KDH must trust and install the KRD wrapping certificate on its HSM and use it to encrypt (wrap) the KDH key during TR-34 WrappedKeyBlock generation. The import token and associated KRD wrapping certificate expires after 7 days. Next the KDH generates a key pair for the purpose of signing the encrypted KDH key and provides the public certificate of the signing key to Amazon Web Services Payment Cryptography. The KDH will also need to import the root certificate chain of the KDH signing certificate by calling ImportKey for RootCertificatePublicKey. For more information on TR-34 key import, see section Importing symmetric keys in the Amazon Web Services Payment Cryptography User Guide. Set the following parameters: KeyMaterial: Use Tr34KeyBlock parameters. CertificateAuthorityPublicKeyIdentifier: The KeyARN of the certificate chain that signed the KDH signing key certificate. ImportToken: Obtained from KRD by calling GetParametersForImport. WrappedKeyBlock: The TR-34 wrapped key material from KDH. It contains the KDH key under import, wrapped with KRD wrapping certificate and signed by KDH signing private key. This TR-34 key block is typically generated by the KDH Hardware Security Module (HSM) outside of Amazon Web Services Payment Cryptography. SigningKeyCertificate: The public key certificate in PEM format (base64 encoded) of the KDH signing key generated under the root certificate (CertificateAuthorityPublicKeyIdentifier) imported in Amazon Web Services Payment Cryptography. To import initial keys (KEK or ZMK or similar) using RSA Wrap and Unwrap Using this operation, you can import initial key using asymmetric RSA wrap and unwrap key exchange method. To initiate import, call GetParametersForImport with KeyMaterial set to KEY_CRYPTOGRAM to generate an import token. This operation also generates an encryption keypair for the purpose of key import, signs the key and returns back the wrapping key certificate in PEM format (base64 encoded) and its root certificate chain. The import token and associated KRD wrapping certificate expires after 7 days. You must trust and install the wrapping certificate and its certificate chain on the sending HSM and use it to wrap the key under export for WrappedKeyCryptogram generation. Next call ImportKey with KeyMaterial set to KEY_CRYPTOGRAM and provide the ImportToken and KeyAttributes for the key under import. To import working keys using TR-31 Amazon Web Services Payment Cryptography uses TR-31 symmetric key exchange norm to import working keys. A KEK must be established within Amazon Web Services Payment Cryptography by using TR-34 key import or by using CreateKey. To initiate a TR-31 key import, set the following parameters: KeyMaterial: Use Tr31KeyBlock parameters. WrappedKeyBlock: The TR-31 wrapped key material. It contains the key under import, encrypted using KEK. The TR-31 key block is typically generated by a HSM outside of Amazon Web Services Payment Cryptography. WrappingKeyIdentifier: The KeyArn of the KEK that Amazon Web Services Payment Cryptography uses to decrypt or unwrap the key under import. Cross-account use: This operation can't be used across different Amazon Web Services accounts. Related operations: ExportKey GetParametersForImport
|
|
100
100
|
*/
|
|
101
101
|
importKey(callback?: (err: AWSError, data: PaymentCryptography.Types.ImportKeyOutput) => void): Request<PaymentCryptography.Types.ImportKeyOutput, AWSError>;
|
|
102
102
|
/**
|
|
@@ -272,6 +272,20 @@ declare namespace PaymentCryptography {
|
|
|
272
272
|
*/
|
|
273
273
|
KeySerialNumber: HexLength20Or24;
|
|
274
274
|
}
|
|
275
|
+
export interface ExportKeyCryptogram {
|
|
276
|
+
/**
|
|
277
|
+
* The KeyARN of the certificate chain that signs the wrapping key certificate during RSA wrap and unwrap key export.
|
|
278
|
+
*/
|
|
279
|
+
CertificateAuthorityPublicKeyIdentifier: KeyArnOrKeyAliasType;
|
|
280
|
+
/**
|
|
281
|
+
* The wrapping key certificate in PEM format (base64 encoded). Amazon Web Services Payment Cryptography uses this certificate to wrap the key under export.
|
|
282
|
+
*/
|
|
283
|
+
WrappingKeyCertificate: CertificateType;
|
|
284
|
+
/**
|
|
285
|
+
* The wrapping spec for the key under export.
|
|
286
|
+
*/
|
|
287
|
+
WrappingSpec?: WrappingKeySpec;
|
|
288
|
+
}
|
|
275
289
|
export interface ExportKeyInput {
|
|
276
290
|
/**
|
|
277
291
|
* The attributes for IPEK generation during export.
|
|
@@ -287,6 +301,10 @@ declare namespace PaymentCryptography {
|
|
|
287
301
|
KeyMaterial: ExportKeyMaterial;
|
|
288
302
|
}
|
|
289
303
|
export interface ExportKeyMaterial {
|
|
304
|
+
/**
|
|
305
|
+
* Parameter information for key material export using asymmetric RSA wrap and unwrap key exchange method
|
|
306
|
+
*/
|
|
307
|
+
KeyCryptogram?: ExportKeyCryptogram;
|
|
290
308
|
/**
|
|
291
309
|
* Parameter information for key material export using symmetric TR-31 key exchange method.
|
|
292
310
|
*/
|
|
@@ -298,7 +316,7 @@ declare namespace PaymentCryptography {
|
|
|
298
316
|
}
|
|
299
317
|
export interface ExportKeyOutput {
|
|
300
318
|
/**
|
|
301
|
-
* The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock.
|
|
319
|
+
* The key material under export as a TR-34 WrappedKeyBlock or a TR-31 WrappedKeyBlock. or a RSA WrappedKeyCryptogram.
|
|
302
320
|
*/
|
|
303
321
|
WrappedKey?: WrappedKey;
|
|
304
322
|
}
|
|
@@ -389,11 +407,11 @@ declare namespace PaymentCryptography {
|
|
|
389
407
|
}
|
|
390
408
|
export interface GetParametersForImportInput {
|
|
391
409
|
/**
|
|
392
|
-
* The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK). Import token is not required for TR-31, root public key cerificate or trusted public key certificate.
|
|
410
|
+
* The method to use for key material import. Import token is only required for TR-34 WrappedKeyBlock (TR34_KEY_BLOCK) and RSA WrappedKeyCryptogram (KEY_CRYPTOGRAM). Import token is not required for TR-31, root public key cerificate or trusted public key certificate.
|
|
393
411
|
*/
|
|
394
412
|
KeyMaterialType: KeyMaterialType;
|
|
395
413
|
/**
|
|
396
|
-
* The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import. At this time, RSA_2048, RSA_3072, RSA_4096 are the
|
|
414
|
+
* The wrapping key algorithm to generate a wrapping key certificate. This certificate wraps the key under import. At this time, RSA_2048 is the allowed algorithm for TR-34 WrappedKeyBlock import. Additionally, RSA_2048, RSA_3072, RSA_4096 are the allowed algorithms for RSA WrappedKeyCryptogram import.
|
|
397
415
|
*/
|
|
398
416
|
WrappingKeyAlgorithm: KeyAlgorithm;
|
|
399
417
|
}
|
|
@@ -407,7 +425,7 @@ declare namespace PaymentCryptography {
|
|
|
407
425
|
*/
|
|
408
426
|
ParametersValidUntilTimestamp: Timestamp;
|
|
409
427
|
/**
|
|
410
|
-
* The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock.
|
|
428
|
+
* The algorithm of the wrapping key for use within TR-34 WrappedKeyBlock or RSA WrappedKeyCryptogram.
|
|
411
429
|
*/
|
|
412
430
|
WrappingKeyAlgorithm: KeyAlgorithm;
|
|
413
431
|
/**
|
|
@@ -437,6 +455,25 @@ declare namespace PaymentCryptography {
|
|
|
437
455
|
}
|
|
438
456
|
export type HexLength16 = string;
|
|
439
457
|
export type HexLength20Or24 = string;
|
|
458
|
+
export interface ImportKeyCryptogram {
|
|
459
|
+
/**
|
|
460
|
+
* Specifies whether the key is exportable from the service.
|
|
461
|
+
*/
|
|
462
|
+
Exportable: Boolean;
|
|
463
|
+
/**
|
|
464
|
+
* The import token that initiates key import using the asymmetric RSA wrap and unwrap key exchange method into AWS Payment Cryptography. It expires after 7 days. You can use the same import token to import multiple keys to the same service account.
|
|
465
|
+
*/
|
|
466
|
+
ImportToken: ImportTokenId;
|
|
467
|
+
KeyAttributes: KeyAttributes;
|
|
468
|
+
/**
|
|
469
|
+
* The RSA wrapped key cryptogram under import.
|
|
470
|
+
*/
|
|
471
|
+
WrappedKeyCryptogram: WrappedKeyCryptogram;
|
|
472
|
+
/**
|
|
473
|
+
* The wrapping spec for the wrapped key cryptogram.
|
|
474
|
+
*/
|
|
475
|
+
WrappingSpec?: WrappingKeySpec;
|
|
476
|
+
}
|
|
440
477
|
export interface ImportKeyInput {
|
|
441
478
|
/**
|
|
442
479
|
* Specifies whether import key is enabled.
|
|
@@ -456,6 +493,10 @@ declare namespace PaymentCryptography {
|
|
|
456
493
|
Tags?: Tags;
|
|
457
494
|
}
|
|
458
495
|
export interface ImportKeyMaterial {
|
|
496
|
+
/**
|
|
497
|
+
* Parameter information for key material import using asymmetric RSA wrap and unwrap key exchange method.
|
|
498
|
+
*/
|
|
499
|
+
KeyCryptogram?: ImportKeyCryptogram;
|
|
459
500
|
/**
|
|
460
501
|
* Parameter information for root public key certificate import.
|
|
461
502
|
*/
|
|
@@ -595,7 +636,7 @@ declare namespace PaymentCryptography {
|
|
|
595
636
|
export type KeyCheckValueAlgorithm = "CMAC"|"ANSI_X9_24"|string;
|
|
596
637
|
export type KeyClass = "SYMMETRIC_KEY"|"ASYMMETRIC_KEY_PAIR"|"PRIVATE_KEY"|"PUBLIC_KEY"|string;
|
|
597
638
|
export type KeyMaterial = string;
|
|
598
|
-
export type KeyMaterialType = "TR34_KEY_BLOCK"|"TR31_KEY_BLOCK"|"ROOT_PUBLIC_KEY_CERTIFICATE"|"TRUSTED_PUBLIC_KEY_CERTIFICATE"|string;
|
|
639
|
+
export type KeyMaterialType = "TR34_KEY_BLOCK"|"TR31_KEY_BLOCK"|"ROOT_PUBLIC_KEY_CERTIFICATE"|"TRUSTED_PUBLIC_KEY_CERTIFICATE"|"KEY_CRYPTOGRAM"|string;
|
|
599
640
|
export interface KeyModesOfUse {
|
|
600
641
|
/**
|
|
601
642
|
* Specifies whether an Amazon Web Services Payment Cryptography key can be used to decrypt data.
|
|
@@ -663,7 +704,7 @@ declare namespace PaymentCryptography {
|
|
|
663
704
|
KeyState: KeyState;
|
|
664
705
|
}
|
|
665
706
|
export type KeySummaryList = KeySummary[];
|
|
666
|
-
export type KeyUsage = "TR31_B0_BASE_DERIVATION_KEY"|"TR31_C0_CARD_VERIFICATION_KEY"|"TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY"|"TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION"|"TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS"|"TR31_E1_EMV_MKEY_CONFIDENTIALITY"|"TR31_E2_EMV_MKEY_INTEGRITY"|"TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS"|"TR31_E5_EMV_MKEY_CARD_PERSONALIZATION"|"TR31_E6_EMV_MKEY_OTHER"|"TR31_K0_KEY_ENCRYPTION_KEY"|"TR31_K1_KEY_BLOCK_PROTECTION_KEY"|"TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT"|"TR31_M3_ISO_9797_3_MAC_KEY"|"TR31_M6_ISO_9797_5_CMAC_KEY"|"TR31_M7_HMAC_KEY"|"TR31_P0_PIN_ENCRYPTION_KEY"|"TR31_P1_PIN_GENERATION_KEY"|"TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE"|"TR31_V1_IBM3624_PIN_VERIFICATION_KEY"|"TR31_V2_VISA_PIN_VERIFICATION_KEY"|"TR31_K2_TR34_ASYMMETRIC_KEY"|string;
|
|
707
|
+
export type KeyUsage = "TR31_B0_BASE_DERIVATION_KEY"|"TR31_C0_CARD_VERIFICATION_KEY"|"TR31_D0_SYMMETRIC_DATA_ENCRYPTION_KEY"|"TR31_D1_ASYMMETRIC_KEY_FOR_DATA_ENCRYPTION"|"TR31_E0_EMV_MKEY_APP_CRYPTOGRAMS"|"TR31_E1_EMV_MKEY_CONFIDENTIALITY"|"TR31_E2_EMV_MKEY_INTEGRITY"|"TR31_E4_EMV_MKEY_DYNAMIC_NUMBERS"|"TR31_E5_EMV_MKEY_CARD_PERSONALIZATION"|"TR31_E6_EMV_MKEY_OTHER"|"TR31_K0_KEY_ENCRYPTION_KEY"|"TR31_K1_KEY_BLOCK_PROTECTION_KEY"|"TR31_K3_ASYMMETRIC_KEY_FOR_KEY_AGREEMENT"|"TR31_M3_ISO_9797_3_MAC_KEY"|"TR31_M1_ISO_9797_1_MAC_KEY"|"TR31_M6_ISO_9797_5_CMAC_KEY"|"TR31_M7_HMAC_KEY"|"TR31_P0_PIN_ENCRYPTION_KEY"|"TR31_P1_PIN_GENERATION_KEY"|"TR31_S0_ASYMMETRIC_KEY_FOR_DIGITAL_SIGNATURE"|"TR31_V1_IBM3624_PIN_VERIFICATION_KEY"|"TR31_V2_VISA_PIN_VERIFICATION_KEY"|"TR31_K2_TR34_ASYMMETRIC_KEY"|string;
|
|
667
708
|
export interface ListAliasesInput {
|
|
668
709
|
/**
|
|
669
710
|
* Use this parameter to specify the maximum number of items to return. When this value is present, Amazon Web Services Payment Cryptography does not return more than the specified number of items, but it might return fewer. This value is optional. If you include a value, it must be between 1 and 100, inclusive. If you do not include a value, it defaults to 50.
|
|
@@ -876,7 +917,9 @@ declare namespace PaymentCryptography {
|
|
|
876
917
|
*/
|
|
877
918
|
WrappingKeyArn: KeyArn;
|
|
878
919
|
}
|
|
920
|
+
export type WrappedKeyCryptogram = string;
|
|
879
921
|
export type WrappedKeyMaterialFormat = "KEY_CRYPTOGRAM"|"TR31_KEY_BLOCK"|"TR34_KEY_BLOCK"|string;
|
|
922
|
+
export type WrappingKeySpec = "RSA_OAEP_SHA_256"|"RSA_OAEP_SHA_512"|string;
|
|
880
923
|
/**
|
|
881
924
|
* A string in YYYY-MM-DD format that represents the latest possible API version that can be used in this service. Specify 'latest' to use the latest possible version.
|
|
882
925
|
*/
|
|
@@ -28,11 +28,11 @@ declare class Personalize extends Service {
|
|
|
28
28
|
*/
|
|
29
29
|
createBatchSegmentJob(callback?: (err: AWSError, data: Personalize.Types.CreateBatchSegmentJobResponse) => void): Request<Personalize.Types.CreateBatchSegmentJobResponse, AWSError>;
|
|
30
30
|
/**
|
|
31
|
-
* Creates a campaign that deploys a solution version. When a client calls the GetRecommendations and GetPersonalizedRanking APIs, a campaign is specified in the request. Minimum Provisioned TPS and Auto-Scaling A high minProvisionedTPS will increase your
|
|
31
|
+
* Creates a campaign that deploys a solution version. When a client calls the GetRecommendations and GetPersonalizedRanking APIs, a campaign is specified in the request. Minimum Provisioned TPS and Auto-Scaling A high minProvisionedTPS will increase your cost. We recommend starting with 1 for minProvisionedTPS (the default). Track your usage using Amazon CloudWatch metrics, and increase the minProvisionedTPS as necessary. When you create an Amazon Personalize campaign, you can specify the minimum provisioned transactions per second (minProvisionedTPS) for the campaign. This is the baseline transaction throughput for the campaign provisioned by Amazon Personalize. It sets the minimum billing charge for the campaign while it is active. A transaction is a single GetRecommendations or GetPersonalizedRanking request. The default minProvisionedTPS is 1. If your TPS increases beyond the minProvisionedTPS, Amazon Personalize auto-scales the provisioned capacity up and down, but never below minProvisionedTPS. There's a short time delay while the capacity is increased that might cause loss of transactions. When your traffic reduces, capacity returns to the minProvisionedTPS. You are charged for the the minimum provisioned TPS or, if your requests exceed the minProvisionedTPS, the actual TPS. The actual TPS is the total number of recommendation requests you make. We recommend starting with a low minProvisionedTPS, track your usage using Amazon CloudWatch metrics, and then increase the minProvisionedTPS as necessary. For more information about campaign costs, see Amazon Personalize pricing. Status A campaign can be in one of the following states: CREATE PENDING > CREATE IN_PROGRESS > ACTIVE -or- CREATE FAILED DELETE PENDING > DELETE IN_PROGRESS To get the campaign status, call DescribeCampaign. Wait until the status of the campaign is ACTIVE before asking the campaign for recommendations. Related APIs ListCampaigns DescribeCampaign UpdateCampaign DeleteCampaign
|
|
32
32
|
*/
|
|
33
33
|
createCampaign(params: Personalize.Types.CreateCampaignRequest, callback?: (err: AWSError, data: Personalize.Types.CreateCampaignResponse) => void): Request<Personalize.Types.CreateCampaignResponse, AWSError>;
|
|
34
34
|
/**
|
|
35
|
-
* Creates a campaign that deploys a solution version. When a client calls the GetRecommendations and GetPersonalizedRanking APIs, a campaign is specified in the request. Minimum Provisioned TPS and Auto-Scaling A high minProvisionedTPS will increase your
|
|
35
|
+
* Creates a campaign that deploys a solution version. When a client calls the GetRecommendations and GetPersonalizedRanking APIs, a campaign is specified in the request. Minimum Provisioned TPS and Auto-Scaling A high minProvisionedTPS will increase your cost. We recommend starting with 1 for minProvisionedTPS (the default). Track your usage using Amazon CloudWatch metrics, and increase the minProvisionedTPS as necessary. When you create an Amazon Personalize campaign, you can specify the minimum provisioned transactions per second (minProvisionedTPS) for the campaign. This is the baseline transaction throughput for the campaign provisioned by Amazon Personalize. It sets the minimum billing charge for the campaign while it is active. A transaction is a single GetRecommendations or GetPersonalizedRanking request. The default minProvisionedTPS is 1. If your TPS increases beyond the minProvisionedTPS, Amazon Personalize auto-scales the provisioned capacity up and down, but never below minProvisionedTPS. There's a short time delay while the capacity is increased that might cause loss of transactions. When your traffic reduces, capacity returns to the minProvisionedTPS. You are charged for the the minimum provisioned TPS or, if your requests exceed the minProvisionedTPS, the actual TPS. The actual TPS is the total number of recommendation requests you make. We recommend starting with a low minProvisionedTPS, track your usage using Amazon CloudWatch metrics, and then increase the minProvisionedTPS as necessary. For more information about campaign costs, see Amazon Personalize pricing. Status A campaign can be in one of the following states: CREATE PENDING > CREATE IN_PROGRESS > ACTIVE -or- CREATE FAILED DELETE PENDING > DELETE IN_PROGRESS To get the campaign status, call DescribeCampaign. Wait until the status of the campaign is ACTIVE before asking the campaign for recommendations. Related APIs ListCampaigns DescribeCampaign UpdateCampaign DeleteCampaign
|
|
36
36
|
*/
|
|
37
37
|
createCampaign(callback?: (err: AWSError, data: Personalize.Types.CreateCampaignResponse) => void): Request<Personalize.Types.CreateCampaignResponse, AWSError>;
|
|
38
38
|
/**
|
|
@@ -870,7 +870,7 @@ declare namespace Personalize {
|
|
|
870
870
|
*/
|
|
871
871
|
itemExplorationConfig?: HyperParameters;
|
|
872
872
|
/**
|
|
873
|
-
* Whether metadata with recommendations is enabled for the campaign. If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response.
|
|
873
|
+
* Whether metadata with recommendations is enabled for the campaign. If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response. For information about enabling metadata for a campaign, see Enabling metadata in recommendations for a campaign. If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.
|
|
874
874
|
*/
|
|
875
875
|
enableMetadataWithRecommendations?: Boolean;
|
|
876
876
|
}
|
|
@@ -1338,11 +1338,11 @@ declare namespace Personalize {
|
|
|
1338
1338
|
*/
|
|
1339
1339
|
performHPO?: Boolean;
|
|
1340
1340
|
/**
|
|
1341
|
-
* We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see
|
|
1341
|
+
* We don't recommend enabling automated machine learning. Instead, match your use case to the available Amazon Personalize recipes. For more information, see Choosing a recipe. Whether to perform automated machine learning (AutoML). The default is false. For this case, you must specify recipeArn. When set to true, Amazon Personalize analyzes your training data and selects the optimal USER_PERSONALIZATION recipe and hyperparameters. In this case, you must omit recipeArn. Amazon Personalize determines the optimal recipe by running tests with different values for the hyperparameters. AutoML lengthens the training process as compared to selecting a specific recipe.
|
|
1342
1342
|
*/
|
|
1343
1343
|
performAutoML?: PerformAutoML;
|
|
1344
1344
|
/**
|
|
1345
|
-
* The ARN of the recipe to use for model training. This is required when performAutoML is false.
|
|
1345
|
+
* The Amazon Resource Name (ARN) of the recipe to use for model training. This is required when performAutoML is false. For information about different Amazon Personalize recipes and their ARNs, see Choosing a recipe.
|
|
1346
1346
|
*/
|
|
1347
1347
|
recipeArn?: Arn;
|
|
1348
1348
|
/**
|
|
@@ -2965,7 +2965,7 @@ declare namespace Personalize {
|
|
|
2965
2965
|
*/
|
|
2966
2966
|
trainingDataConfig?: TrainingDataConfig;
|
|
2967
2967
|
/**
|
|
2968
|
-
* Whether metadata with recommendations is enabled for the recommender. If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response.
|
|
2968
|
+
* Whether metadata with recommendations is enabled for the recommender. If enabled, you can specify the columns from your Items dataset in your request for recommendations. Amazon Personalize returns this data for each item in the recommendation response. For information about enabling metadata for a recommender, see Enabling metadata in recommendations for a recommender. If you enable metadata in recommendations, you will incur additional costs. For more information, see Amazon Personalize pricing.
|
|
2969
2969
|
*/
|
|
2970
2970
|
enableMetadataWithRecommendations?: Boolean;
|
|
2971
2971
|
}
|
|
@@ -197,11 +197,11 @@ declare class Rekognition extends Service {
|
|
|
197
197
|
*/
|
|
198
198
|
describeStreamProcessor(callback?: (err: AWSError, data: Rekognition.Types.DescribeStreamProcessorResponse) => void): Request<Rekognition.Types.DescribeStreamProcessorResponse, AWSError>;
|
|
199
199
|
/**
|
|
200
|
-
* This operation applies only to Amazon Rekognition Custom Labels. Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model. You specify which version of a model version to use by using the ProjectVersionArn input parameter. You pass the input image as base64-encoded image bytes or as a reference to an image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing image bytes is not supported. The image must be either a PNG or JPEG formatted file. For each object that the model version detects on an image, the API returns a (CustomLabel) object in an array (CustomLabels). Each CustomLabel object provides the label name (Name), the level of confidence that the image contains the object (Confidence), and object location information, if it exists, for the label on the image (Geometry).
|
|
200
|
+
* This operation applies only to Amazon Rekognition Custom Labels. Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model. You specify which version of a model version to use by using the ProjectVersionArn input parameter. You pass the input image as base64-encoded image bytes or as a reference to an image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing image bytes is not supported. The image must be either a PNG or JPEG formatted file. For each object that the model version detects on an image, the API returns a (CustomLabel) object in an array (CustomLabels). Each CustomLabel object provides the label name (Name), the level of confidence that the image contains the object (Confidence), and object location information, if it exists, for the label on the image (Geometry). Note that for the DetectCustomLabelsLabels operation, Polygons are not returned in the Geometry section of the response. To filter labels that are returned, specify a value for MinConfidence. DetectCustomLabelsLabels only returns labels with a confidence that's higher than the specified value. The value of MinConfidence maps to the assumed threshold values created during training. For more information, see Assumed threshold in the Amazon Rekognition Custom Labels Developer Guide. Amazon Rekognition Custom Labels metrics expresses an assumed threshold as a floating point value between 0-1. The range of MinConfidence normalizes the threshold value to a percentage value (0-100). Confidence responses from DetectCustomLabels are also returned as a percentage. You can use MinConfidence to change the precision and recall or your model. For more information, see Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide. If you don't specify a value for MinConfidence, DetectCustomLabels returns labels based on the assumed threshold of each label. This is a stateless API operation. That is, the operation does not persist any data. This operation requires permissions to perform the rekognition:DetectCustomLabels action. For more information, see Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
|
|
201
201
|
*/
|
|
202
202
|
detectCustomLabels(params: Rekognition.Types.DetectCustomLabelsRequest, callback?: (err: AWSError, data: Rekognition.Types.DetectCustomLabelsResponse) => void): Request<Rekognition.Types.DetectCustomLabelsResponse, AWSError>;
|
|
203
203
|
/**
|
|
204
|
-
* This operation applies only to Amazon Rekognition Custom Labels. Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model. You specify which version of a model version to use by using the ProjectVersionArn input parameter. You pass the input image as base64-encoded image bytes or as a reference to an image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing image bytes is not supported. The image must be either a PNG or JPEG formatted file. For each object that the model version detects on an image, the API returns a (CustomLabel) object in an array (CustomLabels). Each CustomLabel object provides the label name (Name), the level of confidence that the image contains the object (Confidence), and object location information, if it exists, for the label on the image (Geometry).
|
|
204
|
+
* This operation applies only to Amazon Rekognition Custom Labels. Detects custom labels in a supplied image by using an Amazon Rekognition Custom Labels model. You specify which version of a model version to use by using the ProjectVersionArn input parameter. You pass the input image as base64-encoded image bytes or as a reference to an image in an Amazon S3 bucket. If you use the AWS CLI to call Amazon Rekognition operations, passing image bytes is not supported. The image must be either a PNG or JPEG formatted file. For each object that the model version detects on an image, the API returns a (CustomLabel) object in an array (CustomLabels). Each CustomLabel object provides the label name (Name), the level of confidence that the image contains the object (Confidence), and object location information, if it exists, for the label on the image (Geometry). Note that for the DetectCustomLabelsLabels operation, Polygons are not returned in the Geometry section of the response. To filter labels that are returned, specify a value for MinConfidence. DetectCustomLabelsLabels only returns labels with a confidence that's higher than the specified value. The value of MinConfidence maps to the assumed threshold values created during training. For more information, see Assumed threshold in the Amazon Rekognition Custom Labels Developer Guide. Amazon Rekognition Custom Labels metrics expresses an assumed threshold as a floating point value between 0-1. The range of MinConfidence normalizes the threshold value to a percentage value (0-100). Confidence responses from DetectCustomLabels are also returned as a percentage. You can use MinConfidence to change the precision and recall or your model. For more information, see Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide. If you don't specify a value for MinConfidence, DetectCustomLabels returns labels based on the assumed threshold of each label. This is a stateless API operation. That is, the operation does not persist any data. This operation requires permissions to perform the rekognition:DetectCustomLabels action. For more information, see Analyzing an image in the Amazon Rekognition Custom Labels Developer Guide.
|
|
205
205
|
*/
|
|
206
206
|
detectCustomLabels(callback?: (err: AWSError, data: Rekognition.Types.DetectCustomLabelsResponse) => void): Request<Rekognition.Types.DetectCustomLabelsResponse, AWSError>;
|
|
207
207
|
/**
|
|
@@ -668,7 +668,7 @@ declare namespace Rekognition {
|
|
|
668
668
|
}
|
|
669
669
|
export interface AssociateFacesResponse {
|
|
670
670
|
/**
|
|
671
|
-
* An array of AssociatedFace objects containing FaceIDs that
|
|
671
|
+
* An array of AssociatedFace objects containing FaceIDs that have been successfully associated with the UserID. Returned if the AssociateFaces action is successful.
|
|
672
672
|
*/
|
|
673
673
|
AssociatedFaces?: AssociatedFacesList;
|
|
674
674
|
/**
|
|
@@ -972,6 +972,17 @@ declare namespace Rekognition {
|
|
|
972
972
|
}
|
|
973
973
|
export type ContentModerationDetections = ContentModerationDetection[];
|
|
974
974
|
export type ContentModerationSortBy = "NAME"|"TIMESTAMP"|string;
|
|
975
|
+
export interface ContentType {
|
|
976
|
+
/**
|
|
977
|
+
* The confidence level of the label given
|
|
978
|
+
*/
|
|
979
|
+
Confidence?: Percent;
|
|
980
|
+
/**
|
|
981
|
+
* The name of the label
|
|
982
|
+
*/
|
|
983
|
+
Name?: String;
|
|
984
|
+
}
|
|
985
|
+
export type ContentTypes = ContentType[];
|
|
975
986
|
export interface CopyProjectVersionRequest {
|
|
976
987
|
/**
|
|
977
988
|
* The ARN of the source project in the trusting AWS account.
|
|
@@ -1809,6 +1820,10 @@ declare namespace Rekognition {
|
|
|
1809
1820
|
* Identifier of the custom adapter that was used during inference. If during inference the adapter was EXPIRED, then the parameter will not be returned, indicating that a base moderation detection project version was used.
|
|
1810
1821
|
*/
|
|
1811
1822
|
ProjectVersion?: ProjectVersionId;
|
|
1823
|
+
/**
|
|
1824
|
+
* A list of predicted results for the type of content an image contains. For example, the image content might be from animation, sports, or a video game.
|
|
1825
|
+
*/
|
|
1826
|
+
ContentTypes?: ContentTypes;
|
|
1812
1827
|
}
|
|
1813
1828
|
export interface DetectProtectiveEquipmentRequest {
|
|
1814
1829
|
/**
|
|
@@ -3366,6 +3381,12 @@ declare namespace Rekognition {
|
|
|
3366
3381
|
export interface MediaAnalysisManifestSummary {
|
|
3367
3382
|
S3Object?: S3Object;
|
|
3368
3383
|
}
|
|
3384
|
+
export interface MediaAnalysisModelVersions {
|
|
3385
|
+
/**
|
|
3386
|
+
* The Moderation base model version.
|
|
3387
|
+
*/
|
|
3388
|
+
Moderation?: String;
|
|
3389
|
+
}
|
|
3369
3390
|
export interface MediaAnalysisOperationsConfig {
|
|
3370
3391
|
/**
|
|
3371
3392
|
* Contains configuration options for a DetectModerationLabels job.
|
|
@@ -3384,6 +3405,10 @@ declare namespace Rekognition {
|
|
|
3384
3405
|
}
|
|
3385
3406
|
export interface MediaAnalysisResults {
|
|
3386
3407
|
S3Object?: S3Object;
|
|
3408
|
+
/**
|
|
3409
|
+
* Information about the model versions for the features selected in a given job.
|
|
3410
|
+
*/
|
|
3411
|
+
ModelVersions?: MediaAnalysisModelVersions;
|
|
3387
3412
|
}
|
|
3388
3413
|
export type MediaAnalysisS3KeyPrefix = string;
|
|
3389
3414
|
export type MinCoveragePercentage = number;
|
|
@@ -3400,6 +3425,10 @@ declare namespace Rekognition {
|
|
|
3400
3425
|
* The name for the parent label. Labels at the top level of the hierarchy have the parent label "".
|
|
3401
3426
|
*/
|
|
3402
3427
|
ParentName?: String;
|
|
3428
|
+
/**
|
|
3429
|
+
* The level of the moderation label with regard to its taxonomy, from 1 to 3.
|
|
3430
|
+
*/
|
|
3431
|
+
TaxonomyLevel?: UInteger;
|
|
3403
3432
|
}
|
|
3404
3433
|
export type ModerationLabels = ModerationLabel[];
|
|
3405
3434
|
export interface MouthOpen {
|
|
@@ -8054,7 +8054,7 @@ declare namespace SecurityHub {
|
|
|
8054
8054
|
*/
|
|
8055
8055
|
Version?: AwsLambdaLayerVersionNumber;
|
|
8056
8056
|
/**
|
|
8057
|
-
* The layer's compatible runtimes. Maximum number of
|
|
8057
|
+
* The layer's compatible function runtimes. The following list includes deprecated runtimes. For more information, see Runtime deprecation policy in the Lambda Developer Guide. Array Members: Maximum number of 5 items. Valid Values: nodejs | nodejs4.3 | nodejs6.10 | nodejs8.10 | nodejs10.x | nodejs12.x | nodejs14.x | nodejs16.x | java8 | java8.al2 | java11 | python2.7 | python3.6 | python3.7 | python3.8 | python3.9 | dotnetcore1.0 | dotnetcore2.0 | dotnetcore2.1 | dotnetcore3.1 | dotnet6 | nodejs4.3-edge | go1.x | ruby2.5 | ruby2.7 | provided | provided.al2 | nodejs18.x | python3.10 | java17 | ruby3.2 | python3.11 | nodejs20.x | provided.al2023 | python3.12 | java21
|
|
8058
8058
|
*/
|
|
8059
8059
|
CompatibleRuntimes?: NonEmptyStringList;
|
|
8060
8060
|
/**
|