diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMS.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMS.java index 2142e81879..a9e8943634 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMS.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMS.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -255,6 +255,12 @@ public interface AWSKMS { *
* Related operations: ScheduleKeyDeletion *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param cancelKeyDeletionRequest * @return cancelKeyDeletionResult The response from the CancelKeyDeletion @@ -416,6 +422,12 @@ CancelKeyDeletionResult cancelKeyDeletion(CancelKeyDeletionRequest cancelKeyDele * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param connectCustomKeyStoreRequest * @return connectCustomKeyStoreResult The response from the @@ -533,6 +545,12 @@ ConnectCustomKeyStoreResult connectCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createAliasRequest * @throws DependencyTimeoutException @@ -695,6 +713,12 @@ void createAlias(CreateAliasRequest createAliasRequest) throws AmazonClientExcep * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createCustomKeyStoreRequest * @return createCustomKeyStoreResult The response from the @@ -826,6 +850,12 @@ CreateCustomKeyStoreResult createCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createGrantRequest * @return createGrantResult The response from the CreateGrant service @@ -923,10 +953,15 @@ CreateGrantResult createGrant(CreateGrantRequest createGrantRequest) * pair, or an SM2 key pair (China Regions only). The private key in an * asymmetric KMS key never leaves KMS unencrypted. However, you can use the * GetPublicKey operation to download the public key so it can be - * used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS - * keys with ECC key pairs can be used only to sign and verify messages. For - * information about asymmetric KMS keys, see ECC_SECG_P256K1 can be used + * only to sign and verify messages. KMS keys with SM2 key pairs (China + * Regions only) can be used to either encrypt and decrypt data, sign and + * verify messages, or derive shared secrets (you must choose one key usage + * type). For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer * Guide. @@ -1124,6 +1159,12 @@ CreateGrantResult createGrant(CreateGrantRequest createGrantRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createKeyRequest * @return createKeyResult The response from the CreateKey service method, @@ -1243,12 +1284,12 @@ CreateKeyResult createKey(CreateKeyRequest createKeyRequest) throws AmazonClient * SDK. Use theRecipient
parameter to provide the attestation
* document for the enclave. Instead of the plaintext data, the response
* includes the plaintext data encrypted with the public key from the
- * attestation document (CiphertextForRecipient
).For
+ * attestation document (CiphertextForRecipient
). For
* information about the interaction between KMS and Amazon Web Services
* Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
- * Management Service Developer Guide..
+ * Management Service Developer Guide.
*
* * The KMS key that you use for this operation must be in a compatible key @@ -1292,6 +1333,12 @@ CreateKeyResult createKey(CreateKeyRequest createKeyRequest) throws AmazonClient *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param decryptRequest * @return decryptResult The response from the Decrypt service method, as @@ -1392,6 +1439,12 @@ DecryptResult decrypt(DecryptRequest decryptRequest) throws AmazonClientExceptio * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteAliasRequest * @throws DependencyTimeoutException @@ -1498,6 +1551,12 @@ void deleteAlias(DeleteAliasRequest deleteAliasRequest) throws AmazonClientExcep * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteCustomKeyStoreRequest * @return deleteCustomKeyStoreResult The response from the @@ -1565,6 +1624,12 @@ DeleteCustomKeyStoreResult deleteCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteImportedKeyMaterialRequest * @throws InvalidArnException @@ -1584,6 +1649,168 @@ DeleteCustomKeyStoreResult deleteCustomKeyStore( void deleteImportedKeyMaterial(DeleteImportedKeyMaterialRequest deleteImportedKeyMaterialRequest) throws AmazonClientException, AmazonServiceException; + /** + *+ * Derives a shared secret using a key agreement algorithm. + *
+ *
+ * You must use an asymmetric NIST-recommended elliptic curve (ECC) or SM2
+ * (China Regions only) KMS key pair with a KeyUsage
value of
+ * KEY_AGREEMENT
to call DeriveSharedSecret.
+ *
+ * DeriveSharedSecret uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman Primitive (ECDH) + * to establish a key agreement between two peers by deriving a shared + * secret from their elliptic curve public-private key pairs. You can use + * the raw shared secret that DeriveSharedSecret returns to derive a + * symmetric key that can encrypt and decrypt data that is sent between the + * two peers, or that can generate and verify HMACs. KMS recommends that you + * follow NIST recommendations for key derivation when using the raw shared + * secret to derive a symmetric key. + *
+ *+ * The following workflow demonstrates how to establish key agreement over + * an insecure communication channel using DeriveSharedSecret. + *
+ *
+ * Alice calls CreateKey to create an asymmetric KMS key pair
+ * with a KeyUsage
value of KEY_AGREEMENT
.
+ *
+ * The asymmetric KMS key must use a NIST-recommended elliptic curve (ECC) + * or SM2 (China Regions only) key spec. + *
+ *+ * Bob creates an elliptic curve key pair. + *
+ *+ * Bob can call CreateKey to create an asymmetric KMS key pair or + * generate a key pair outside of KMS. Bob's key pair must use the same + * NIST-recommended elliptic curve (ECC) or SM2 (China Regions ony) curve as + * Alice. + *
+ *+ * Alice and Bob exchange their public keys through an insecure + * communication channel (like the internet). + *
+ *+ * Use GetPublicKey to download the public key of your asymmetric KMS + * key pair. + *
+ *+ * KMS strongly recommends verifying that the public key you receive came + * from the expected party before using it to derive a shared secret. + *
+ *+ * Alice calls DeriveSharedSecret. + *
+ *+ * KMS uses the private key from the KMS key pair generated in Step + * 1, Bob's public key, and the Elliptic Curve Cryptography Cofactor + * Diffie-Hellman Primitive to derive the shared secret. The private key in + * your KMS key pair never leaves KMS unencrypted. DeriveSharedSecret + * returns the raw shared secret. + *
+ *+ * Bob uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman + * Primitive to calculate the same raw secret using his private key and + * Alice's public key. + *
+ *+ * To derive a shared secret you must provide a key agreement algorithm, the + * private key of the caller's asymmetric NIST-recommended elliptic curve or + * SM2 (China Regions only) KMS key pair, and the public key from your + * peer's NIST-recommended elliptic curve or SM2 (China Regions only) key + * pair. The public key can be from another asymmetric KMS key pair or from + * a key pair generated outside of KMS, but both key pairs must be on the + * same elliptic curve. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *
+ * Cross-account use: Yes. To perform this operation with a KMS key
+ * in a different Amazon Web Services account, specify the key ARN or alias
+ * ARN in the value of the KeyId
parameter.
+ *
+ * Required permissions: kms:DeriveSharedSecret (key policy) + *
+ *+ * Related operations: + *
+ *+ * CreateKey + *
+ *+ * GetPublicKey + *
+ *+ * DescribeKey + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param deriveSharedSecretRequest + * @return deriveSharedSecretResult The response from the DeriveSharedSecret + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws DisabledException + * @throws KeyUnavailableException + * @throws DependencyTimeoutException + * @throws InvalidGrantTokenException + * @throws InvalidKeyUsageException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws DryRunOperationException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + DeriveSharedSecretResult deriveSharedSecret(DeriveSharedSecretRequest deriveSharedSecretRequest) + throws AmazonClientException, AmazonServiceException; + /** *
* Gets information about
*
*
+ *
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
- * For multi
- * -Region keys, DescribeKey
displays the primary key and
- * all related replica keys. For KMS keys in CloudHSM key
- * stores, it includes information about the key store, such as the key
- * store ID and the CloudHSM cluster ID. For KMS keys in external key
- * stores, it includes the custom key store ID and the ID of the
- * external key.
+ * For multi-Region keys, DescribeKey
displays the primary key
+ * and all related replica keys. For KMS keys in CloudHSM key stores, it includes information about the key store,
+ * such as the key store ID and the CloudHSM cluster ID. For KMS keys in external key stores, it includes the custom key store ID and the ID
+ * of the external key.
*
* DescribeKey
does not return the following information:
@@ -1814,6 +2048,12 @@ DescribeCustomKeyStoresResult describeCustomKeyStores(
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param describeKeyRequest * @return describeKeyResult The response from the DescribeKey service @@ -1866,6 +2106,12 @@ DescribeKeyResult describeKey(DescribeKeyRequest describeKeyRequest) ** Related operations: EnableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disableKeyRequest * @throws NotFoundException @@ -1954,7 +2200,23 @@ void disableKey(DisableKeyRequest disableKeyRequest) throws AmazonClientExceptio * GetKeyRotationStatus * * + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disableKeyRotationRequest * @throws NotFoundException @@ -2054,6 +2316,12 @@ void disableKeyRotation(DisableKeyRotationRequest disableKeyRotationRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disconnectCustomKeyStoreRequest * @return disconnectCustomKeyStoreResult The response from the @@ -2100,6 +2368,12 @@ DisconnectCustomKeyStoreResult disconnectCustomKeyStore( ** Related operations: DisableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param enableKeyRequest * @throws NotFoundException @@ -2122,19 +2396,29 @@ void enableKey(EnableKeyRequest enableKeyRequest) throws AmazonClientException, /** ** Enables automatic rotation of the key material of the specified symmetric * encryption KMS key. *
*
- * When you enable automatic rotation of acustomer managed KMS key, KMS rotates the key material of the KMS
* key one year (approximately 365 days) from the enable date and every year
- * thereafter. You can monitor rotation of the key material for your KMS
- * keys in CloudTrail and Amazon CloudWatch. To disable rotation of the key
- * material in a customer managed KMS key, use the DisableKeyRotation
- * operation.
+ * thereafter. You can use the optional RotationPeriodInDays
+ * parameter to specify a custom rotation period when you enable key
+ * rotation, or you can use RotationPeriodInDays
to modify the
+ * rotation period of a key that you previously enabled automatic key
+ * rotation on.
+ *
+ * You can monitor rotation of the key material for your KMS keys in + * CloudTrail and Amazon CloudWatch. To disable rotation of the key material + * in a customer managed KMS key, use the DisableKeyRotation + * operation. You can use the GetKeyRotationStatus operation to + * identify any in progress rotations. You can use the + * ListKeyRotations operation to view the details of completed + * rotations. *
** Automatic key rotation is supported only on multi-Region keys, set the property on the primary key. *
*- * You cannot enable or disable automatic rotation Amazon Web Services managed KMS keys. KMS always rotates the key * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys varies. + * >Amazon Web Services owned KMS keys is managed by the Amazon Web + * Services service that owns the key. *
*@@ -2207,7 +2492,29 @@ void enableKey(EnableKeyRequest enableKeyRequest) throws AmazonClientException, * GetKeyRotationStatus *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not + * automatic key rotation is enabled. + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param enableKeyRotationRequest * @throws NotFoundException @@ -2386,6 +2693,12 @@ void enableKeyRotation(EnableKeyRotationRequest enableKeyRotationRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param encryptRequest * @return encryptResult The response from the Encrypt service method, as @@ -2578,6 +2891,12 @@ EncryptResult encrypt(EncryptRequest encryptRequest) throws AmazonClientExceptio * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyRequest * @return generateDataKeyResult The response from the GenerateDataKey @@ -2609,8 +2928,8 @@ GenerateDataKeyResult generateDataKey(GenerateDataKeyRequest generateDataKeyRequ * copy of the private key that is encrypted under the symmetric encryption * KMS key you specify. You can use the data key pair to perform asymmetric * cryptography and implement digital signatures outside of KMS. The bytes - * in the keys are random; they not related to the caller or to the KMS key - * that is used to encrypt the private key. + * in the keys are random; they are not related to the caller or to the KMS + * key that is used to encrypt the private key. * *
* You can use the public key that GenerateDataKeyPair
returns
@@ -2734,6 +3053,12 @@ GenerateDataKeyResult generateDataKey(GenerateDataKeyRequest generateDataKeyRequ
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyPairRequest * @return generateDataKeyPairResult The response from the @@ -2859,6 +3184,12 @@ GenerateDataKeyPairResult generateDataKeyPair( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyPairWithoutPlaintextRequest * @return generateDataKeyPairWithoutPlaintextResult The response from the @@ -3000,6 +3331,12 @@ GenerateDataKeyPairWithoutPlaintextResult generateDataKeyPairWithoutPlaintext( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyWithoutPlaintextRequest * @return generateDataKeyWithoutPlaintextResult The response from the @@ -3076,6 +3413,12 @@ GenerateDataKeyWithoutPlaintextResult generateDataKeyWithoutPlaintext( ** Related operations: VerifyMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateMacRequest * @return generateMacResult The response from the GenerateMac service @@ -3145,6 +3488,12 @@ GenerateMacResult generateMac(GenerateMacRequest generateMacRequest) * "https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html" * >kms:GenerateRandom (IAM policy) * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateRandomRequest * @return generateRandomResult The response from the GenerateRandom service @@ -3179,7 +3528,15 @@ GenerateRandomResult generateRandom(GenerateRandomRequest generateRandomRequest) * >kms:GetKeyPolicy (key policy) * *- * Related operations: PutKeyPolicy + * Related operations: PutKeyPolicy + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. *
* * @param getKeyPolicyRequest @@ -3203,18 +3560,13 @@ GetKeyPolicyResult getKeyPolicy(GetKeyPolicyRequest getKeyPolicyRequest) /** *- * Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified - * KMS key. - *
- *- * When you enable automatic rotation for customer managed KMS keys, KMS rotates the key material of the KMS - * key one year (approximately 365 days) from the enable date and every year - * thereafter. You can monitor rotation of the key material for your KMS - * keys in CloudTrail and Amazon CloudWatch. + * KMS key, the rotation period, and the next scheduled rotation date. *
** Automatic key rotation is supported only on true. *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not + * automatic key rotation is enabled. You can use GetKeyRotationStatus to + * identify the date and time that an in progress on-demand rotation was + * initiated. You can use ListKeyRotations to view the details of + * completed rotations. + *
** In May 2022, KMS changed the rotation schedule for Amazon Web Services @@ -3302,7 +3662,23 @@ GetKeyPolicyResult getKeyPolicy(GetKeyPolicyRequest getKeyPolicyRequest) * EnableKeyRotation *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getKeyRotationStatusRequest * @return getKeyRotationStatusResult The response from the @@ -3348,14 +3724,15 @@ GetKeyRotationStatusResult getKeyRotationStatus( *EXTERNAL
to create a KMS key with no key material. You can
* import key material for a symmetric encryption KMS key, HMAC KMS key,
* asymmetric encryption KMS key, or asymmetric signing KMS key. You can
- * also import key material into a multi-Region key of any supported type. However, you can't import
- * key material into a KMS key in a custom
- * key store. You can also use GetParametersForImport
to
- * get a public key and import token to custom key store. You can also use
+ * GetParametersForImport
to get a public key and import token
+ * to reimport the original key material into a KMS key whose key material
* expired or was deleted.
*
@@ -3447,6 +3824,12 @@ GetKeyRotationStatusResult getKeyRotationStatus(
*
*
*
+ * + * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getParametersForImportRequest * @return getParametersForImportResult The response from the @@ -3509,7 +3892,8 @@ GetParametersForImportResult getParametersForImport( ** KeyUsage: Whether the key is used for encryption or signing. + * >KeyUsage: Whether the key is used for encryption, signing, or + * deriving a shared secret. *
* ** Related operations: CreateKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getPublicKeyRequest * @return getPublicKeyResult The response from the GetPublicKey service @@ -3610,9 +4000,7 @@ GetPublicKeyResult getPublicKey(GetPublicKeyRequest getPublicKeyRequest) * import different key material. You might reimport key material to replace * key material that expired or key material that you deleted. You might * also reimport key material to change the expiration model or expiration - * date of the key material. Before reimporting key material, if necessary, - * call DeleteImportedKeyMaterial to delete the current imported key - * material. + * date of the key material. * ** Each time you import key material into KMS, you can determine whether ( @@ -3765,6 +4153,12 @@ GetPublicKeyResult getPublicKey(GetPublicKeyRequest getPublicKeyRequest) *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param importKeyMaterialRequest * @return importKeyMaterialResult The response from the ImportKeyMaterial @@ -3852,6 +4246,12 @@ ImportKeyMaterialResult importKeyMaterial(ImportKeyMaterialRequest importKeyMate * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listAliasesRequest * @return listAliasesResult The response from the ListAliases service @@ -3937,6 +4337,12 @@ ListAliasesResult listAliases(ListAliasesRequest listAliasesRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listGrantsRequest * @return listGrantsResult The response from the ListGrants service method, @@ -3986,10 +4392,18 @@ ListGrantsResult listGrants(ListGrantsRequest listGrantsRequest) throws AmazonCl * *- * PutKeyPolicy + * PutKeyPolicy *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listKeyPoliciesRequest * @return listKeyPoliciesResult The response from the ListKeyPolicies @@ -4010,6 +4424,83 @@ ListGrantsResult listGrants(ListGrantsRequest listGrantsRequest) throws AmazonCl ListKeyPoliciesResult listKeyPolicies(ListKeyPoliciesRequest listKeyPoliciesRequest) throws AmazonClientException, AmazonServiceException; + /** + *+ * Returns information about all completed key material rotations for the + * specified KMS key. + *
+ *+ * You must specify the KMS key in all requests. You can refine the key + * rotations list by limiting the number of rotations returned. + *
+ *+ * For detailed information about automatic and on-demand key rotations, see + * Rotating KMS keys in the Key Management Service Developer + * Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS + * key in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:ListKeyRotations (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param listKeyRotationsRequest + * @return listKeyRotationsResult The response from the ListKeyRotations + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws InvalidArnException + * @throws InvalidMarkerException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws UnsupportedOperationException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + ListKeyRotationsResult listKeyRotations(ListKeyRotationsRequest listKeyRotationsRequest) + throws AmazonClientException, AmazonServiceException; + /** ** Gets a list of all KMS keys in the caller's Amazon Web Services account @@ -4049,6 +4540,12 @@ ListKeyPoliciesResult listKeyPolicies(ListKeyPoliciesRequest listKeyPoliciesRequ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listKeysRequest * @return listKeysResult The response from the ListKeys service method, as @@ -4114,6 +4611,12 @@ ListKeysResult listKeys(ListKeysRequest listKeysRequest) throws AmazonClientExce * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listResourceTagsRequest * @return listResourceTagsResult The response from the ListResourceTags @@ -4157,10 +4660,13 @@ ListResourceTagsResult listResourceTags(ListResourceTagsRequest listResourceTags * *
* Cross-account use: You must specify a principal in your Amazon Web
- * Services account. However, this operation can return grants in any Amazon
- * Web Services account. You do not need
- * kms:ListRetirableGrants
permission (or any other additional
- * permission) in any Amazon Web Services account other than your own.
+ * Services account. This operation returns a list of grants where the
+ * retiring principal specified in the ListRetirableGrants
+ * request is the same retiring principal on the grant. This can include
+ * grants on KMS keys owned by other Amazon Web Services accounts, but you
+ * do not need kms:ListRetirableGrants
permission (or any other
+ * additional permission) in any Amazon Web Services account other than your
+ * own.
*
* Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services * account. *
+ *
+ * KMS authorizes ListRetirableGrants
requests by evaluating
+ * the caller account's kms:ListRetirableGrants permissions. The authorized
+ * resource in ListRetirableGrants
calls is the retiring
+ * principal specified in the request. KMS does not evaluate the caller's
+ * permissions to verify their access to any KMS keys or grants that might
+ * be returned by the ListRetirableGrants
call.
+ *
* Related operations: *
@@ -4193,6 +4709,12 @@ ListResourceTagsResult listResourceTags(ListResourceTagsRequest listResourceTags * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listRetirableGrantsRequest * @return listRetirableGrantsResult The response from the @@ -4244,6 +4766,12 @@ ListRetirableGrantsResult listRetirableGrants( ** Related operations: GetKeyPolicy *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param putKeyPolicyRequest * @throws NotFoundException @@ -4411,6 +4939,12 @@ void putKeyPolicy(PutKeyPolicyRequest putKeyPolicyRequest) throws AmazonClientEx * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param reEncryptRequest * @return reEncryptResult The response from the ReEncrypt service method, @@ -4521,9 +5055,10 @@ ReEncryptResult reEncrypt(ReEncryptRequest reEncryptRequest) throws AmazonClient * If you replicate a multi-Region primary key with imported key material, * the replica key is created with no key material. You must import the same * key material that you imported into the primary key. For details, see Importing - * key material into multi-Region keys in the Key Management Service - * Developer Guide. + * href= + * "https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-import.html" + * >Importing key material into multi-Region keys in the Key + * Management Service Developer Guide. * ** To convert a replica key to a primary key, use the @@ -4577,6 +5112,12 @@ ReEncryptResult reEncrypt(ReEncryptRequest reEncryptRequest) throws AmazonClient *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param replicateKeyRequest * @return replicateKeyResult The response from the ReplicateKey service @@ -4637,7 +5178,7 @@ ReplicateKeyResult replicateKey(ReplicateKeyRequest replicateKeyRequest) * different Amazon Web Services account. * *- * Required permissions::Permission to retire a grant is determined + * Required permissions: Permission to retire a grant is determined * primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service @@ -4668,6 +5209,12 @@ ReplicateKeyResult replicateKey(ReplicateKeyRequest replicateKeyRequest) *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param retireGrantRequest * @throws InvalidArnException @@ -4693,7 +5240,7 @@ void retireGrant(RetireGrantRequest retireGrantRequest) throws AmazonClientExcep ** Deletes the specified grant. You revoke a grant to terminate the * permissions that the grant allows. For more information, see Retiring and revoking grants in the Key Management Service * Developer Guide . *
@@ -4751,6 +5298,12 @@ void retireGrant(RetireGrantRequest retireGrantRequest) throws AmazonClientExcep * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param revokeGrantRequest * @throws NotFoundException @@ -4771,6 +5324,137 @@ void retireGrant(RetireGrantRequest retireGrantRequest) throws AmazonClientExcep void revokeGrant(RevokeGrantRequest revokeGrantRequest) throws AmazonClientException, AmazonServiceException; + /** + *+ * Immediately initiates rotation of the key material of the specified + * symmetric encryption KMS key. + *
+ *+ * You can perform on-demand rotation of the key material in customer managed KMS keys, + * regardless of whether or not automatic key rotation is enabled. On-demand rotations do not change + * existing automatic rotation schedules. For example, consider a KMS key + * that has automatic key rotation enabled with a rotation period of 730 + * days. If the key is scheduled to automatically rotate on April 14, 2024, + * and you perform an on-demand rotation on April 10, 2024, the key will + * automatically rotate, as scheduled, on April 14, 2024 and every 730 days + * thereafter. + *
+ *+ * You can perform on-demand key rotation a maximum of 10 times per + * KMS key. You can use the KMS console to view the number of remaining + * on-demand rotations available for a KMS key. + *
+ *+ * You can use GetKeyRotationStatus to identify any in progress + * on-demand rotations. You can use ListKeyRotations to identify the + * date that completed on-demand rotations were performed. You can monitor + * rotation of the key material for your KMS keys in CloudTrail and Amazon + * CloudWatch. + *
+ *+ * On-demand key rotation is supported only on symmetric encryption KMS keys. You cannot perform on-demand rotation + * of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * You cannot initiate on-demand rotation of Amazon Web Services managed KMS keys. KMS always rotates the key + * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys is managed by the Amazon Web + * Services service that owns the key. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS + * key in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:RotateKeyOnDemand (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * ListKeyRotations + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param rotateKeyOnDemandRequest + * @return rotateKeyOnDemandResult The response from the RotateKeyOnDemand + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws DisabledException + * @throws InvalidArnException + * @throws DependencyTimeoutException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws UnsupportedOperationException + * @throws LimitExceededException + * @throws ConflictException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + RotateKeyOnDemandResult rotateKeyOnDemand(RotateKeyOnDemandRequest rotateKeyOnDemandRequest) + throws AmazonClientException, AmazonServiceException; + /** ** Schedules the deletion of a KMS key. By default, KMS applies a waiting @@ -4787,8 +5471,8 @@ void revokeGrant(RevokeGrantRequest revokeGrantRequest) throws AmazonClientExcep *
* Deleting a KMS key is a destructive and potentially dangerous operation. * When a KMS key is deleted, all data that was encrypted under the KMS key - * is unrecoverable. (The only exception is a multi-Region replica key, or an asymmetric or HMAC KMS key with imported key material.) To prevent @@ -4863,6 +5547,12 @@ void revokeGrant(RevokeGrantRequest revokeGrantRequest) throws AmazonClientExcep *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param scheduleKeyDeletionRequest * @return scheduleKeyDeletionResult The response from the @@ -4977,6 +5667,12 @@ ScheduleKeyDeletionResult scheduleKeyDeletion( ** Related operations: Verify *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param signRequest * @return signResult The response from the Sign service method, as returned @@ -5087,6 +5783,12 @@ ScheduleKeyDeletionResult scheduleKeyDeletion( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param tagResourceRequest * @throws KMSInternalException @@ -5177,6 +5879,12 @@ void tagResource(TagResourceRequest tagResourceRequest) throws AmazonClientExcep * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param untagResourceRequest * @throws KMSInternalException @@ -5292,6 +6000,12 @@ void untagResource(UntagResourceRequest untagResourceRequest) throws AmazonClien * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateAliasRequest * @throws DependencyTimeoutException @@ -5447,6 +6161,12 @@ void updateAlias(UpdateAliasRequest updateAliasRequest) throws AmazonClientExcep * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateCustomKeyStoreRequest * @return updateCustomKeyStoreResult The response from the @@ -5517,6 +6237,12 @@ UpdateCustomKeyStoreResult updateCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateKeyDescriptionRequest * @throws NotFoundException @@ -5652,6 +6378,12 @@ void updateKeyDescription(UpdateKeyDescriptionRequest updateKeyDescriptionReques * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updatePrimaryRegionRequest * @throws DisabledException @@ -5741,6 +6473,12 @@ void updatePrimaryRegion(UpdatePrimaryRegionRequest updatePrimaryRegionRequest) ** Related operations: Sign *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param verifyRequest * @return verifyResult The response from the Verify service method, as @@ -5809,6 +6547,12 @@ VerifyResult verify(VerifyRequest verifyRequest) throws AmazonClientException, ** Related operations: GenerateMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param verifyMacRequest * @return verifyMacResult The response from the VerifyMac service method, @@ -5906,10 +6650,15 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * pair, or an SM2 key pair (China Regions only). The private key in an * asymmetric KMS key never leaves KMS unencrypted. However, you can use the * GetPublicKey operation to download the public key so it can be - * used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS - * keys with ECC key pairs can be used only to sign and verify messages. For - * information about asymmetric KMS keys, see ECC_SECG_P256K1 can be used + * only to sign and verify messages. KMS keys with SM2 key pairs (China + * Regions only) can be used to either encrypt and decrypt data, sign and + * verify messages, or derive shared secrets (you must choose one key usage + * type). For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer * Guide. @@ -6107,6 +6856,12 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return createKeyResult The response from the CreateKey service method, * as returned by AWS Key Management Service. @@ -6172,6 +6927,12 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return listKeysResult The response from the ListKeys service method, as * returned by AWS Key Management Service. @@ -6250,6 +7011,12 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return listAliasesResult The response from the ListAliases service * method, as returned by AWS Key Management Service. @@ -6303,7 +7070,7 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * different Amazon Web Services account. * *- * Required permissions::Permission to retire a grant is determined + * Required permissions: Permission to retire a grant is determined * primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service @@ -6334,6 +7101,12 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @throws InvalidArnException * @throws InvalidGrantTokenException @@ -6399,6 +7172,12 @@ VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) throws AmazonClient * "https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html" * >kms:GenerateRandom (IAM policy) * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return generateRandomResult The response from the GenerateRandom service * method, as returned by AWS Key Management Service. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMSClient.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMSClient.java index 117379deec..b6e71fbbea 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMSClient.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/AWSKMSClient.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -468,6 +468,7 @@ private void init() { jsonErrorUnmarshallers.add(new CloudHsmClusterNotActiveExceptionUnmarshaller()); jsonErrorUnmarshallers.add(new CloudHsmClusterNotFoundExceptionUnmarshaller()); jsonErrorUnmarshallers.add(new CloudHsmClusterNotRelatedExceptionUnmarshaller()); + jsonErrorUnmarshallers.add(new ConflictExceptionUnmarshaller()); jsonErrorUnmarshallers.add(new CustomKeyStoreHasCMKsExceptionUnmarshaller()); jsonErrorUnmarshallers.add(new CustomKeyStoreInvalidStateExceptionUnmarshaller()); jsonErrorUnmarshallers.add(new CustomKeyStoreNameInUseExceptionUnmarshaller()); @@ -562,6 +563,12 @@ private static ClientConfiguration adjustClientConfiguration(ClientConfiguration ** Related operations: ScheduleKeyDeletion *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param cancelKeyDeletionRequest * @return cancelKeyDeletionResult The response from the CancelKeyDeletion @@ -751,6 +758,12 @@ public CancelKeyDeletionResult cancelKeyDeletion( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param connectCustomKeyStoreRequest * @return connectCustomKeyStoreResult The response from the @@ -895,6 +908,12 @@ public ConnectCustomKeyStoreResult connectCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createAliasRequest * @throws DependencyTimeoutException @@ -1078,6 +1097,12 @@ public void createAlias(CreateAliasRequest createAliasRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createCustomKeyStoreRequest * @return createCustomKeyStoreResult The response from the @@ -1236,6 +1261,12 @@ public CreateCustomKeyStoreResult createCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createGrantRequest * @return createGrantResult The response from the CreateGrant service @@ -1359,10 +1390,15 @@ public CreateGrantResult createGrant(CreateGrantRequest createGrantRequest) * pair, or an SM2 key pair (China Regions only). The private key in an * asymmetric KMS key never leaves KMS unencrypted. However, you can use the * GetPublicKey operation to download the public key so it can be - * used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS - * keys with ECC key pairs can be used only to sign and verify messages. For - * information about asymmetric KMS keys, see ECC_SECG_P256K1 can be used + * only to sign and verify messages. KMS keys with SM2 key pairs (China + * Regions only) can be used to either encrypt and decrypt data, sign and + * verify messages, or derive shared secrets (you must choose one key usage + * type). For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer * Guide. @@ -1560,6 +1596,12 @@ public CreateGrantResult createGrant(CreateGrantRequest createGrantRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param createKeyRequest * @return createKeyResult The response from the CreateKey service method, @@ -1705,12 +1747,12 @@ public CreateKeyResult createKey(CreateKeyRequest createKeyRequest) * SDK. Use theRecipient
parameter to provide the attestation
* document for the enclave. Instead of the plaintext data, the response
* includes the plaintext data encrypted with the public key from the
- * attestation document (CiphertextForRecipient
).For
+ * attestation document (CiphertextForRecipient
). For
* information about the interaction between KMS and Amazon Web Services
* Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
- * Management Service Developer Guide..
+ * Management Service Developer Guide.
*
* * The KMS key that you use for this operation must be in a compatible key @@ -1754,6 +1796,12 @@ public CreateKeyResult createKey(CreateKeyRequest createKeyRequest) *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param decryptRequest * @return decryptResult The response from the Decrypt service method, as @@ -1880,6 +1928,12 @@ public DecryptResult decrypt(DecryptRequest decryptRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteAliasRequest * @throws DependencyTimeoutException @@ -2007,6 +2061,12 @@ public void deleteAlias(DeleteAliasRequest deleteAliasRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteCustomKeyStoreRequest * @return deleteCustomKeyStoreResult The response from the @@ -2101,6 +2161,12 @@ public DeleteCustomKeyStoreResult deleteCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param deleteImportedKeyMaterialRequest * @throws InvalidArnException @@ -2143,6 +2209,196 @@ public void deleteImportedKeyMaterial( } } + /** + *+ * Derives a shared secret using a key agreement algorithm. + *
+ *
+ * You must use an asymmetric NIST-recommended elliptic curve (ECC) or SM2
+ * (China Regions only) KMS key pair with a KeyUsage
value of
+ * KEY_AGREEMENT
to call DeriveSharedSecret.
+ *
+ * DeriveSharedSecret uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman Primitive (ECDH) + * to establish a key agreement between two peers by deriving a shared + * secret from their elliptic curve public-private key pairs. You can use + * the raw shared secret that DeriveSharedSecret returns to derive a + * symmetric key that can encrypt and decrypt data that is sent between the + * two peers, or that can generate and verify HMACs. KMS recommends that you + * follow NIST recommendations for key derivation when using the raw shared + * secret to derive a symmetric key. + *
+ *+ * The following workflow demonstrates how to establish key agreement over + * an insecure communication channel using DeriveSharedSecret. + *
+ *
+ * Alice calls CreateKey to create an asymmetric KMS key pair
+ * with a KeyUsage
value of KEY_AGREEMENT
.
+ *
+ * The asymmetric KMS key must use a NIST-recommended elliptic curve (ECC) + * or SM2 (China Regions only) key spec. + *
+ *+ * Bob creates an elliptic curve key pair. + *
+ *+ * Bob can call CreateKey to create an asymmetric KMS key pair or + * generate a key pair outside of KMS. Bob's key pair must use the same + * NIST-recommended elliptic curve (ECC) or SM2 (China Regions ony) curve as + * Alice. + *
+ *+ * Alice and Bob exchange their public keys through an insecure + * communication channel (like the internet). + *
+ *+ * Use GetPublicKey to download the public key of your asymmetric KMS + * key pair. + *
+ *+ * KMS strongly recommends verifying that the public key you receive came + * from the expected party before using it to derive a shared secret. + *
+ *+ * Alice calls DeriveSharedSecret. + *
+ *+ * KMS uses the private key from the KMS key pair generated in Step + * 1, Bob's public key, and the Elliptic Curve Cryptography Cofactor + * Diffie-Hellman Primitive to derive the shared secret. The private key in + * your KMS key pair never leaves KMS unencrypted. DeriveSharedSecret + * returns the raw shared secret. + *
+ *+ * Bob uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman + * Primitive to calculate the same raw secret using his private key and + * Alice's public key. + *
+ *+ * To derive a shared secret you must provide a key agreement algorithm, the + * private key of the caller's asymmetric NIST-recommended elliptic curve or + * SM2 (China Regions only) KMS key pair, and the public key from your + * peer's NIST-recommended elliptic curve or SM2 (China Regions only) key + * pair. The public key can be from another asymmetric KMS key pair or from + * a key pair generated outside of KMS, but both key pairs must be on the + * same elliptic curve. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *
+ * Cross-account use: Yes. To perform this operation with a KMS key
+ * in a different Amazon Web Services account, specify the key ARN or alias
+ * ARN in the value of the KeyId
parameter.
+ *
+ * Required permissions: kms:DeriveSharedSecret (key policy) + *
+ *+ * Related operations: + *
+ *+ * CreateKey + *
+ *+ * GetPublicKey + *
+ *+ * DescribeKey + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param deriveSharedSecretRequest + * @return deriveSharedSecretResult The response from the DeriveSharedSecret + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws DisabledException + * @throws KeyUnavailableException + * @throws DependencyTimeoutException + * @throws InvalidGrantTokenException + * @throws InvalidKeyUsageException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws DryRunOperationException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + public DeriveSharedSecretResult deriveSharedSecret( + DeriveSharedSecretRequest deriveSharedSecretRequest) + throws AmazonServiceException, AmazonClientException { + ExecutionContext executionContext = createExecutionContext(deriveSharedSecretRequest); + AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); + awsRequestMetrics.startEvent(Field.ClientExecuteTime); + Request
* Gets information about
*
*
+ *
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
- * For multi
- * -Region keys, DescribeKey
displays the primary key and
- * all related replica keys. For KMS keys in CloudHSM key
- * stores, it includes information about the key store, such as the key
- * store ID and the CloudHSM cluster ID. For KMS keys in external key
- * stores, it includes the custom key store ID and the ID of the
- * external key.
+ * For multi-Region keys, DescribeKey
displays the primary key
+ * and all related replica keys. For KMS keys in CloudHSM key stores, it includes information about the key store,
+ * such as the key store ID and the CloudHSM cluster ID. For KMS keys in external key stores, it includes the custom key store ID and the ID
+ * of the external key.
*
* DescribeKey
does not return the following information:
@@ -2400,6 +2663,12 @@ public DescribeCustomKeyStoresResult describeCustomKeyStores(
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param describeKeyRequest * @return describeKeyResult The response from the DescribeKey service @@ -2478,6 +2747,12 @@ public DescribeKeyResult describeKey(DescribeKeyRequest describeKeyRequest) ** Related operations: EnableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disableKeyRequest * @throws NotFoundException @@ -2587,7 +2862,23 @@ public void disableKey(DisableKeyRequest disableKeyRequest) * GetKeyRotationStatus * * + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disableKeyRotationRequest * @throws NotFoundException @@ -2709,6 +3000,12 @@ public void disableKeyRotation(DisableKeyRotationRequest disableKeyRotationReque * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param disconnectCustomKeyStoreRequest * @return disconnectCustomKeyStoreResult The response from the @@ -2782,6 +3079,12 @@ public DisconnectCustomKeyStoreResult disconnectCustomKeyStore( ** Related operations: DisableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param enableKeyRequest * @throws NotFoundException @@ -2825,19 +3128,29 @@ public void enableKey(EnableKeyRequest enableKeyRequest) /** ** Enables automatic rotation of the key material of the specified symmetric * encryption KMS key. *
*
- * When you enable automatic rotation of acustomer managed KMS key, KMS rotates the key material of the KMS
* key one year (approximately 365 days) from the enable date and every year
- * thereafter. You can monitor rotation of the key material for your KMS
- * keys in CloudTrail and Amazon CloudWatch. To disable rotation of the key
- * material in a customer managed KMS key, use the DisableKeyRotation
- * operation.
+ * thereafter. You can use the optional RotationPeriodInDays
+ * parameter to specify a custom rotation period when you enable key
+ * rotation, or you can use RotationPeriodInDays
to modify the
+ * rotation period of a key that you previously enabled automatic key
+ * rotation on.
+ *
+ * You can monitor rotation of the key material for your KMS keys in + * CloudTrail and Amazon CloudWatch. To disable rotation of the key material + * in a customer managed KMS key, use the DisableKeyRotation + * operation. You can use the GetKeyRotationStatus operation to + * identify any in progress rotations. You can use the + * ListKeyRotations operation to view the details of completed + * rotations. *
** Automatic key rotation is supported only on multi-Region keys, set the property on the primary key. *
*- * You cannot enable or disable automatic rotation Amazon Web Services managed KMS keys. KMS always rotates the key * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys varies. + * >Amazon Web Services owned KMS keys is managed by the Amazon Web + * Services service that owns the key. *
*@@ -2910,7 +3224,29 @@ public void enableKey(EnableKeyRequest enableKeyRequest) * GetKeyRotationStatus *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not + * automatic key rotation is enabled. + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param enableKeyRotationRequest * @throws NotFoundException @@ -3111,6 +3447,12 @@ public void enableKeyRotation(EnableKeyRotationRequest enableKeyRotationRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param encryptRequest * @return encryptResult The response from the Encrypt service method, as @@ -3329,6 +3671,12 @@ public EncryptResult encrypt(EncryptRequest encryptRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyRequest * @return generateDataKeyResult The response from the GenerateDataKey @@ -3386,8 +3734,8 @@ public GenerateDataKeyResult generateDataKey(GenerateDataKeyRequest generateData * copy of the private key that is encrypted under the symmetric encryption * KMS key you specify. You can use the data key pair to perform asymmetric * cryptography and implement digital signatures outside of KMS. The bytes - * in the keys are random; they not related to the caller or to the KMS key - * that is used to encrypt the private key. + * in the keys are random; they are not related to the caller or to the KMS + * key that is used to encrypt the private key. * *
* You can use the public key that GenerateDataKeyPair
returns
@@ -3511,6 +3859,12 @@ public GenerateDataKeyResult generateDataKey(GenerateDataKeyRequest generateData
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyPairRequest * @return generateDataKeyPairResult The response from the @@ -3663,6 +4017,12 @@ public GenerateDataKeyPairResult generateDataKeyPair( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyPairWithoutPlaintextRequest * @return generateDataKeyPairWithoutPlaintextResult The response from the @@ -3831,6 +4191,12 @@ public GenerateDataKeyPairWithoutPlaintextResult generateDataKeyPairWithoutPlain * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateDataKeyWithoutPlaintextRequest * @return generateDataKeyWithoutPlaintextResult The response from the @@ -3934,6 +4300,12 @@ public GenerateDataKeyWithoutPlaintextResult generateDataKeyWithoutPlaintext( ** Related operations: VerifyMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateMacRequest * @return generateMacResult The response from the GenerateMac service @@ -4029,6 +4401,12 @@ public GenerateMacResult generateMac(GenerateMacRequest generateMacRequest) * "https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html" * >kms:GenerateRandom (IAM policy) * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param generateRandomRequest * @return generateRandomResult The response from the GenerateRandom service @@ -4089,7 +4467,15 @@ public GenerateRandomResult generateRandom(GenerateRandomRequest generateRandomR * >kms:GetKeyPolicy (key policy) * *- * Related operations: PutKeyPolicy + * Related operations: PutKeyPolicy + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. *
* * @param getKeyPolicyRequest @@ -4139,18 +4525,13 @@ public GetKeyPolicyResult getKeyPolicy(GetKeyPolicyRequest getKeyPolicyRequest) /** *- * Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified - * KMS key. - *
- *- * When you enable automatic rotation for customer managed KMS keys, KMS rotates the key material of the KMS - * key one year (approximately 365 days) from the enable date and every year - * thereafter. You can monitor rotation of the key material for your KMS - * keys in CloudTrail and Amazon CloudWatch. + * KMS key, the rotation period, and the next scheduled rotation date. *
** Automatic key rotation is supported only on true. *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not + * automatic key rotation is enabled. You can use GetKeyRotationStatus to + * identify the date and time that an in progress on-demand rotation was + * initiated. You can use ListKeyRotations to view the details of + * completed rotations. + *
** In May 2022, KMS changed the rotation schedule for Amazon Web Services @@ -4238,7 +4627,23 @@ public GetKeyPolicyResult getKeyPolicy(GetKeyPolicyRequest getKeyPolicyRequest) * EnableKeyRotation *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getKeyRotationStatusRequest * @return getKeyRotationStatusResult The response from the @@ -4311,14 +4716,15 @@ public GetKeyRotationStatusResult getKeyRotationStatus( *EXTERNAL
to create a KMS key with no key material. You can
* import key material for a symmetric encryption KMS key, HMAC KMS key,
* asymmetric encryption KMS key, or asymmetric signing KMS key. You can
- * also import key material into a multi-Region key of any supported type. However, you can't import
- * key material into a KMS key in a custom
- * key store. You can also use GetParametersForImport
to
- * get a public key and import token to custom key store. You can also use
+ * GetParametersForImport
to get a public key and import token
+ * to reimport the original key material into a KMS key whose key material
* expired or was deleted.
*
@@ -4410,6 +4816,12 @@ public GetKeyRotationStatusResult getKeyRotationStatus(
*
*
*
+ * + * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getParametersForImportRequest * @return getParametersForImportResult The response from the @@ -4499,7 +4911,8 @@ public GetParametersForImportResult getParametersForImport( ** KeyUsage: Whether the key is used for encryption or signing. + * >KeyUsage: Whether the key is used for encryption, signing, or + * deriving a shared secret. *
* ** Related operations: CreateKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param getPublicKeyRequest * @return getPublicKeyResult The response from the GetPublicKey service @@ -4626,9 +5045,7 @@ public GetPublicKeyResult getPublicKey(GetPublicKeyRequest getPublicKeyRequest) * import different key material. You might reimport key material to replace * key material that expired or key material that you deleted. You might * also reimport key material to change the expiration model or expiration - * date of the key material. Before reimporting key material, if necessary, - * call DeleteImportedKeyMaterial to delete the current imported key - * material. + * date of the key material. * ** Each time you import key material into KMS, you can determine whether ( @@ -4781,6 +5198,12 @@ public GetPublicKeyResult getPublicKey(GetPublicKeyRequest getPublicKeyRequest) *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param importKeyMaterialRequest * @return importKeyMaterialResult The response from the ImportKeyMaterial @@ -4896,6 +5319,12 @@ public ImportKeyMaterialResult importKeyMaterial( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listAliasesRequest * @return listAliasesResult The response from the ListAliases service @@ -5007,6 +5436,12 @@ public ListAliasesResult listAliases(ListAliasesRequest listAliasesRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listGrantsRequest * @return listGrantsResult The response from the ListGrants service method, @@ -5082,10 +5517,18 @@ public ListGrantsResult listGrants(ListGrantsRequest listGrantsRequest) * *- * PutKeyPolicy + * PutKeyPolicy *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listKeyPoliciesRequest * @return listKeyPoliciesResult The response from the ListKeyPolicies @@ -5132,6 +5575,109 @@ public ListKeyPoliciesResult listKeyPolicies(ListKeyPoliciesRequest listKeyPolic } } + /** + *+ * Returns information about all completed key material rotations for the + * specified KMS key. + *
+ *+ * You must specify the KMS key in all requests. You can refine the key + * rotations list by limiting the number of rotations returned. + *
+ *+ * For detailed information about automatic and on-demand key rotations, see + * Rotating KMS keys in the Key Management Service Developer + * Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS + * key in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:ListKeyRotations (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param listKeyRotationsRequest + * @return listKeyRotationsResult The response from the ListKeyRotations + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws InvalidArnException + * @throws InvalidMarkerException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws UnsupportedOperationException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + public ListKeyRotationsResult listKeyRotations(ListKeyRotationsRequest listKeyRotationsRequest) + throws AmazonServiceException, AmazonClientException { + ExecutionContext executionContext = createExecutionContext(listKeyRotationsRequest); + AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); + awsRequestMetrics.startEvent(Field.ClientExecuteTime); + Request* Gets a list of all KMS keys in the caller's Amazon Web Services account @@ -5171,6 +5717,12 @@ public ListKeyPoliciesResult listKeyPolicies(ListKeyPoliciesRequest listKeyPolic *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listKeysRequest * @return listKeysResult The response from the ListKeys service method, as @@ -5262,6 +5814,12 @@ public ListKeysResult listKeys(ListKeysRequest listKeysRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listResourceTagsRequest * @return listResourceTagsResult The response from the ListResourceTags @@ -5331,10 +5889,13 @@ public ListResourceTagsResult listResourceTags(ListResourceTagsRequest listResou * *
* Cross-account use: You must specify a principal in your Amazon Web
- * Services account. However, this operation can return grants in any Amazon
- * Web Services account. You do not need
- * kms:ListRetirableGrants
permission (or any other additional
- * permission) in any Amazon Web Services account other than your own.
+ * Services account. This operation returns a list of grants where the
+ * retiring principal specified in the ListRetirableGrants
+ * request is the same retiring principal on the grant. This can include
+ * grants on KMS keys owned by other Amazon Web Services accounts, but you
+ * do not need kms:ListRetirableGrants
permission (or any other
+ * additional permission) in any Amazon Web Services account other than your
+ * own.
*
* Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services * account. *
+ *
+ * KMS authorizes ListRetirableGrants
requests by evaluating
+ * the caller account's kms:ListRetirableGrants permissions. The authorized
+ * resource in ListRetirableGrants
calls is the retiring
+ * principal specified in the request. KMS does not evaluate the caller's
+ * permissions to verify their access to any KMS keys or grants that might
+ * be returned by the ListRetirableGrants
call.
+ *
* Related operations: *
@@ -5367,6 +5938,12 @@ public ListResourceTagsResult listResourceTags(ListResourceTagsRequest listResou * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param listRetirableGrantsRequest * @return listRetirableGrantsResult The response from the @@ -5445,6 +6022,12 @@ public ListRetirableGrantsResult listRetirableGrants( ** Related operations: GetKeyPolicy *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param putKeyPolicyRequest * @throws NotFoundException @@ -5633,6 +6216,12 @@ public void putKeyPolicy(PutKeyPolicyRequest putKeyPolicyRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param reEncryptRequest * @return reEncryptResult The response from the ReEncrypt service method, @@ -5769,9 +6358,10 @@ public ReEncryptResult reEncrypt(ReEncryptRequest reEncryptRequest) * If you replicate a multi-Region primary key with imported key material, * the replica key is created with no key material. You must import the same * key material that you imported into the primary key. For details, see Importing - * key material into multi-Region keys in the Key Management Service - * Developer Guide. + * href= + * "https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-import.html" + * >Importing key material into multi-Region keys in the Key + * Management Service Developer Guide. * ** To convert a replica key to a primary key, use the @@ -5825,6 +6415,12 @@ public ReEncryptResult reEncrypt(ReEncryptRequest reEncryptRequest) *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param replicateKeyRequest * @return replicateKeyResult The response from the ReplicateKey service @@ -5911,7 +6507,7 @@ public ReplicateKeyResult replicateKey(ReplicateKeyRequest replicateKeyRequest) * different Amazon Web Services account. * *- * Required permissions::Permission to retire a grant is determined + * Required permissions: Permission to retire a grant is determined * primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service @@ -5942,6 +6538,12 @@ public ReplicateKeyResult replicateKey(ReplicateKeyRequest replicateKeyRequest) *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param retireGrantRequest * @throws InvalidArnException @@ -5988,7 +6590,7 @@ public void retireGrant(RetireGrantRequest retireGrantRequest) ** Deletes the specified grant. You revoke a grant to terminate the * permissions that the grant allows. For more information, see Retiring and revoking grants in the Key Management Service * Developer Guide . *
@@ -6046,6 +6648,12 @@ public void retireGrant(RetireGrantRequest retireGrantRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param revokeGrantRequest * @throws NotFoundException @@ -6087,6 +6695,165 @@ public void revokeGrant(RevokeGrantRequest revokeGrantRequest) } } + /** + *+ * Immediately initiates rotation of the key material of the specified + * symmetric encryption KMS key. + *
+ *+ * You can perform on-demand rotation of the key material in customer managed KMS keys, + * regardless of whether or not automatic key rotation is enabled. On-demand rotations do not change + * existing automatic rotation schedules. For example, consider a KMS key + * that has automatic key rotation enabled with a rotation period of 730 + * days. If the key is scheduled to automatically rotate on April 14, 2024, + * and you perform an on-demand rotation on April 10, 2024, the key will + * automatically rotate, as scheduled, on April 14, 2024 and every 730 days + * thereafter. + *
+ *+ * You can perform on-demand key rotation a maximum of 10 times per + * KMS key. You can use the KMS console to view the number of remaining + * on-demand rotations available for a KMS key. + *
+ *+ * You can use GetKeyRotationStatus to identify any in progress + * on-demand rotations. You can use ListKeyRotations to identify the + * date that completed on-demand rotations were performed. You can monitor + * rotation of the key material for your KMS keys in CloudTrail and Amazon + * CloudWatch. + *
+ *+ * On-demand key rotation is supported only on symmetric encryption KMS keys. You cannot perform on-demand rotation + * of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * You cannot initiate on-demand rotation of Amazon Web Services managed KMS keys. KMS always rotates the key + * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys is managed by the Amazon Web + * Services service that owns the key. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS + * key in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:RotateKeyOnDemand (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * ListKeyRotations + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ * + * @param rotateKeyOnDemandRequest + * @return rotateKeyOnDemandResult The response from the RotateKeyOnDemand + * service method, as returned by AWS Key Management Service. + * @throws NotFoundException + * @throws DisabledException + * @throws InvalidArnException + * @throws DependencyTimeoutException + * @throws KMSInternalException + * @throws KMSInvalidStateException + * @throws UnsupportedOperationException + * @throws LimitExceededException + * @throws ConflictException + * @throws AmazonClientException If any internal errors are encountered + * inside the client while attempting to make the request or + * handle the response. For example if a network connection is + * not available. + * @throws AmazonServiceException If an error response is returned by AWS + * Key Management Service indicating either a problem with the + * data in the request, or a server side issue. + */ + public RotateKeyOnDemandResult rotateKeyOnDemand( + RotateKeyOnDemandRequest rotateKeyOnDemandRequest) + throws AmazonServiceException, AmazonClientException { + ExecutionContext executionContext = createExecutionContext(rotateKeyOnDemandRequest); + AWSRequestMetrics awsRequestMetrics = executionContext.getAwsRequestMetrics(); + awsRequestMetrics.startEvent(Field.ClientExecuteTime); + Request* Schedules the deletion of a KMS key. By default, KMS applies a waiting @@ -6103,8 +6870,8 @@ public void revokeGrant(RevokeGrantRequest revokeGrantRequest) *
* Deleting a KMS key is a destructive and potentially dangerous operation. * When a KMS key is deleted, all data that was encrypted under the KMS key - * is unrecoverable. (The only exception is a multi-Region replica key, or an asymmetric or HMAC KMS key with imported key material.) To prevent @@ -6179,6 +6946,12 @@ public void revokeGrant(RevokeGrantRequest revokeGrantRequest) *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param scheduleKeyDeletionRequest * @return scheduleKeyDeletionResult The response from the @@ -6320,6 +7093,12 @@ public ScheduleKeyDeletionResult scheduleKeyDeletion( ** Related operations: Verify *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param signRequest * @return signResult The response from the Sign service method, as returned @@ -6457,6 +7236,12 @@ public SignResult sign(SignRequest signRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param tagResourceRequest * @throws KMSInternalException @@ -6568,6 +7353,12 @@ public void tagResource(TagResourceRequest tagResourceRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param untagResourceRequest * @throws KMSInternalException @@ -6704,6 +7495,12 @@ public void untagResource(UntagResourceRequest untagResourceRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateAliasRequest * @throws DependencyTimeoutException @@ -6880,6 +7677,12 @@ public void updateAlias(UpdateAliasRequest updateAliasRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateCustomKeyStoreRequest * @return updateCustomKeyStoreResult The response from the @@ -6977,6 +7780,12 @@ public UpdateCustomKeyStoreResult updateCustomKeyStore( * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updateKeyDescriptionRequest * @throws NotFoundException @@ -7134,6 +7943,12 @@ public void updateKeyDescription(UpdateKeyDescriptionRequest updateKeyDescriptio * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param updatePrimaryRegionRequest * @throws DisabledException @@ -7245,6 +8060,12 @@ public void updatePrimaryRegion(UpdatePrimaryRegionRequest updatePrimaryRegionRe ** Related operations: Sign *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param verifyRequest * @return verifyResult The response from the Verify service method, as @@ -7339,6 +8160,12 @@ public VerifyResult verify(VerifyRequest verifyRequest) ** Related operations: GenerateMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @param verifyMacRequest * @return verifyMacResult The response from the VerifyMac service method, @@ -7462,10 +8289,15 @@ public VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) * pair, or an SM2 key pair (China Regions only). The private key in an * asymmetric KMS key never leaves KMS unencrypted. However, you can use the * GetPublicKey operation to download the public key so it can be - * used outside of KMS. KMS keys with RSA or SM2 key pairs can be used to - * encrypt or decrypt data or sign and verify messages (but not both). KMS - * keys with ECC key pairs can be used only to sign and verify messages. For - * information about asymmetric KMS keys, see ECC_SECG_P256K1 can be used + * only to sign and verify messages. KMS keys with SM2 key pairs (China + * Regions only) can be used to either encrypt and decrypt data, sign and + * verify messages, or derive shared secrets (you must choose one key usage + * type). For information about asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer * Guide. @@ -7663,6 +8495,12 @@ public VerifyMacResult verifyMac(VerifyMacRequest verifyMacRequest) * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return createKeyResult The response from the CreateKey service method, * as returned by AWS Key Management Service. @@ -7732,6 +8570,12 @@ public CreateKeyResult createKey() * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return listKeysResult The response from the ListKeys service method, as * returned by AWS Key Management Service. @@ -7814,6 +8658,12 @@ public ListKeysResult listKeys() * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return listAliasesResult The response from the ListAliases service * method, as returned by AWS Key Management Service. @@ -7871,7 +8721,7 @@ public ListAliasesResult listAliases() * different Amazon Web Services account. * *- * Required permissions::Permission to retire a grant is determined + * Required permissions: Permission to retire a grant is determined * primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service @@ -7902,6 +8752,12 @@ public ListAliasesResult listAliases() *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @throws InvalidArnException * @throws InvalidGrantTokenException @@ -7971,6 +8827,12 @@ public void retireGrant() * "https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html" * >kms:GenerateRandom (IAM policy) * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
* * @return generateRandomResult The response from the GenerateRandom service * method, as returned by AWS Key Management Service. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlgorithmSpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlgorithmSpec.java index 53d8e18e2f..15c5f8964a 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlgorithmSpec.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlgorithmSpec.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -27,7 +27,8 @@ public enum AlgorithmSpec { RSAES_OAEP_SHA_1("RSAES_OAEP_SHA_1"), RSAES_OAEP_SHA_256("RSAES_OAEP_SHA_256"), RSA_AES_KEY_WRAP_SHA_1("RSA_AES_KEY_WRAP_SHA_1"), - RSA_AES_KEY_WRAP_SHA_256("RSA_AES_KEY_WRAP_SHA_256"); + RSA_AES_KEY_WRAP_SHA_256("RSA_AES_KEY_WRAP_SHA_256"), + SM2PKE("SM2PKE"); private String value; @@ -48,6 +49,7 @@ public String toString() { enumMap.put("RSAES_OAEP_SHA_256", RSAES_OAEP_SHA_256); enumMap.put("RSA_AES_KEY_WRAP_SHA_1", RSA_AES_KEY_WRAP_SHA_1); enumMap.put("RSA_AES_KEY_WRAP_SHA_256", RSA_AES_KEY_WRAP_SHA_256); + enumMap.put("SM2PKE", SM2PKE); } /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AliasListEntry.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AliasListEntry.java index 23f3cb257c..8ec2faa464 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AliasListEntry.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AliasListEntry.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlreadyExistsException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlreadyExistsException.java index a99b972964..a35ae47441 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlreadyExistsException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/AlreadyExistsException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionRequest.java index c31eb916f1..4aa00cda36 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -50,6 +50,12 @@ ** Related operations: ScheduleKeyDeletion *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class CancelKeyDeletionRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionResult.java index 9baf89c053..2592103721 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CancelKeyDeletionResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInUseException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInUseException.java index bd8f617017..b2a78490fd 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInUseException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInUseException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInvalidConfigurationException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInvalidConfigurationException.java index b6f8d50895..12e3c66b71 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInvalidConfigurationException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterInvalidConfigurationException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotActiveException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotActiveException.java index 6bbfefec0e..efe9476ed5 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotActiveException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotActiveException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotFoundException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotFoundException.java index 7726925561..caac2ed645 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotFoundException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotFoundException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotRelatedException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotRelatedException.java index 5db3057ac3..2df236f892 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotRelatedException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CloudHsmClusterNotRelatedException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConflictException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConflictException.java new file mode 100644 index 0000000000..c9774f04e3 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConflictException.java @@ -0,0 +1,37 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import com.amazonaws.AmazonServiceException; + +/** + *+ * The request was rejected because an automatic rotation of this key is + * currently in progress or scheduled to begin within the next 20 minutes. + *
+ */ +public class ConflictException extends AmazonServiceException { + private static final long serialVersionUID = 1L; + + /** + * Constructs a new ConflictException with the specified error message. + * + * @param message Describes the error encountered. + */ + public ConflictException(String message) { + super(message); + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreRequest.java index e190a5ac0f..3b80338320 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -158,6 +158,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ConnectCustomKeyStoreRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreResult.java index 275e206662..0dc4e6485a 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectCustomKeyStoreResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionErrorCodeType.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionErrorCodeType.java index 4e130a5d2a..25673747d5 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionErrorCodeType.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionErrorCodeType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionStateType.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionStateType.java index 6940ff82ee..86f34c9187 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionStateType.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ConnectionStateType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateAliasRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateAliasRequest.java index 56c24214b7..2fe31cc957 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateAliasRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateAliasRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -113,6 +113,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class CreateAliasRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateCustomKeyStoreRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateCustomKeyStoreRequest.java index 08d1a69aa7..8850ff2177 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateCustomKeyStoreRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateCustomKeyStoreRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -157,6 +157,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class CreateCustomKeyStoreRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -306,7 +312,7 @@ public class CreateCustomKeyStoreRequest extends AmazonWebServiceRequest impleme *
* An external key store with PUBLIC_ENDPOINT
connectivity
* cannot use the same XksProxyUriEndpoint
value as an external
- * key store with VPC_ENDPOINT_SERVICE
connectivity in the same
+ * key store with VPC_ENDPOINT_SERVICE
connectivity in this
* Amazon Web Services Region.
*
* An external key store with PUBLIC_ENDPOINT
connectivity
* cannot use the same XksProxyUriEndpoint
value as an external
- * key store with VPC_ENDPOINT_SERVICE
connectivity in the same
+ * key store with VPC_ENDPOINT_SERVICE
connectivity in this
* Amazon Web Services Region.
*
PUBLIC_ENDPOINT
* connectivity cannot use the same XksProxyUriEndpoint
* value as an external key store with
- * VPC_ENDPOINT_SERVICE
connectivity in the same Amazon
- * Web Services Region.
+ * VPC_ENDPOINT_SERVICE
connectivity in this Amazon Web
+ * Services Region.
*
*
*
* An external key store with PUBLIC_ENDPOINT
connectivity
* cannot use the same XksProxyUriEndpoint
value as an external
- * key store with VPC_ENDPOINT_SERVICE
connectivity in the same
+ * key store with VPC_ENDPOINT_SERVICE
connectivity in this
* Amazon Web Services Region.
*
XksProxyUriEndpoint
value as an external key
* store with VPC_ENDPOINT_SERVICE
connectivity in
- * the same Amazon Web Services Region.
+ * this Amazon Web Services Region.
*
*
*
* An external key store with PUBLIC_ENDPOINT
connectivity
* cannot use the same XksProxyUriEndpoint
value as an external
- * key store with VPC_ENDPOINT_SERVICE
connectivity in the same
+ * key store with VPC_ENDPOINT_SERVICE
connectivity in this
* Amazon Web Services Region.
*
XksProxyUriEndpoint
value as an external key
* store with VPC_ENDPOINT_SERVICE
connectivity in
- * the same Amazon Web Services Region.
+ * this Amazon Web Services Region.
*
*
* + * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class CreateGrantRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateGrantResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateGrantResult.java index 3d556baf28..b4b9710e5f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateGrantResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateGrantResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateKeyRequest.java index e4483d345c..eeaf8ac5b8 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/CreateKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -92,9 +92,14 @@ * or an SM2 key pair (China Regions only). The private key in an asymmetric KMS * key never leaves KMS unencrypted. However, you can use the * GetPublicKey operation to download the public key so it can be used - * outside of KMS. KMS keys with RSA or SM2 key pairs can be used to encrypt or - * decrypt data or sign and verify messages (but not both). KMS keys with ECC - * key pairs can be used only to sign and verify messages. For information about + * outside of KMS. Each KMS key can have only one key usage. KMS keys with RSA + * key pairs can be used to encrypt and decrypt data or sign and verify messages + * (but not both). KMS keys with NIST-recommended ECC key pairs can be used to + * sign and verify messages or derive shared secrets (but not both). KMS keys + * withECC_SECG_P256K1
can be used only to sign and verify
+ * messages. KMS keys with SM2 key pairs (China Regions only) can be used to
+ * either encrypt and decrypt data, sign and verify messages, or derive shared
+ * secrets (you must choose one key usage type). For information about
* asymmetric KMS keys, see Asymmetric KMS keys in the Key Management Service Developer
@@ -287,6 +292,12 @@
*
*
*
+ * + * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class CreateKeyRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -394,26 +405,34 @@ public class CreateKeyRequest extends AmazonWebServiceRequest implements Seriali * *
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
*
- * For asymmetric KMS keys with ECC key material, specify
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
+ *
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
*
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
* Constraints:
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*/
private String keyUsage;
@@ -514,7 +533,8 @@ public class CreateKeyRequest extends AmazonWebServiceRequest implements Seriali
*
*
- * Asymmetric RSA key pairs + * Asymmetric RSA key pairs (encryption and decryption -or- signing and + * verification) *
*- * Asymmetric NIST-recommended elliptic curve key pairs + * Asymmetric NIST-recommended elliptic curve key pairs (signing and + * verification -or- deriving shared secrets) *
*- * Other asymmetric elliptic curve key pairs + * Other asymmetric elliptic curve key pairs (signing and verification) *
*- * SM2 key pairs (China Regions only) + * SM2 key pairs (encryption and decryption -or- signing and verification + * -or- deriving shared secrets) *
*
- * SM2
+ * SM2
(China Regions only)
*
* Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ private Boolean bypassPolicyLockoutSafetyCheck; @@ -1307,26 +1330,34 @@ public CreateKeyRequest withDescription(String description) { *
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
*
- * For asymmetric KMS keys with ECC key material, specify
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
*
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
+ *
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
* Constraints:
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @return
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
*
- * For asymmetric KMS keys with ECC key material, specify
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
+ *
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
*
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
* Constraints:
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
*
- * For asymmetric KMS keys with ECC key material, specify
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
+ *
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
*
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
* Constraints:
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage
* Determines the
*
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
*
- * For asymmetric KMS keys with ECC key material, specify
- *
+ * For asymmetric KMS keys with
- * For asymmetric KMS keys with SM2 key material (China Regions
- * only), specify
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
*
- * For asymmetric KMS keys with ECC key material, specify
- *
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ *
* Constraints:
* Determines the
*
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
*
- * For asymmetric KMS keys with ECC key material, specify
- *
+ * For asymmetric KMS keys with
- * For asymmetric KMS keys with SM2 key material (China Regions
- * only), specify
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
*
- * For asymmetric KMS keys with ECC key material, specify
- *
+ * For asymmetric KMS keys with
- * For asymmetric KMS keys with SM2 key material (China Regions only),
- * specify
* Constraints:
* Determines the
*
- * For asymmetric KMS keys with RSA key material, specify
+ * For asymmetric KMS keys with RSA key pairs, specify
*
- * For asymmetric KMS keys with ECC key material, specify
- *
- * For asymmetric KMS keys with SM2 key material (China Regions
- * only), specify
+ * For asymmetric KMS keys with SM2 key pairs (China Regions
+ * only), specify
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing and
+ * verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and verification
+ * -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing
+ * and verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and
+ * verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and
+ * verification -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing and
+ * verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and verification
+ * -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or-
+ * signing and verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing
+ * and verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and
+ * verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and
+ * verification -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing and
+ * verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and verification
+ * -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or-
+ * signing and verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing
+ * and verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and
+ * verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and
+ * verification -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing and
+ * verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and verification
+ * -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or-
+ * signing and verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing
+ * and verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and
+ * verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and
+ * verification -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or- signing and
+ * verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing and
+ * verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and verification
+ * -or- deriving shared secrets)
*
- *
- * Asymmetric RSA key pairs
+ * Asymmetric RSA key pairs (encryption and decryption -or-
+ * signing and verification)
*
- * Asymmetric NIST-recommended elliptic curve key pairs
+ * Asymmetric NIST-recommended elliptic curve key pairs (signing
+ * and verification -or- deriving shared secrets)
*
- * Other asymmetric elliptic curve key pairs
+ * Other asymmetric elliptic curve key pairs (signing and
+ * verification)
*
- * SM2 key pairs (China Regions only)
+ * SM2 key pairs (encryption and decryption -or- signing and
+ * verification -or- deriving shared secrets)
*
- *
* Use this parameter only when you intend to prevent the principal that is
- * making the request from making a subsequent PutKeyPolicy request
- * on the KMS key.
+ * making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
@@ -4153,8 +4287,9 @@ public CreateKeyRequest withCustomKeyStoreId(String customKeyStoreId) {
*
*
* Use this parameter only when you intend to prevent the principal
- * that is making the request from making a subsequent
- * PutKeyPolicy request on the KMS key.
+ * that is making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
* Use this parameter only when you intend to prevent the principal that is
- * making the request from making a subsequent PutKeyPolicy request
- * on the KMS key.
+ * making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
@@ -4203,8 +4339,9 @@ public Boolean isBypassPolicyLockoutSafetyCheck() {
*
*
* Use this parameter only when you intend to prevent the principal
- * that is making the request from making a subsequent
- * PutKeyPolicy request on the KMS key.
+ * that is making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
* Use this parameter only when you intend to prevent the principal that is
- * making the request from making a subsequent PutKeyPolicy request
- * on the KMS key.
+ * making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
@@ -4254,7 +4392,9 @@ public Boolean getBypassPolicyLockoutSafetyCheck() {
*
* Use this parameter only when you intend to prevent the
* principal that is making the request from making a subsequent
- * PutKeyPolicy request on the KMS key.
+ * PutKeyPolicy request on the KMS key.
*
* Use this parameter only when you intend to prevent the principal that is
- * making the request from making a subsequent PutKeyPolicy request
- * on the KMS key.
+ * making the request from making a subsequent PutKeyPolicy request on the KMS key.
*
* Returns a reference to this object so that method calls can be chained
@@ -4307,7 +4448,9 @@ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyC
*
* Use this parameter only when you intend to prevent the
* principal that is making the request from making a subsequent
- * PutKeyPolicy request on the KMS key.
+ * PutKeyPolicy request on the KMS key.
*
* The KMS key that you use for this operation must be in a compatible key
@@ -156,6 +156,12 @@
*
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
* A signed attestation document from an Amazon Web Services Nitro enclave and
* the encryption algorithm to use with the enclave's public key. The only
* valid encryption algorithm is
* A signed attestation document from an Amazon Web Services Nitro enclave and
* the encryption algorithm to use with the enclave's public key. The only
* valid encryption algorithm is
* A signed attestation document from an Amazon Web Services Nitro
* enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is
@@ -1399,7 +1405,7 @@ public RecipientInfo getRecipient() {
/**
*
* A signed attestation document from an Amazon Web Services Nitro enclave and
* the encryption algorithm to use with the enclave's public key. The only
* valid encryption algorithm is
* A signed attestation document from an Amazon Web Services Nitro
* enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is
@@ -1468,7 +1474,7 @@ public void setRecipient(RecipientInfo recipient) {
/**
*
* A signed attestation document from an Amazon Web Services Nitro enclave and
* the encryption algorithm to use with the enclave's public key. The only
* valid encryption algorithm is
* A signed attestation document from an Amazon Web Services Nitro
* enclave and the encryption algorithm to use with the enclave's
* public key. The only valid encryption algorithm is
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DecryptResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DecryptResult.java
index 46b107e30f..a2d98740cf 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DecryptResult.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DecryptResult.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeleteAliasRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeleteAliasRequest.java
index f1dabb0c72..e834da863e 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeleteAliasRequest.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeleteAliasRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -92,6 +92,12 @@
*
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ * ENCRYPT_DECRYPT
or SIGN_VERIFY
.
* SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve
+ * key pairs, specify SIGN_VERIFY
or
+ * KEY_AGREEMENT
.
+ * ECC_SECG_P256K1
key
+ * pairs specify SIGN_VERIFY
.
* ENCRYPT_DECRYPT
or
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions
+ * only), specify ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, or KEY_AGREEMENT
.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
* SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
* SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve
+ * key pairs, specify SIGN_VERIFY
or
+ * KEY_AGREEMENT
.
+ * ECC_SECG_P256K1
key
+ * pairs specify SIGN_VERIFY
.
* ENCRYPT_DECRYPT
or
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions
+ * only), specify ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, or KEY_AGREEMENT
.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
* SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve key pairs,
+ * specify SIGN_VERIFY
or KEY_AGREEMENT
.
+ * ECC_SECG_P256K1
key pairs
+ * specify SIGN_VERIFY
.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * For asymmetric KMS keys with SM2 key pairs (China Regions only), specify
+ * ENCRYPT_DECRYPT
, SIGN_VERIFY
, or
+ * KEY_AGREEMENT
.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
* SIGN_VERIFY
.
+ * For asymmetric KMS keys with NIST-recommended elliptic curve
+ * key pairs, specify SIGN_VERIFY
or
+ * KEY_AGREEMENT
.
* ENCRYPT_DECRYPT
or
- * SIGN_VERIFY
.
+ * For asymmetric KMS keys with ECC_SECG_P256K1
key
+ * pairs specify SIGN_VERIFY
.
+ * ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, or KEY_AGREEMENT
.
*
*
*
*
*
@@ -2196,7 +2297,8 @@ public CreateKeyRequest withCustomerMasterKeySpec(CustomerMasterKeySpec customer
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -2349,7 +2454,8 @@ public String getKeySpec() {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -2504,7 +2612,8 @@ public String getKeySpec() {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -2657,7 +2769,8 @@ public void setKeySpec(String keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -2815,7 +2930,8 @@ public void setKeySpec(String keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -2971,7 +3090,8 @@ public CreateKeyRequest withKeySpec(String keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -3126,7 +3248,8 @@ public CreateKeyRequest withKeySpec(String keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -3279,7 +3405,8 @@ public void setKeySpec(KeySpec keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -3437,7 +3566,8 @@ public void setKeySpec(KeySpec keySpec) {
* SM2
+ * SM2
(China Regions only)
*
*
*
*
*
@@ -4130,8 +4263,9 @@ public CreateKeyRequest withCustomKeyStoreId(String customKeyStoreId) {
*
* SM2
+ * SM2
(China Regions only)
* Recipient
parameter to provide the attestation document
* for the enclave. Instead of the plaintext data, the response includes the
* plaintext data encrypted with the public key from the attestation document (
- * CiphertextForRecipient
).For information about the interaction
+ * CiphertextForRecipient
). For information about the interaction
* between KMS and Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key Management
- * Service Developer Guide..
+ * Service Developer Guide.
* RSAES_OAEP_SHA_256
.
@@ -1331,7 +1337,7 @@ public DecryptRequest withEncryptionAlgorithm(EncryptionAlgorithmSpec encryption
/**
* RSAES_OAEP_SHA_256
.
@@ -1361,7 +1367,7 @@ public DecryptRequest withEncryptionAlgorithm(EncryptionAlgorithmSpec encryption
*
* @return RSAES_OAEP_SHA_256
.
@@ -1429,7 +1435,7 @@ public RecipientInfo getRecipient() {
*
* @param recipient RSAES_OAEP_SHA_256
.
@@ -1501,7 +1507,7 @@ public void setRecipient(RecipientInfo recipient) {
*
* @param recipient
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DeleteImportedKeyMaterialRequest extends AmazonWebServiceRequest implements Serializable { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DependencyTimeoutException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DependencyTimeoutException.java index 05a493dd71..fab47e59f2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DependencyTimeoutException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DependencyTimeoutException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretRequest.java new file mode 100644 index 0000000000..44b28a75b1 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretRequest.java @@ -0,0 +1,1553 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import java.io.Serializable; + +import com.amazonaws.AmazonWebServiceRequest; + +/** + *+ * Derives a shared secret using a key agreement algorithm. + *
+ *
+ * You must use an asymmetric NIST-recommended elliptic curve (ECC) or SM2
+ * (China Regions only) KMS key pair with a KeyUsage
value of
+ * KEY_AGREEMENT
to call DeriveSharedSecret.
+ *
+ * DeriveSharedSecret uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman Primitive (ECDH) to + * establish a key agreement between two peers by deriving a shared secret from + * their elliptic curve public-private key pairs. You can use the raw shared + * secret that DeriveSharedSecret returns to derive a symmetric key that can + * encrypt and decrypt data that is sent between the two peers, or that can + * generate and verify HMACs. KMS recommends that you follow NIST recommendations for key derivation when using the raw shared secret + * to derive a symmetric key. + *
+ *+ * The following workflow demonstrates how to establish key agreement over an + * insecure communication channel using DeriveSharedSecret. + *
+ *
+ * Alice calls CreateKey to create an asymmetric KMS key pair with
+ * a KeyUsage
value of KEY_AGREEMENT
.
+ *
+ * The asymmetric KMS key must use a NIST-recommended elliptic curve (ECC) or + * SM2 (China Regions only) key spec. + *
+ *+ * Bob creates an elliptic curve key pair. + *
+ *+ * Bob can call CreateKey to create an asymmetric KMS key pair or + * generate a key pair outside of KMS. Bob's key pair must use the same + * NIST-recommended elliptic curve (ECC) or SM2 (China Regions ony) curve as + * Alice. + *
+ *+ * Alice and Bob exchange their public keys through an insecure + * communication channel (like the internet). + *
+ *+ * Use GetPublicKey to download the public key of your asymmetric KMS key + * pair. + *
+ *+ * KMS strongly recommends verifying that the public key you receive came from + * the expected party before using it to derive a shared secret. + *
+ *+ * Alice calls DeriveSharedSecret. + *
+ *+ * KMS uses the private key from the KMS key pair generated in Step 1, + * Bob's public key, and the Elliptic Curve Cryptography Cofactor Diffie-Hellman + * Primitive to derive the shared secret. The private key in your KMS key pair + * never leaves KMS unencrypted. DeriveSharedSecret returns the raw shared + * secret. + *
+ *+ * Bob uses the Elliptic Curve Cryptography Cofactor Diffie-Hellman + * Primitive to calculate the same raw secret using his private key and Alice's + * public key. + *
+ *+ * To derive a shared secret you must provide a key agreement algorithm, the + * private key of the caller's asymmetric NIST-recommended elliptic curve or SM2 + * (China Regions only) KMS key pair, and the public key from your peer's + * NIST-recommended elliptic curve or SM2 (China Regions only) key pair. The + * public key can be from another asymmetric KMS key pair or from a key pair + * generated outside of KMS, but both key pairs must be on the same elliptic + * curve. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *
+ * Cross-account use: Yes. To perform this operation with a KMS key in a
+ * different Amazon Web Services account, specify the key ARN or alias ARN in
+ * the value of the KeyId
parameter.
+ *
+ * Required permissions: kms:DeriveSharedSecret (key policy) + *
+ *+ * Related operations: + *
+ *+ * CreateKey + *
+ *+ * GetPublicKey + *
+ *+ * DescribeKey + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ */ +public class DeriveSharedSecretRequest extends AmazonWebServiceRequest implements Serializable { + /** + *
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China Regions only)
+ * KMS key. KMS uses the private key in the specified key pair to derive the
+ * shared secret. The key usage of the KMS key must be
+ * KEY_AGREEMENT
. To find the KeyUsage
of a KMS
+ * key, use the DescribeKey operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN.
+ * When using an alias name, prefix it with "alias/"
. To
+ * specify a KMS key in a different Amazon Web Services account, you must
+ * use the key ARN or alias ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. To get the alias name and alias ARN, use + * ListAliases. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ */
+ private String keyAgreementAlgorithm;
+
+ /**
+ *
+ * Specifies the public key in your peer's NIST-recommended elliptic curve + * (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also known as
+ * SubjectPublicKeyInfo
(SPKI), as defined in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric KMS key pair + * in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the DER-encoded
+ * X.509 public key in a file. Otherwise, the Amazon Web Services CLI
+ * Base64-encodes the public key a second time, resulting in a
+ * ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using fileb (
+ * fileb://<path-to-file>
) or in-line using a Base64
+ * encoded string.
+ *
+ * Constraints:
+ * Length: 1 - 8192
+ */
+ private java.nio.ByteBuffer publicKey;
+
+ /**
+ *
+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation comes from + * a new grant that has not yet achieved eventual consistency. For + * more information, see Grant token and Using a grant token in the Key Management Service Developer + * Guide. + *
+ */ + private java.util.List
+ * Checks if your request will succeed. DryRun
is an optional
+ * parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ */ + private Boolean dryRun; + + /** + *
+ * A signed attestation document from an Amazon Web Services Nitro enclave and
+ * the encryption algorithm to use with the enclave's public key. The only
+ * valid encryption algorithm is RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon Web + * Services Nitro Enclaves. To call DeriveSharedSecret for an Amazon Web + * Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext copy of the
+ * shared secret, KMS encrypts the plaintext shared secret under the public
+ * key in the attestation document, and returns the resulting ciphertext in
+ * the CiphertextForRecipient
field in the response. This
+ * ciphertext can be decrypted only with the private key in the enclave. The
+ * CiphertextBlob
field in the response contains the encrypted
+ * shared secret derived from the KMS key specified by the
+ * KeyId
parameter and public key specified by the
+ * PublicKey
parameter. The SharedSecret
field in
+ * the response is null or empty.
+ *
+ * For information about the interaction between KMS and Amazon Web Services + * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key + * Management Service Developer Guide. + *
+ */ + private RecipientInfo recipient; + + /** + *
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China Regions only)
+ * KMS key. KMS uses the private key in the specified key pair to derive the
+ * shared secret. The key usage of the KMS key must be
+ * KEY_AGREEMENT
. To find the KeyUsage
of a KMS
+ * key, use the DescribeKey operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN.
+ * When using an alias name, prefix it with "alias/"
. To
+ * specify a KMS key in a different Amazon Web Services account, you must
+ * use the key ARN or alias ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. To get the alias name and alias ARN, use + * ListAliases. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China
+ * Regions only) KMS key. KMS uses the private key in the specified
+ * key pair to derive the shared secret. The key usage of the KMS
+ * key must be KEY_AGREEMENT
. To find the
+ * KeyUsage
of a KMS key, use the DescribeKey
+ * operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or
+ * alias ARN. When using an alias name, prefix it with
+ * "alias/"
. To specify a KMS key in a different Amazon
+ * Web Services account, you must use the key ARN or alias ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys + * or DescribeKey. To get the alias name and alias ARN, use + * ListAliases. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China Regions only)
+ * KMS key. KMS uses the private key in the specified key pair to derive the
+ * shared secret. The key usage of the KMS key must be
+ * KEY_AGREEMENT
. To find the KeyUsage
of a KMS
+ * key, use the DescribeKey operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN.
+ * When using an alias name, prefix it with "alias/"
. To
+ * specify a KMS key in a different Amazon Web Services account, you must
+ * use the key ARN or alias ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. To get the alias name and alias ARN, use + * ListAliases. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China
+ * Regions only) KMS key. KMS uses the private key in the
+ * specified key pair to derive the shared secret. The key usage
+ * of the KMS key must be KEY_AGREEMENT
. To find the
+ * KeyUsage
of a KMS key, use the DescribeKey
+ * operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or
+ * alias ARN. When using an alias name, prefix it with
+ * "alias/"
. To specify a KMS key in a different
+ * Amazon Web Services account, you must use the key ARN or alias
+ * ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. To get the alias name + * and alias ARN, use ListAliases. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China Regions only)
+ * KMS key. KMS uses the private key in the specified key pair to derive the
+ * shared secret. The key usage of the KMS key must be
+ * KEY_AGREEMENT
. To find the KeyUsage
of a KMS
+ * key, use the DescribeKey operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or alias ARN.
+ * When using an alias name, prefix it with "alias/"
. To
+ * specify a KMS key in a different Amazon Web Services account, you must
+ * use the key ARN or alias ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. To get the alias name and alias ARN, use + * ListAliases. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies an asymmetric NIST-recommended ECC or SM2 (China
+ * Regions only) KMS key. KMS uses the private key in the
+ * specified key pair to derive the shared secret. The key usage
+ * of the KMS key must be KEY_AGREEMENT
. To find the
+ * KeyUsage
of a KMS key, use the DescribeKey
+ * operation.
+ *
+ * To specify a KMS key, use its key ID, key ARN, alias name, or
+ * alias ARN. When using an alias name, prefix it with
+ * "alias/"
. To specify a KMS key in a different
+ * Amazon Web Services account, you must use the key ARN or alias
+ * ARN.
+ *
+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Alias name: alias/ExampleAlias
+ *
+ * Alias ARN:
+ * arn:aws:kms:us-east-2:111122223333:alias/ExampleAlias
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. To get the alias name + * and alias ARN, use ListAliases. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretRequest withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @return
+ * Specifies the key agreement algorithm used to derive the shared
+ * secret. The only valid value is ECDH
.
+ *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Specifies the key agreement algorithm used to derive the
+ * shared secret. The only valid value is ECDH
.
+ *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Specifies the key agreement algorithm used to derive the
+ * shared secret. The only valid value is ECDH
.
+ *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Specifies the key agreement algorithm used to derive the
+ * shared secret. The only valid value is ECDH
.
+ *
+ * Specifies the key agreement algorithm used to derive the shared secret.
+ * The only valid value is ECDH
.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Specifies the key agreement algorithm used to derive the
+ * shared secret. The only valid value is ECDH
.
+ *
+ * Specifies the public key in your peer's NIST-recommended elliptic curve + * (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also known as
+ * SubjectPublicKeyInfo
(SPKI), as defined in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric KMS key pair + * in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the DER-encoded
+ * X.509 public key in a file. Otherwise, the Amazon Web Services CLI
+ * Base64-encodes the public key a second time, resulting in a
+ * ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using fileb (
+ * fileb://<path-to-file>
) or in-line using a Base64
+ * encoded string.
+ *
+ * Constraints:
+ * Length: 1 - 8192
+ *
+ * @return
+ * Specifies the public key in your peer's NIST-recommended elliptic + * curve (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also known
+ * as SubjectPublicKeyInfo
(SPKI), as defined in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric KMS + * key pair in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the
+ * DER-encoded X.509 public key in a file. Otherwise, the Amazon Web
+ * Services CLI Base64-encodes the public key a second time,
+ * resulting in a ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using
+ * fileb (fileb://<path-to-file>
) or in-line
+ * using a Base64 encoded string.
+ *
+ * Specifies the public key in your peer's NIST-recommended elliptic curve + * (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also known as
+ * SubjectPublicKeyInfo
(SPKI), as defined in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric KMS key pair + * in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the DER-encoded
+ * X.509 public key in a file. Otherwise, the Amazon Web Services CLI
+ * Base64-encodes the public key a second time, resulting in a
+ * ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using fileb (
+ * fileb://<path-to-file>
) or in-line using a Base64
+ * encoded string.
+ *
+ * Constraints:
+ * Length: 1 - 8192
+ *
+ * @param publicKey
+ * Specifies the public key in your peer's NIST-recommended + * elliptic curve (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also
+ * known as SubjectPublicKeyInfo
(SPKI), as defined
+ * in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric + * KMS key pair in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the
+ * DER-encoded X.509 public key in a file. Otherwise, the Amazon
+ * Web Services CLI Base64-encodes the public key a second time,
+ * resulting in a ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using
+ * fileb (fileb://<path-to-file>
) or in-line
+ * using a Base64 encoded string.
+ *
+ * Specifies the public key in your peer's NIST-recommended elliptic curve + * (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also known as
+ * SubjectPublicKeyInfo
(SPKI), as defined in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric KMS key pair + * in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the DER-encoded
+ * X.509 public key in a file. Otherwise, the Amazon Web Services CLI
+ * Base64-encodes the public key a second time, resulting in a
+ * ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using fileb (
+ * fileb://<path-to-file>
) or in-line using a Base64
+ * encoded string.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 8192
+ *
+ * @param publicKey
+ * Specifies the public key in your peer's NIST-recommended + * elliptic curve (ECC) or SM2 (China Regions only) key pair. + *
+ *
+ * The public key must be a DER-encoded X.509 public key, also
+ * known as SubjectPublicKeyInfo
(SPKI), as defined
+ * in RFC 5280.
+ *
+ * GetPublicKey returns the public key of an asymmetric + * KMS key pair in the required DER-encoded format. + *
+ *
+ * If you use Amazon Web Services CLI version 1, you must provide the
+ * DER-encoded X.509 public key in a file. Otherwise, the Amazon
+ * Web Services CLI Base64-encodes the public key a second time,
+ * resulting in a ValidationException
.
+ *
+ * You can specify the public key as binary data in a file using
+ * fileb (fileb://<path-to-file>
) or in-line
+ * using a Base64 encoded string.
+ *
+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation comes from + * a new grant that has not yet achieved eventual consistency. For + * more information, see Grant token and Using a grant token in the Key Management Service Developer + * Guide. + *
+ * + * @return+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation + * comes from a new grant that has not yet achieved eventual + * consistency. For more information, see Grant token and Using a grant token in the Key Management Service + * Developer Guide. + *
+ */ + public java.util.List+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation comes from + * a new grant that has not yet achieved eventual consistency. For + * more information, see Grant token and Using a grant token in the Key Management Service Developer + * Guide. + *
+ * + * @param grantTokens+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation + * comes from a new grant that has not yet achieved eventual + * consistency. For more information, see Grant token and Using a grant token in the Key Management Service + * Developer Guide. + *
+ */ + public void setGrantTokens(java.util.Collection+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation comes from + * a new grant that has not yet achieved eventual consistency. For + * more information, see Grant token and Using a grant token in the Key Management Service Developer + * Guide. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param grantTokens
+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation + * comes from a new grant that has not yet achieved eventual + * consistency. For more information, see Grant token and Using a grant token in the Key Management Service + * Developer Guide. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretRequest withGrantTokens(String... grantTokens) { + if (getGrantTokens() == null) { + this.grantTokens = new java.util.ArrayList+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation comes from + * a new grant that has not yet achieved eventual consistency. For + * more information, see Grant token and Using a grant token in the Key Management Service Developer + * Guide. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param grantTokens
+ * A list of grant tokens. + *
+ *+ * Use a grant token when your permission to call this operation + * comes from a new grant that has not yet achieved eventual + * consistency. For more information, see Grant token and Using a grant token in the Key Management Service + * Developer Guide. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretRequest withGrantTokens(java.util.Collection
+ * Checks if your request will succeed. DryRun
is an optional
+ * parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ * + * @return
+ * Checks if your request will succeed. DryRun
is an
+ * optional parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ */ + public Boolean isDryRun() { + return dryRun; + } + + /** + *
+ * Checks if your request will succeed. DryRun
is an optional
+ * parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ * + * @return
+ * Checks if your request will succeed. DryRun
is an
+ * optional parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ */ + public Boolean getDryRun() { + return dryRun; + } + + /** + *
+ * Checks if your request will succeed. DryRun
is an optional
+ * parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ * + * @param dryRun
+ * Checks if your request will succeed. DryRun
is an
+ * optional parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management + * Service Developer Guide. + *
+ */ + public void setDryRun(Boolean dryRun) { + this.dryRun = dryRun; + } + + /** + *
+ * Checks if your request will succeed. DryRun
is an optional
+ * parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management Service + * Developer Guide. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param dryRun
+ * Checks if your request will succeed. DryRun
is an
+ * optional parameter.
+ *
+ * To learn more about how to use this parameter, see Testing your KMS API calls in the Key Management + * Service Developer Guide. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretRequest withDryRun(Boolean dryRun) { + this.dryRun = dryRun; + return this; + } + + /** + *
+ * A signed attestation document from an Amazon Web Services Nitro enclave and
+ * the encryption algorithm to use with the enclave's public key. The only
+ * valid encryption algorithm is RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon Web + * Services Nitro Enclaves. To call DeriveSharedSecret for an Amazon Web + * Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext copy of the
+ * shared secret, KMS encrypts the plaintext shared secret under the public
+ * key in the attestation document, and returns the resulting ciphertext in
+ * the CiphertextForRecipient
field in the response. This
+ * ciphertext can be decrypted only with the private key in the enclave. The
+ * CiphertextBlob
field in the response contains the encrypted
+ * shared secret derived from the KMS key specified by the
+ * KeyId
parameter and public key specified by the
+ * PublicKey
parameter. The SharedSecret
field in
+ * the response is null or empty.
+ *
+ * For information about the interaction between KMS and Amazon Web Services + * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key + * Management Service Developer Guide. + *
+ * + * @return
+ * A signed attestation document from an Amazon Web Services Nitro
+ * enclave and the encryption algorithm to use with the enclave's
+ * public key. The only valid encryption algorithm is
+ * RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon Web + * Services Nitro Enclaves. To call DeriveSharedSecret for an Amazon + * Web Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation document + * for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext
+ * copy of the shared secret, KMS encrypts the plaintext shared
+ * secret under the public key in the attestation document, and
+ * returns the resulting ciphertext in the
+ * CiphertextForRecipient
field in the response. This
+ * ciphertext can be decrypted only with the private key in the
+ * enclave. The CiphertextBlob
field in the response
+ * contains the encrypted shared secret derived from the KMS key
+ * specified by the KeyId
parameter and public key
+ * specified by the PublicKey
parameter. The
+ * SharedSecret
field in the response is null or empty.
+ *
+ * For information about the interaction between KMS and Amazon Web + * Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the + * Key Management Service Developer Guide. + *
+ */ + public RecipientInfo getRecipient() { + return recipient; + } + + /** + *
+ * A signed attestation document from an Amazon Web Services Nitro enclave and
+ * the encryption algorithm to use with the enclave's public key. The only
+ * valid encryption algorithm is RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon Web + * Services Nitro Enclaves. To call DeriveSharedSecret for an Amazon Web + * Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext copy of the
+ * shared secret, KMS encrypts the plaintext shared secret under the public
+ * key in the attestation document, and returns the resulting ciphertext in
+ * the CiphertextForRecipient
field in the response. This
+ * ciphertext can be decrypted only with the private key in the enclave. The
+ * CiphertextBlob
field in the response contains the encrypted
+ * shared secret derived from the KMS key specified by the
+ * KeyId
parameter and public key specified by the
+ * PublicKey
parameter. The SharedSecret
field in
+ * the response is null or empty.
+ *
+ * For information about the interaction between KMS and Amazon Web Services + * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key + * Management Service Developer Guide. + *
+ * + * @param recipient
+ * A signed attestation document from an Amazon Web Services Nitro
+ * enclave and the encryption algorithm to use with the enclave's
+ * public key. The only valid encryption algorithm is
+ * RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon + * Web Services Nitro Enclaves. To call DeriveSharedSecret for an + * Amazon Web Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation + * document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext
+ * copy of the shared secret, KMS encrypts the plaintext shared
+ * secret under the public key in the attestation document, and
+ * returns the resulting ciphertext in the
+ * CiphertextForRecipient
field in the response.
+ * This ciphertext can be decrypted only with the private key in
+ * the enclave. The CiphertextBlob
field in the
+ * response contains the encrypted shared secret derived from the
+ * KMS key specified by the KeyId
parameter and
+ * public key specified by the PublicKey
parameter.
+ * The SharedSecret
field in the response is null or
+ * empty.
+ *
+ * For information about the interaction between KMS and Amazon + * Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the + * Key Management Service Developer Guide. + *
+ */ + public void setRecipient(RecipientInfo recipient) { + this.recipient = recipient; + } + + /** + *
+ * A signed attestation document from an Amazon Web Services Nitro enclave and
+ * the encryption algorithm to use with the enclave's public key. The only
+ * valid encryption algorithm is RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon Web + * Services Nitro Enclaves. To call DeriveSharedSecret for an Amazon Web + * Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext copy of the
+ * shared secret, KMS encrypts the plaintext shared secret under the public
+ * key in the attestation document, and returns the resulting ciphertext in
+ * the CiphertextForRecipient
field in the response. This
+ * ciphertext can be decrypted only with the private key in the enclave. The
+ * CiphertextBlob
field in the response contains the encrypted
+ * shared secret derived from the KMS key specified by the
+ * KeyId
parameter and public key specified by the
+ * PublicKey
parameter. The SharedSecret
field in
+ * the response is null or empty.
+ *
+ * For information about the interaction between KMS and Amazon Web Services + * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key + * Management Service Developer Guide. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param recipient
+ * A signed attestation document from an Amazon Web Services Nitro
+ * enclave and the encryption algorithm to use with the enclave's
+ * public key. The only valid encryption algorithm is
+ * RSAES_OAEP_SHA_256
.
+ *
+ * This parameter only supports attestation documents for Amazon + * Web Services Nitro Enclaves. To call DeriveSharedSecret for an + * Amazon Web Services Nitro Enclaves, use the Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation + * document for the enclave. + *
+ *
+ * When you use this parameter, instead of returning a plaintext
+ * copy of the shared secret, KMS encrypts the plaintext shared
+ * secret under the public key in the attestation document, and
+ * returns the resulting ciphertext in the
+ * CiphertextForRecipient
field in the response.
+ * This ciphertext can be decrypted only with the private key in
+ * the enclave. The CiphertextBlob
field in the
+ * response contains the encrypted shared secret derived from the
+ * KMS key specified by the KeyId
parameter and
+ * public key specified by the PublicKey
parameter.
+ * The SharedSecret
field in the response is null or
+ * empty.
+ *
+ * For information about the interaction between KMS and Amazon + * Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the + * Key Management Service Developer Guide. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretRequest withRecipient(RecipientInfo recipient) { + this.recipient = recipient; + return this; + } + + /** + * Returns a string representation of this object; useful for testing and + * debugging. + * + * @return A string representation of this object. + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("{"); + if (getKeyId() != null) + sb.append("KeyId: " + getKeyId() + ","); + if (getKeyAgreementAlgorithm() != null) + sb.append("KeyAgreementAlgorithm: " + getKeyAgreementAlgorithm() + ","); + if (getPublicKey() != null) + sb.append("PublicKey: " + getPublicKey() + ","); + if (getGrantTokens() != null) + sb.append("GrantTokens: " + getGrantTokens() + ","); + if (getDryRun() != null) + sb.append("DryRun: " + getDryRun() + ","); + if (getRecipient() != null) + sb.append("Recipient: " + getRecipient()); + sb.append("}"); + return sb.toString(); + } + + @Override + public int hashCode() { + final int prime = 31; + int hashCode = 1; + + hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + hashCode = prime + * hashCode + + ((getKeyAgreementAlgorithm() == null) ? 0 : getKeyAgreementAlgorithm().hashCode()); + hashCode = prime * hashCode + ((getPublicKey() == null) ? 0 : getPublicKey().hashCode()); + hashCode = prime * hashCode + + ((getGrantTokens() == null) ? 0 : getGrantTokens().hashCode()); + hashCode = prime * hashCode + ((getDryRun() == null) ? 0 : getDryRun().hashCode()); + hashCode = prime * hashCode + ((getRecipient() == null) ? 0 : getRecipient().hashCode()); + return hashCode; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + + if (obj instanceof DeriveSharedSecretRequest == false) + return false; + DeriveSharedSecretRequest other = (DeriveSharedSecretRequest) obj; + + if (other.getKeyId() == null ^ this.getKeyId() == null) + return false; + if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) + return false; + if (other.getKeyAgreementAlgorithm() == null ^ this.getKeyAgreementAlgorithm() == null) + return false; + if (other.getKeyAgreementAlgorithm() != null + && other.getKeyAgreementAlgorithm().equals(this.getKeyAgreementAlgorithm()) == false) + return false; + if (other.getPublicKey() == null ^ this.getPublicKey() == null) + return false; + if (other.getPublicKey() != null + && other.getPublicKey().equals(this.getPublicKey()) == false) + return false; + if (other.getGrantTokens() == null ^ this.getGrantTokens() == null) + return false; + if (other.getGrantTokens() != null + && other.getGrantTokens().equals(this.getGrantTokens()) == false) + return false; + if (other.getDryRun() == null ^ this.getDryRun() == null) + return false; + if (other.getDryRun() != null && other.getDryRun().equals(this.getDryRun()) == false) + return false; + if (other.getRecipient() == null ^ this.getRecipient() == null) + return false; + if (other.getRecipient() != null + && other.getRecipient().equals(this.getRecipient()) == false) + return false; + return true; + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretResult.java new file mode 100644 index 0000000000..cc680bdbff --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DeriveSharedSecretResult.java @@ -0,0 +1,769 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import java.io.Serializable; + +public class DeriveSharedSecretResult implements Serializable { + /** + *+ * Identifies the KMS key used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * The raw secret derived from the specified key agreement algorithm, + * private key in the asymmetric KMS key, and your peer's public key. + *
+ *
+ * If the response includes the CiphertextForRecipient
field,
+ * the SharedSecret
field is null or empty.
+ *
+ * Constraints:
+ * Length: 1 - 4096
+ */
+ private java.nio.ByteBuffer sharedSecret;
+
+ /**
+ *
+ * The plaintext shared secret encrypted with the public key in the + * attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a valid
+ * attestation document from an Amazon Web Services Nitro enclave. For
+ * information about the interaction between KMS and Amazon Web Services
+ * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
+ * Management Service Developer Guide.
+ *
+ * Constraints:
+ * Length: 1 - 6144
+ */
+ private java.nio.ByteBuffer ciphertextForRecipient;
+
+ /**
+ *
+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ */
+ private String keyAgreementAlgorithm;
+
+ /**
+ *
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ */
+ private String keyOrigin;
+
+ /**
+ *
+ * Identifies the KMS key used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Identifies the KMS key used to derive the shared secret. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Identifies the KMS key used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the KMS key used to derive the shared secret. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Identifies the KMS key used to derive the shared secret. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the KMS key used to derive the shared secret. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public DeriveSharedSecretResult withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + *+ * The raw secret derived from the specified key agreement algorithm, + * private key in the asymmetric KMS key, and your peer's public key. + *
+ *
+ * If the response includes the CiphertextForRecipient
field,
+ * the SharedSecret
field is null or empty.
+ *
+ * Constraints:
+ * Length: 1 - 4096
+ *
+ * @return
+ * The raw secret derived from the specified key agreement + * algorithm, private key in the asymmetric KMS key, and your peer's + * public key. + *
+ *
+ * If the response includes the CiphertextForRecipient
+ * field, the SharedSecret
field is null or empty.
+ *
+ * The raw secret derived from the specified key agreement algorithm, + * private key in the asymmetric KMS key, and your peer's public key. + *
+ *
+ * If the response includes the CiphertextForRecipient
field,
+ * the SharedSecret
field is null or empty.
+ *
+ * Constraints:
+ * Length: 1 - 4096
+ *
+ * @param sharedSecret
+ * The raw secret derived from the specified key agreement + * algorithm, private key in the asymmetric KMS key, and your + * peer's public key. + *
+ *
+ * If the response includes the
+ * CiphertextForRecipient
field, the
+ * SharedSecret
field is null or empty.
+ *
+ * The raw secret derived from the specified key agreement algorithm, + * private key in the asymmetric KMS key, and your peer's public key. + *
+ *
+ * If the response includes the CiphertextForRecipient
field,
+ * the SharedSecret
field is null or empty.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 4096
+ *
+ * @param sharedSecret
+ * The raw secret derived from the specified key agreement + * algorithm, private key in the asymmetric KMS key, and your + * peer's public key. + *
+ *
+ * If the response includes the
+ * CiphertextForRecipient
field, the
+ * SharedSecret
field is null or empty.
+ *
+ * The plaintext shared secret encrypted with the public key in the + * attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a valid
+ * attestation document from an Amazon Web Services Nitro enclave. For
+ * information about the interaction between KMS and Amazon Web Services
+ * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
+ * Management Service Developer Guide.
+ *
+ * Constraints:
+ * Length: 1 - 6144
+ *
+ * @return
+ * The plaintext shared secret encrypted with the public key in the + * attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a valid
+ * attestation document from an Amazon Web Services Nitro enclave.
+ * For information about the interaction between KMS and Amazon Web
+ * Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the
+ * Key Management Service Developer Guide.
+ *
+ * The plaintext shared secret encrypted with the public key in the + * attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a valid
+ * attestation document from an Amazon Web Services Nitro enclave. For
+ * information about the interaction between KMS and Amazon Web Services
+ * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
+ * Management Service Developer Guide.
+ *
+ * Constraints:
+ * Length: 1 - 6144
+ *
+ * @param ciphertextForRecipient
+ * The plaintext shared secret encrypted with the public key in + * the attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a
+ * valid attestation document from an Amazon Web Services Nitro
+ * enclave. For information about the interaction between KMS and
+ * Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the
+ * Key Management Service Developer Guide.
+ *
+ * The plaintext shared secret encrypted with the public key in the + * attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a valid
+ * attestation document from an Amazon Web Services Nitro enclave. For
+ * information about the interaction between KMS and Amazon Web Services
+ * Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the Key
+ * Management Service Developer Guide.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 6144
+ *
+ * @param ciphertextForRecipient
+ * The plaintext shared secret encrypted with the public key in + * the attestation document. + *
+ *
+ * This field is included in the response only when the
+ * Recipient
parameter in the request includes a
+ * valid attestation document from an Amazon Web Services Nitro
+ * enclave. For information about the interaction between KMS and
+ * Amazon Web Services Nitro Enclaves, see How Amazon Web Services Nitro Enclaves uses KMS in the
+ * Key Management Service Developer Guide.
+ *
+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @return
+ * Identifies the key agreement algorithm used to derive the shared + * secret. + *
+ * @see KeyAgreementAlgorithmSpec + */ + public String getKeyAgreementAlgorithm() { + return keyAgreementAlgorithm; + } + + /** + *+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Identifies the key agreement algorithm used to derive the + * shared secret. + *
+ * @see KeyAgreementAlgorithmSpec + */ + public void setKeyAgreementAlgorithm(String keyAgreementAlgorithm) { + this.keyAgreementAlgorithm = keyAgreementAlgorithm; + } + + /** + *+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Identifies the key agreement algorithm used to derive the + * shared secret. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + * @see KeyAgreementAlgorithmSpec + */ + public DeriveSharedSecretResult withKeyAgreementAlgorithm(String keyAgreementAlgorithm) { + this.keyAgreementAlgorithm = keyAgreementAlgorithm; + return this; + } + + /** + *+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Identifies the key agreement algorithm used to derive the + * shared secret. + *
+ * @see KeyAgreementAlgorithmSpec + */ + public void setKeyAgreementAlgorithm(KeyAgreementAlgorithmSpec keyAgreementAlgorithm) { + this.keyAgreementAlgorithm = keyAgreementAlgorithm.toString(); + } + + /** + *+ * Identifies the key agreement algorithm used to derive the shared secret. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: ECDH
+ *
+ * @param keyAgreementAlgorithm
+ * Identifies the key agreement algorithm used to derive the + * shared secret. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + * @see KeyAgreementAlgorithmSpec + */ + public DeriveSharedSecretResult withKeyAgreementAlgorithm( + KeyAgreementAlgorithmSpec keyAgreementAlgorithm) { + this.keyAgreementAlgorithm = keyAgreementAlgorithm.toString(); + return this; + } + + /** + *+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ *
+ * @return
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key
+ * material. When this value is EXTERNAL
, the key
+ * material was imported or the KMS key doesn't have any key
+ * material.
+ *
+ * The only valid values for DeriveSharedSecret are
+ * AWS_KMS
and EXTERNAL
.
+ * DeriveSharedSecret does not support KMS keys with a
+ * KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ *
+ * @param keyOrigin
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key
+ * material. When this value is EXTERNAL
, the key
+ * material was imported or the KMS key doesn't have any key
+ * material.
+ *
+ * The only valid values for DeriveSharedSecret are
+ * AWS_KMS
and EXTERNAL
.
+ * DeriveSharedSecret does not support KMS keys with a
+ * KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ *
+ * @param keyOrigin
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key
+ * material. When this value is EXTERNAL
, the key
+ * material was imported or the KMS key doesn't have any key
+ * material.
+ *
+ * The only valid values for DeriveSharedSecret are
+ * AWS_KMS
and EXTERNAL
.
+ * DeriveSharedSecret does not support KMS keys with a
+ * KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ *
+ * @param keyOrigin
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key
+ * material. When this value is EXTERNAL
, the key
+ * material was imported or the KMS key doesn't have any key
+ * material.
+ *
+ * The only valid values for DeriveSharedSecret are
+ * AWS_KMS
and EXTERNAL
.
+ * DeriveSharedSecret does not support KMS keys with a
+ * KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key material.
+ * When this value is EXTERNAL
, the key material was imported
+ * or the KMS key doesn't have any key material.
+ *
+ * The only valid values for DeriveSharedSecret are AWS_KMS
and
+ * EXTERNAL
. DeriveSharedSecret does not support KMS keys with
+ * a KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: AWS_KMS, EXTERNAL, AWS_CLOUDHSM,
+ * EXTERNAL_KEY_STORE
+ *
+ * @param keyOrigin
+ * The source of the key material for the specified KMS key. + *
+ *
+ * When this value is AWS_KMS
, KMS created the key
+ * material. When this value is EXTERNAL
, the key
+ * material was imported or the KMS key doesn't have any key
+ * material.
+ *
+ * The only valid values for DeriveSharedSecret are
+ * AWS_KMS
and EXTERNAL
.
+ * DeriveSharedSecret does not support KMS keys with a
+ * KeyOrigin
value of AWS_CLOUDHSM
or
+ * EXTERNAL_KEY_STORE
.
+ *
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DescribeCustomKeyStoresRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeCustomKeyStoresResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeCustomKeyStoresResult.java index 10a539146c..bb2358fefb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeCustomKeyStoresResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeCustomKeyStoresResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ public class DescribeCustomKeyStoresResult implements Serializable { *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean isTruncated() {
@@ -218,7 +218,7 @@ public Boolean isTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean getTruncated() {
@@ -238,7 +238,7 @@ public Boolean getTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -258,7 +258,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -269,7 +269,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
- * For multi-Region
- * keys, DescribeKey
displays the primary key and all related
- * replica keys. For KMS keys in CloudHSM key
- * stores, it includes information about the key store, such as the key
- * store ID and the CloudHSM cluster ID. For KMS keys in external key
- * stores, it includes the custom key store ID and the ID of the external
- * key.
+ * For multi-Region keys, DescribeKey
displays the primary key and
+ * all related replica keys. For KMS keys in CloudHSM key stores, it includes information about the key store, such
+ * as the key store ID and the CloudHSM cluster ID. For KMS keys in external key stores, it includes the custom key store ID and the ID of
+ * the external key.
*
* DescribeKey
does not return the following information:
@@ -138,6 +138,12 @@
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DescribeKeyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeKeyResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeKeyResult.java index 6c438c4d1a..6cc0a84229 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeKeyResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DescribeKeyResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRequest.java index 50bc5a087b..d588556d13 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -52,6 +52,12 @@ ** Related operations: EnableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DisableKeyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRotationRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRotationRequest.java index 0fda610103..952af5c380 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRotationRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisableKeyRotationRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -89,7 +89,23 @@ * GetKeyRotationStatus * * + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DisableKeyRotationRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisabledException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisabledException.java index 0fc004789d..eb0d9b2151 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisabledException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisabledException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreRequest.java index 51dd3bfada..6a300d4780 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -97,6 +97,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class DisconnectCustomKeyStoreRequest extends AmazonWebServiceRequest implements Serializable { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreResult.java index fc0097f9ac..60f3699cf9 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DisconnectCustomKeyStoreResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DryRunOperationException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DryRunOperationException.java index a16d516355..87ec9da94f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DryRunOperationException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/DryRunOperationException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRequest.java index 6b64bcc0ad..1db48029a1 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -45,6 +45,12 @@ ** Related operations: DisableKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class EnableKeyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRotationRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRotationRequest.java index 926e4e55c1..3837369ed2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRotationRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EnableKeyRotationRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -22,18 +22,27 @@ /** ** Enables automatic rotation of the key material of the specified symmetric * encryption KMS key. *
*
- * When you enable automatic rotation of acustomer managed KMS key, KMS rotates the key material of the KMS key
* one year (approximately 365 days) from the enable date and every year
- * thereafter. You can monitor rotation of the key material for your KMS keys in
- * CloudTrail and Amazon CloudWatch. To disable rotation of the key material in
- * a customer managed KMS key, use the DisableKeyRotation operation.
+ * thereafter. You can use the optional RotationPeriodInDays
+ * parameter to specify a custom rotation period when you enable key rotation,
+ * or you can use RotationPeriodInDays
to modify the rotation
+ * period of a key that you previously enabled automatic key rotation on.
+ *
+ * You can monitor rotation of the key material for your KMS keys in CloudTrail + * and Amazon CloudWatch. To disable rotation of the key material in a customer + * managed KMS key, use the DisableKeyRotation operation. You can use the + * GetKeyRotationStatus operation to identify any in progress rotations. + * You can use the ListKeyRotations operation to view the details of + * completed rotations. *
** Automatic key rotation is supported only on multi-Region keys, set the property on the primary key. *
*- * You cannot enable or disable automatic rotation Amazon Web Services managed KMS keys. KMS always rotates the key * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys varies. + * >Amazon Web Services owned KMS keys is managed by the Amazon Web Services + * service that owns the key. *
*@@ -105,7 +115,29 @@ * GetKeyRotationStatus *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not automatic + * key rotation is enabled. + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class EnableKeyRotationRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -153,6 +185,31 @@ public class EnableKeyRotationRequest extends AmazonWebServiceRequest implements */ private String keyId; + /** + *+ * Use this parameter to specify a custom period of time between each + * rotation date. If no value is specified, the default value is 365 days. + *
+ *+ * The rotation period defines the number of days after you enable automatic + * key rotation that KMS will rotate your key material, and the number of + * days between each automatic rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to further
+ * constrain the values that principals can specify in the
+ * RotationPeriodInDays
parameter.
+ *
+ *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ */
+ private Integer rotationPeriodInDays;
+
/**
*
* Identifies a symmetric encryption KMS key. You cannot enable automatic @@ -417,6 +474,156 @@ public EnableKeyRotationRequest withKeyId(String keyId) { return this; } + /** + *
+ * Use this parameter to specify a custom period of time between each + * rotation date. If no value is specified, the default value is 365 days. + *
+ *+ * The rotation period defines the number of days after you enable automatic + * key rotation that KMS will rotate your key material, and the number of + * days between each automatic rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to further
+ * constrain the values that principals can specify in the
+ * RotationPeriodInDays
parameter.
+ *
+ *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @return
+ * Use this parameter to specify a custom period of time between + * each rotation date. If no value is specified, the default value + * is 365 days. + *
+ *+ * The rotation period defines the number of days after you enable + * automatic key rotation that KMS will rotate your key material, + * and the number of days between each automatic rotation + * thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to
+ * further constrain the values that principals can specify in the
+ * RotationPeriodInDays
parameter.
+ *
+ *
+ */ + public Integer getRotationPeriodInDays() { + return rotationPeriodInDays; + } + + /** + *+ * Use this parameter to specify a custom period of time between each + * rotation date. If no value is specified, the default value is 365 days. + *
+ *+ * The rotation period defines the number of days after you enable automatic + * key rotation that KMS will rotate your key material, and the number of + * days between each automatic rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to further
+ * constrain the values that principals can specify in the
+ * RotationPeriodInDays
parameter.
+ *
+ *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @param rotationPeriodInDays
+ * Use this parameter to specify a custom period of time between + * each rotation date. If no value is specified, the default + * value is 365 days. + *
+ *+ * The rotation period defines the number of days after you + * enable automatic key rotation that KMS will rotate your key + * material, and the number of days between each automatic + * rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to
+ * further constrain the values that principals can specify in
+ * the RotationPeriodInDays
parameter.
+ *
+ *
+ */ + public void setRotationPeriodInDays(Integer rotationPeriodInDays) { + this.rotationPeriodInDays = rotationPeriodInDays; + } + + /** + *+ * Use this parameter to specify a custom period of time between each + * rotation date. If no value is specified, the default value is 365 days. + *
+ *+ * The rotation period defines the number of days after you enable automatic + * key rotation that KMS will rotate your key material, and the number of + * days between each automatic rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to further
+ * constrain the values that principals can specify in the
+ * RotationPeriodInDays
parameter.
+ *
+ *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @param rotationPeriodInDays
+ * Use this parameter to specify a custom period of time between + * each rotation date. If no value is specified, the default + * value is 365 days. + *
+ *+ * The rotation period defines the number of days after you + * enable automatic key rotation that KMS will rotate your key + * material, and the number of days between each automatic + * rotation thereafter. + *
+ *
+ * You can use the kms:RotationPeriodInDays
condition key to
+ * further constrain the values that principals can specify in
+ * the RotationPeriodInDays
parameter.
+ *
+ *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public EnableKeyRotationRequest withRotationPeriodInDays(Integer rotationPeriodInDays) { + this.rotationPeriodInDays = rotationPeriodInDays; + return this; + } + /** * Returns a string representation of this object; useful for testing and * debugging. @@ -429,7 +636,9 @@ public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyId() != null) - sb.append("KeyId: " + getKeyId()); + sb.append("KeyId: " + getKeyId() + ","); + if (getRotationPeriodInDays() != null) + sb.append("RotationPeriodInDays: " + getRotationPeriodInDays()); sb.append("}"); return sb.toString(); } @@ -440,6 +649,8 @@ public int hashCode() { int hashCode = 1; hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + hashCode = prime * hashCode + + ((getRotationPeriodInDays() == null) ? 0 : getRotationPeriodInDays().hashCode()); return hashCode; } @@ -458,6 +669,11 @@ public boolean equals(Object obj) { return false; if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) return false; + if (other.getRotationPeriodInDays() == null ^ this.getRotationPeriodInDays() == null) + return false; + if (other.getRotationPeriodInDays() != null + && other.getRotationPeriodInDays().equals(this.getRotationPeriodInDays()) == false) + return false; return true; } } diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptRequest.java index df79712da4..e59343fbe2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -174,6 +174,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class EncryptRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptResult.java index cc5073575f..42cae62091 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptionAlgorithmSpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptionAlgorithmSpec.java index f65ff7841f..a6cb1babeb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptionAlgorithmSpec.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/EncryptionAlgorithmSpec.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpirationModelType.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpirationModelType.java index c0c62c5d1f..022399857a 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpirationModelType.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpirationModelType.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpiredImportTokenException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpiredImportTokenException.java index 7927116ac6..f5e6e57f09 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpiredImportTokenException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ExpiredImportTokenException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairRequest.java index 2fb7bfe0ef..d3096a4f36 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -26,7 +26,7 @@ * of the private key that is encrypted under the symmetric encryption KMS key * you specify. You can use the data key pair to perform asymmetric cryptography * and implement digital signatures outside of KMS. The bytes in the keys are - * random; they not related to the caller or to the KMS key that is used to + * random; they are not related to the caller or to the KMS key that is used to * encrypt the private key. * *@@ -145,6 +145,12 @@ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateDataKeyPairRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -272,10 +278,12 @@ public class GenerateDataKeyPairRequest extends AmazonWebServiceRequest implemen * ** This parameter only supports attestation documents for Amazon Web - * Services Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro Enclaves SDK or any Amazon Web Services - * SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. *
*
* When you use this parameter, instead of returning a plaintext copy of the
@@ -1203,10 +1211,12 @@ public GenerateDataKeyPairRequest withGrantTokens(java.util.Collection
* This parameter only supports attestation documents for Amazon Web - * Services Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro Enclaves SDK or any Amazon Web Services - * SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. *
*
* When you use this parameter, instead of returning a plaintext copy of the
@@ -1237,11 +1247,13 @@ public GenerateDataKeyPairRequest withGrantTokens(java.util.Collection
* This parameter only supports attestation documents for Amazon Web - * Services Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro Enclaves SDK or any Amazon Web - * Services SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation document + * for the enclave. *
** When you use this parameter, instead of returning a plaintext @@ -1278,10 +1290,12 @@ public RecipientInfo getRecipient() { *
** This parameter only supports attestation documents for Amazon Web - * Services Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro Enclaves SDK or any Amazon Web Services - * SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. *
** When you use this parameter, instead of returning a plaintext copy of the @@ -1312,11 +1326,13 @@ public RecipientInfo getRecipient() { *
** This parameter only supports attestation documents for Amazon - * Web Services Nitro Enclaves. To include this parameter, use - * the Amazon Web Services Nitro Enclaves SDK or any Amazon Web - * Services SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation + * document for the enclave. *
** When you use this parameter, instead of returning a plaintext @@ -1353,10 +1369,12 @@ public void setRecipient(RecipientInfo recipient) { *
** This parameter only supports attestation documents for Amazon Web - * Services Nitro Enclaves. To include this parameter, use the Amazon Web Services Nitro Enclaves SDK or any Amazon Web Services - * SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the attestation + * document and then use the Recipient parameter from any Amazon Web + * Services SDK to provide the attestation document for the enclave. *
** When you use this parameter, instead of returning a plaintext copy of the @@ -1390,11 +1408,13 @@ public void setRecipient(RecipientInfo recipient) { *
** This parameter only supports attestation documents for Amazon - * Web Services Nitro Enclaves. To include this parameter, use - * the Amazon Web Services Nitro Enclaves SDK or any Amazon Web - * Services SDK. + * >Amazon Web Services Nitro Enclaves SDK to generate the + * attestation document and then use the Recipient parameter from + * any Amazon Web Services SDK to provide the attestation + * document for the enclave. *
** When you use this parameter, instead of returning a plaintext diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairResult.java index 1f55187029..afb4687314 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextRequest.java index 4c7f9f4ed5..3561d0216b 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -112,6 +112,12 @@ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateDataKeyPairWithoutPlaintextRequest extends AmazonWebServiceRequest implements Serializable { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextResult.java index 01a96b3dc9..4855945965 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyPairWithoutPlaintextResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyRequest.java index 6f79571b04..b75eb76d05 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -182,6 +182,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateDataKeyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyResult.java index 81169d11d5..6058267ae5 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextRequest.java index 6eeb7d056c..20f21d4aa2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -128,6 +128,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateDataKeyWithoutPlaintextRequest extends AmazonWebServiceRequest implements Serializable { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextResult.java index eaeae4a61a..ad954610eb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateDataKeyWithoutPlaintextResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacRequest.java index 5e6feb7ed5..48ef407a64 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -67,6 +67,12 @@ ** Related operations: VerifyMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateMacRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacResult.java index 909ff66dc4..2dba1d185a 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateMacResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomRequest.java index cd2d435ccb..f76bf72f82 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -63,6 +63,12 @@ * "https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html" * >kms:GenerateRandom (IAM policy) * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GenerateRandomRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomResult.java index 9f45e66bbb..aa95a0dd3f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GenerateRandomResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyPolicyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyPolicyRequest.java index 1d5e4a09ae..a3233a0740 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyPolicyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyPolicyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -33,7 +33,15 @@ * >kms:GetKeyPolicy (key policy) * *- * Related operations: PutKeyPolicy + * Related operations: PutKeyPolicy + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. *
*/ public class GetKeyPolicyRequest extends AmazonWebServiceRequest implements Serializable { @@ -72,7 +80,8 @@ public class GetKeyPolicyRequest extends AmazonWebServiceRequest implements Seri /** *
- * Specifies the name of the key policy. The only valid name is
+ * Specifies the name of the key policy. If no policy name is specified, the
+ * default value is default
. The only valid name is
* default
. To get the names of key policies, use
* ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
+ * Specifies the name of the key policy. If no policy name is specified, the
+ * default value is default
. The only valid name is
* default
. To get the names of key policies, use
* ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
- * default
. To get the names of key policies, use
- * ListKeyPolicies.
+ * Specifies the name of the key policy. If no policy name is
+ * specified, the default value is default
. The only
+ * valid name is default
. To get the names of key
+ * policies, use ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
+ * Specifies the name of the key policy. If no policy name is specified, the
+ * default value is default
. The only valid name is
* default
. To get the names of key policies, use
* ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
- * default
. To get the names of key policies, use
- * ListKeyPolicies.
+ * Specifies the name of the key policy. If no policy name is
+ * specified, the default value is default
. The only
+ * valid name is default
. To get the names of key
+ * policies, use ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
+ * Specifies the name of the key policy. If no policy name is specified, the
+ * default value is default
. The only valid name is
* default
. To get the names of key policies, use
* ListKeyPolicies.
*
- * Specifies the name of the key policy. The only valid name is
- * default
. To get the names of key policies, use
- * ListKeyPolicies.
+ * Specifies the name of the key policy. If no policy name is
+ * specified, the default value is default
. The only
+ * valid name is default
. To get the names of key
+ * policies, use ListKeyPolicies.
*
+ * The name of the key policy. The only valid value is default
.
+ *
+ * Constraints:
+ * Length: 1 - 128
+ * Pattern: [\w]+
+ */
+ private String policyName;
+
/**
*
* A key policy document in JSON format. @@ -86,6 +97,66 @@ public GetKeyPolicyResult withPolicy(String policy) { return this; } + /** + *
+ * The name of the key policy. The only valid value is default
.
+ *
+ * Constraints:
+ * Length: 1 - 128
+ * Pattern: [\w]+
+ *
+ * @return
+ * The name of the key policy. The only valid value is
+ * default
.
+ *
+ * The name of the key policy. The only valid value is default
.
+ *
+ * Constraints:
+ * Length: 1 - 128
+ * Pattern: [\w]+
+ *
+ * @param policyName
+ * The name of the key policy. The only valid value is
+ * default
.
+ *
+ * The name of the key policy. The only valid value is default
.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 128
+ * Pattern: [\w]+
+ *
+ * @param policyName
+ * The name of the key policy. The only valid value is
+ * default
.
+ *
- * Gets a Boolean value that indicates whether automatic rotation of the key material is enabled for the specified KMS - * key. - *
- *- * When you enable automatic rotation for customer managed KMS keys, KMS rotates the key material of the KMS key - * one year (approximately 365 days) from the enable date and every year - * thereafter. You can monitor rotation of the key material for your KMS keys in - * CloudTrail and Amazon CloudWatch. + * key, the rotation period, and the next scheduled rotation date. *
** Automatic key rotation is supported only on true. *
+ *+ * You can perform on-demand (RotateKeyOnDemand) rotation of the key + * material in customer managed KMS keys, regardless of whether or not automatic + * key rotation is enabled. You can use GetKeyRotationStatus to identify the + * date and time that an in progress on-demand rotation was initiated. You can + * use ListKeyRotations to view the details of completed rotations. + *
** In May 2022, KMS changed the rotation schedule for Amazon Web Services @@ -120,7 +122,23 @@ * EnableKeyRotation *
* + *+ * ListKeyRotations + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GetKeyRotationStatusRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyRotationStatusResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyRotationStatusResult.java index fef9e7a00e..0a21852308 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyRotationStatusResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetKeyRotationStatusResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -25,6 +25,51 @@ public class GetKeyRotationStatusResult implements Serializable { */ private Boolean keyRotationEnabled; + /** + *+ * Identifies the specified symmetric encryption KMS key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * The number of days between each automatic rotation. The default value is + * 365 days. + *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ */
+ private Integer rotationPeriodInDays;
+
+ /**
+ *
+ * The next date that KMS will automatically rotate the key material. + *
+ */ + private java.util.Date nextRotationDate; + + /** + *+ * Identifies the date and time that an in progress on-demand rotation was + * initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature of the + * system. As a result, there might be a slight delay between initiating + * on-demand key rotation and the rotation's completion. Once the on-demand + * rotation is complete, use ListKeyRotations to view the details of + * the on-demand rotation. + *
+ */ + private java.util.Date onDemandRotationStartDate; + /** ** A Boolean value that specifies whether key rotation is enabled. @@ -85,6 +130,277 @@ public GetKeyRotationStatusResult withKeyRotationEnabled(Boolean keyRotationEnab return this; } + /** + *
+ * Identifies the specified symmetric encryption KMS key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Identifies the specified symmetric encryption KMS key. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Identifies the specified symmetric encryption KMS key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the specified symmetric encryption KMS key. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Identifies the specified symmetric encryption KMS key. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the specified symmetric encryption KMS key. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public GetKeyRotationStatusResult withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + *+ * The number of days between each automatic rotation. The default value is + * 365 days. + *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @return
+ * The number of days between each automatic rotation. The default + * value is 365 days. + *
+ */ + public Integer getRotationPeriodInDays() { + return rotationPeriodInDays; + } + + /** + *+ * The number of days between each automatic rotation. The default value is + * 365 days. + *
+ *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @param rotationPeriodInDays
+ * The number of days between each automatic rotation. The + * default value is 365 days. + *
+ */ + public void setRotationPeriodInDays(Integer rotationPeriodInDays) { + this.rotationPeriodInDays = rotationPeriodInDays; + } + + /** + *+ * The number of days between each automatic rotation. The default value is + * 365 days. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Range: 90 - 2560
+ *
+ * @param rotationPeriodInDays
+ * The number of days between each automatic rotation. The + * default value is 365 days. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public GetKeyRotationStatusResult withRotationPeriodInDays(Integer rotationPeriodInDays) { + this.rotationPeriodInDays = rotationPeriodInDays; + return this; + } + + /** + *+ * The next date that KMS will automatically rotate the key material. + *
+ * + * @return+ * The next date that KMS will automatically rotate the key + * material. + *
+ */ + public java.util.Date getNextRotationDate() { + return nextRotationDate; + } + + /** + *+ * The next date that KMS will automatically rotate the key material. + *
+ * + * @param nextRotationDate+ * The next date that KMS will automatically rotate the key + * material. + *
+ */ + public void setNextRotationDate(java.util.Date nextRotationDate) { + this.nextRotationDate = nextRotationDate; + } + + /** + *+ * The next date that KMS will automatically rotate the key material. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param nextRotationDate
+ * The next date that KMS will automatically rotate the key + * material. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public GetKeyRotationStatusResult withNextRotationDate(java.util.Date nextRotationDate) { + this.nextRotationDate = nextRotationDate; + return this; + } + + /** + *+ * Identifies the date and time that an in progress on-demand rotation was + * initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature of the + * system. As a result, there might be a slight delay between initiating + * on-demand key rotation and the rotation's completion. Once the on-demand + * rotation is complete, use ListKeyRotations to view the details of + * the on-demand rotation. + *
+ * + * @return+ * Identifies the date and time that an in progress on-demand + * rotation was initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature of + * the system. As a result, there might be a slight delay between + * initiating on-demand key rotation and the rotation's completion. + * Once the on-demand rotation is complete, use + * ListKeyRotations to view the details of the on-demand + * rotation. + *
+ */ + public java.util.Date getOnDemandRotationStartDate() { + return onDemandRotationStartDate; + } + + /** + *+ * Identifies the date and time that an in progress on-demand rotation was + * initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature of the + * system. As a result, there might be a slight delay between initiating + * on-demand key rotation and the rotation's completion. Once the on-demand + * rotation is complete, use ListKeyRotations to view the details of + * the on-demand rotation. + *
+ * + * @param onDemandRotationStartDate+ * Identifies the date and time that an in progress on-demand + * rotation was initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature + * of the system. As a result, there might be a slight delay + * between initiating on-demand key rotation and the rotation's + * completion. Once the on-demand rotation is complete, use + * ListKeyRotations to view the details of the on-demand + * rotation. + *
+ */ + public void setOnDemandRotationStartDate(java.util.Date onDemandRotationStartDate) { + this.onDemandRotationStartDate = onDemandRotationStartDate; + } + + /** + *+ * Identifies the date and time that an in progress on-demand rotation was + * initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature of the + * system. As a result, there might be a slight delay between initiating + * on-demand key rotation and the rotation's completion. Once the on-demand + * rotation is complete, use ListKeyRotations to view the details of + * the on-demand rotation. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param onDemandRotationStartDate
+ * Identifies the date and time that an in progress on-demand + * rotation was initiated. + *
+ *+ * The KMS API follows an eventual consistency model due to the distributed nature + * of the system. As a result, there might be a slight delay + * between initiating on-demand key rotation and the rotation's + * completion. Once the on-demand rotation is complete, use + * ListKeyRotations to view the details of the on-demand + * rotation. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public GetKeyRotationStatusResult withOnDemandRotationStartDate( + java.util.Date onDemandRotationStartDate) { + this.onDemandRotationStartDate = onDemandRotationStartDate; + return this; + } + /** * Returns a string representation of this object; useful for testing and * debugging. @@ -97,7 +413,15 @@ public String toString() { StringBuilder sb = new StringBuilder(); sb.append("{"); if (getKeyRotationEnabled() != null) - sb.append("KeyRotationEnabled: " + getKeyRotationEnabled()); + sb.append("KeyRotationEnabled: " + getKeyRotationEnabled() + ","); + if (getKeyId() != null) + sb.append("KeyId: " + getKeyId() + ","); + if (getRotationPeriodInDays() != null) + sb.append("RotationPeriodInDays: " + getRotationPeriodInDays() + ","); + if (getNextRotationDate() != null) + sb.append("NextRotationDate: " + getNextRotationDate() + ","); + if (getOnDemandRotationStartDate() != null) + sb.append("OnDemandRotationStartDate: " + getOnDemandRotationStartDate()); sb.append("}"); return sb.toString(); } @@ -109,6 +433,15 @@ public int hashCode() { hashCode = prime * hashCode + ((getKeyRotationEnabled() == null) ? 0 : getKeyRotationEnabled().hashCode()); + hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + hashCode = prime * hashCode + + ((getRotationPeriodInDays() == null) ? 0 : getRotationPeriodInDays().hashCode()); + hashCode = prime * hashCode + + ((getNextRotationDate() == null) ? 0 : getNextRotationDate().hashCode()); + hashCode = prime + * hashCode + + ((getOnDemandRotationStartDate() == null) ? 0 : getOnDemandRotationStartDate() + .hashCode()); return hashCode; } @@ -128,6 +461,26 @@ public boolean equals(Object obj) { if (other.getKeyRotationEnabled() != null && other.getKeyRotationEnabled().equals(this.getKeyRotationEnabled()) == false) return false; + if (other.getKeyId() == null ^ this.getKeyId() == null) + return false; + if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) + return false; + if (other.getRotationPeriodInDays() == null ^ this.getRotationPeriodInDays() == null) + return false; + if (other.getRotationPeriodInDays() != null + && other.getRotationPeriodInDays().equals(this.getRotationPeriodInDays()) == false) + return false; + if (other.getNextRotationDate() == null ^ this.getNextRotationDate() == null) + return false; + if (other.getNextRotationDate() != null + && other.getNextRotationDate().equals(this.getNextRotationDate()) == false) + return false; + if (other.getOnDemandRotationStartDate() == null + ^ this.getOnDemandRotationStartDate() == null) + return false; + if (other.getOnDemandRotationStartDate() != null + && other.getOnDemandRotationStartDate().equals(this.getOnDemandRotationStartDate()) == false) + return false; return true; } } diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportRequest.java index e1688b7d22..4181ce1c39 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -40,14 +40,14 @@ * operation with anOrigin
value of EXTERNAL
to
* create a KMS key with no key material. You can import key material for a
* symmetric encryption KMS key, HMAC KMS key, asymmetric encryption KMS key, or
- * asymmetric signing KMS key. You can also import key material into a multi-Region
- * key of any supported type. However, you can't import key material into a
- * KMS key in a custom key
- * store. You can also use GetParametersForImport
to get a
- * public key and import token to multi-Region key of any supported type. However, you can't import key
+ * material into a KMS key in a custom key store. You can also use GetParametersForImport
+ * to get a public key and import token to reimport the original key material into a KMS key whose key material
* expired or was deleted.
*
@@ -138,6 +138,12 @@
*
*
*
+ * + * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GetParametersForImportRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -234,15 +240,16 @@ public class GetParametersForImportRequest extends AmazonWebServiceRequest imple * *- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*/
private String wrappingAlgorithm;
@@ -262,7 +269,7 @@ public class GetParametersForImportRequest extends AmazonWebServiceRequest imple
*
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*/
private String wrappingKeySpec;
@@ -552,15 +559,16 @@ public GetParametersForImportRequest withKeyId(String keyId) {
*
*
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*
* @return
* The algorithm you will use with the RSA public key ( @@ -617,8 +625,8 @@ public GetParametersForImportRequest withKeyId(String keyId) { * *
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for - * symmetric encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, + * KMS does not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*
* @param wrappingAlgorithm
* The algorithm you will use with the RSA public key ( @@ -750,8 +759,8 @@ public String getWrappingAlgorithm() { * *
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for - * symmetric encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, + * KMS does not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*
* @param wrappingAlgorithm
* The algorithm you will use with the RSA public key ( @@ -886,8 +896,8 @@ public void setWrappingAlgorithm(String wrappingAlgorithm) { * *
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for - * symmetric encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, + * KMS does not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*
* @param wrappingAlgorithm
* The algorithm you will use with the RSA public key ( @@ -1022,8 +1033,8 @@ public GetParametersForImportRequest withWrappingAlgorithm(String wrappingAlgori * *
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for - * symmetric encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, + * KMS does not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for symmetric - * encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, KMS does + * not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
* Allowed Values: RSAES_PKCS1_V1_5, RSAES_OAEP_SHA_1,
- * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256
+ * RSAES_OAEP_SHA_256, RSA_AES_KEY_WRAP_SHA_1, RSA_AES_KEY_WRAP_SHA_256,
+ * SM2PKE
*
* @param wrappingAlgorithm
* The algorithm you will use with the RSA public key ( @@ -1158,8 +1170,8 @@ public void setWrappingAlgorithm(AlgorithmSpec wrappingAlgorithm) { * *
- * RSAES_PKCS1_V1_5 (Deprecated) — Supported only for - * symmetric encryption key material (and only in legacy mode). + * RSAES_PKCS1_V1_5 (Deprecated) — As of October 10, 2023, + * KMS does not support the RSAES_PKCS1_V1_5 wrapping algorithm. *
*
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*
* @return
* The type of RSA public key to return in the response. You will @@ -1225,7 +1237,7 @@ public String getWrappingKeySpec() { *
*
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*
* @param wrappingKeySpec
* The type of RSA public key to return in the response. You will @@ -1265,7 +1277,7 @@ public void setWrappingKeySpec(String wrappingKeySpec) { * together. *
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*
* @param wrappingKeySpec
* The type of RSA public key to return in the response. You will @@ -1305,7 +1317,7 @@ public GetParametersForImportRequest withWrappingKeySpec(String wrappingKeySpec) *
*
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*
* @param wrappingKeySpec
* The type of RSA public key to return in the response. You will @@ -1345,7 +1357,7 @@ public void setWrappingKeySpec(WrappingKeySpec wrappingKeySpec) { * together. *
* Constraints:
- * Allowed Values: RSA_2048, RSA_3072, RSA_4096
+ * Allowed Values: RSA_2048, RSA_3072, RSA_4096, SM2
*
* @param wrappingKeySpec
* The type of RSA public key to return in the response. You will diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportResult.java index b4bacd2bf9..9b987b7e13 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetParametersForImportResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyRequest.java index 256a84c112..ce812a52ce 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -58,7 +58,8 @@ *
* KeyUsage: Whether the key is used for encryption or signing. + * >KeyUsage: Whether the key is used for encryption, signing, or deriving a + * shared secret. *
* ** Related operations: CreateKey *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class GetPublicKeyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyResult.java index f2c868d5cf..1a54a4929d 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/GetPublicKeyResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -82,17 +82,19 @@ public class GetPublicKeyResult implements Serializable { /** *
- * The permitted use of the public key. Valid values are
- * ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
*
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
* Constraints:
+ * The key agreement algorithm used to derive a shared secret. This field is
+ * present only when the KMS key has a
* The Amazon Resource Name (
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
* Constraints:
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
* Constraints:
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
- *
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
* Constraints:
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
- *
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
* Constraints:
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
- *
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
+ * This information is critical. For example, if a public key with
*
* Constraints:
- * The permitted use of the public key. Valid values are
- *
- * This information is critical. If a public key with
- *
+ * The key agreement algorithm used to derive a shared secret. This field is
+ * present only when the KMS key has a
+ * The key agreement algorithm used to derive a shared secret. This
+ * field is present only when the KMS key has a
+ *
+ * The key agreement algorithm used to derive a shared secret. This field is
+ * present only when the KMS key has a
+ * The key agreement algorithm used to derive a shared secret.
+ * This field is present only when the KMS key has a
+ *
+ * The key agreement algorithm used to derive a shared secret. This field is
+ * present only when the KMS key has a
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * @param keyAgreementAlgorithms
+ * The key agreement algorithm used to derive a shared secret.
+ * This field is present only when the KMS key has a
+ *
+ * The key agreement algorithm used to derive a shared secret. This field is
+ * present only when the KMS key has a
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * @param keyAgreementAlgorithms
+ * The key agreement algorithm used to derive a shared secret.
+ * This field is present only when the KMS key has a
+ *
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*/
private String keyUsage;
@@ -123,6 +125,15 @@ public class GetPublicKeyResult implements Serializable {
*/
private java.util.ListKeyUsage
value of
+ * KEY_AGREEMENT
.
+ * ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @return ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric
+ * key pairs are ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, and KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS,
* the ciphertext cannot be decrypted.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for
+ * asymmetric key pairs are ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, and KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of
- * KMS, the ciphertext cannot be decrypted.
+ * This information is critical. For example, if a public key
+ * with SIGN_VERIFY
key usage encrypts data outside
+ * of KMS, the ciphertext cannot be decrypted.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for
+ * asymmetric key pairs are ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, and KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of
- * KMS, the ciphertext cannot be decrypted.
+ * This information is critical. For example, if a public key
+ * with SIGN_VERIFY
key usage encrypts data outside
+ * of KMS, the ciphertext cannot be decrypted.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for
+ * asymmetric key pairs are ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, and KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of
- * KMS, the ciphertext cannot be decrypted.
+ * This information is critical. For example, if a public key
+ * with SIGN_VERIFY
key usage encrypts data outside
+ * of KMS, the ciphertext cannot be decrypted.
* ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for asymmetric key
+ * pairs are ENCRYPT_DECRYPT
, SIGN_VERIFY
, and
+ * KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of KMS, the
* ciphertext cannot be decrypted.
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage ENCRYPT_DECRYPT
or SIGN_VERIFY
.
+ * The permitted use of the public key. Valid values for
+ * asymmetric key pairs are ENCRYPT_DECRYPT
,
+ * SIGN_VERIFY
, and KEY_AGREEMENT
.
* SIGN_VERIFY
key usage encrypts data outside of
- * KMS, the ciphertext cannot be decrypted.
+ * This information is critical. For example, if a public key
+ * with SIGN_VERIFY
key usage encrypts data outside
+ * of KMS, the ciphertext cannot be decrypted.
* KeyUsage
value of
+ * KEY_AGREEMENT
.
+ * KeyUsage
value of KEY_AGREEMENT
.
+ * KeyUsage
value of
+ * KEY_AGREEMENT
.
+ * KeyUsage
value of KEY_AGREEMENT
.
+ * KeyUsage
value of
+ * KEY_AGREEMENT
.
+ * KeyUsage
value of KEY_AGREEMENT
.
+ * KeyUsage
value of
+ * KEY_AGREEMENT
.
+ * KeyUsage
value of KEY_AGREEMENT
.
+ *
* Each time you import key material into KMS, you can determine whether ( @@ -195,6 +194,12 @@ *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ImportKeyMaterialRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ImportKeyMaterialResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ImportKeyMaterialResult.java index 29fddc85e5..6066a45af7 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ImportKeyMaterialResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ImportKeyMaterialResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyException.java index add77fc1ce..4b0275e590 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyMaterialException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyMaterialException.java index f8453b0300..d1810fdb27 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyMaterialException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectKeyMaterialException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectTrustAnchorException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectTrustAnchorException.java index 2e33070132..4709f68813 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectTrustAnchorException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/IncorrectTrustAnchorException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidAliasNameException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidAliasNameException.java index 7bf4f8c2ff..e3ff090492 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidAliasNameException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidAliasNameException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidArnException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidArnException.java index efeed8a4d3..1fe69b969c 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidArnException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidArnException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidCiphertextException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidCiphertextException.java index 3f93a7274d..7916d923e1 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidCiphertextException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidCiphertextException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantIdException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantIdException.java index bfc22f968f..ee4b583d82 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantIdException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantIdException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantTokenException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantTokenException.java index f489a3b8cb..65827b09c2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantTokenException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidGrantTokenException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidImportTokenException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidImportTokenException.java index 7abfd33239..1cc2cf7cfd 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidImportTokenException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidImportTokenException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidKeyUsageException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidKeyUsageException.java index 83fd5155c5..aa36105fb3 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidKeyUsageException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidKeyUsageException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -42,8 +42,9 @@ * verifying messages, theKeyUsage
must be
* SIGN_VERIFY
. For generating and verifying message authentication
* codes (MACs), the KeyUsage
must be
- * GENERATE_VERIFY_MAC
. To find the KeyUsage
of a KMS
- * key, use the DescribeKey operation.
+ * GENERATE_VERIFY_MAC
. For deriving key agreement secrets, the
+ * KeyUsage
must be KEY_AGREEMENT
. To find the
+ * KeyUsage
of a KMS key, use the DescribeKey operation.
*
*
* To find the encryption or signing algorithms supported for a particular KMS
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidMarkerException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidMarkerException.java
index a20aa612fb..a988374e60 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidMarkerException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/InvalidMarkerException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInternalException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInternalException.java
index 5090ac8a7f..1b28c13514 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInternalException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInternalException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidMacException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidMacException.java
index 6d7e132bfb..497b162804 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidMacException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidMacException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidSignatureException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidSignatureException.java
index c1de7a43a8..d1f48f5877 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidSignatureException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidSignatureException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidStateException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidStateException.java
index 94caa5a845..2c68f30675 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidStateException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KMSInvalidStateException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyAgreementAlgorithmSpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyAgreementAlgorithmSpec.java
new file mode 100644
index 0000000000..f1067265eb
--- /dev/null
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyAgreementAlgorithmSpec.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License").
+ * You may not use this file except in compliance with the License.
+ * A copy of the License is located at
+ *
+ * http://aws.amazon.com/apache2.0
+ *
+ * or in the "license" file accompanying this file. This file is distributed
+ * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
+ * express or implied. See the License for the specific language governing
+ * permissions and limitations under the License.
+ */
+
+package com.amazonaws.services.kms.model;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Key Agreement Algorithm Spec
+ */
+public enum KeyAgreementAlgorithmSpec {
+
+ ECDH("ECDH");
+
+ private String value;
+
+ private KeyAgreementAlgorithmSpec(String value) {
+ this.value = value;
+ }
+
+ @Override
+ public String toString() {
+ return value;
+ }
+
+ private static final Map
* Constraints:
+ * The key agreement algorithm used to derive a shared secret.
+ *
* Indicates whether the KMS key is a multi-Region (
* Constraints:
* The
*
* Constraints:
* The
* Constraints:
* The
*
* Constraints:
* The
* Constraints:
* The signingAlg
return this;
}
+ /**
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * @param keyAgreementAlgorithms
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * The key agreement algorithm used to derive a shared secret.
+ *
+ * Returns a reference to this object so that method calls can be chained
+ * together.
+ *
+ * @param keyAgreementAlgorithms
+ * The key agreement algorithm used to derive a shared secret.
+ *
* Indicates whether the KMS key is a multi-Region (
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
@@ -266,7 +266,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- *
+ * Eventual consistency: The KMS API follows an eventual consistency
+ * model. For more information, see KMS eventual consistency.
+ *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*/
private String keyUsage;
@@ -265,6 +266,13 @@ public class KeyMetadata implements Serializable {
*/
private java.util.ListTrue
) or
@@ -722,7 +730,8 @@ public KeyMetadata withDescription(String description) {
*
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @return
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage
- * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC
+ * Allowed Values: SIGN_VERIFY, ENCRYPT_DECRYPT, GENERATE_VERIFY_MAC,
+ * KEY_AGREEMENT
*
* @param keyUsage True
) or
@@ -3023,6 +3112,8 @@ public String toString() {
sb.append("EncryptionAlgorithms: " + getEncryptionAlgorithms() + ",");
if (getSigningAlgorithms() != null)
sb.append("SigningAlgorithms: " + getSigningAlgorithms() + ",");
+ if (getKeyAgreementAlgorithms() != null)
+ sb.append("KeyAgreementAlgorithms: " + getKeyAgreementAlgorithms() + ",");
if (getMultiRegion() != null)
sb.append("MultiRegion: " + getMultiRegion() + ",");
if (getMultiRegionConfiguration() != null)
@@ -3072,6 +3163,10 @@ public int hashCode() {
+ ((getEncryptionAlgorithms() == null) ? 0 : getEncryptionAlgorithms().hashCode());
hashCode = prime * hashCode
+ ((getSigningAlgorithms() == null) ? 0 : getSigningAlgorithms().hashCode());
+ hashCode = prime
+ * hashCode
+ + ((getKeyAgreementAlgorithms() == null) ? 0 : getKeyAgreementAlgorithms()
+ .hashCode());
hashCode = prime * hashCode
+ ((getMultiRegion() == null) ? 0 : getMultiRegion().hashCode());
hashCode = prime
@@ -3187,6 +3282,11 @@ public boolean equals(Object obj) {
if (other.getSigningAlgorithms() != null
&& other.getSigningAlgorithms().equals(this.getSigningAlgorithms()) == false)
return false;
+ if (other.getKeyAgreementAlgorithms() == null ^ this.getKeyAgreementAlgorithms() == null)
+ return false;
+ if (other.getKeyAgreementAlgorithms() != null
+ && other.getKeyAgreementAlgorithms().equals(this.getKeyAgreementAlgorithms()) == false)
+ return false;
if (other.getMultiRegion() == null ^ this.getMultiRegion() == null)
return false;
if (other.getMultiRegion() != null
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeySpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeySpec.java
index c6d9bcc511..79aefa1799 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeySpec.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeySpec.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyState.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyState.java
index 7dcc01fc2e..bf167a3802 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyState.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyState.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUnavailableException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUnavailableException.java
index b7413e8884..c22384bdc7 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUnavailableException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUnavailableException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUsageType.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUsageType.java
index e750ddaac3..2a95def329 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUsageType.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/KeyUsageType.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -25,7 +25,8 @@ public enum KeyUsageType {
SIGN_VERIFY("SIGN_VERIFY"),
ENCRYPT_DECRYPT("ENCRYPT_DECRYPT"),
- GENERATE_VERIFY_MAC("GENERATE_VERIFY_MAC");
+ GENERATE_VERIFY_MAC("GENERATE_VERIFY_MAC"),
+ KEY_AGREEMENT("KEY_AGREEMENT");
private String value;
@@ -44,6 +45,7 @@ public String toString() {
enumMap.put("SIGN_VERIFY", SIGN_VERIFY);
enumMap.put("ENCRYPT_DECRYPT", ENCRYPT_DECRYPT);
enumMap.put("GENERATE_VERIFY_MAC", GENERATE_VERIFY_MAC);
+ enumMap.put("KEY_AGREEMENT", KEY_AGREEMENT);
}
/**
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/LimitExceededException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/LimitExceededException.java
index 7ff10221d6..58bcf41943 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/LimitExceededException.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/LimitExceededException.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListAliasesRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListAliasesRequest.java
index b27f535100..83533bc54b 100644
--- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListAliasesRequest.java
+++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListAliasesRequest.java
@@ -1,5 +1,5 @@
/*
- * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License").
* You may not use this file except in compliance with the License.
@@ -81,6 +81,12 @@
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
* NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
* NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -255,7 +255,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -266,7 +266,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
- * PutKeyPolicy + * PutKeyPolicy *
*+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ListKeyPoliciesRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeyPoliciesResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeyPoliciesResult.java index 20f0caa431..73324b7eab 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeyPoliciesResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeyPoliciesResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ public class ListKeyPoliciesResult implements Serializable { *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean isTruncated() {
@@ -219,7 +219,7 @@ public Boolean isTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean getTruncated() {
@@ -239,7 +239,7 @@ public Boolean getTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -259,7 +259,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -270,7 +270,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
+ * Returns information about all completed key material rotations for the + * specified KMS key. + *
+ *+ * You must specify the KMS key in all requests. You can refine the key + * rotations list by limiting the number of rotations returned. + *
+ *+ * For detailed information about automatic and on-demand key rotations, see + * Rotating KMS keys in the Key Management Service Developer Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS key + * in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:ListKeyRotations (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * RotateKeyOnDemand + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ */ +public class ListKeyRotationsRequest extends AmazonWebServiceRequest implements Serializable { + /** + *+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * Use this parameter to specify the maximum number of items to return. When + * this value is present, KMS does not return more than the specified number + * of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be between 1 and + * 1000, inclusive. If you do not include a value, it defaults to 100. + *
+ *
+ * Constraints:
+ * Range: 1 - 1000
+ */
+ private Integer limit;
+
+ /**
+ *
+ * Use this parameter in a subsequent request after you receive a response
+ * with truncated results. Set it to the value of NextMarker
+ * from the truncated response you just received.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ */
+ private String marker;
+
+ /**
+ *
+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys + * or DescribeKey. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Gets the key rotations for the specified KMS key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public ListKeyRotationsRequest withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + *+ * Use this parameter to specify the maximum number of items to return. When + * this value is present, KMS does not return more than the specified number + * of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be between 1 and + * 1000, inclusive. If you do not include a value, it defaults to 100. + *
+ *
+ * Constraints:
+ * Range: 1 - 1000
+ *
+ * @return
+ * Use this parameter to specify the maximum number of items to + * return. When this value is present, KMS does not return more than + * the specified number of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be + * between 1 and 1000, inclusive. If you do not include a value, it + * defaults to 100. + *
+ */ + public Integer getLimit() { + return limit; + } + + /** + *+ * Use this parameter to specify the maximum number of items to return. When + * this value is present, KMS does not return more than the specified number + * of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be between 1 and + * 1000, inclusive. If you do not include a value, it defaults to 100. + *
+ *
+ * Constraints:
+ * Range: 1 - 1000
+ *
+ * @param limit
+ * Use this parameter to specify the maximum number of items to + * return. When this value is present, KMS does not return more + * than the specified number of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be + * between 1 and 1000, inclusive. If you do not include a value, + * it defaults to 100. + *
+ */ + public void setLimit(Integer limit) { + this.limit = limit; + } + + /** + *+ * Use this parameter to specify the maximum number of items to return. When + * this value is present, KMS does not return more than the specified number + * of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be between 1 and + * 1000, inclusive. If you do not include a value, it defaults to 100. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Range: 1 - 1000
+ *
+ * @param limit
+ * Use this parameter to specify the maximum number of items to + * return. When this value is present, KMS does not return more + * than the specified number of items, but it might return fewer. + *
+ *+ * This value is optional. If you include a value, it must be + * between 1 and 1000, inclusive. If you do not include a value, + * it defaults to 100. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public ListKeyRotationsRequest withLimit(Integer limit) { + this.limit = limit; + return this; + } + + /** + *
+ * Use this parameter in a subsequent request after you receive a response
+ * with truncated results. Set it to the value of NextMarker
+ * from the truncated response you just received.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @return
+ * Use this parameter in a subsequent request after you receive a
+ * response with truncated results. Set it to the value of
+ * NextMarker
from the truncated response you just
+ * received.
+ *
+ * Use this parameter in a subsequent request after you receive a response
+ * with truncated results. Set it to the value of NextMarker
+ * from the truncated response you just received.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @param marker
+ * Use this parameter in a subsequent request after you receive a
+ * response with truncated results. Set it to the value of
+ * NextMarker
from the truncated response you just
+ * received.
+ *
+ * Use this parameter in a subsequent request after you receive a response
+ * with truncated results. Set it to the value of NextMarker
+ * from the truncated response you just received.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @param marker
+ * Use this parameter in a subsequent request after you receive a
+ * response with truncated results. Set it to the value of
+ * NextMarker
from the truncated response you just
+ * received.
+ *
+ * A list of completed key material rotations. + *
+ */ + private java.util.List
+ * When Truncated
is true, this element is present and contains
+ * the value to use for the Marker
parameter in a subsequent
+ * request.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ */
+ private String nextMarker;
+
+ /**
+ *
+ * A flag that indicates whether there are more items in the list. When this
+ * value is true, the list in this response is truncated. To get more items,
+ * pass the value of the NextMarker
element in this response to
+ * the Marker
parameter in a subsequent request.
+ *
+ * A list of completed key material rotations. + *
+ * + * @return+ * A list of completed key material rotations. + *
+ */ + public java.util.List+ * A list of completed key material rotations. + *
+ * + * @param rotations+ * A list of completed key material rotations. + *
+ */ + public void setRotations(java.util.Collection+ * A list of completed key material rotations. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param rotations
+ * A list of completed key material rotations. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public ListKeyRotationsResult withRotations(RotationsListEntry... rotations) { + if (getRotations() == null) { + this.rotations = new java.util.ArrayList+ * A list of completed key material rotations. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param rotations
+ * A list of completed key material rotations. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public ListKeyRotationsResult withRotations(java.util.Collection
+ * When Truncated
is true, this element is present and contains
+ * the value to use for the Marker
parameter in a subsequent
+ * request.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @return
+ * When Truncated
is true, this element is present and
+ * contains the value to use for the Marker
parameter
+ * in a subsequent request.
+ *
+ * When Truncated
is true, this element is present and contains
+ * the value to use for the Marker
parameter in a subsequent
+ * request.
+ *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @param nextMarker
+ * When Truncated
is true, this element is present
+ * and contains the value to use for the Marker
+ * parameter in a subsequent request.
+ *
+ * When Truncated
is true, this element is present and contains
+ * the value to use for the Marker
parameter in a subsequent
+ * request.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 1024
+ * Pattern: [ -\u00FF]*
+ *
+ * @param nextMarker
+ * When Truncated
is true, this element is present
+ * and contains the value to use for the Marker
+ * parameter in a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list. When this
+ * value is true, the list in this response is truncated. To get more items,
+ * pass the value of the NextMarker
element in this response to
+ * the Marker
parameter in a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list.
+ * When this value is true, the list in this response is truncated.
+ * To get more items, pass the value of the NextMarker
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list. When this
+ * value is true, the list in this response is truncated. To get more items,
+ * pass the value of the NextMarker
element in this response to
+ * the Marker
parameter in a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list.
+ * When this value is true, the list in this response is truncated.
+ * To get more items, pass the value of the NextMarker
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list. When this
+ * value is true, the list in this response is truncated. To get more items,
+ * pass the value of the NextMarker
element in this response to
+ * the Marker
parameter in a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the
+ * list. When this value is true, the list in this response is
+ * truncated. To get more items, pass the value of the
+ * NextMarker
element in this response to the
+ * Marker
parameter in a subsequent request.
+ *
+ * A flag that indicates whether there are more items in the list. When this
+ * value is true, the list in this response is truncated. To get more items,
+ * pass the value of the NextMarker
element in this response to
+ * the Marker
parameter in a subsequent request.
+ *
+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param truncated
+ * A flag that indicates whether there are more items in the
+ * list. When this value is true, the list in this response is
+ * truncated. To get more items, pass the value of the
+ * NextMarker
element in this response to the
+ * Marker
parameter in a subsequent request.
+ *
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ListKeysRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeysResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeysResult.java index ca5197a6b1..2200136ff6 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeysResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListKeysResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ public class ListKeysResult implements Serializable { *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean isTruncated() {
@@ -215,7 +215,7 @@ public Boolean isTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean getTruncated() {
@@ -235,7 +235,7 @@ public Boolean getTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -255,7 +255,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -266,7 +266,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ListResourceTagsRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListResourceTagsResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListResourceTagsResult.java index b0c62b7b31..914212224c 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListResourceTagsResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListResourceTagsResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -53,7 +53,7 @@ public class ListResourceTagsResult implements Serializable { *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean isTruncated() {
@@ -315,7 +315,7 @@ public Boolean isTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean getTruncated() {
@@ -335,7 +335,7 @@ public Boolean getTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -355,7 +355,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -366,7 +366,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
* Cross-account use: You must specify a principal in your Amazon Web
- * Services account. However, this operation can return grants in any Amazon Web
- * Services account. You do not need kms:ListRetirableGrants
- * permission (or any other additional permission) in any Amazon Web Services
- * account other than your own.
+ * Services account. This operation returns a list of grants where the retiring
+ * principal specified in the ListRetirableGrants
request is the
+ * same retiring principal on the grant. This can include grants on KMS keys
+ * owned by other Amazon Web Services accounts, but you do not need
+ * kms:ListRetirableGrants
permission (or any other additional
+ * permission) in any Amazon Web Services account other than your own.
*
* Required permissions: kms:ListRetirableGrants (IAM policy) in your Amazon Web Services * account. *
+ *
+ * KMS authorizes ListRetirableGrants
requests by evaluating the
+ * caller account's kms:ListRetirableGrants permissions. The authorized resource
+ * in ListRetirableGrants
calls is the retiring principal specified
+ * in the request. KMS does not evaluate the caller's permissions to verify
+ * their access to any KMS keys or grants that might be returned by the
+ * ListRetirableGrants
call.
+ *
* Related operations: *
@@ -79,6 +91,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ListRetirableGrantsRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListRetirableGrantsResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListRetirableGrantsResult.java index e3b77d90de..a146fb247d 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListRetirableGrantsResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ListRetirableGrantsResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -42,7 +42,7 @@ public class ListRetirableGrantsResult implements Serializable { *
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean isTruncated() {
@@ -215,7 +215,7 @@ public Boolean isTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
- * element in thisresponse to the Marker
parameter in a
- * subsequent request.
+ * element in this response to the Marker
parameter in
+ * a subsequent request.
*
*/
public Boolean getTruncated() {
@@ -235,7 +235,7 @@ public Boolean getTruncated() {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
*/
@@ -255,7 +255,7 @@ public void setTruncated(Boolean truncated) {
*
* A flag that indicates whether there are more items in the list. When this
* value is true, the list in this response is truncated. To get more items,
- * pass the value of the NextMarker
element in thisresponse to
+ * pass the value of the NextMarker
element in this response to
* the Marker
parameter in a subsequent request.
*
@@ -266,7 +266,7 @@ public void setTruncated(Boolean truncated) {
* A flag that indicates whether there are more items in the
* list. When this value is true, the list in this response is
* truncated. To get more items, pass the value of the
- * NextMarker
element in thisresponse to the
+ * NextMarker
element in this response to the
* Marker
parameter in a subsequent request.
*
* Related operations: GetKeyPolicy *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class PutKeyPolicyRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -85,7 +91,9 @@ public class PutKeyPolicyRequest extends AmazonWebServiceRequest implements Seri /** *
- * The name of the key policy. The only valid value is default
.
+ * The name of the key policy. If no policy name is specified, the default
+ * value is default
. The only valid value is
+ * default
.
*
* Constraints:
@@ -186,8 +194,9 @@ public class PutKeyPolicyRequest extends AmazonWebServiceRequest implements Seri
*
*
* Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ private Boolean bypassPolicyLockoutSafetyCheck; @@ -386,7 +395,9 @@ public PutKeyPolicyRequest withKeyId(String keyId) { /** *
- * The name of the key policy. The only valid value is default
.
+ * The name of the key policy. If no policy name is specified, the default
+ * value is default
. The only valid value is
+ * default
.
*
* Constraints:
@@ -394,7 +405,8 @@ public PutKeyPolicyRequest withKeyId(String keyId) {
* Pattern: [\w]+
*
* @return
- * The name of the key policy. The only valid value is
+ * The name of the key policy. If no policy name is specified, the
+ * default value is default
. The only valid value is
* default
.
*
- * The name of the key policy. The only valid value is default
.
+ * The name of the key policy. If no policy name is specified, the default
+ * value is default
. The only valid value is
+ * default
.
*
* Constraints:
@@ -412,8 +426,9 @@ public String getPolicyName() {
* Pattern: [\w]+
*
* @param policyName
- * The name of the key policy. The only valid value is
- * default
.
+ * The name of the key policy. If no policy name is specified,
+ * the default value is default
. The only valid
+ * value is default
.
*
- * The name of the key policy. The only valid value is default
.
+ * The name of the key policy. If no policy name is specified, the default
+ * value is default
. The only valid value is
+ * default
.
*
* Returns a reference to this object so that method calls can be chained
@@ -433,8 +450,9 @@ public void setPolicyName(String policyName) {
* Pattern: [\w]+
*
* @param policyName
- * The name of the key policy. The only valid value is
- * default
.
+ * The name of the key policy. If no policy name is specified,
+ * the default value is default
. The only valid
+ * value is default
.
*
* Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @return@@ -930,8 +949,9 @@ public PutKeyPolicyRequest withPolicy(String policy) { * *
* Use this parameter only when you intend to prevent the principal - * that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * that is making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ public Boolean isBypassPolicyLockoutSafetyCheck() { @@ -957,8 +977,9 @@ public Boolean isBypassPolicyLockoutSafetyCheck() { * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @return@@ -980,8 +1001,9 @@ public Boolean isBypassPolicyLockoutSafetyCheck() { * *
* Use this parameter only when you intend to prevent the principal - * that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * that is making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ public Boolean getBypassPolicyLockoutSafetyCheck() { @@ -1007,8 +1029,9 @@ public Boolean getBypassPolicyLockoutSafetyCheck() { * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @param bypassPolicyLockoutSafetyCheck@@ -1031,7 +1054,9 @@ public Boolean getBypassPolicyLockoutSafetyCheck() { *
* Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * PutKeyPolicy request on the KMS key. *
*/ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) { @@ -1057,8 +1082,9 @@ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyC * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
** Returns a reference to this object so that method calls can be chained @@ -1084,7 +1110,9 @@ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyC *
* Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * PutKeyPolicy request on the KMS key. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptRequest.java index 6134a88fbd..9dc096d0d3 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -163,6 +163,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ReEncryptRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptResult.java index e417a29845..5e18e3c4c5 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReEncryptResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RecipientInfo.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RecipientInfo.java index 5903de0177..20270f3806 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RecipientInfo.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RecipientInfo.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyRequest.java index bbf01da1d6..46243cc6eb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -99,10 +99,10 @@ ** If you replicate a multi-Region primary key with imported key material, the * replica key is created with no key material. You must import the same key - * material that you imported into the primary key. For details, see Importing key - * material into multi-Region keys in the Key Management Service - * Developer Guide. + * material that you imported into the primary key. For details, see Importing key material into multi-Region keys in the Key Management + * Service Developer Guide. *
** To convert a replica key to a primary key, use the UpdatePrimaryRegion @@ -156,6 +156,12 @@ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ReplicateKeyRequest extends AmazonWebServiceRequest implements Serializable { /** @@ -342,8 +348,9 @@ public class ReplicateKeyRequest extends AmazonWebServiceRequest implements Seri * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ private Boolean bypassPolicyLockoutSafetyCheck; @@ -1434,8 +1441,9 @@ public ReplicateKeyRequest withPolicy(String policy) { * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @return@@ -1457,8 +1465,9 @@ public ReplicateKeyRequest withPolicy(String policy) { * *
* Use this parameter only when you intend to prevent the principal - * that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * that is making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ public Boolean isBypassPolicyLockoutSafetyCheck() { @@ -1484,8 +1493,9 @@ public Boolean isBypassPolicyLockoutSafetyCheck() { * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @return@@ -1507,8 +1517,9 @@ public Boolean isBypassPolicyLockoutSafetyCheck() { * *
* Use this parameter only when you intend to prevent the principal - * that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * that is making the request from making a subsequent PutKeyPolicy request on the KMS key. *
*/ public Boolean getBypassPolicyLockoutSafetyCheck() { @@ -1534,8 +1545,9 @@ public Boolean getBypassPolicyLockoutSafetyCheck() { * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
* * @param bypassPolicyLockoutSafetyCheck@@ -1558,7 +1570,9 @@ public Boolean getBypassPolicyLockoutSafetyCheck() { *
* Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * PutKeyPolicy request on the KMS key. *
*/ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyCheck) { @@ -1584,8 +1598,9 @@ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyC * ** Use this parameter only when you intend to prevent the principal that is - * making the request from making a subsequent PutKeyPolicy request - * on the KMS key. + * making the request from making a subsequent PutKeyPolicy request on the KMS key. *
** Returns a reference to this object so that method calls can be chained @@ -1611,7 +1626,9 @@ public void setBypassPolicyLockoutSafetyCheck(Boolean bypassPolicyLockoutSafetyC *
* Use this parameter only when you intend to prevent the * principal that is making the request from making a subsequent - * PutKeyPolicy request on the KMS key. + * PutKeyPolicy request on the KMS key. *
* @return A reference to this updated object so that method calls can be * chained together. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyResult.java index 53553d00d0..99f5257fab 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ReplicateKeyResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RetireGrantRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RetireGrantRequest.java index c679020100..66c6580775 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RetireGrantRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RetireGrantRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -52,7 +52,7 @@ * different Amazon Web Services account. * *- * Required permissions::Permission to retire a grant is determined + * Required permissions: Permission to retire a grant is determined * primarily by the grant. For details, see Retiring and revoking grants in the Key Management Service Developer @@ -83,6 +83,12 @@ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class RetireGrantRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RevokeGrantRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RevokeGrantRequest.java index ebc1f36907..d9b4d8342f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RevokeGrantRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RevokeGrantRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -23,7 +23,7 @@ ** Deletes the specified grant. You revoke a grant to terminate the permissions * that the grant allows. For more information, see Retiring and revoking grants in the Key Management Service * Developer Guide . *
@@ -80,6 +80,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class RevokeGrantRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandRequest.java new file mode 100644 index 0000000000..a2d0877df6 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandRequest.java @@ -0,0 +1,483 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import java.io.Serializable; + +import com.amazonaws.AmazonWebServiceRequest; + +/** + *+ * Immediately initiates rotation of the key material of the specified symmetric + * encryption KMS key. + *
+ *+ * You can perform on-demand rotation of the key material in customer managed KMS keys, + * regardless of whether or not automatic key rotation is enabled. On-demand rotations do not change + * existing automatic rotation schedules. For example, consider a KMS key that + * has automatic key rotation enabled with a rotation period of 730 days. If the + * key is scheduled to automatically rotate on April 14, 2024, and you perform + * an on-demand rotation on April 10, 2024, the key will automatically rotate, + * as scheduled, on April 14, 2024 and every 730 days thereafter. + *
+ *+ * You can perform on-demand key rotation a maximum of 10 times per KMS + * key. You can use the KMS console to view the number of remaining on-demand + * rotations available for a KMS key. + *
+ *+ * You can use GetKeyRotationStatus to identify any in progress on-demand + * rotations. You can use ListKeyRotations to identify the date that + * completed on-demand rotations were performed. You can monitor rotation of the + * key material for your KMS keys in CloudTrail and Amazon CloudWatch. + *
+ *+ * On-demand key rotation is supported only on symmetric encryption KMS keys. You cannot perform on-demand rotation of + * asymmetric KMS keys, HMAC + * KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * You cannot initiate on-demand rotation of Amazon Web Services managed KMS keys. KMS always rotates the key + * material of Amazon Web Services managed keys every year. Rotation of Amazon Web Services owned KMS keys is managed by the Amazon Web Services + * service that owns the key. + *
+ *+ * The KMS key that you use for this operation must be in a compatible key + * state. For details, see Key states of KMS keys in the Key Management Service Developer + * Guide. + *
+ *+ * Cross-account use: No. You cannot perform this operation on a KMS key + * in a different Amazon Web Services account. + *
+ *+ * Required permissions: kms:RotateKeyOnDemand (key policy) + *
+ *+ * Related operations: + *
+ *+ * EnableKeyRotation + *
+ *+ * DisableKeyRotation + *
+ *+ * GetKeyRotationStatus + *
+ *+ * ListKeyRotations + *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
+ */ +public class RotateKeyOnDemandRequest extends AmazonWebServiceRequest implements Serializable { + /** + *+ * Identifies a symmetric encryption KMS key. You cannot perform on-demand + * rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * Identifies a symmetric encryption KMS key. You cannot perform on-demand + * rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Identifies a symmetric encryption KMS key. You cannot perform + * on-demand rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of + * related multi-Region keys, invoke the on-demand rotation on the + * primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys + * or DescribeKey. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Identifies a symmetric encryption KMS key. You cannot perform on-demand + * rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies a symmetric encryption KMS key. You cannot perform + * on-demand rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set + * of related multi-Region keys, invoke the on-demand rotation on the + * primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Identifies a symmetric encryption KMS key. You cannot perform on-demand + * rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set of related + * multi-Region keys, invoke the on-demand rotation on the primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use ListKeys or + * DescribeKey. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies a symmetric encryption KMS key. You cannot perform + * on-demand rotation of asymmetric KMS keys, HMAC KMS keys, KMS keys with imported key material, or KMS keys in a custom key store. To perform on-demand rotation of a set + * of related multi-Region keys, invoke the on-demand rotation on the + * primary key. + *
+ *+ * Specify the key ID or key ARN of the KMS key. + *
+ *+ * For example: + *
+ *
+ * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * Key ARN:
+ * arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
+ *
+ * To get the key ID and key ARN for a KMS key, use + * ListKeys or DescribeKey. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public RotateKeyOnDemandRequest withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + * Returns a string representation of this object; useful for testing and + * debugging. + * + * @return A string representation of this object. + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("{"); + if (getKeyId() != null) + sb.append("KeyId: " + getKeyId()); + sb.append("}"); + return sb.toString(); + } + + @Override + public int hashCode() { + final int prime = 31; + int hashCode = 1; + + hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + return hashCode; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + + if (obj instanceof RotateKeyOnDemandRequest == false) + return false; + RotateKeyOnDemandRequest other = (RotateKeyOnDemandRequest) obj; + + if (other.getKeyId() == null ^ this.getKeyId() == null) + return false; + if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) + return false; + return true; + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandResult.java new file mode 100644 index 0000000000..a0e6fe7689 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotateKeyOnDemandResult.java @@ -0,0 +1,135 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import java.io.Serializable; + +public class RotateKeyOnDemandResult implements Serializable { + /** + *+ * Identifies the symmetric encryption KMS key that you initiated on-demand + * rotation on. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * Identifies the symmetric encryption KMS key that you initiated on-demand + * rotation on. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Identifies the symmetric encryption KMS key that you initiated + * on-demand rotation on. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Identifies the symmetric encryption KMS key that you initiated on-demand + * rotation on. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the symmetric encryption KMS key that you initiated + * on-demand rotation on. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Identifies the symmetric encryption KMS key that you initiated on-demand + * rotation on. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Identifies the symmetric encryption KMS key that you initiated + * on-demand rotation on. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public RotateKeyOnDemandResult withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + * Returns a string representation of this object; useful for testing and + * debugging. + * + * @return A string representation of this object. + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("{"); + if (getKeyId() != null) + sb.append("KeyId: " + getKeyId()); + sb.append("}"); + return sb.toString(); + } + + @Override + public int hashCode() { + final int prime = 31; + int hashCode = 1; + + hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + return hashCode; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + + if (obj instanceof RotateKeyOnDemandResult == false) + return false; + RotateKeyOnDemandResult other = (RotateKeyOnDemandResult) obj; + + if (other.getKeyId() == null ^ this.getKeyId() == null) + return false; + if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) + return false; + return true; + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotationType.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotationType.java new file mode 100644 index 0000000000..3065a61b37 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/RotationType.java @@ -0,0 +1,62 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model; + +import java.util.HashMap; +import java.util.Map; + +/** + * Rotation Type + */ +public enum RotationType { + + AUTOMATIC("AUTOMATIC"), + ON_DEMAND("ON_DEMAND"); + + private String value; + + private RotationType(String value) { + this.value = value; + } + + @Override + public String toString() { + return value; + } + + private static final Map+ * Contains information about completed key material rotations. + *
+ */ +public class RotationsListEntry implements Serializable { + /** + *+ * Unique identifier of the key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ */
+ private String keyId;
+
+ /**
+ *
+ * Date and time that the key material rotation completed. Formatted as Unix + * time. + *
+ */ + private java.util.Date rotationDate; + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ */
+ private String rotationType;
+
+ /**
+ *
+ * Unique identifier of the key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @return
+ * Unique identifier of the key. + *
+ */ + public String getKeyId() { + return keyId; + } + + /** + *+ * Unique identifier of the key. + *
+ *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Unique identifier of the key. + *
+ */ + public void setKeyId(String keyId) { + this.keyId = keyId; + } + + /** + *+ * Unique identifier of the key. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Length: 1 - 2048
+ *
+ * @param keyId
+ * Unique identifier of the key. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public RotationsListEntry withKeyId(String keyId) { + this.keyId = keyId; + return this; + } + + /** + *+ * Date and time that the key material rotation completed. Formatted as Unix + * time. + *
+ * + * @return+ * Date and time that the key material rotation completed. Formatted + * as Unix time. + *
+ */ + public java.util.Date getRotationDate() { + return rotationDate; + } + + /** + *+ * Date and time that the key material rotation completed. Formatted as Unix + * time. + *
+ * + * @param rotationDate+ * Date and time that the key material rotation completed. + * Formatted as Unix time. + *
+ */ + public void setRotationDate(java.util.Date rotationDate) { + this.rotationDate = rotationDate; + } + + /** + *+ * Date and time that the key material rotation completed. Formatted as Unix + * time. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + * + * @param rotationDate
+ * Date and time that the key material rotation completed. + * Formatted as Unix time. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + */ + public RotationsListEntry withRotationDate(java.util.Date rotationDate) { + this.rotationDate = rotationDate; + return this; + } + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ *
+ * @return
+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ * @see RotationType + */ + public String getRotationType() { + return rotationType; + } + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ *
+ * @param rotationType
+ * Identifies whether the key material rotation was a scheduled + * automatic rotation or an on-demand rotation. + *
+ * @see RotationType + */ + public void setRotationType(String rotationType) { + this.rotationType = rotationType; + } + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ *
+ * @param rotationType
+ * Identifies whether the key material rotation was a scheduled + * automatic rotation or an on-demand rotation. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + * @see RotationType + */ + public RotationsListEntry withRotationType(String rotationType) { + this.rotationType = rotationType; + return this; + } + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ *
+ * @param rotationType
+ * Identifies whether the key material rotation was a scheduled + * automatic rotation or an on-demand rotation. + *
+ * @see RotationType + */ + public void setRotationType(RotationType rotationType) { + this.rotationType = rotationType.toString(); + } + + /** + *+ * Identifies whether the key material rotation was a scheduled automatic rotation or an on-demand rotation. + *
+ *+ * Returns a reference to this object so that method calls can be chained + * together. + *
+ * Constraints:
+ * Allowed Values: AUTOMATIC, ON_DEMAND
+ *
+ * @param rotationType
+ * Identifies whether the key material rotation was a scheduled + * automatic rotation or an on-demand rotation. + *
+ * @return A reference to this updated object so that method calls can be + * chained together. + * @see RotationType + */ + public RotationsListEntry withRotationType(RotationType rotationType) { + this.rotationType = rotationType.toString(); + return this; + } + + /** + * Returns a string representation of this object; useful for testing and + * debugging. + * + * @return A string representation of this object. + * @see java.lang.Object#toString() + */ + @Override + public String toString() { + StringBuilder sb = new StringBuilder(); + sb.append("{"); + if (getKeyId() != null) + sb.append("KeyId: " + getKeyId() + ","); + if (getRotationDate() != null) + sb.append("RotationDate: " + getRotationDate() + ","); + if (getRotationType() != null) + sb.append("RotationType: " + getRotationType()); + sb.append("}"); + return sb.toString(); + } + + @Override + public int hashCode() { + final int prime = 31; + int hashCode = 1; + + hashCode = prime * hashCode + ((getKeyId() == null) ? 0 : getKeyId().hashCode()); + hashCode = prime * hashCode + + ((getRotationDate() == null) ? 0 : getRotationDate().hashCode()); + hashCode = prime * hashCode + + ((getRotationType() == null) ? 0 : getRotationType().hashCode()); + return hashCode; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) + return true; + if (obj == null) + return false; + + if (obj instanceof RotationsListEntry == false) + return false; + RotationsListEntry other = (RotationsListEntry) obj; + + if (other.getKeyId() == null ^ this.getKeyId() == null) + return false; + if (other.getKeyId() != null && other.getKeyId().equals(this.getKeyId()) == false) + return false; + if (other.getRotationDate() == null ^ this.getRotationDate() == null) + return false; + if (other.getRotationDate() != null + && other.getRotationDate().equals(this.getRotationDate()) == false) + return false; + if (other.getRotationType() == null ^ this.getRotationType() == null) + return false; + if (other.getRotationType() != null + && other.getRotationType().equals(this.getRotationType()) == false) + return false; + return true; + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionRequest.java index 156fc56432..277da18e53 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -35,9 +35,9 @@ ** Deleting a KMS key is a destructive and potentially dangerous operation. When * a KMS key is deleted, all data that was encrypted under the KMS key is - * unrecoverable. (The only exception is a multi-Region - * replica key, or an multi-Region replica key, or an asymmetric or HMAC KMS key with imported key material.) To prevent the * use of a KMS key without deleting it, use DisableKey. @@ -108,6 +108,12 @@ *
* * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class ScheduleKeyDeletionRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionResult.java index 36d172ad7a..d181514d69 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/ScheduleKeyDeletionResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignRequest.java index f9cfb47c74..98703ba7df 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -105,6 +105,12 @@ ** Related operations: Verify *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class SignRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignResult.java index 6a9b32952a..bc00d01c9d 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SignResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SigningAlgorithmSpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SigningAlgorithmSpec.java index 51780a413d..619026ab38 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SigningAlgorithmSpec.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/SigningAlgorithmSpec.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/Tag.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/Tag.java index 814c7aece9..6df16dfa11 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/Tag.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/Tag.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagException.java index 76b20ef7e8..84d0c51b80 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagResourceRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagResourceRequest.java index 3ff3ff381e..821e595ba4 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagResourceRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/TagResourceRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -106,6 +106,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class TagResourceRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UnsupportedOperationException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UnsupportedOperationException.java index b323e43a29..6750dc79f8 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UnsupportedOperationException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UnsupportedOperationException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UntagResourceRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UntagResourceRequest.java index 6294737b54..8055d5fb9f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UntagResourceRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UntagResourceRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -90,6 +90,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class UntagResourceRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateAliasRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateAliasRequest.java index 389df0bf72..50f59278d7 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateAliasRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateAliasRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -116,6 +116,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class UpdateAliasRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreRequest.java index 014f3cd801..2d3bedc105 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -151,6 +151,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class UpdateCustomKeyStoreRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreResult.java index ede4fdae51..bd4fdcb8b7 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateCustomKeyStoreResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateKeyDescriptionRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateKeyDescriptionRequest.java index 9c9048cd29..c928e56283 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateKeyDescriptionRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdateKeyDescriptionRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -55,6 +55,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class UpdateKeyDescriptionRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdatePrimaryRegionRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdatePrimaryRegionRequest.java index 1b6288ec13..6a7575ed28 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdatePrimaryRegionRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/UpdatePrimaryRegionRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -133,6 +133,12 @@ * * * + *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class UpdatePrimaryRegionRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacRequest.java index 4fe460257b..1e109600eb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -60,6 +60,12 @@ ** Related operations: GenerateMac *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class VerifyMacRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacResult.java index 49a75d3a63..9a7bb2985e 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyMacResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyRequest.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyRequest.java index bee8caaf41..ddc7ebadf1 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyRequest.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyRequest.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -85,6 +85,12 @@ ** Related operations: Sign *
+ *+ * Eventual consistency: The KMS API follows an eventual consistency + * model. For more information, see KMS eventual consistency. + *
*/ public class VerifyRequest extends AmazonWebServiceRequest implements Serializable { /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyResult.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyResult.java index 9841cfd006..c976524305 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyResult.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/VerifyResult.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/WrappingKeySpec.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/WrappingKeySpec.java index 2b269908f9..47319cdba4 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/WrappingKeySpec.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/WrappingKeySpec.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -25,7 +25,8 @@ public enum WrappingKeySpec { RSA_2048("RSA_2048"), RSA_3072("RSA_3072"), - RSA_4096("RSA_4096"); + RSA_4096("RSA_4096"), + SM2("SM2"); private String value; @@ -44,6 +45,7 @@ public String toString() { enumMap.put("RSA_2048", RSA_2048); enumMap.put("RSA_3072", RSA_3072); enumMap.put("RSA_4096", RSA_4096); + enumMap.put("SM2", SM2); } /** diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksKeyAlreadyInUseException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksKeyAlreadyInUseException.java index 3047b30588..13fb6ffbc9 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksKeyAlreadyInUseException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksKeyAlreadyInUseException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -20,8 +20,8 @@ /** *
* The request was rejected because the (XksKeyId
) is already
- * associated with a KMS key in this external key store. Each KMS key in an
- * external key store must be associated with a different external key.
+ * associated with another KMS key in this external key store. Each KMS key in
+ * an external key store must be associated with a different external key.
*
- * The request was rejected because the Amazon VPC endpoint service - * configuration does not fulfill the requirements for an external key store - * proxy. For details, see the exception message. + * The request was rejected because the external key store proxy is not + * configured correctly. To identify the cause, see the error message that + * accompanies the exception. *
*/ public class XksProxyInvalidConfigurationException extends AmazonServiceException { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyInvalidResponseException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyInvalidResponseException.java index df9df991f7..70be4afcb8 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyInvalidResponseException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyInvalidResponseException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyUriEndpointInUseException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyUriEndpointInUseException.java index cf93175466..907490cdf6 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyUriEndpointInUseException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyUriEndpointInUseException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -19,10 +19,10 @@ /** *
- * The request was rejected because the concatenation of the
- * XksProxyUriEndpoint
is already associated with an external key
- * store in the Amazon Web Services account and Region. Each external key store
- * in an account and Region must use a unique external key store proxy address.
+ * The request was rejected because the XksProxyUriEndpoint
is
+ * already associated with another external key store in this Amazon Web
+ * Services Region. To identify the cause, see the error message that
+ * accompanies the exception.
*
* The request was rejected because the concatenation of the
* XksProxyUriEndpoint
and XksProxyUriPath
is already
- * associated with an external key store in the Amazon Web Services account and
- * Region. Each external key store in an account and Region must use a unique
- * external key store proxy API address.
+ * associated with another external key store in this Amazon Web Services
+ * Region. Each external key store in a Region must use a unique external key
+ * store proxy API address.
*
* The request was rejected because the specified Amazon VPC endpoint service is - * already associated with an external key store in the Amazon Web Services - * account and Region. Each external key store in an Amazon Web Services account - * and Region must use a different Amazon VPC endpoint service. + * already associated with another external key store in this Amazon Web + * Services Region. Each external key store in a Region must use a different + * Amazon VPC endpoint service. *
*/ public class XksProxyVpcEndpointServiceInUseException extends AmazonServiceException { diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceInvalidConfigurationException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceInvalidConfigurationException.java index 451d1e8e16..7e88b6b1de 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceInvalidConfigurationException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceInvalidConfigurationException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. @@ -20,9 +20,10 @@ /** ** The request was rejected because the Amazon VPC endpoint service - * configuration does not fulfill the requirements for an external key store - * proxy. For details, see the exception message and review the requirements for Amazon VPC endpoint service connectivity for * an external key store. *
diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceNotFoundException.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceNotFoundException.java index 581d9261dd..8f41404947 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceNotFoundException.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/XksProxyVpcEndpointServiceNotFoundException.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonMarshaller.java index bc6d3086bb..e061613577 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonUnmarshaller.java index 8116629281..f033085427 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AliasListEntryJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AlreadyExistsExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AlreadyExistsExceptionUnmarshaller.java index 27fc450506..23a5ab5de2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AlreadyExistsExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/AlreadyExistsExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionRequestMarshaller.java index aea368a98c..baec9a6924 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionResultJsonUnmarshaller.java index a072f07e01..34093c3546 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CancelKeyDeletionResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInUseExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInUseExceptionUnmarshaller.java index 9c4d30e7a8..5b6f953c96 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInUseExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInUseExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInvalidConfigurationExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInvalidConfigurationExceptionUnmarshaller.java index 7abadc42dc..915550dcef 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInvalidConfigurationExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterInvalidConfigurationExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotActiveExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotActiveExceptionUnmarshaller.java index 73b294d577..dab0c525a3 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotActiveExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotActiveExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotFoundExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotFoundExceptionUnmarshaller.java index 4b8497aa49..5d5b1e7907 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotFoundExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotFoundExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotRelatedExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotRelatedExceptionUnmarshaller.java index 786f3c7dd1..dc98d62bcf 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotRelatedExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CloudHsmClusterNotRelatedExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConflictExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConflictExceptionUnmarshaller.java new file mode 100644 index 0000000000..64cf9a9a67 --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConflictExceptionUnmarshaller.java @@ -0,0 +1,42 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model.transform; + +import com.amazonaws.AmazonServiceException; +import com.amazonaws.http.JsonErrorResponseHandler.JsonErrorResponse; +import com.amazonaws.transform.JsonErrorUnmarshaller; +import com.amazonaws.services.kms.model.ConflictException; + +public class ConflictExceptionUnmarshaller extends JsonErrorUnmarshaller { + + public ConflictExceptionUnmarshaller() { + super(ConflictException.class); + } + + @Override + public boolean match(JsonErrorResponse error) throws Exception { + return error.getErrorCode().equals("ConflictException"); + } + + @Override + public AmazonServiceException unmarshall(JsonErrorResponse error) throws Exception { + + ConflictException e = (ConflictException) super.unmarshall(error); + e.setErrorCode("ConflictException"); + + return e; + } +} diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreRequestMarshaller.java index d7e8363465..d0be4c20f2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreResultJsonUnmarshaller.java index 4ca6f95541..f1d94c4d8e 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/ConnectCustomKeyStoreResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateAliasRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateAliasRequestMarshaller.java index e612053184..942f22b3fb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateAliasRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateAliasRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreRequestMarshaller.java index 96d10f6c00..4ac24e7281 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreResultJsonUnmarshaller.java index c4cd31f86d..f913a56ebf 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateCustomKeyStoreResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantRequestMarshaller.java index 2c7c50a3fd..ce938c69fa 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantResultJsonUnmarshaller.java index 3620e321bf..41d60ce05a 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateGrantResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyRequestMarshaller.java index 6b3136fe0b..869d73370f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyResultJsonUnmarshaller.java index 8fe43975ec..1387a11b22 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CreateKeyResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreHasCMKsExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreHasCMKsExceptionUnmarshaller.java index 6eb0541d75..1a1a205172 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreHasCMKsExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreHasCMKsExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreInvalidStateExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreInvalidStateExceptionUnmarshaller.java index 1b3c79541e..9e5847b3f2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreInvalidStateExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreInvalidStateExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNameInUseExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNameInUseExceptionUnmarshaller.java index c72e8e8e25..050a013596 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNameInUseExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNameInUseExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNotFoundExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNotFoundExceptionUnmarshaller.java index 1a0f155d26..b57da62ce2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNotFoundExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoreNotFoundExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonMarshaller.java index fdb3c26850..da70988d87 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonUnmarshaller.java index ff8a1a3621..fc8ea18f16 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/CustomKeyStoresListEntryJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptRequestMarshaller.java index 7906a6a053..d67b4080fb 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptResultJsonUnmarshaller.java index 8b2c8ccc67..e50d63f43f 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DecryptResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteAliasRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteAliasRequestMarshaller.java index 5e3e2770c4..c81b32e94d 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteAliasRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteAliasRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreRequestMarshaller.java index 3f98c14064..da47c96c98 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreResultJsonUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreResultJsonUnmarshaller.java index 375f1f552d..70ed10a4be 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreResultJsonUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteCustomKeyStoreResultJsonUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteImportedKeyMaterialRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteImportedKeyMaterialRequestMarshaller.java index fbc465231c..a1a21297f2 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteImportedKeyMaterialRequestMarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeleteImportedKeyMaterialRequestMarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DependencyTimeoutExceptionUnmarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DependencyTimeoutExceptionUnmarshaller.java index fccf600a50..2a8fa35cf5 100644 --- a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DependencyTimeoutExceptionUnmarshaller.java +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DependencyTimeoutExceptionUnmarshaller.java @@ -1,5 +1,5 @@ /* - * Copyright 2010-2023 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. * * Licensed under the Apache License, Version 2.0 (the "License"). * You may not use this file except in compliance with the License. diff --git a/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeriveSharedSecretRequestMarshaller.java b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeriveSharedSecretRequestMarshaller.java new file mode 100644 index 0000000000..c7134e691d --- /dev/null +++ b/aws-android-sdk-kms/src/main/java/com/amazonaws/services/kms/model/transform/DeriveSharedSecretRequestMarshaller.java @@ -0,0 +1,119 @@ +/* + * Copyright 2010-2024 Amazon.com, Inc. or its affiliates. All Rights Reserved. + * + * Licensed under the Apache License, Version 2.0 (the "License"). + * You may not use this file except in compliance with the License. + * A copy of the License is located at + * + * http://aws.amazon.com/apache2.0 + * + * or in the "license" file accompanying this file. This file is distributed + * on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either + * express or implied. See the License for the specific language governing + * permissions and limitations under the License. + */ + +package com.amazonaws.services.kms.model.transform; + +import static com.amazonaws.util.StringUtils.UTF8; +import java.io.ByteArrayInputStream; +import java.io.ByteArrayOutputStream; +import java.io.OutputStreamWriter; +import java.io.StringWriter; +import java.io.Writer; + +import android.text.TextUtils; + +import com.amazonaws.AmazonClientException; +import com.amazonaws.Request; +import com.amazonaws.DefaultRequest; +import com.amazonaws.http.HttpMethodName; +import com.amazonaws.services.kms.model.*; +import com.amazonaws.transform.Marshaller; +import com.amazonaws.util.BinaryUtils; +import com.amazonaws.util.DateUtils; +import com.amazonaws.util.StringUtils; +import com.amazonaws.util.StringInputStream; +import com.amazonaws.util.json.AwsJsonWriter; +import com.amazonaws.util.json.JsonUtils; + +/** + * JSON request marshaller for DeriveSharedSecretRequest + */ +public class DeriveSharedSecretRequestMarshaller implements + Marshaller